ADAC: Authenticated Debug Access Control
The commit adds the impelementation of ADAC protocol towards the
target side.
Following components are part of the commit:-
Core : ADAC protocol core
SDA : Secure Debug Agent
The commit also demonstrates the porting of a platform from
trusted-firmware-m. Corstone1000 platform is used for the purpose.
Change-Id: I50b93f9e48789cf5927736b4d1cb35b9a47c38db
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
diff --git a/target/trusted-firmware-m/CMakeLists.txt b/target/trusted-firmware-m/CMakeLists.txt
new file mode 100644
index 0000000..4ea1c38
--- /dev/null
+++ b/target/trusted-firmware-m/CMakeLists.txt
@@ -0,0 +1,20 @@
+#
+# Copyright (c) 2021 Arm Limited. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+target_include_directories(${PROJECT_NAME}
+ PRIVATE
+ ${PSA_ADAC_MBEDTLS_INCLUDE}
+)
+
+set(MBEDTLS_CONFIG_FILE "${CMAKE_CURRENT_SOURCE_DIR}/authenticator-crypto-config.h")
+
+add_compile_options($<$<COMPILE_LANGUAGE:C>:-DMBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}">)
+
+target_compile_definitions(${PROJECT_NAME}
+ PUBLIC
+ TRUSTED_FIRMWARE_M_PSA_ADAC
+)
+
+add_subdirectory(${TFM_PLATFORM_PATH})
diff --git a/target/trusted-firmware-m/authenticator-crypto-config.h b/target/trusted-firmware-m/authenticator-crypto-config.h
new file mode 100644
index 0000000..ab2f1c6
--- /dev/null
+++ b/target/trusted-firmware-m/authenticator-crypto-config.h
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+
+#ifndef AUTHENTICATOR_CRYPTO_CONFIG_H
+#define AUTHENTICATOR_CRYPTO_CONFIG_H
+
+#include <psa_adac_config.h>
+
+#define MBEDTLS_PSA_CRYPTO_C
+
+/* System support */
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+#define MBEDTLS_ENTROPY_HARDWARE_ALT
+#define MBEDTLS_HAVE_ASM
+
+#define MBEDTLS_PLATFORM_EXIT_ALT
+#define MBEDTLS_PLATFORM_PRINTF_ALT
+
+#if defined(PSA_ADAC_RSA3072) || defined(PSA_ADAC_RSA4096)
+#define MBEDTLS_RSA_C
+#define MBEDTLS_PKCS1_V21
+#define MBEDTLS_OID_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_C
+
+/* Support RSA key sizes up to 4096 bit */
+#define MBEDTLS_MPI_MAX_SIZE 512
+#endif
+
+/* PSA ADAC */
+#if defined(PSA_ADAC_EC_P256) || defined(PSA_ADAC_EC_P521)
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#ifndef MBEDTLS_BIGNUM_C
+#define MBEDTLS_BIGNUM_C
+#endif
+#ifndef MBEDTLS_PK_C
+#define MBEDTLS_PK_C
+#endif
+#if defined(PSA_ADAC_EC_P256)
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#endif
+#if defined(PSA_ADAC_EC_P521)
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#endif
+#endif
+
+/* Needed by PSA Crypto API Implementation */
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_AES_C
+#define MBEDTLS_AES_ROM_TABLES
+#define MBEDTLS_AES_FEWER_TABLES
+
+#define MBEDTLS_MD_C
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA256_SMALLER
+#if defined(PSA_ADAC_EC_P521) || defined(PSA_ADAC_ED25519)
+#define MBEDTLS_SHA512_C
+#define MBEDTLS_SHA512_SMALLER
+#else
+#define MBEDTLS_ENTROPY_FORCE_SHA256
+#endif
+
+#ifdef PSA_ADAC_USE_CRYPTOCELL
+#define MBEDTLS_AES_ALT
+#define MBEDTLS_SHA256_ALT
+#define MBEDTLS_ENTROPY_HARDWARE_ALT
+#else
+#define MBEDTLS_CIPHER_C
+#endif
+
+#ifdef PSA_ADAC_CMAC
+#define MBEDTLS_CMAC_C
+#ifndef MBEDTLS_CIPHER_C
+#define MBEDTLS_CIPHER_C
+#endif
+#endif
+
+#ifdef PSA_ADAC_HMAC
+#define MBEDTLS_HKDF_C
+#endif
+
+#include "mbedtls/check_config.h"
+
+#endif /* AUTHENTICATOR_CRYPTO_CONFIG_H */
diff --git a/target/trusted-firmware-m/config.cmake b/target/trusted-firmware-m/config.cmake
new file mode 100644
index 0000000..5d6de1b
--- /dev/null
+++ b/target/trusted-firmware-m/config.cmake
@@ -0,0 +1,18 @@
+#
+# Copyright (c) 2021 Arm Limited. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause
+#
+if (NOT DEFINED TFM_PLATFORM)
+ Message(FATAL_ERROR "TFM_PLATFORM not defined.")
