blob: 2dadf5920ee8d8a02c704f6aef35cc80505c5096 [file] [log] [blame]
* Copyright (c) 2019,2020 Linaro Limited
* SPDX-License-Identifier: Apache-2.0
#include <stdarg.h>
#include "psa/error.h"
#ifdef __cplusplus
extern "C" {
/** Maximum buffer size for an initial attestation token instance. */
#define ATT_MAX_TOKEN_SIZE (0x240)
* @brief Gets the public key portion of the attestation service's securely
* stored key pair. This public key can be provided to external
* verification services for device verification purposes.
* @return Returns error code as specified in \ref psa_status_t
psa_status_t att_get_pub_key(void);
* @brief Gets an initial attestation token (IAT) from the TF-M secure
* processing environment (SPE). This data will be provided in CBOR
* format and is encrypted using the private key held on the SPE.
* The initial attestation token (IAT) is composed of a series of 'claims' or
* data points used to uniquely identify this device to an external
* verification entity (the IAT consumer).
* The generated IAT should be crytographically verrifiable by the IAT consumer.
* For details on IAT see
* @param ch_buffer Pointer to the buffer containing the nonce or
* challenge data to be validated with the private key.
* @param ch_sz The number of bytes in the challenge. 32, 48 or 64.
* @param token_buffer Pointer to the buffer where the IAT will be written.
* Must be equal in size to the system IAT output, which
* can be determined via a call to
* 'psa_initial_attest_get_token_size'.
* @param token_sz Pointer to the size of token_buffer, this value will be
* updated in this function to contain the number of bytes
* actually retrieved during the IAT request.
* @return Returns error code as specified in \ref psa_status_t
psa_status_t att_get_iat(u8_t *ch_buffer, u32_t ch_sz,
u8_t *token_buffer, u32_t *token_sz);
* @brief TODO!
* @return Returns error code as specified in \ref psa_status_t
psa_status_t att_test(void);
#ifdef __cplusplus