TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-RMM / tf-rmm / e324291c4054eada2458731ba54ba2bea65f5f94 / . / lib / attestation / include / attestation_token.h
blob: 0ae83905e45b759324a1acf8319f70780309c32c [file] [log] [blame]
Soby Mathewb4c6df42022-11-09 11:13:29 +0000[diff] [blame]1/*
2 * SPDX-License-Identifier: BSD-3-Clause
3 * SPDX-FileCopyrightText: Copyright Laurence Lundblade.
4 * SPDX-FileCopyrightText: Copyright TF-RMM Contributors.
5 */
6
7/*
8 * This file is derived from:
9 * trusted-firmware-m/secure_fw/partitions/initial_attestation/attest_token.h
10 */
11
12#ifndef ATTESTATION_TOKEN_H
13#define ATTESTATION_TOKEN_H
14
15#include <measurement.h>
16#include <qcbor/qcbor.h>
17#include <t_cose/q_useful_buf.h>
Mate Toth-Pal5ea4f372023-06-13 12:25:43 +0200[diff] [blame]18#include <t_cose/t_cose_sign_sign.h>
19#include <t_cose/t_cose_signature_sign_restart.h>
Mate Toth-Palc69951d2023-03-17 17:30:50 +0100[diff] [blame]20#include <t_cose_psa_crypto.h>
Soby Mathewb4c6df42022-11-09 11:13:29 +0000[diff] [blame]21
22#define ATTEST_TOKEN_BUFFER_SIZE GRANULE_SIZE
23
24enum attest_token_err_t {
25 /* Success */
26 ATTEST_TOKEN_ERR_SUCCESS = 0,
27 /* The buffer passed in to receive the output is too small. */
28 ATTEST_TOKEN_ERR_TOO_SMALL,
29 /*
30 * Something went wrong formatting the CBOR, most likely the
31 * payload has maps or arrays that are not closed.
32 */
33 ATTEST_TOKEN_ERR_CBOR_FORMATTING,
34 /* Signing key is not found or of wrong type. */
35 ATTEST_TOKEN_ERR_SIGNING_KEY,
36 ATTEST_TOKEN_ERR_COSE_ERROR,
37 /* Signing is in progress, function should be called with the same
38 * parameters again.
39 */
40 ATTEST_TOKEN_ERR_COSE_SIGN_IN_PROGRESS
41};
42
43/* The state of the realm token generation */
44enum attest_token_gen_state_t {
45 ATTEST_SIGN_NOT_STARTED,
46 ATTEST_SIGN_IN_PROGRESS,
47 ATTEST_SIGN_TOKEN_WRITE_IN_PROGRESS,
48};
49
50/*
51 * The context for creating an attestation token. The caller of
52 * attest_token_encode must create one of these and pass it to the functions
53 * here. It is small enough that it can go on the stack. It is most of
54 * the memory needed to create a token except the output buffer and
55 * any memory requirements for the cryptographic operations.
56 *
57 * The structure is opaque for the caller.
58 *
59 * This is roughly 148 + 8 + 32 = 188 bytes
60 */
61
62struct attest_token_encode_ctx {
63 /* Private data structure */
Mate Toth-Palc69951d2023-03-17 17:30:50 +0100[diff] [blame]64 QCBOREncodeContext cbor_enc_ctx;
65 uint32_t opt_flags;
66 int32_t key_select;
Mate Toth-Pal5ea4f372023-06-13 12:25:43 +0200[diff] [blame]67 struct t_cose_sign_sign_ctx sign_ctx;
68 struct t_cose_signature_sign_restart restartable_signer_ctx;
Mate Toth-Palc69951d2023-03-17 17:30:50 +0100[diff] [blame]69 struct t_cose_psa_crypto_context crypto_ctx;
Soby Mathewb4c6df42022-11-09 11:13:29 +0000[diff] [blame]70};
71
72#define ATTEST_CHALLENGE_SIZE (64)
73
74/*
75 * The context for signing an attestation token. Each REC contains one context
76 * that is passed to the attestation library during attestation token creation
77 * to keep track of the signing state.
78 */
79struct token_sign_ctx {
80 /*
81 * 'state' is used to implement a state machine
82 * to track the current state of signing.
83 */
84 enum attest_token_gen_state_t state;
85 struct attest_token_encode_ctx ctx;
86 /* Data saved in the first iteration */
87 unsigned long token_ipa;
88 unsigned char challenge[ATTEST_CHALLENGE_SIZE];
89};
90
91/*
92 * Sign the realm token and complete the CBOR encoding.
93 * This function returns ATTEST_TOKEN_ERR_COSE_SIGN_IN_PROGRESS
94 * if signing is not complete and this function needs to be
95 * invoked again. ATTEST_TOKEN_ERR_SUCCESS is returned if
96 * signing is complete and `completed_token` is valid.
97 * Else returns one of the attest_token_err_t errors on
98 * any other error.
99 *
100 * me Token Creation Context.
101 * completed_token Pointer and length to completed token.
102 *
103 * This completes the token after the payload has been added. When
104 * this is called the signing algorithm is run and the final
105 * formatting of the token is completed.
106 */
107enum attest_token_err_t
108attest_realm_token_sign(struct attest_token_encode_ctx *me,
109 struct q_useful_buf_c *completed_token);
110
111/*
112 * Combine realm token and platform token to top-level cca token
113 *
114 * attest_token_buf Pointer and length to the buffer where the token will be
115 * written.
116 * realm_token Pointer and length to the realm token.
117 *
118 * Return 0 in case of error, the length of the cca token otherwise.
119 */
120size_t attest_cca_token_create(struct q_useful_buf *attest_token_buf,
121 const struct q_useful_buf_c *realm_token);
122
123/*
124 * Assemble the Realm token in the buffer provided in realm_token_buf,
125 * except the signature.
126 *
127 * Arguments:
128 * Algorithm - Algorithm used during measurement.
129 * Measurement - Array of buffers containing all the measurements.
130 * num_measurements - Number of measurements to add to the token.
131 * rpv - Realm Personalization value
132 * ctx - Token sign context, used for signing.
133 * realm_token_buf - Buffer where to assemble the attestation token.
134 *
135 * Returns ATTEST_TOKEN_ERR_SUCCESS (0) on success or a negative error code
136 * otherwise.
137 */
138int attest_realm_token_create(enum hash_algo algorithm,
139 unsigned char measurements[][MAX_MEASUREMENT_SIZE],
140 unsigned int num_measurements,
141 struct q_useful_buf_c *rpv,
142 struct token_sign_ctx *ctx,
143 struct q_useful_buf *realm_token_buf);
144
145
146#endif /* ATTESTATION_TOKEN_H */