+endif()
+
+get_filename_component(TFM_PLATFORM_PATH ${CMAKE_CURRENT_SOURCE_DIR}/target/trusted-firmware-m/platform/${TFM_PLATFORM} ABSOLUTE)
+
+if (NOT EXISTS ${TFM_PLATFORM_PATH})
+ Message(FATAL_ERROR "Platform ${TFM_PLATFORM} not supported.")
+endif()
+
+include(${TFM_PLATFORM_PATH}/config.cmake)
+
+set(PSA_ADAC_QUIET OFF CACHE BOOL "The image will be built to run on QEMU")
+set(PSA_ADAC_DEBUG ON CACHE BOOL "Enable debug")
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/CMakeLists.txt b/target/trusted-firmware-m/platform/arm/corstone1000/CMakeLists.txt
new file mode 100644
index 0000000..6dc8d86
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/CMakeLists.txt
@@ -0,0 +1,27 @@
+#
+# Copyright (c) 2021 Arm Limited. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+target_sources(${PROJECT_NAME}
+ PRIVATE
+ ${CMAKE_CURRENT_SOURCE_DIR}/corstone1000.c
+ ${CMAKE_CURRENT_SOURCE_DIR}/demo-discovery.c
+ ${PSA_ADAC_ROOT}/transport_layer/transports/static_buffer_msg.c
+ ${PSA_ADAC_ROOT}/transport_layer/transports/sdc-600/sdc-600.c
+ ${PSA_ADAC_ROOT}/transport_layer/transports/sdc-600/int_com_port_driver.c
+)
+
+target_include_directories(${PROJECT_NAME}
+ PUBLIC
+ ${CMAKE_CURRENT_SOURCE_DIR}/include
+ PRIVATE
+ ${CMAKE_CURRENT_SOURCE_DIR}
+ ${PSA_ADAC_MBEDTLS_INCLUDE}
+ ${PSA_ADAC_ROOT}/transport_layer/transports
+)
+
+install(FILES
+ ${CMAKE_CURRENT_SOURCE_DIR}/include/psa_adac_platform.h
+ DESTINATION ${PSA_ADAC_INSTALL_PATH}/include
+)
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/config.cmake b/target/trusted-firmware-m/platform/arm/corstone1000/config.cmake
new file mode 100644
index 0000000..c4185c7
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/config.cmake
@@ -0,0 +1,14 @@
+#
+# Copyright (c) 2021 Arm Limited. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+set(ARM_SYSTEM_PROCESSOR cortex-m0plus)
+set(ARM_SYSTEM_ARCHITECTURE armv6-m)
+set(ARM_SYSTEM_FP OFF)
+
+set(PSA_ADAC_EC_P256 ON CACHE BOOL "Enable support for ECDSA P-256")
+set(PSA_ADAC_EC_P521 OFF CACHE BOOL "Enable support for ECDSA P-521")
+set(PSA_ADAC_HW_CRYPTO ON CACHE BOOL "Support for hardware cryptography")
+
+set(PSA_ADAC_USE_CRYPTOCELL On)
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/corstone1000.c b/target/trusted-firmware-m/platform/arm/corstone1000/corstone1000.c
new file mode 100644
index 0000000..c0f5277
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/corstone1000.c
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) 2020 Arm Limited. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <psa_adac_config.h>
+#include <psa_adac_debug.h>
+#include <psa_adac_sda.h>
