diff options
author | David Hu <david.hu@arm.com> | 2021-05-14 17:03:14 +0800 |
---|---|---|
committer | David Hu <david.hu@arm.com> | 2021-06-02 05:00:40 +0200 |
commit | 611610c1527a1d46569b2126eaa6a396986e4623 (patch) | |
tree | 3fea30ee1c49fe47e8ca612973949e7c15b23624 /interface | |
parent | 51546c2e8b6265838ccdc04053c528549592e804 (diff) |
Attest: Remove initial attestation get public key API function
It is overkill to implement a dedicated secure function for NS to fetch
initial attestation public key just for test purpose.
Besides, this function to get public key can be confusing as it is not
defined in PSA Initial Attestation API spec.
Remove get public key secure function from NS and S sides to simplify
TF-M initial attestation implementation and interface.
Change-Id: I8d0967698e3d2f2c684194caa9a6234585026a71
Signed-off-by: David Hu <david.hu@arm.com>
Diffstat (limited to 'interface')
-rw-r--r-- | interface/include/psa/initial_attestation.h | 22 | ||||
-rw-r--r-- | interface/src/tfm_initial_attestation_func_api.c | 22 | ||||
-rw-r--r-- | interface/src/tfm_initial_attestation_ipc_api.c | 29 |
3 files changed, 1 insertions, 72 deletions
diff --git a/interface/include/psa/initial_attestation.h b/interface/include/psa/initial_attestation.h index 50dd479c6..3e661e094 100644 --- a/interface/include/psa/initial_attestation.h +++ b/interface/include/psa/initial_attestation.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * Copyright (c) 2018-2021, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -201,26 +201,6 @@ psa_status_t psa_initial_attest_get_token_size(size_t challenge_size, size_t *token_size); -/** - * \brief Get the initial attestation public key. - * - * \param[out] public_key Pointer to the buffer where the public key - * will be stored. - * \param[in] key_buf_size Size of allocated buffer for key, in bytes. - * \param[out] public_key_len Size of public key in bytes. - * \param[out] public_key_curve Type of the elliptic curve which the key - * belongs to. - * - * \note Currently only the ECDSA P-256 over SHA-256 algorithm is supported. - * - * \return Returns error code as specified in \ref psa_status_t - */ -psa_status_t -tfm_initial_attest_get_public_key(uint8_t *public_key, - size_t public_key_buf_size, - size_t *public_key_len, - psa_ecc_family_t *elliptic_curve_type); - #ifdef __cplusplus } #endif diff --git a/interface/src/tfm_initial_attestation_func_api.c b/interface/src/tfm_initial_attestation_func_api.c index 48dbbe183..31f1d6bcc 100644 --- a/interface/src/tfm_initial_attestation_func_api.c +++ b/interface/src/tfm_initial_attestation_func_api.c @@ -56,25 +56,3 @@ psa_initial_attest_get_token_size(size_t challenge_size, (uint32_t)in_vec, IOVEC_LEN(in_vec), (uint32_t)out_vec, IOVEC_LEN(out_vec)); } - -psa_status_t -tfm_initial_attest_get_public_key(uint8_t *public_key, - size_t public_key_buf_size, - size_t *public_key_len, - psa_ecc_family_t *elliptic_curve_type) -{ - int32_t res; - - psa_outvec out_vec[] = { - {.base = public_key, .len = public_key_buf_size}, - {.base = elliptic_curve_type, .len = sizeof(*elliptic_curve_type)}, - {.base = public_key_len, .len = sizeof(*public_key_len)} - }; - - res = tfm_ns_interface_dispatch( - (veneer_fn)tfm_initial_attest_get_public_key_veneer, - (uint32_t)NULL, 0, - (uint32_t)out_vec, IOVEC_LEN(out_vec)); - - return (psa_status_t) res; -} diff --git a/interface/src/tfm_initial_attestation_ipc_api.c b/interface/src/tfm_initial_attestation_ipc_api.c index fa7a956bd..43c9b0e47 100644 --- a/interface/src/tfm_initial_attestation_ipc_api.c +++ b/interface/src/tfm_initial_attestation_ipc_api.c @@ -72,32 +72,3 @@ psa_initial_attest_get_token_size(size_t challenge_size, return status; } - -psa_status_t -tfm_initial_attest_get_public_key(uint8_t *public_key, - size_t public_key_buf_size, - size_t *public_key_len, - psa_ecc_family_t *elliptic_curve_type) -{ - psa_handle_t handle = PSA_NULL_HANDLE; - psa_status_t status; - - psa_outvec out_vec[] = { - {.base = public_key, .len = public_key_buf_size}, - {.base = elliptic_curve_type, .len = sizeof(*elliptic_curve_type)}, - {.base = public_key_len, .len = sizeof(*public_key_len)} - }; - - handle = psa_connect(TFM_ATTEST_GET_PUBLIC_KEY_SID, - TFM_ATTEST_GET_PUBLIC_KEY_VERSION); - if (!PSA_HANDLE_IS_VALID(handle)) { - return PSA_HANDLE_TO_ERROR(handle); - } - - status = psa_call(handle, PSA_IPC_CALL, - NULL, 0, - out_vec, IOVEC_LEN(out_vec)); - psa_close(handle); - - return status; -} |