Attest: Rename claims according to latest spec version
Latest spec:
https://www.ietf.org/archive/id/draft-tschofenig-rats-psa-token-09.html
Rename the following claims and related code (functions and variables, etc):
- UEID -> Instance ID
- Origination -> Verification Service Indicator
- Hardware Version -> Certification Reference
- Challenge -> Nonce
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I4342d18893f81f4cd9163fca5e9ea9a08f1b8b6e
diff --git a/platform/ext/common/provisioning.c b/platform/ext/common/provisioning.c
index 0232e88..11ff800 100644
--- a/platform/ext/common/provisioning.c
+++ b/platform/ext/common/provisioning.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -32,7 +32,7 @@
uint8_t boot_seed[32];
uint8_t implementation_id[32];
- uint8_t hw_version[32];
+ uint8_t cert_ref[32];
uint8_t verification_service_url[32];
uint8_t profile_definition[32];
@@ -85,8 +85,8 @@
0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
},
- /* hw version */
- "0604565272829100",
+ /* certification reference */
+ "0604565272829",
/* verification_service_url */
"www.trustedfirmware.org",
/* attestation_profile_definition */
@@ -204,9 +204,9 @@
if (err != TFM_PLAT_ERR_SUCCESS) {
return err;
}
- err = tfm_plat_otp_write(PLAT_OTP_ID_HW_VERSION,
- sizeof(psa_rot_prov_data.hw_version),
- psa_rot_prov_data.hw_version);
+ err = tfm_plat_otp_write(PLAT_OTP_ID_CERT_REF,
+ sizeof(psa_rot_prov_data.cert_ref),
+ psa_rot_prov_data.cert_ref);
if (err != TFM_PLAT_ERR_SUCCESS) {
return err;
}
diff --git a/platform/ext/common/template/attest_hal.c b/platform/ext/common/template/attest_hal.c
index d66de03..4f6ad02 100644
--- a/platform/ext/common/template/attest_hal.c
+++ b/platform/ext/common/template/attest_hal.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -117,17 +117,17 @@
return TFM_PLAT_ERR_SUCCESS;
}
-enum tfm_plat_err_t tfm_plat_get_hw_version(uint32_t *size, uint8_t *buf)
+enum tfm_plat_err_t tfm_plat_get_cert_ref(uint32_t *size, uint8_t *buf)
{
enum tfm_plat_err_t err;
size_t otp_size;
- err = tfm_plat_otp_read(PLAT_OTP_ID_HW_VERSION, *size, buf);
+ err = tfm_plat_otp_read(PLAT_OTP_ID_CERT_REF, *size, buf);
if(err != TFM_PLAT_ERR_SUCCESS) {
return err;
}
- err = tfm_plat_otp_get_size(PLAT_OTP_ID_HW_VERSION, &otp_size);
+ err = tfm_plat_otp_get_size(PLAT_OTP_ID_CERT_REF, &otp_size);
if(err != TFM_PLAT_ERR_SUCCESS) {
return err;
}
diff --git a/platform/ext/common/template/flash_otp_nv_counters_backend.h b/platform/ext/common/template/flash_otp_nv_counters_backend.h
index 14d156f..5a74233 100644
--- a/platform/ext/common/template/flash_otp_nv_counters_backend.h
+++ b/platform/ext/common/template/flash_otp_nv_counters_backend.h
@@ -33,7 +33,7 @@
uint8_t boot_seed[32];
uint8_t lcs[4];
uint8_t implementation_id[32];
- uint8_t hw_version[32];
+ uint8_t cert_ref[32];
uint8_t verification_service_url[32];
uint8_t profile_definition[32];
diff --git a/platform/ext/common/template/otp_flash.c b/platform/ext/common/template/otp_flash.c
index 4b834d6..341c711 100644
--- a/platform/ext/common/template/otp_flash.c
+++ b/platform/ext/common/template/otp_flash.c
@@ -67,8 +67,8 @@
return write_to_output(id, offsetof(struct flash_otp_nv_counters_region_t, lcs), out_len, out);
case PLAT_OTP_ID_IMPLEMENTATION_ID:
return write_to_output(id, offsetof(struct flash_otp_nv_counters_region_t, implementation_id), out_len, out);
- case PLAT_OTP_ID_HW_VERSION:
- return write_to_output(id, offsetof(struct flash_otp_nv_counters_region_t, hw_version), out_len, out);
+ case PLAT_OTP_ID_CERT_REF:
+ return write_to_output(id, offsetof(struct flash_otp_nv_counters_region_t, cert_ref), out_len, out);
case PLAT_OTP_ID_VERIFICATION_SERVICE_URL:
return write_to_output(id, offsetof(struct flash_otp_nv_counters_region_t, verification_service_url), out_len, out);
case PLAT_OTP_ID_PROFILE_DEFINITION:
@@ -188,8 +188,8 @@
return read_from_input(id, offsetof(struct flash_otp_nv_counters_region_t, lcs), in_len, in);
case PLAT_OTP_ID_IMPLEMENTATION_ID:
return read_from_input(id, offsetof(struct flash_otp_nv_counters_region_t, implementation_id), in_len, in);
- case PLAT_OTP_ID_HW_VERSION:
- return read_from_input(id, offsetof(struct flash_otp_nv_counters_region_t, hw_version), in_len, in);
+ case PLAT_OTP_ID_CERT_REF:
+ return read_from_input(id, offsetof(struct flash_otp_nv_counters_region_t, cert_ref), in_len, in);
case PLAT_OTP_ID_VERIFICATION_SERVICE_URL:
return read_from_input(id, offsetof(struct flash_otp_nv_counters_region_t, verification_service_url), in_len, in);
case PLAT_OTP_ID_PROFILE_DEFINITION:
@@ -286,8 +286,8 @@
case PLAT_OTP_ID_IMPLEMENTATION_ID:
*size = sizeof(((struct flash_otp_nv_counters_region_t*)0)->implementation_id);
break;
- case PLAT_OTP_ID_HW_VERSION:
- *size = sizeof(((struct flash_otp_nv_counters_region_t*)0)->hw_version);
+ case PLAT_OTP_ID_CERT_REF:
+ *size = sizeof(((struct flash_otp_nv_counters_region_t*)0)->cert_ref);
break;
case PLAT_OTP_ID_VERIFICATION_SERVICE_URL:
*size = sizeof(((struct flash_otp_nv_counters_region_t*)0)->verification_service_url);