Replace se-proxy service backends with stubs
To facilitate the development of proxy backends that will
communicate with a remote secure element, the se-proxy
deployment has been modified to use stub components that
honour all service provider dependencies but don't do
anything. This simplifies the se-proxy built image in
preparation for adding the se service clients.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: I2dac1e295814839d4c7dccf4120667186d7ea6de
diff --git a/components/service/attestation/key_mngr/stub/component.cmake b/components/service/attestation/key_mngr/stub/component.cmake
new file mode 100644
index 0000000..97d526e
--- /dev/null
+++ b/components/service/attestation/key_mngr/stub/component.cmake
@@ -0,0 +1,13 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+if (NOT DEFINED TGT)
+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
+endif()
+
+target_sources(${TGT} PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}/stub_attest_key_mngr.c"
+ )
diff --git a/components/service/attestation/key_mngr/stub/stub_attest_key_mngr.c b/components/service/attestation/key_mngr/stub/stub_attest_key_mngr.c
new file mode 100644
index 0000000..d07e804
--- /dev/null
+++ b/components/service/attestation/key_mngr/stub/stub_attest_key_mngr.c
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <psa/error.h>
+#include <service/attestation/key_mngr/attest_key_mngr.h>
+
+psa_status_t attest_key_mngr_get_iak_handle(
+ psa_key_handle_t *iak_handle)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t attest_key_mngr_export_iak_public_key(
+ uint8_t *data, size_t data_size, size_t *data_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+size_t attest_key_mngr_max_iak_export_size(void)
+{
+ return 0;
+}
+
+size_t attest_key_mngr_max_iak_import_size(void)
+{
+ return 0;
+ }
+
+psa_status_t attest_key_mngr_import_iak(const uint8_t *data, size_t data_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+bool attest_key_mngr_iak_exists(void)
+{
+ return false;
+}
diff --git a/components/service/attestation/reporter/stub/component.cmake b/components/service/attestation/reporter/stub/component.cmake
new file mode 100644
index 0000000..b8ec878
--- /dev/null
+++ b/components/service/attestation/reporter/stub/component.cmake
@@ -0,0 +1,13 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+if (NOT DEFINED TGT)
+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
+endif()
+
+target_sources(${TGT} PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}/stub_attest_report.c"
+ )
diff --git a/components/service/attestation/reporter/stub/stub_attest_report.c b/components/service/attestation/reporter/stub/stub_attest_report.c
new file mode 100644
index 0000000..d24dd5e
--- /dev/null
+++ b/components/service/attestation/reporter/stub/stub_attest_report.c
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/**
+ * A stub attestation reporter that doesn't do anything apart from
+ * return failure whne requested to create a report. Intended to
+ * be used when creating a new deployment to temporarily satisfy
+ * attestation service provider dependencies on a reporter.
+ */
+
+#include <stddef.h>
+#include <psa/error.h>
+#include <service/attestation/reporter/attest_report.h>
+
+int attest_report_create(int32_t client_id,
+ const uint8_t *auth_challenge_data, size_t auth_challenge_len,
+ const uint8_t **report, size_t *report_len)
+{
+ *report = NULL;
+ *report_len = 0;
+
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+void attest_report_destroy(const uint8_t *report)
+{
+ (void)report;
+}
diff --git a/components/service/crypto/backend/stub/component.cmake b/components/service/crypto/backend/stub/component.cmake
new file mode 100644
index 0000000..5972f5d
--- /dev/null
+++ b/components/service/crypto/backend/stub/component.cmake
@@ -0,0 +1,21 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+if (NOT DEFINED TGT)
+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
+endif()
+
+target_sources(${TGT} PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}/stub_crypto_backend.c"
+ )
+
+# The stub crypto backend uses the psa crypto client to realize the
+# psa crypto API that the crypto provider depends on. This define
+# configures the psa crypto client to be built with the stub crypto
+# caller.
