Refactor top-level document structure
In preparation for extending documentation on PSA certified and
secure processing environments, the top-level structure has been
cleaned-up and simplified. PNGs from tf-m for docs home have
been reused for consistency.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: Id2b7d9b46dd90f419d00c417a06003e32862ead0
diff --git a/docs/services/uml/AttestClaimsModel.puml b/docs/services/uml/AttestClaimsModel.puml
new file mode 100644
index 0000000..474d03e
--- /dev/null
+++ b/docs/services/uml/AttestClaimsModel.puml
@@ -0,0 +1,43 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+
+abstract class claim_iterator {
+ {abstract} void first()
+ {abstract} void next()
+ {abstract} bool is_done()
+ {abstract} claim current()
+}
+
+abstract class claim_source {
+ {abstract} bool get_claim(claim *claim)
+}
+
+class claim {
+ +category: int
+ +subject_id: int
+ +variant_id: int
+}
+
+class claims_register <<singleton>> {
+ void add_claim_source(claim_source)
+ void query_by_category(category, claim_vector)
+}
+
+claim <|-- claim_collection
+claim <|-- text_string_claim
+claim <|-- byte_string_claim
+claim <|-- integer_claim
+claim <|-- measurement_claim
+
+claim_iterator ..> claim
+claim_collection ..> claim_iterator
+claim_source ..> claim
+claims_register -> "0..*" claim_source
+
+@enduml
diff --git a/docs/services/uml/AttestImportedIAKflow.puml b/docs/services/uml/AttestImportedIAKflow.puml
new file mode 100644
index 0000000..8abb3a6
--- /dev/null
+++ b/docs/services/uml/AttestImportedIAKflow.puml
@@ -0,0 +1,21 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+participant "factory app"
+participant "attestation service"
+participant "keystore"
+
+hnote over "keystore": empty
+"factory app" -> "attestation service" : import_iak
+"attestation service" -> "keystore" : check_exists
+"attestation service" <-- "keystore" : false
+"attestation service" -> "keystore" : store_key
+hnote over "keystore": provisioned
+"factory app" <-- "attestation service" : success
+
+@enduml
diff --git a/docs/services/uml/AttestPartitioning.puml b/docs/services/uml/AttestPartitioning.puml
new file mode 100644
index 0000000..326cb4d
--- /dev/null
+++ b/docs/services/uml/AttestPartitioning.puml
@@ -0,0 +1,23 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+
+package claims
+package client
+package key_mngr
+package reporter
+package provider
+package protocol
+
+client ..> protocol
+provider ..> protocol
+provider ..> reporter
+provider ..> key_mngr
+reporter ..> claims
+
+@enduml
diff --git a/docs/services/uml/AttestSelfGeneratedIAKflow.puml b/docs/services/uml/AttestSelfGeneratedIAKflow.puml
new file mode 100644
index 0000000..d35e8a6
--- /dev/null
+++ b/docs/services/uml/AttestSelfGeneratedIAKflow.puml
@@ -0,0 +1,22 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+participant "factory app"
+participant "attestation service"
+participant "keystore"
+
+hnote over "keystore": empty
+"factory app" -> "attestation service" : export_iak_public_key
+"attestation service" -> "keystore" : check_exists
+"attestation service" <-- "keystore" : false
+"attestation service" -> "attestation service" : generate_key
+"attestation service" -> "keystore" : store_key
+hnote over "keystore": provisioned
+"factory app" <-- "attestation service" : public_key
+
+@enduml
diff --git a/docs/services/uml/CryptoProviderClassDiagram.puml b/docs/services/uml/CryptoProviderClassDiagram.puml
new file mode 100644
index 0000000..d0176b5
--- /dev/null
+++ b/docs/services/uml/CryptoProviderClassDiagram.puml
@@ -0,0 +1,49 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+allow_mixing
+left to right direction
+
+
+package CryptoProvider
+{
+ class handler
+ class generate_key_handler
+ class import_key_handler
+ class sign_hash_handler
+ generate_key_handler --|> handler
+ import_key_handler --|> handler
+ sign_hash_handler --|> handler
+}
+package CryptoSerializer
+{
+ class crypto_serializer
+ class protobuf_crypto_serializer
+ class packed_c_crypto_serializer
+ protobuf_crypto_serializer --|> crypto_serializer
+ packed_c_crypto_serializer --|> crypto_serializer
+}
+package MbedCrypto
+{
+ class libmbedcrypto
+}
+package SecureStorage
+{
+ class its_client
+}
+package EntropySource
+{
+ class hw_entropy_source
+}
+
+CryptoProvider ..> CryptoSerializer
+CryptoProvider ..> MbedCrypto
+MbedCrypto ..> SecureStorage
+MbedCrypto ..> EntropySource
+
+@enduml
diff --git a/docs/services/uml/InternalTrustedDeploymentDiagram.puml b/docs/services/uml/InternalTrustedDeploymentDiagram.puml
new file mode 100644
index 0000000..ccc2475
--- /dev/null
+++ b/docs/services/uml/InternalTrustedDeploymentDiagram.puml
@@ -0,0 +1,20 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+
+node crypto_sp {
+ [its_frontend] -> [secure_storage_client]
+}
+
+node internal_trusted_store_sp {
+ [secure_storage_provider] -> [secure_flash_store]
+}
+
+[secure_storage_client] -> [secure_storage_provider]
+
+@enduml
diff --git a/docs/services/uml/ProtectedProxyDeploymentDiagram.puml b/docs/services/uml/ProtectedProxyDeploymentDiagram.puml
new file mode 100644
index 0000000..1ce52ed
--- /dev/null
+++ b/docs/services/uml/ProtectedProxyDeploymentDiagram.puml
@@ -0,0 +1,25 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+
+node crypto_sp {
+ [its_frontend:0] -> [secure_storage_client:0]
+}
+
+node protected_store_sp {
+ [secure_storage_provider:1] -> [secure_storage_client:1]
+}
+
+node sel1_sp {
+ [secure_storage_provider:2] -> [optee_store:2]
+}
+
+[secure_storage_client:0] -> [secure_storage_provider:1]
+[secure_storage_client:1] -> [secure_storage_provider:2]
+
+@enduml
diff --git a/docs/services/uml/SecureStorageClassDiagram.puml b/docs/services/uml/SecureStorageClassDiagram.puml
new file mode 100644
index 0000000..8e6909c
--- /dev/null
+++ b/docs/services/uml/SecureStorageClassDiagram.puml
@@ -0,0 +1,28 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+
+interface storage_backend
+{
+ +{abstract} set()
+ +{abstract} get()
+ +{abstract} get_info()
+ +{abstract} remove()
+ +{abstract} create()
+ +{abstract} set_extended()
+}
+
+secure_flash_store -u--|> storage_backend
+secure_storage_client -u--|> storage_backend
+null_store -u--|> storage_backend
+
+secure_storage_provider -d--> storage_backend
+its_frontend -d--> storage_backend
+ps_frontend -d--> storage_backend
+
+@enduml
diff --git a/docs/services/uml/SmmGatewayOverview.puml b/docs/services/uml/SmmGatewayOverview.puml
new file mode 100644
index 0000000..f53d2a4
--- /dev/null
+++ b/docs/services/uml/SmmGatewayOverview.puml
@@ -0,0 +1,14 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+
+[u-boot efi services] -down- [smm gateway]
+[smm gateway] -down- [secure storage service]
+[smm gateway] -down- [crypto service]
+
+@enduml