TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-RMM / tf-rmm / 787f567f5f0e22bc5989d697a71cf0bc0845b15e / . / lib / attestation / include / attestation_token.h
blob: 7678cb6e933faa9228e0fd594efaecd4c6cfc1e2 [file] [log] [blame]
Soby Mathewb4c6df42022-11-09 11:13:29 +0000[diff] [blame]1/*
2 * SPDX-License-Identifier: BSD-3-Clause
3 * SPDX-FileCopyrightText: Copyright Laurence Lundblade.
4 * SPDX-FileCopyrightText: Copyright TF-RMM Contributors.
5 */
6
7/*
8 * This file is derived from:
9 * trusted-firmware-m/secure_fw/partitions/initial_attestation/attest_token.h
10 */
11
12#ifndef ATTESTATION_TOKEN_H
13#define ATTESTATION_TOKEN_H
14
15#include <measurement.h>
16#include <qcbor/qcbor.h>
17#include <t_cose/q_useful_buf.h>
Mate Toth-Palfda673a2023-06-13 12:25:43 +0200[diff] [blame]18#include <t_cose/t_cose_sign_sign.h>
19#include <t_cose/t_cose_signature_sign_restart.h>
Mate Toth-Palc69951d2023-03-17 17:30:50 +0100[diff] [blame]20#include <t_cose_psa_crypto.h>
Soby Mathewb4c6df42022-11-09 11:13:29 +0000[diff] [blame]21
22#define ATTEST_TOKEN_BUFFER_SIZE GRANULE_SIZE
23
24enum attest_token_err_t {
25 /* Success */
26 ATTEST_TOKEN_ERR_SUCCESS = 0,
27 /* The buffer passed in to receive the output is too small. */
28 ATTEST_TOKEN_ERR_TOO_SMALL,
29 /*
30 * Something went wrong formatting the CBOR, most likely the
31 * payload has maps or arrays that are not closed.
32 */
33 ATTEST_TOKEN_ERR_CBOR_FORMATTING,
34 /* Signing key is not found or of wrong type. */
35 ATTEST_TOKEN_ERR_SIGNING_KEY,
36 ATTEST_TOKEN_ERR_COSE_ERROR,
37 /* Signing is in progress, function should be called with the same
38 * parameters again.
39 */
40 ATTEST_TOKEN_ERR_COSE_SIGN_IN_PROGRESS
41};
42
43/* The state of the realm token generation */
44enum attest_token_gen_state_t {
45 ATTEST_SIGN_NOT_STARTED,
46 ATTEST_SIGN_IN_PROGRESS,
47 ATTEST_SIGN_TOKEN_WRITE_IN_PROGRESS,
48};
49
50/*
51 * The context for creating an attestation token. The caller of
52 * attest_token_encode must create one of these and pass it to the functions
53 * here. It is small enough that it can go on the stack. It is most of
54 * the memory needed to create a token except the output buffer and
55 * any memory requirements for the cryptographic operations.
56 *
57 * The structure is opaque for the caller.
58 *
59 * This is roughly 148 + 8 + 32 = 188 bytes
60 */
61
62struct attest_token_encode_ctx {
63 /* Private data structure */
Mate Toth-Palc69951d2023-03-17 17:30:50 +0100[diff] [blame]64 QCBOREncodeContext cbor_enc_ctx;
65 uint32_t opt_flags;
66 int32_t key_select;
Mate Toth-Palfda673a2023-06-13 12:25:43 +0200[diff] [blame]67 struct q_useful_buf_c signed_payload;
68 struct t_cose_sign_sign_ctx sign_ctx;
69 struct t_cose_signature_sign_restart restartable_signer_ctx;
Mate Toth-Palc69951d2023-03-17 17:30:50 +0100[diff] [blame]70 struct t_cose_psa_crypto_context crypto_ctx;
Soby Mathewb4c6df42022-11-09 11:13:29 +0000[diff] [blame]71};
72
73#define ATTEST_CHALLENGE_SIZE (64)
74
75/*
76 * The context for signing an attestation token. Each REC contains one context
77 * that is passed to the attestation library during attestation token creation
78 * to keep track of the signing state.
79 */
80struct token_sign_ctx {
81 /*
82 * 'state' is used to implement a state machine
83 * to track the current state of signing.
84 */
85 enum attest_token_gen_state_t state;
86 struct attest_token_encode_ctx ctx;
87 /* Data saved in the first iteration */
88 unsigned long token_ipa;
89 unsigned char challenge[ATTEST_CHALLENGE_SIZE];
90};
91
92/*
93 * Sign the realm token and complete the CBOR encoding.
94 * This function returns ATTEST_TOKEN_ERR_COSE_SIGN_IN_PROGRESS
95 * if signing is not complete and this function needs to be
96 * invoked again. ATTEST_TOKEN_ERR_SUCCESS is returned if
97 * signing is complete and `completed_token` is valid.
98 * Else returns one of the attest_token_err_t errors on
99 * any other error.
100 *
101 * me Token Creation Context.
102 * completed_token Pointer and length to completed token.
103 *
104 * This completes the token after the payload has been added. When
105 * this is called the signing algorithm is run and the final
106 * formatting of the token is completed.
107 */
108enum attest_token_err_t
109attest_realm_token_sign(struct attest_token_encode_ctx *me,
110 struct q_useful_buf_c *completed_token);
111
112/*
113 * Combine realm token and platform token to top-level cca token
114 *
115 * attest_token_buf Pointer and length to the buffer where the token will be
116 * written.
117 * realm_token Pointer and length to the realm token.
118 *
119 * Return 0 in case of error, the length of the cca token otherwise.
120 */
121size_t attest_cca_token_create(struct q_useful_buf *attest_token_buf,
122 const struct q_useful_buf_c *realm_token);
123
124/*
125 * Assemble the Realm token in the buffer provided in realm_token_buf,
126 * except the signature.
127 *
128 * Arguments:
129 * Algorithm - Algorithm used during measurement.
130 * Measurement - Array of buffers containing all the measurements.
131 * num_measurements - Number of measurements to add to the token.
132 * rpv - Realm Personalization value
133 * ctx - Token sign context, used for signing.
134 * realm_token_buf - Buffer where to assemble the attestation token.
135 *
136 * Returns ATTEST_TOKEN_ERR_SUCCESS (0) on success or a negative error code
137 * otherwise.
138 */
139int attest_realm_token_create(enum hash_algo algorithm,
140 unsigned char measurements[][MAX_MEASUREMENT_SIZE],
141 unsigned int num_measurements,
142 struct q_useful_buf_c *rpv,
143 struct token_sign_ctx *ctx,
144 struct q_useful_buf *realm_token_buf);
145
146
147#endif /* ATTESTATION_TOKEN_H */