+target_compile_definitions(${TGT} PRIVATE
+ PSA_CRYPTO_CLIENT_CALLER_SELECTION_H="service/crypto/client/caller/stub/crypto_caller.h"
+)
diff --git a/components/service/crypto/backend/stub/stub_crypto_backend.c b/components/service/crypto/backend/stub/stub_crypto_backend.c
new file mode 100644
index 0000000..f969b43
--- /dev/null
+++ b/components/service/crypto/backend/stub/stub_crypto_backend.c
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stddef.h>
+#include <psa/crypto.h>
+#include <service/crypto/client/psa/psa_crypto_client.h>
+#include <protocols/rpc/common/packed-c/status.h>
+#include <rpc/dummy/dummy_caller.h>
+#include "stub_crypto_backend.h"
+
+psa_status_t stub_crypto_backend_init(void)
+{
+ static struct dummy_caller dummy_caller;
+ struct rpc_caller *caller = dummy_caller_init(&dummy_caller,
+ TS_RPC_CALL_ACCEPTED, PSA_ERROR_SERVICE_FAILURE);
+
+ psa_status_t status = psa_crypto_client_init(caller);
+
+ if (status == PSA_SUCCESS)
+ status = psa_crypto_init();
+
+ return status;
+}
+
+void stub_crypto_backend_deinit(void)
+{
+ psa_crypto_client_deinit();
+}
diff --git a/components/service/crypto/backend/stub/stub_crypto_backend.h b/components/service/crypto/backend/stub/stub_crypto_backend.h
new file mode 100644
index 0000000..8c0477e
--- /dev/null
+++ b/components/service/crypto/backend/stub/stub_crypto_backend.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_BACKEND_H
+#define STUB_CRYPTO_BACKEND_H
+
+#include <psa/error.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Initialize the stub crypto backend
+ *
+ * Initializes a crypto backend that uses the psa API client with a
+ * stub backend caller to realize the PSA crypto API used by the crypto
+ * service proviser.
+ *
+ * \return PSA_SUCCESS if backend initialized successfully
+ */
+psa_status_t stub_crypto_backend_init(void);
+
+/**
+ * \brief Clean-up to free any resource used by the crypto backend
+ */
+void stub_crypto_backend_deinit(void);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* STUB_CRYPTO_BACKEND_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller.h b/components/service/crypto/client/caller/stub/crypto_caller.h
new file mode 100644
index 0000000..857bd38
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_H
+#define STUB_CRYPTO_CALLER_H
+
+/**
+ * A crypto caller that provides stub functions for all crypto
+ * operations. This will never be used in a production deployment
+ * but is useful during development to provide place holders for
+ * real crypto caller implementations.
+ */
+#include "crypto_caller_aead.h"
+#include "crypto_caller_copy_key.h"
+#include "crypto_caller_generate_key.h"
+#include "crypto_caller_hash.h"
+#include "crypto_caller_mac.h"
+#include "crypto_caller_asymmetric_decrypt.h"
+#include "crypto_caller_destroy_key.h"
+#include "crypto_caller_generate_random.h"
+#include "crypto_caller_import_key.h"
+#include "crypto_caller_purge_key.h"
+#include "crypto_caller_asymmetric_encrypt.h"
+#include "crypto_caller_export_key.h"
+#include "crypto_caller_get_key_attributes.h"
+#include "crypto_caller_sign_hash.h"
+#include "crypto_caller_cipher.h"
+#include "crypto_caller_export_public_key.h"
+#include "crypto_caller_key_derivation.h"
+#include "crypto_caller_verify_hash.h"
+
+#endif /* STUB_CRYPTO_CALLER_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_aead.h b/components/service/crypto/client/caller/stub/crypto_caller_aead.h
new file mode 100644
index 0000000..18aa8ce
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_aead.h
@@ -0,0 +1,142 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_AEAD_H
+#define STUB_CRYPTO_CALLER_AEAD_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_aead_encrypt(struct service_client *context,
+ psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *plaintext,
+ size_t plaintext_length,
+ uint8_t *aeadtext,
+ size_t aeadtext_size,
+ size_t *aeadtext_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_decrypt(struct service_client *context,
+ psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *aeadtext,
+ size_t aeadtext_length,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_encrypt_setup(struct service_client *context,
+ uint32_t *op_handle,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_decrypt_setup(struct service_client *context,
+ uint32_t *op_handle,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_generate_nonce(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *nonce,
+ size_t nonce_size,
+ size_t *nonce_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_set_nonce(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *nonce,
+ size_t nonce_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_set_lengths(struct service_client *context,
+ uint32_t op_handle,
+ size_t ad_length,
+ size_t plaintext_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_update_ad(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *input,
+ size_t input_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_update(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_finish(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *aeadtext,
+ size_t aeadtext_size,
+ size_t *aeadtext_length,
+ uint8_t *tag,
+ size_t tag_size,
+ size_t *tag_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_verify(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length,
