Blame - components/service/attestation/include/provision/attest_provision.h - TS/trusted-services

blob: ffde1563f1bbe89e872a86649529f2a6eb1b1ece [file] [log] [blame]

Julian Hall	482fd2f	2021-05-17 16:34:48 +0100	[diff] [blame]	1	/*
Gabor Toth	99e4ec5	2023-07-18 08:24:20 +0200	[diff] [blame^]	2	* Copyright (c) 2021-2023, Arm Limited. All rights reserved.
Julian Hall	482fd2f	2021-05-17 16:34:48 +0100	[diff] [blame]	3	*
				4	* SPDX-License-Identifier: BSD-3-Clause
				5	*
				6	*/
				7
Gabor Toth	99e4ec5	2023-07-18 08:24:20 +0200	[diff] [blame^]	8	#include <psa/error.h>
Julian Hall	482fd2f	2021-05-17 16:34:48 +0100	[diff] [blame]	9	#include <stddef.h>
				10	#include <stdint.h>
Julian Hall	482fd2f	2021-05-17 16:34:48 +0100	[diff] [blame]	11
				12	#ifndef ATTEST_PROVISION_H
				13	#define ATTEST_PROVISION_H
				14
				15	/**
				16	* A provisioning client API for perfoming one-off provisioning
				17	* operations related to the attestation service. This API will typically
				18	* be used by a special factory application during device manufacture.
				19	*/
				20
				21	#ifdef __cplusplus
				22	extern "C" {
				23	#endif
				24
Gabor Toth	99e4ec5	2023-07-18 08:24:20 +0200	[diff] [blame^]	25	#ifdef EXPORT_PUBLIC_INTERFACE_PSA_ATTEST
				26	#define PSA_ATTEST_EXPORTED __attribute__((__visibility__("default")))
				27	#else
				28	#define PSA_ATTEST_EXPORTED
				29	#endif
				30
Julian Hall	482fd2f	2021-05-17 16:34:48 +0100	[diff] [blame]	31	/**
				32	* \brief Export IAK public key
				33	*
				34	* Used to retrieve the IAK public key that corresponds to the key-pair
				35	* that was generated or provisioned for the device. The public key
				36	* may be used by a remote verifier as an identifier for the device.
				37	*
				38	* \param[out] data Buffer where the key data is to be written.
				39	* \param data_size Size of the \p data buffer in bytes.
				40	* \param[out] data_length On success, the number of bytes
				41	* that make up the key data.
				42	*
				43	* \return Returns error code as specified in \ref psa_status_t
				44	*/
Gabor Toth	99e4ec5	2023-07-18 08:24:20 +0200	[diff] [blame^]	45	PSA_ATTEST_EXPORTED psa_status_t attest_provision_export_iak_public_key(uint8_t *data,
				46	size_t data_size,
				47	size_t *data_length);
Julian Hall	482fd2f	2021-05-17 16:34:48 +0100	[diff] [blame]	48
				49	/**
				50	* \brief Import IAK
				51	*
				52	* Used during device manufacture to provision the IAK. Two IAK
				53	* provisioning strategies are supported 1) Externally generated
				54	* key-pair that is provisioned using this interface. 2) Self
				55	* generated where the IAK is generated by the device autonomously.
				56	* If a key is to be imported, the operation must be performed before
				57	* any other operation related to the attestation service. This
				58	* operation may only be performed once for a device. An attempt
				59	* to repeat the operation will be rejected.
				60	*
				61	* \param[in] data Buffer containing the key data.
				62	* \param[in] data_length Size of the \p data buffer in bytes.
				63	*
				64	* \return Returns error code as specified in \ref psa_status_t
				65	*/
Gabor Toth	99e4ec5	2023-07-18 08:24:20 +0200	[diff] [blame^]	66	PSA_ATTEST_EXPORTED psa_status_t attest_provision_import_iak(const uint8_t *data,
				67	size_t data_length);
Julian Hall	482fd2f	2021-05-17 16:34:48 +0100	[diff] [blame]	68
Julian Hall	caa4af8	2021-05-19 12:02:36 +0100	[diff] [blame]	69	/**
				70	* \brief Check if IAK exists
				71	*
				72	* Checks the provisioned state of a device.
				73	*
				74	* \return Returns PSA_SUCCESS if IAK exists, PSA_ERROR_DOES_NOT_EXIST if not
				75	*/
Gabor Toth	99e4ec5	2023-07-18 08:24:20 +0200	[diff] [blame^]	76	PSA_ATTEST_EXPORTED psa_status_t attest_provision_iak_exists(void);
Julian Hall	482fd2f	2021-05-17 16:34:48 +0100	[diff] [blame]	77
				78	#ifdef __cplusplus
				79	}
				80	#endif
				81
				82	#endif /* ATTEST_PROVISION_H */