+#include <platform/platform.h>
+#include <platform/msg_interface.h>
+
+#include "demo-anchors.h"
+
+#include <string.h>
+
+void psa_adac_platform_init() {
+}
+
+extern uint8_t discovery_template[];
+extern size_t discovery_template_len;
+
+size_t psa_adac_platform_discovery(uint8_t *reply, size_t reply_size) {
+ if (reply_size >= discovery_template_len) {
+ memcpy(reply, discovery_template, discovery_template_len);
+ return discovery_template_len;
+ }
+ return 0;
+}
+
+void psa_adac_platform_lock() {
+ // TODO: Code me
+}
+
+int psa_adac_platform_check_token(uint8_t *token, size_t token_size) {
+ // TODO: Code me
+ return 0;
+}
+
+int psa_adac_platform_check_certificate(uint8_t *crt, size_t crt_size) {
+ // TODO: Code me
+ return 0;
+}
+
+int psa_adac_apply_permissions(uint8_t permissions_mask[16])
+{
+ PSA_ADAC_LOG_INFO("platform", "\r\n");
+
+ int ret = psa_adac_to_tfm_apply_permissions(permissions_mask);
+ if (ret) {
+ PSA_ADAC_LOG_INFO("platform", "psa_adac_to_tfm_apply_permissions failed\n\r");
+ return ret;
+ }
+
+ PSA_ADAC_LOG_INFO("platform",
+ "\n\rPlatform unlcoked for the secure debug %s\n");
+ return ret;
+}
+
+uint8_t buffer[512];
+uint8_t messages[512];
+
+int tfm_to_psa_adac_corstone1000_secure_debug(uint8_t *secure_debug_roptpk, uint32_t len)
+{
+ authentication_context_t auth_ctx;
+ int ret = -1;
+
+ if (psa_adac_detect_debug_request()) {
+ PSA_ADAC_LOG_INFO("main", "%s:%d Connection establised\r\n", __func__, __LINE__);
+
+ msg_interface_init(NULL, messages, sizeof(messages));
+
+ psa_adac_init();
+ psa_adac_acknowledge_debug_request();
+
+ rotpk_anchors[0] = secure_debug_roptpk;
+ rotpk_anchors_size[0] = len;
+ authentication_context_init(&auth_ctx, buffer, sizeof(buffer), ROTPK_ANCHOR_ALG,
+ rotpk_anchors, rotpk_anchors_size, rotpk_anchors_type,
+ rotpk_anchors_length);
+#ifndef PSA_ADAC_QUIET
+ PSA_ADAC_LOG_INFO("main", "Starting authentication.\r\n");
+#endif
+ authentication_handle(&auth_ctx);
+
+ PSA_ADAC_LOG_INFO("main", "\r\n\r\n\r\nAuthentication is a %s\r\r\r\n\n\n",
+ auth_ctx.state == AUTH_SUCCESS ? "success" : "failure");
+
+ if (auth_ctx.state == AUTH_SUCCESS) {
+ ret = 0;
+ }
+
+ msg_interface_free(NULL);
+ } else {
+ PSA_ADAC_LOG_INFO("main", "%s:%d No secure debug connection.\r\n", __func__, __LINE__);
+ }
+
+ return ret;
+}
+
+void platform_init() {
+}
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/demo-anchors.h b/target/trusted-firmware-m/platform/arm/corstone1000/demo-anchors.h
new file mode 100644
index 0000000..8a31faf