+ const uint8_t *tag,
+ size_t tag_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_aead_abort(struct service_client *context,
+ uint32_t op_handle)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_AEAD_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_asymmetric_decrypt.h b/components/service/crypto/client/caller/stub/crypto_caller_asymmetric_decrypt.h
new file mode 100644
index 0000000..8f64b48
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_asymmetric_decrypt.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_ASYMMETRIC_DECRYPT_H
+#define STUB_CRYPTO_CALLER_ASYMMETRIC_DECRYPT_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_asymmetric_decrypt(struct service_client *context,
+ psa_key_id_t id,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_ASYMMETRIC_DECRYPT_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_asymmetric_encrypt.h b/components/service/crypto/client/caller/stub/crypto_caller_asymmetric_encrypt.h
new file mode 100644
index 0000000..f75df39
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_asymmetric_encrypt.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_ASYMMETRIC_ENCRYPT_H
+#define STUB_CRYPTO_CALLER_ASYMMETRIC_ENCRYPT_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_asymmetric_encrypt(struct service_client *context,
+ psa_key_id_t id,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_ASYMMETRIC_ENCRYPT_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_cipher.h b/components/service/crypto/client/caller/stub/crypto_caller_cipher.h
new file mode 100644
index 0000000..b216b4b
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_cipher.h
@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_CIPHER_H
+#define STUB_CRYPTO_CALLER_CIPHER_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_cipher_encrypt_setup(struct service_client *context,
+ uint32_t *op_handle,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_cipher_decrypt_setup(struct service_client *context,
+ uint32_t *op_handle,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_cipher_generate_iv(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *iv,
+ size_t iv_size,
+ size_t *iv_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_cipher_set_iv(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *iv,
+ size_t iv_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_cipher_update(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_cipher_finish(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_cipher_abort(struct service_client *context,
+ uint32_t op_handle)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline size_t crypto_caller_cipher_max_update_size(struct service_client *context)
+{
+ return 0;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_CIPHER_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_copy_key.h b/components/service/crypto/client/caller/stub/crypto_caller_copy_key.h
new file mode 100644
index 0000000..0fd70dc
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_copy_key.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_COPY_KEY_H
+#define STUB_CRYPTO_CALLER_COPY_KEY_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_copy_key(struct service_client *context,
+ psa_key_id_t source_key,
+ const psa_key_attributes_t *attributes,
+ psa_key_id_t *target_key)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_COPY_KEY_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_destroy_key.h b/components/service/crypto/client/caller/stub/crypto_caller_destroy_key.h
new file mode 100644
index 0000000..9233b6c
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_destroy_key.h
@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_DESTROY_KEY_H
+#define STUB_CRYPTO_CALLER_DESTROY_KEY_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_destroy_key(struct service_client *context,
+ psa_key_id_t id)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_DESTROY_KEY_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_export_key.h b/components/service/crypto/client/caller/stub/crypto_caller_export_key.h
new file mode 100644
index 0000000..05d7a32
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_export_key.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_EXPORT_KEY_H
+#define STUB_CRYPTO_CALLER_EXPORT_KEY_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_export_key(struct service_client *context,
+ psa_key_id_t id,
+ uint8_t *data, size_t data_size, size_t *data_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_EXPORT_KEY_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_export_public_key.h b/components/service/crypto/client/caller/stub/crypto_caller_export_public_key.h
new file mode 100644
index 0000000..fff982b
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_export_public_key.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_EXPORT_PUBLIC_KEY_H
+#define STUB_CRYPTO_CALLER_EXPORT_PUBLIC_KEY_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_export_public_key(struct service_client *context,
+ psa_key_id_t id,
+ uint8_t *data, size_t data_size, size_t *data_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_EXPORT_PUBLIC_KEY_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_generate_key.h b/components/service/crypto/client/caller/stub/crypto_caller_generate_key.h
