Blame - lib/attestation/include/attestation_token.h - TF-RMM/tf-rmm

blob: 0047b85317b3dc14b9e7330363a7765b5c1f34f6 [file] [log] [blame]

Soby Mathew	b4c6df4	2022-11-09 11:13:29 +0000	[diff] [blame]	1	/*
				2	* SPDX-License-Identifier: BSD-3-Clause
				3	* SPDX-FileCopyrightText: Copyright Laurence Lundblade.
				4	* SPDX-FileCopyrightText: Copyright TF-RMM Contributors.
				5	*/
				6
				7	/*
				8	* This file is derived from:
				9	* trusted-firmware-m/secure_fw/partitions/initial_attestation/attest_token.h
				10	*/
				11
				12	#ifndef ATTESTATION_TOKEN_H
				13	#define ATTESTATION_TOKEN_H
				14
				15	#include <measurement.h>
				16	#include <qcbor/qcbor.h>
				17	#include <t_cose/q_useful_buf.h>
Soby Mathew	4d4c21a	2023-06-29 14:52:41 +0200	[diff] [blame]	18	#include <t_cose/t_cose_sign1_sign.h>
Mate Toth-Pal	c69951d	2023-03-17 17:30:50 +0100	[diff] [blame]	19	#include <t_cose_psa_crypto.h>
Soby Mathew	b4c6df4	2022-11-09 11:13:29 +0000	[diff] [blame]	20
				21	#define ATTEST_TOKEN_BUFFER_SIZE GRANULE_SIZE
				22
				23	enum attest_token_err_t {
				24	/* Success */
				25	ATTEST_TOKEN_ERR_SUCCESS = 0,
				26	/* The buffer passed in to receive the output is too small. */
				27	ATTEST_TOKEN_ERR_TOO_SMALL,
				28	/*
				29	* Something went wrong formatting the CBOR, most likely the
				30	* payload has maps or arrays that are not closed.
				31	*/
				32	ATTEST_TOKEN_ERR_CBOR_FORMATTING,
				33	/* Signing key is not found or of wrong type. */
				34	ATTEST_TOKEN_ERR_SIGNING_KEY,
				35	ATTEST_TOKEN_ERR_COSE_ERROR,
				36	/* Signing is in progress, function should be called with the same
				37	* parameters again.
				38	*/
				39	ATTEST_TOKEN_ERR_COSE_SIGN_IN_PROGRESS
				40	};
				41
				42	/* The state of the realm token generation */
				43	enum attest_token_gen_state_t {
				44	ATTEST_SIGN_NOT_STARTED,
				45	ATTEST_SIGN_IN_PROGRESS,
				46	ATTEST_SIGN_TOKEN_WRITE_IN_PROGRESS,
				47	};
				48
				49	/*
				50	* The context for creating an attestation token. The caller of
				51	* attest_token_encode must create one of these and pass it to the functions
				52	* here. It is small enough that it can go on the stack. It is most of
				53	* the memory needed to create a token except the output buffer and
				54	* any memory requirements for the cryptographic operations.
				55	*
				56	* The structure is opaque for the caller.
				57	*
				58	* This is roughly 148 + 8 + 32 = 188 bytes
				59	*/
				60
				61	struct attest_token_encode_ctx {
				62	/* Private data structure */
Mate Toth-Pal	c69951d	2023-03-17 17:30:50 +0100	[diff] [blame]	63	QCBOREncodeContext cbor_enc_ctx;
				64	uint32_t opt_flags;
				65	int32_t key_select;
Soby Mathew	4d4c21a	2023-06-29 14:52:41 +0200	[diff] [blame]	66	struct t_cose_sign1_sign_ctx signer_ctx;
				67	struct t_cose_signature_sign_main_restart_ctx signer_restart_ctx;
Mate Toth-Pal	c69951d	2023-03-17 17:30:50 +0100	[diff] [blame]	68	struct t_cose_psa_crypto_context crypto_ctx;
Soby Mathew	b4c6df4	2022-11-09 11:13:29 +0000	[diff] [blame]	69	};
				70
				71	#define ATTEST_CHALLENGE_SIZE (64)
				72
				73	/*
				74	* The context for signing an attestation token. Each REC contains one context
				75	* that is passed to the attestation library during attestation token creation
				76	* to keep track of the signing state.
				77	*/
				78	struct token_sign_ctx {
				79	/*
				80	* 'state' is used to implement a state machine
				81	* to track the current state of signing.
				82	*/
				83	enum attest_token_gen_state_t state;
				84	struct attest_token_encode_ctx ctx;
				85	/* Data saved in the first iteration */
				86	unsigned long token_ipa;
				87	unsigned char challenge[ATTEST_CHALLENGE_SIZE];
				88	};
				89
				90	/*
				91	* Sign the realm token and complete the CBOR encoding.
				92	* This function returns ATTEST_TOKEN_ERR_COSE_SIGN_IN_PROGRESS
				93	* if signing is not complete and this function needs to be
				94	* invoked again. ATTEST_TOKEN_ERR_SUCCESS is returned if
				95	* signing is complete and `completed_token` is valid.
				96	* Else returns one of the attest_token_err_t errors on
				97	* any other error.
				98	*
				99	* me Token Creation Context.
				100	* completed_token Pointer and length to completed token.
				101	*
				102	* This completes the token after the payload has been added. When
				103	* this is called the signing algorithm is run and the final
				104	* formatting of the token is completed.
				105	*/
				106	enum attest_token_err_t
				107	attest_realm_token_sign(struct attest_token_encode_ctx *me,
				108	struct q_useful_buf_c *completed_token);
				109
				110	/*
				111	* Combine realm token and platform token to top-level cca token
				112	*
				113	* attest_token_buf Pointer and length to the buffer where the token will be
				114	* written.
				115	* realm_token Pointer and length to the realm token.
				116	*
				117	* Return 0 in case of error, the length of the cca token otherwise.
				118	*/
				119	size_t attest_cca_token_create(struct q_useful_buf *attest_token_buf,
				120	const struct q_useful_buf_c *realm_token);
				121
				122	/*
				123	* Assemble the Realm token in the buffer provided in realm_token_buf,
				124	* except the signature.
				125	*
				126	* Arguments:
				127	* Algorithm - Algorithm used during measurement.
				128	* Measurement - Array of buffers containing all the measurements.
				129	* num_measurements - Number of measurements to add to the token.
				130	* rpv - Realm Personalization value
				131	* ctx - Token sign context, used for signing.
				132	* realm_token_buf - Buffer where to assemble the attestation token.
				133	*
				134	* Returns ATTEST_TOKEN_ERR_SUCCESS (0) on success or a negative error code
				135	* otherwise.
				136	*/
				137	int attest_realm_token_create(enum hash_algo algorithm,
				138	unsigned char measurements[][MAX_MEASUREMENT_SIZE],
				139	unsigned int num_measurements,
				140	struct q_useful_buf_c *rpv,
				141	struct token_sign_ctx *ctx,
				142	struct q_useful_buf *realm_token_buf);
				143
				144
				145	#endif /* ATTESTATION_TOKEN_H */