TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TS / trusted-services / 644b57af0a419f9ec5bc97e78bb1daf49cf6cf98^! / . / deployments / se-proxy / opteesp
commit644b57af0a419f9ec5bc97e78bb1daf49cf6cf98[log] [tgz]
authorJulian Hall <julian.hall@arm.com>Wed Jun 30 08:45:19 2021 +0100
committerGyorgy Szing <Gyorgy.Szing@arm.com>Wed Oct 06 00:48:07 2021 +0200
treec55e6e6208c36e6a7feb4243febf222c241bcb6a
parent9061e6cdb9315ce52e7308d074e3c57585ab96c4 [diff]
Allow alternative backends for attestation provider

Refactors attestation service components to allow alternative
reporting and key management backends to be added.  This enables
alternative deployments to be supported that realize the
reporting function differently e.g. delegated to a seperate
secure enclave.

Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: I55f8886dd05071b33d8d2deddf0a4a1d5c7c77ae

diff --git a/deployments/se-proxy/opteesp/CMakeLists.txt b/deployments/se-proxy/opteesp/CMakeLists.txt
index 4ab8906..29d2edc 100644
--- a/deployments/se-proxy/opteesp/CMakeLists.txt
+++ b/deployments/se-proxy/opteesp/CMakeLists.txt

@@ -74,8 +74,9 @@
 		"components/service/attestation/claims/sources/instance_id"
 		"components/service/attestation/claims/sources/event_log"
 		"components/service/attestation/claims/sources/event_log/mock"
-		"components/service/attestation/reporter/psa"
-		"components/service/attestation/key_mngr"
+		"components/service/attestation/reporter/local"
+		"components/service/attestation/reporter/eat"
+		"components/service/attestation/key_mngr/local"
 		"components/service/secure_storage/frontend/psa/its"
 		"components/service/secure_storage/backend/secure_flash_store"
 		"components/service/secure_storage/backend/secure_flash_store/flash_fs"

diff --git a/deployments/se-proxy/opteesp/service_proxy_factory.c b/deployments/se-proxy/opteesp/service_proxy_factory.c
index 303ff0f..6bbee65 100644
--- a/deployments/se-proxy/opteesp/service_proxy_factory.c
+++ b/deployments/se-proxy/opteesp/service_proxy_factory.c

@@ -21,6 +21,7 @@
 #include <service/attestation/claims/sources/instance_id/instance_id_claim_source.h>
 #include <service/secure_storage/backend/secure_flash_store/secure_flash_store.h>
 #include <service/crypto/backend/mbedcrypto/mbedcrypto_backend.h>
+#include <service/attestation/key_mngr/local/local_attest_key_mngr.h>
 
 
 /* A shared storage backend - should be removed when proxy backends are added */
@@ -61,7 +62,8 @@
 	claims_register_add_claim_source(CLAIM_CATEGORY_DEVICE, claim_source);
 
 	/* Initialize the service provider */
-	attest_iface = attest_provider_init(&attest_provider, ATTEST_KEY_MNGR_VOLATILE_IAK);
+	local_attest_key_mngr_init(LOCAL_ATTEST_KEY_MNGR_VOLATILE_IAK);
+	attest_iface = attest_provider_init(&attest_provider);
 
 	attest_provider_register_serializer(&attest_provider,
 		TS_RPC_ENCODING_PACKED_C, packedc_attest_provider_serializer_instance());