new file mode 100644
index 0000000..ceb587b
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_generate_key.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_GENERATE_KEY_H
+#define STUB_CRYPTO_CALLER_GENERATE_KEY_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_generate_key(struct service_client *context,
+ const psa_key_attributes_t *attributes,
+ psa_key_id_t *id)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_GENERATE_KEY_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_generate_random.h b/components/service/crypto/client/caller/stub/crypto_caller_generate_random.h
new file mode 100644
index 0000000..c7c339c
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_generate_random.h
@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_GENERATE_RANDOM_H
+#define STUB_CRYPTO_CALLER_GENERATE_RANDOM_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_generate_random(struct service_client *context,
+ uint8_t *output, size_t output_size)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_GENERATE_RANDOM_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_get_key_attributes.h b/components/service/crypto/client/caller/stub/crypto_caller_get_key_attributes.h
new file mode 100644
index 0000000..4de442d
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_get_key_attributes.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_GET_KEY_ATTRIBUTES_H
+#define STUB_CRYPTO_CALLER_GET_KEY_ATTRIBUTES_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_get_key_attributes(struct service_client *context,
+ psa_key_id_t key,
+ psa_key_attributes_t *attributes)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_GET_KEY_ATTRIBUTES_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_hash.h b/components/service/crypto/client/caller/stub/crypto_caller_hash.h
new file mode 100644
index 0000000..2faee02
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_hash.h
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_HASH_H
+#define STUB_CRYPTO_CALLER_HASH_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_hash_setup(struct service_client *context,
+ uint32_t *op_handle,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_hash_update(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *input,
+ size_t input_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_hash_finish(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_hash_abort(struct service_client *context,
+ uint32_t op_handle)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_hash_verify(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *hash,
+ size_t hash_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_hash_clone(struct service_client *context,
+ uint32_t source_op_handle,
+ uint32_t *target_op_handle)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_hash_suspend(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *hash_state,
+ size_t hash_state_size,
+ size_t *hash_state_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_hash_resume(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *hash_state,
+ size_t hash_state_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline size_t crypto_caller_hash_max_update_size(struct service_client *context)
+{
+ return 0;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_HASH_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_import_key.h b/components/service/crypto/client/caller/stub/crypto_caller_import_key.h
new file mode 100644
index 0000000..ed41a10
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_import_key.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_IMPORT_KEY_H
+#define STUB_CRYPTO_CALLER_IMPORT_KEY_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_import_key(struct service_client *context,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ psa_key_id_t *id)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_IMPORT_KEY_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_key_derivation.h b/components/service/crypto/client/caller/stub/crypto_caller_key_derivation.h
new file mode 100644
index 0000000..cb568c6
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_key_derivation.h
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_KEY_DERIVATION_H
+#define STUB_CRYPTO_CALLER_KEY_DERIVATION_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_key_derivation_setup(struct service_client *context,
+ uint32_t *op_handle,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_key_derivation_get_capacity(struct service_client *context,
+ const uint32_t op_handle,
+ size_t *capacity)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_key_derivation_set_capacity(struct service_client *context,
+ uint32_t op_handle,
+ size_t capacity)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_key_derivation_input_bytes(struct service_client *context,
+ uint32_t op_handle,
+ psa_key_derivation_step_t step,
+ const uint8_t *data,
+ size_t data_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_key_derivation_input_key(struct service_client *context,
+ uint32_t op_handle,
+ psa_key_derivation_step_t step,
+ psa_key_id_t key)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_key_derivation_output_bytes(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *output,
