components/service/attestation/provider/attest_provider.c

/*
 * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
#include <stdlib.h>
#include <string.h>
#include <protocols/service/attestation/packed-c/opcodes.h>
#include <protocols/rpc/common/packed-c/status.h>
#include <service/attestation/key_mngr/attest_key_mngr.h>
#include <service/attestation/reporter/attest_report.h>
#include <psa/initial_attestation.h>
#include "attest_provider.h"

/* Service request handlers */
static rpc_status_t get_token_handler(void *context, struct call_req* req);
static rpc_status_t get_token_size_handler(void *context, struct call_req* req);

/* Handler mapping table for service */
static const struct service_handler handler_table[] = {
    {TS_ATTESTATION_OPCODE_GET_TOKEN,          get_token_handler},
    {TS_ATTESTATION_OPCODE_GET_TOKEN_SIZE,     get_token_size_handler}
};

struct rpc_interface *attest_provider_init(struct attest_provider *context, psa_key_id_t iak_id)
{
    struct rpc_interface *rpc_interface = NULL;

    if (context) {

        for (size_t encoding = 0; encoding < TS_RPC_ENCODING_LIMIT; ++encoding)
            context->serializers[encoding] = NULL;

        service_provider_init(&context->base_provider, context,
                    handler_table, sizeof(handler_table)/sizeof(struct service_handler));

        attest_key_mngr_init(iak_id);

        rpc_interface = service_provider_get_rpc_interface(&context->base_provider);
    }

    return rpc_interface;
}

void attest_provider_deinit(struct attest_provider *context)
{
    (void)context;
    attest_key_mngr_deinit();
}

void attest_provider_register_serializer(struct attest_provider *context,
                unsigned int encoding, const struct attest_provider_serializer *serializer)
{
    if (encoding < TS_RPC_ENCODING_LIMIT)
        context->serializers[encoding] = serializer;
}

static const struct attest_provider_serializer *get_attest_serializer(
                struct attest_provider *context, const struct call_req *req)
{
    const struct attest_provider_serializer *serializer = NULL;
    unsigned int encoding = call_req_get_encoding(req);

    if (encoding < TS_RPC_ENCODING_LIMIT) serializer = context->serializers[encoding];

    return serializer;
}

static rpc_status_t get_token_handler(void *context, struct call_req* req)
{
    struct attest_provider *this_instance = (struct attest_provider*)context;
    rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;

    uint8_t challenge[PSA_INITIAL_ATTEST_CHALLENGE_SIZE_64];
    size_t challenge_len = sizeof(challenge);

    struct call_param_buf *req_buf = call_req_get_req_buf(req);
    const struct attest_provider_serializer *serializer = get_attest_serializer(this_instance, req);

    if (serializer)
        rpc_status = serializer->deserialize_get_token_req(req_buf, challenge, &challenge_len);

    if (rpc_status == TS_RPC_CALL_ACCEPTED) {

        psa_key_handle_t iak_handle;
        int opstatus = attest_key_mngr_get_iak_handle(&iak_handle);

        if (opstatus == PSA_SUCCESS) {

            const uint8_t *token = NULL;
            size_t token_size = 0;

            opstatus = attest_report_create(iak_handle,
                (int32_t)call_req_get_caller_id(req),
                challenge, challenge_len,
                &token, &token_size);

            if (opstatus == PSA_SUCCESS) {

                struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
                rpc_status = serializer->serialize_get_token_resp(resp_buf, token, token_size);
            }

            attest_report_destroy(token);
        }

        call_req_set_opstatus(req, opstatus);
    }

    return rpc_status;
}

static rpc_status_t get_token_size_handler(void *context, struct call_req* req)
{
    struct attest_provider *this_instance = (struct attest_provider*)context;
    rpc_status_t rpc_status = TS_RPC_ERROR_SERIALIZATION_NOT_SUPPORTED;

    uint8_t challenge[PSA_INITIAL_ATTEST_CHALLENGE_SIZE_64];
    size_t challenge_len = sizeof(challenge);

    struct call_param_buf *req_buf = call_req_get_req_buf(req);
    const struct attest_provider_serializer *serializer = get_attest_serializer(this_instance, req);

    memset(challenge, 0, sizeof(challenge));

    if (serializer)
        rpc_status = serializer->deserialize_get_token_size_req(req_buf, &challenge_len);

    if (rpc_status == TS_RPC_CALL_ACCEPTED) {

        psa_key_handle_t iak_handle;
        int opstatus = attest_key_mngr_get_iak_handle(&iak_handle);

        if (opstatus == PSA_SUCCESS) {

            const uint8_t *token = NULL;
            size_t token_size = 0;

            opstatus = attest_report_create(iak_handle,
                (int32_t)call_req_get_caller_id(req),
                challenge, challenge_len,
                &token, &token_size);

            if (opstatus == PSA_SUCCESS) {

                struct call_param_buf *resp_buf = call_req_get_resp_buf(req);
                rpc_status = serializer->serialize_get_token_size_resp(resp_buf, token_size);
            }

            attest_report_destroy(token);
        }

        call_req_set_opstatus(req, opstatus);
    }

    return rpc_status;
}