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/demo-anchors.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2020 Arm Limited. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <psa_adac_config.h>
+
+#define ROTPK_ANCHOR_ALG PSA_ALG_SHA_256
+
+static uint8_t *rotpk_anchors[1];
+
+static size_t rotpk_anchors_size[1];
+
+static uint8_t rotpk_anchors_type[] = {
+ ECDSA_P256_SHA256,
+};
+
+static size_t rotpk_anchors_length = sizeof(rotpk_anchors) / sizeof(uint8_t *);
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/demo-discovery.c b/target/trusted-firmware-m/platform/arm/corstone1000/demo-discovery.c
new file mode 100644
index 0000000..d2680c3
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/demo-discovery.c
@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) 2020 Arm Limited. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include "psa_adac.h"
+#include "psa_adac_config.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+#ifdef PSA_ADAC_EC_P256
+#define EC_P256_CNT 1
+#define EC_P256_VAL ECDSA_P256_SHA256,
+#else
+#define EC_P256_CNT 0
+#define EC_P256_VAL
+#endif
+
+#ifdef PSA_ADAC_EC_P521
+#define EC_P521_CNT 1
+#define EC_P521_VAL ECDSA_P521_SHA512,
+#else
+#define EC_P521_CNT 0
+#define EC_P521_VAL
+#endif
+
+#ifdef PSA_ADAC_RSA3072
+#define RSA3072_CNT 1
+#define RSA3072_VAL RSA_3072_SHA256,
+#else
+#define RSA3072_CNT 0
+#define RSA3072_VAL
+#endif
+
+
+#ifdef PSA_ADAC_RSA4096
+#define RSA4096_CNT 1
+#define RSA4096_VAL RSA_4096_SHA256,
+#else
+#define RSA4096_CNT 0
+#define RSA4096_VAL
+#endif
+
+#ifdef PSA_ADAC_ED25519
+#define ED25519_CNT 1
+#define ED25519_VAL ED_25519_SHA512,
+#else
+#define ED25519_CNT 0
+#define ED25519_VAL
+#endif
+
+#ifdef PSA_ADAC_ED448
+#define ED448_CNT 1
+#define ED448_VAL ED_448_SHAKE256,
+#else
+#define ED448_CNT 0
+#define ED448_VAL
+#endif
+
+#ifdef PSA_ADAC_SM2SM3
+#define SM2SM3_CNT 1
+#define SM2SM3_VAL SM_SM2_SM3,
+#else
+#define SM2SM3_CNT 0
+#define SM2SM3_VAL
+#endif
+
+#ifdef PSA_ADAC_HMAC
+#define HMAC_CNT 1
+#define HMAC_VAL CMAC_AES,
+#else
+#define HMAC_CNT 0
+#define HMAC_VAL
+#endif
+
+#ifdef PSA_ADAC_CMAC
+#define CMAC_CNT 1
+#define CMAC_VAL HMAC_SHA256,
+#else
+#define CMAC_CNT 0
+#define CMAC_VAL
+#endif
+
+#define CRYPTO_CNT EC_P256_CNT + EC_P521_CNT + RSA3072_CNT + RSA4096_CNT + \
+ ED25519_CNT + ED448_CNT + SM2SM3_CNT + HMAC_CNT + CMAC_CNT
+#define CRYPTO_VALS EC_P256_VAL EC_P521_VAL RSA3072_VAL RSA4096_VAL \
+ ED25519_VAL ED448_VAL SM2SM3_VAL HMAC_VAL CMAC_VAL
+
+uint8_t discovery_template[] = {
+ // @+00 (12 bytes) psa_auth_version: 1.0
+ 0x00, 0x00, 0x01, 0x00, 0x02, 0x00, 0x00, 0x00,
+ 0x01, 0x00, 0x00, 0x00,
+ // @+12 (12 bytes) vendor_id: {0x04, 0x3B} => 0x023B ("ARM Ltd.")