+ size_t output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_key_derivation_output_key(struct service_client *context,
+ const psa_key_attributes_t *attributes,
+ uint32_t op_handle,
+ psa_key_id_t *key)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_key_derivation_abort(struct service_client *context,
+ uint32_t op_handle)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_key_derivation_key_agreement(struct service_client *context,
+ uint32_t op_handle,
+ psa_key_derivation_step_t step,
+ psa_key_id_t private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_raw_key_agreement(struct service_client *context,
+ psa_algorithm_t alg,
+ psa_key_id_t private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_KEY_DERIVATION_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_mac.h b/components/service/crypto/client/caller/stub/crypto_caller_mac.h
new file mode 100644
index 0000000..6c5b870
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_mac.h
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_MAC_H
+#define STUB_CRYPTO_CALLER_MAC_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+static inline psa_status_t crypto_caller_mac_sign_setup(struct service_client *context,
+ uint32_t *op_handle,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_mac_verify_setup(struct service_client *context,
+ uint32_t *op_handle,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_mac_update(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *input,
+ size_t input_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_mac_sign_finish(struct service_client *context,
+ uint32_t op_handle,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_mac_verify_finish(struct service_client *context,
+ uint32_t op_handle,
+ const uint8_t *mac,
+ size_t mac_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline psa_status_t crypto_caller_mac_abort(struct service_client *context,
+ uint32_t op_handle)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+static inline size_t crypto_caller_mac_max_update_size(struct service_client *context)
+{
+ return 0;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_MAC_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_purge_key.h b/components/service/crypto/client/caller/stub/crypto_caller_purge_key.h
new file mode 100644
index 0000000..af04af9
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_purge_key.h
@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_PURGE_KEY_H
+#define STUB_CRYPTO_CALLER_PURGE_KEY_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_purge_key(struct service_client *context,
+ psa_key_id_t key)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_PURGE_KEY_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_sign_hash.h b/components/service/crypto/client/caller/stub/crypto_caller_sign_hash.h
new file mode 100644
index 0000000..d09369a
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_sign_hash.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_SIGN_HASH_H
+#define STUB_CRYPTO_CALLER_SIGN_HASH_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_sign_hash(struct service_client *context,
+ psa_key_id_t id,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_SIGN_HASH_H */
diff --git a/components/service/crypto/client/caller/stub/crypto_caller_verify_hash.h b/components/service/crypto/client/caller/stub/crypto_caller_verify_hash.h
new file mode 100644
index 0000000..20d11dc
--- /dev/null
+++ b/components/service/crypto/client/caller/stub/crypto_caller_verify_hash.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STUB_CRYPTO_CALLER_VERIFY_HASH_H
+#define STUB_CRYPTO_CALLER_VERIFY_HASH_H
+
+#include <psa/crypto.h>
+#include <service/common/client/service_client.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static inline psa_status_t crypto_caller_verify_hash(struct service_client *context,
+ psa_key_id_t id,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STUB_CRYPTO_CALLER_VERIFY_HASH_H */
diff --git a/components/service/crypto/client/psa/psa_crypto_client.c b/components/service/crypto/client/psa/psa_crypto_client.c
index 5c2a87c..1c0e055 100644
--- a/components/service/crypto/client/psa/psa_crypto_client.c
+++ b/components/service/crypto/client/psa/psa_crypto_client.c
@@ -5,7 +5,6 @@
*/
#include <stddef.h>
-#include <service/discovery/client/discovery_client.h>
#include "psa_crypto_client.h"
struct psa_crypto_client psa_crypto_client_instance = {
@@ -31,14 +30,7 @@
psa_status_t psa_crypto_client_init(struct rpc_caller *caller)
{
- psa_status_t status = service_client_init(&psa_crypto_client_instance.base, caller);
-
- if (status == PSA_SUCCESS) {
-
- status = discovery_client_get_service_info(&psa_crypto_client_instance.base);
- }
-
- return status;
+ return service_client_init(&psa_crypto_client_instance.base, caller);
}
void psa_crypto_client_deinit(void)
diff --git a/components/service/crypto/client/psa/psa_crypto_client.h b/components/service/crypto/client/psa/psa_crypto_client.h
index 4fc54a3..fbf6046 100644
--- a/components/service/crypto/client/psa/psa_crypto_client.h
+++ b/components/service/crypto/client/psa/psa_crypto_client.h
@@ -57,6 +57,19 @@
*/
int psa_crypto_client_rpc_status(void);
+/**
+ * @brief Get the base service_client
+ *
+ * Returns a pointer to the base service_client member of the singleton psa crypto
+ * client.
