1 /* 2 * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #include <assert.h> 8 9 #include <psa/crypto_sizes.h> 10 #include <psa/crypto_types.h> 11 #include <psa/crypto_values.h> 12 13 #include <cca_attestation.h> 14 #include <delegated_attestation.h> 15 #include <services/rmmd_svc.h> 16 17 psa_status_t 18 cca_attestation_get_realm_key(uintptr_t buf, size_t *len, unsigned int type) 19 { 20 size_t dak_len; 21 psa_status_t ret = PSA_SUCCESS; 22 23 /* 24 * Current RMM implementations only support the public key size for 25 * ECC-P384, i.e. ATTEST_KEY_CURVE_ECC_SECP384R1 attestation key. 26 * 27 * This ECC key has following properties: 28 * ecc_curve: 0x12 (PSA_ECC_FAMILY_SECP_R1) 29 * key_bits: 384 30 * hash_alg: 0x02000009 (PSA_ALG_SHA_256) 31 */ 32 assert(type == ATTEST_KEY_CURVE_ECC_SECP384R1); 33 34 ret = rse_delegated_attest_get_delegated_key(PSA_ECC_FAMILY_SECP_R1, 35 384, (uint8_t *)buf, *len, 36 &dak_len, PSA_ALG_SHA_256); 37 if (ret != PSA_SUCCESS) { 38 return ret; 39 } 40 41 if (dak_len != PSA_BITS_TO_BYTES(384)) { 42 return PSA_ERROR_INVALID_ARGUMENT; 43 } 44 45 *len = dak_len; 46 47 return ret; 48 } 49 50 psa_status_t 51 cca_attestation_get_plat_token(uintptr_t buf, size_t *len, 52 uintptr_t hash, size_t hash_size) 53 { 54 size_t token_len = 0; 55 psa_status_t ret = PSA_SUCCESS; 56 57 ret = rse_delegated_attest_get_token((const uint8_t *)hash, hash_size, 58 (uint8_t *)buf, *len, &token_len); 59 if (ret != PSA_SUCCESS) { 60 return ret; 61 } 62 63 *len = token_len; 64 65 return ret; 66 } 67