+ 0x00, 0x00, 0x02, 0x00, 0x02, 0x00, 0x00, 0x00,
+ 0x04, 0x3B, 0x00, 0x00,
+ // @+24 (12 bytes) soc_class: [0x00, 0x00, 0x00, 0x00]
+ 0x00, 0x00, 0x03, 0x00, 0x04, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ // @+36 (24 bytes) soc_id: [0x00] * 16
+ 0x00, 0x00, 0x04, 0x00, 0x10, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ // @+60 (12 bytes) psa_lifecycle: PSA_LIFECYCLE_SECURED
+ 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, 0x00, 0x00,
+ 0x00, 0x30, 0x00, 0x00,
+ // @+72 (12 bytes) token_formats: [{0x00, 0x02} (token_psa_debug)]
+ 0x00, 0x00, 0x00, 0x01, 0x02, 0x00, 0x00, 0x00,
+ 0x00, 0x02, 0x00, 0x00,
+ // @+84 (12 bytes) cert_formats: [{0x01, 0x02} (cert_psa_debug)]
+ 0x00, 0x00, 0x01, 0x01, 0x02, 0x00, 0x00, 0x00,
+ 0x01, 0x02, 0x00, 0x00,
+ // @+96 (8 + X bytes) cryptosystems: [...]
+ 0x00, 0x00, 0x02, 0x01, CRYPTO_CNT, 0x00, 0x00, 0x00,
+ CRYPTO_VALS
+};
+
+size_t discovery_template_len = sizeof(discovery_template);
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/include/platform/msg_interface.h b/target/trusted-firmware-m/platform/arm/corstone1000/include/platform/msg_interface.h
new file mode 100644
index 0000000..4713985
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/include/platform/msg_interface.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2020 Arm Limited. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PSA_ADAC_MSG_INTERFACE_H
+#define PSA_ADAC_MSG_INTERFACE_H
+
+#include <psa_adac.h>
+#include <platform/platform.h>
+#include <stddef.h>
+
+#if defined(PSA_ADAC_AUTHENTICATOR_IMPLICIT_TRANSPORT)
+
+int msg_interface_init(void *ctx, uint8_t buffer[], size_t size);
+int msg_interface_free(void *ctx);
+
+request_packet_t *request_packet_lock(size_t *max_data_size);
+response_packet_t *response_packet_lock(size_t *max_data_size);
+int response_packet_release(response_packet_t *packet);
+int request_packet_release(request_packet_t *packet);
+
+request_packet_t *request_packet_receive();
+response_packet_t *response_packet_build(uint16_t status, uint8_t *data, size_t data_size);
+int response_packet_send(response_packet_t *packet);
+
+#else
+
+#error "Explicit Transport API Currently not defined"
+
+/* This is a very early draft */
+
+typedef int (*msg_interface_init_t)(void *ctx, uint8_t buffer[], size_t size);
+typedef int (*msg_interface_free_t)(void *ctx);
+
+/* Target */
+typedef request_packet_t *(*request_packet_receive_t)(void *ctx);
+typedef int (*request_packet_release_t)(void *ctx, request_packet_t * packet);
+typedef response_packet_t *(*response_packet_lock_t)(void *ctx, size_t *max_data_size);
+typedef response_packet_t *(*response_packet_build_t)(void *ctx, uint16_t status, uint8_t *data, size_t data_size);
+typedef int (*response_packet_send_t)(void *ctx, response_packet_t *packet);
+
+typedef struct {
+ msg_interface_init_t msg_interface_init;
+ msg_interface_free_t msg_interface_free;
+ request_packet_receive_t request_packet_receive;
+ request_packet_release_t request_packet_release;
+ response_packet_lock_t response_packet_lock;
+ response_packet_build_t response_packet_build;
+ response_packet_send_t response_packet_send;
+ response_packet_release_t response_packet_release;