+ *
+ * @return Base service_client
+ */
+static inline struct service_client *psa_crypto_client_base(void)
+{
+ return &psa_crypto_client_instance.base;
+}
+
#ifdef __cplusplus
}
#endif
diff --git a/components/service/crypto/test/service/psa_crypto_api/psa_crypto_api_tests.cpp b/components/service/crypto/test/service/psa_crypto_api/psa_crypto_api_tests.cpp
index a34afaf..b222995 100644
--- a/components/service/crypto/test/service/psa_crypto_api/psa_crypto_api_tests.cpp
+++ b/components/service/crypto/test/service/psa_crypto_api/psa_crypto_api_tests.cpp
@@ -8,6 +8,7 @@
#include <psa/crypto.h>
#include <service/crypto/client/psa/psa_crypto_client.h>
#include <service/crypto/test/service/crypto_service_scenarios.h>
+#include <service/discovery/client/discovery_client.h>
#include <protocols/rpc/common/packed-c/encoding.h>
#include <service_locator.h>
#include <CppUTest/TestHarness.h>
@@ -37,6 +38,8 @@
psa_crypto_client_init(caller);
psa_crypto_init();
+ discovery_client_get_service_info(psa_crypto_client_base());
+
m_scenarios = new crypto_service_scenarios(new psa_crypto_api_client());
}
diff --git a/deployments/psa-api-test/crypto/crypto_locator.c b/deployments/psa-api-test/crypto/crypto_locator.c
index 609c525..7f58d4a 100644
--- a/deployments/psa-api-test/crypto/crypto_locator.c
+++ b/deployments/psa-api-test/crypto/crypto_locator.c
@@ -7,6 +7,7 @@
#include <stddef.h>
#include <service_locator.h>
#include <service/crypto/client/psa/psa_crypto_client.h>
+#include <service/discovery/client/discovery_client.h>
#include <protocols/rpc/common/packed-c/encoding.h>
#include "../service_under_test.h"
@@ -41,6 +42,8 @@
psa_crypto_client_init(caller);
}
+ discovery_client_get_service_info(psa_crypto_client_base());
+
status = 0;
}
else {
diff --git a/deployments/se-proxy/opteesp/CMakeLists.txt b/deployments/se-proxy/opteesp/CMakeLists.txt
index b5bdc64..2fb4bcc 100644
--- a/deployments/se-proxy/opteesp/CMakeLists.txt
+++ b/deployments/se-proxy/opteesp/CMakeLists.txt
@@ -31,12 +31,6 @@
target_link_libraries(se-proxy PRIVATE ${SP_DEV_KIT_LIBRARIES})
#-------------------------------------------------------------------------------
-# Default deployment specific configuration
-#
-#-------------------------------------------------------------------------------
-set(TS_NO_FLOAT_HW ON)
-
-#-------------------------------------------------------------------------------
# Components that are specific to deployment in the opteesp environment.
#
#-------------------------------------------------------------------------------
@@ -56,9 +50,11 @@
"components/rpc/common/demux"
"components/service/common/include"
"components/service/common/serializer/protobuf"
+ "components/service/common/client"
"components/service/common/provider"
"components/service/discovery/provider"
"components/service/discovery/provider/serializer/packed-c"
+ "components/service/crypto/include"
"components/service/crypto/provider"
"components/service/crypto/provider/serializer/protobuf"
"components/service/crypto/provider/serializer/packed-c"
@@ -77,24 +73,14 @@
"components/service/attestation/provider"
"components/service/attestation/provider/serializer/packed-c"
- # Components that won't be in a proxy
- "components/common/endian"
- "components/service/attestation/claims"
- "components/service/attestation/claims/sources/boot_seed_generator"
- "components/service/attestation/claims/sources/null_lifecycle"
- "components/service/attestation/claims/sources/instance_id"
- "components/service/attestation/claims/sources/implementation_id"
- "components/service/attestation/claims/sources/event_log"
- "components/service/attestation/claims/sources/event_log/mock"
- "components/service/attestation/reporter/local"
- "components/service/attestation/reporter/eat"
- "components/service/attestation/key_mngr/local"
- "components/service/secure_storage/frontend/psa/its"
- "components/service/secure_storage/backend/secure_flash_store"
- "components/service/secure_storage/backend/secure_flash_store/flash_fs"
- "components/service/secure_storage/backend/secure_flash_store/flash"
- "components/service/crypto/backend/mbedcrypto"
- "components/service/crypto/backend/mbedcrypto/trng_adapter/platform"
+ # Stub service provider backends
+ "components/rpc/dummy"
+ "components/rpc/common/caller"
+ "components/service/attestation/reporter/stub"
+ "components/service/attestation/key_mngr/stub"
+ "components/service/crypto/backend/stub"
+ "components/service/crypto/client/psa"
+ "components/service/secure_storage/backend/mock_store"
)
target_sources(se-proxy PRIVATE
@@ -124,18 +110,6 @@
target_link_libraries(se-proxy PRIVATE nanopb::protobuf-nanopb-static)
protobuf_generate_all(TGT "se-proxy" NAMESPACE "protobuf" BASE_DIR "${TS_ROOT}/protocols")
-# Mbed TLS provides libmbedcrypto
-include(../../../external/MbedTLS/MbedTLS.cmake)
-target_link_libraries(se-proxy PRIVATE mbedcrypto)
-
-# Qcbor
-include(${TS_ROOT}/external/qcbor/qcbor.cmake)
-target_link_libraries(se-proxy PRIVATE qcbor)
-
-# t_cose
-include(${TS_ROOT}/external/t_cose/t_cose.cmake)
-target_link_libraries(se-proxy PRIVATE t_cose)
-
#################################################################
target_compile_definitions(se-proxy PRIVATE
diff --git a/deployments/se-proxy/opteesp/default_se-proxy.dts.in b/deployments/se-proxy/opteesp/default_se-proxy.dts.in
index 9f66eb1..961071a 100644
--- a/deployments/se-proxy/opteesp/default_se-proxy.dts.in
+++ b/deployments/se-proxy/opteesp/default_se-proxy.dts.in
@@ -16,16 +16,4 @@
execution-state = <0>; /* AArch64 */
xlat-granule = <0>; /* 4KiB */
messaging-method = <0>; /* Direct messaging only */
-
- /* Not needed when crypto proxy is added */
- device-regions {
- compatible = "arm,ffa-manifest-device-regions";
-
- trng {
- /* Armv8 A Foundation Platform values */
- base-address = <0x00000000 0x7fe60000>;
- pages-count = <1>;
- attributes = <0x3>; /* read-write */
- };
- };
};
diff --git a/deployments/se-proxy/opteesp/optee_sp_user_defines.h b/deployments/se-proxy/opteesp/optee_sp_user_defines.h
index feb25e8..3c25e43 100644
--- a/deployments/se-proxy/opteesp/optee_sp_user_defines.h
+++ b/deployments/se-proxy/opteesp/optee_sp_user_defines.h
@@ -17,6 +17,6 @@
#define OPTEE_SP_STACK_SIZE (64 * 1024)
/* Provisioned heap size */
-#define OPTEE_SP_HEAP_SIZE (480 * 1024)
+#define OPTEE_SP_HEAP_SIZE (32 * 1024)
#endif /* SP_HEADER_DEFINES_H */
diff --git a/deployments/se-proxy/opteesp/service_proxy_factory.c b/deployments/se-proxy/opteesp/service_proxy_factory.c
index 6261128..acfb6e8 100644
--- a/deployments/se-proxy/opteesp/service_proxy_factory.c