+} target_msg_interface_t;
+#endif
+
+#endif //PSA_ADAC_MSG_INTERFACE_H
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/include/platform/platform.h b/target/trusted-firmware-m/platform/arm/corstone1000/include/platform/platform.h
new file mode 100644
index 0000000..6e072af
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/include/platform/platform.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2020 Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PSA_ADAC_PLATFORM_H
+#define PSA_ADAC_PLATFORM_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+#ifdef PSA_ADAC_PLATFORM_CONFIG_FILE
+#include PSA_ADAC_PLATFORM_CONFIG_FILE
+#else
+#include <psa_adac_platform.h>
+#endif
+
+#ifndef PSA_ADAC_PLATFORM_BANNER
+#define PSA_ADAC_PLATFORM_BANNER "PSA ADAC "
+#endif
+
+void platform_init();
+
+void psa_adac_platform_lock();
+void psa_adac_platform_init();
+int psa_adac_detect_debug_request();
+void psa_adac_acknowledge_debug_request();
+
+size_t psa_adac_platform_discovery(uint8_t *reply, size_t reply_size);
+
+int psa_adac_platform_check_token(uint8_t *token, size_t token_size);
+int psa_adac_platform_check_certificate(uint8_t *crt, size_t crt_size);
+int psa_adac_apply_permissions(uint8_t permissions_mask[16]);
+
+#endif //PSA_ADAC_PLATFORM_H
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/include/psa_adac_platform.h b/target/trusted-firmware-m/platform/arm/corstone1000/include/psa_adac_platform.h
new file mode 100644
index 0000000..87f9d4f
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/include/psa_adac_platform.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2021 Arm Limited. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PSA_ADAC_TRUSTED_FIRMWARE_M_CORSTONE1000__PSA_ADAC_PLATFORM_H
+#define PSA_ADAC_TRUSTED_FIRMWARE_M_CORSTONE1000_PSA_ADAC_PLATFORM_H
+
+#include <psa_adac_config.h>
+
+#define PSA_ADAC_PLATFORM_BANNER "PSA ADAC: Tresuted-Firmware-M Dipda platform."
+#define PSA_ADAC_AUTHENTICATOR_IMPLICIT_TRANSPORT
+
+/*
+ * From tf-m to psa-adac.
+ * Call to this function will wait for host debugger to initiate the
+ * secure debug connection and will perform the secure debug authentication
+ * proces.
+ */
+int tfm_to_psa_adac_corstone1000_secure_debug(uint8_t *secure_debug_rotpk, uint32_t len);
+
+/*
+ * From psa-adac to tfm
+ * The platform code in the tf-m can use this function to apply
+ * secure debug permissions.
+ */
+int psa_adac_to_tfm_apply_permissions(uint8_t permissions_mask[16]);
+
+
+#endif //PSA_ADAC_TRUSTED_FIRMWARE_M_CORSTONE1000_PSA_ADAC_PLATFORM_H
diff --git a/target/trusted-firmware-m/platform/arm/corstone1000/int_com_port_config.h b/target/trusted-firmware-m/platform/arm/corstone1000/int_com_port_config.h
new file mode 100644
index 0000000..73507d0
--- /dev/null
+++ b/target/trusted-firmware-m/platform/arm/corstone1000/int_com_port_config.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef _HAL_H
+#define _HAL_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#define HAL_SOCID_SIZE (32)
+
+#define SE_HOST_ACCESS 0x60000000
+#define SE_APBCOM_BASE (SE_HOST_ACCESS + 0x1B900000)
+
+#define HAL_APBCOM_BASE SE_APBCOM_BASE
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _HAL_H */
+
+
+