+++ b/deployments/se-proxy/opteesp/service_proxy_factory.c
@@ -9,58 +9,20 @@
#include <service/attestation/provider/attest_provider.h>
#include <service/attestation/provider/serializer/packed-c/packedc_attest_provider_serializer.h>
#include <service/crypto/factory/crypto_provider_factory.h>
-#include <components/service/secure_storage/frontend/secure_storage_provider/secure_storage_provider.h>
+#include <service/secure_storage/frontend/secure_storage_provider/secure_storage_provider.h>
-/* Not needed once proxy backends added */
-#include <service/attestation/claims/claims_register.h>
-#include <service/attestation/claims/sources/event_log/event_log_claim_source.h>
-#include <service/attestation/claims/sources/boot_seed_generator/boot_seed_generator.h>
-#include <service/attestation/claims/sources/null_lifecycle/null_lifecycle_claim_source.h>
-#include <service/attestation/claims/sources/instance_id/instance_id_claim_source.h>
-#include <service/secure_storage/backend/secure_flash_store/secure_flash_store.h>
-#include <service/crypto/backend/mbedcrypto/mbedcrypto_backend.h>
-#include <service/attestation/key_mngr/local/local_attest_key_mngr.h>
-
-
-/* A shared storage backend - should be removed when proxy backends are added */
-static struct storage_backend *shared_storage_backend = NULL;
-
+/* Stub backends */
+#include <service/crypto/backend/stub/stub_crypto_backend.h>
+#include <service/secure_storage/backend/mock_store/mock_store.h>
struct rpc_interface *attest_proxy_create(void)
{
struct rpc_interface *attest_iface;
- struct claim_source *claim_source;
/* Static objects for proxy instance */
static struct attest_provider attest_provider;
- /* Claim sources for deployment */
- static struct event_log_claim_source event_log_claim_source;
- static struct boot_seed_generator boot_seed_claim_source;
- static struct null_lifecycle_claim_source lifecycle_claim_source;
- static struct instance_id_claim_source instance_id_claim_source;
-
- /* Register claim sources for deployment */
- claims_register_init();
-
- /* Boot measurement claim source */
- claim_source = event_log_claim_source_init_from_config(&event_log_claim_source);
- claims_register_add_claim_source(CLAIM_CATEGORY_BOOT_MEASUREMENT, claim_source);
-
- /* Boot seed claim source */
- claim_source = boot_seed_generator_init(&boot_seed_claim_source);
- claims_register_add_claim_source(CLAIM_CATEGORY_DEVICE, claim_source);
-
- /* Lifecycle state claim source */
- claim_source = null_lifecycle_claim_source_init(&lifecycle_claim_source);
- claims_register_add_claim_source(CLAIM_CATEGORY_DEVICE, claim_source);
-
- /* Instance ID claim source */
- claim_source = instance_id_claim_source_init(&instance_id_claim_source);
- claims_register_add_claim_source(CLAIM_CATEGORY_DEVICE, claim_source);
-
/* Initialize the service provider */
- local_attest_key_mngr_init(LOCAL_ATTEST_KEY_MNGR_VOLATILE_IAK);
attest_iface = attest_provider_init(&attest_provider);
attest_provider_register_serializer(&attest_provider,
@@ -74,7 +36,7 @@
struct rpc_interface *crypto_iface = NULL;
struct crypto_provider *crypto_provider;
- if (mbedcrypto_backend_init(shared_storage_backend, 0) == PSA_SUCCESS) {
+ if (stub_crypto_backend_init() == PSA_SUCCESS) {
crypto_provider = crypto_provider_factory_create();
crypto_iface = service_provider_get_rpc_interface(&crypto_provider->base_provider);
@@ -85,18 +47,20 @@
struct rpc_interface *ps_proxy_create(void)
{
- if (!shared_storage_backend) shared_storage_backend = sfs_init();
-
+ static struct mock_store ps_backend;
static struct secure_storage_provider ps_provider;
- return secure_storage_provider_init(&ps_provider, shared_storage_backend);
+ struct storage_backend *backend = mock_store_init(&ps_backend);
+
+ return secure_storage_provider_init(&ps_provider, backend);
}
struct rpc_interface *its_proxy_create(void)
{
- if (!shared_storage_backend) shared_storage_backend = sfs_init();
-
+ static struct mock_store its_backend;
static struct secure_storage_provider its_provider;
- return secure_storage_provider_init(&its_provider, shared_storage_backend);
+ struct storage_backend *backend = mock_store_init(&its_backend);
+
+ return secure_storage_provider_init(&its_provider, backend);
}