1 /*
2 * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8 #include <stddef.h>
9 #include <stdint.h>
10 #include <string.h>
11 #include "tfm_attest_hal.h"
12 #include "tfm_plat_boot_seed.h"
13 #include "tfm_plat_device_id.h"
14 #include "tfm_plat_otp.h"
15 #include "tfm_strnlen.h"
16
map_otp_lcs_to_tfm_slc(enum plat_otp_lcs_t lcs)17 static enum tfm_security_lifecycle_t map_otp_lcs_to_tfm_slc(enum plat_otp_lcs_t lcs) {
18 switch (lcs) {
19 case PLAT_OTP_LCS_ASSEMBLY_AND_TEST:
20 return TFM_SLC_ASSEMBLY_AND_TEST;
21 case PLAT_OTP_LCS_PSA_ROT_PROVISIONING:
22 return TFM_SLC_PSA_ROT_PROVISIONING;
23 case PLAT_OTP_LCS_SECURED:
24 return TFM_SLC_SECURED;
25 case PLAT_OTP_LCS_DECOMMISSIONED:
26 return TFM_SLC_DECOMMISSIONED;
27 case PLAT_OTP_LCS_UNKNOWN:
28 default:
29 return TFM_SLC_UNKNOWN;
30 }
31 }
32
tfm_attest_hal_get_security_lifecycle(void)33 enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
34 {
35 enum plat_otp_lcs_t otp_lcs;
36 enum tfm_plat_err_t err;
37
38 err = tfm_plat_otp_read(PLAT_OTP_ID_LCS, sizeof(otp_lcs), (uint8_t*)&otp_lcs);
39 if (err != TFM_PLAT_ERR_SUCCESS) {
40 return TFM_SLC_UNKNOWN;
41 }
42
43 return map_otp_lcs_to_tfm_slc(otp_lcs);
44 }
45
46 enum tfm_plat_err_t
tfm_attest_hal_get_verification_service(uint32_t * size,uint8_t * buf)47 tfm_attest_hal_get_verification_service(uint32_t *size, uint8_t *buf)
48 {
49 enum tfm_plat_err_t err;
50 size_t otp_size;
51 size_t copy_size;
52
53 err = tfm_plat_otp_read(PLAT_OTP_ID_VERIFICATION_SERVICE_URL, *size, buf);
54 if(err != TFM_PLAT_ERR_SUCCESS) {
55 return err;
56 }
57
58 err = tfm_plat_otp_get_size(PLAT_OTP_ID_VERIFICATION_SERVICE_URL, &otp_size);
59 if(err != TFM_PLAT_ERR_SUCCESS) {
60 return err;
61 }
62
63 /* Actually copied data is always the smaller */
64 copy_size = *size < otp_size ? *size : otp_size;
65 /* String content */
66 *size = tfm_strnlen((char*)buf, copy_size);
67
68 return TFM_PLAT_ERR_SUCCESS;
69 }
70
71 enum tfm_plat_err_t
tfm_attest_hal_get_profile_definition(uint32_t * size,uint8_t * buf)72 tfm_attest_hal_get_profile_definition(uint32_t *size, uint8_t *buf)
73 {
74 enum tfm_plat_err_t err;
75 size_t otp_size;
76 size_t copy_size;
77
78 err = tfm_plat_otp_read(PLAT_OTP_ID_PROFILE_DEFINITION, *size, buf);
79 if(err != TFM_PLAT_ERR_SUCCESS) {
80 return err;
81 }
82
83 err = tfm_plat_otp_get_size(PLAT_OTP_ID_PROFILE_DEFINITION, &otp_size);
84 if(err != TFM_PLAT_ERR_SUCCESS) {
85 return err;
86 }
87
88 /* Actually copied data is always the smaller */
89 copy_size = *size < otp_size ? *size : otp_size;
90 /* String content */
91 *size = tfm_strnlen((char*)buf, copy_size);
92
93 return TFM_PLAT_ERR_SUCCESS;
94 }
95
tfm_plat_get_boot_seed(uint32_t size,uint8_t * buf)96 enum tfm_plat_err_t tfm_plat_get_boot_seed(uint32_t size, uint8_t *buf)
97 {
98 enum tfm_plat_err_t err;
99
100 err = tfm_plat_otp_read(PLAT_OTP_ID_BOOT_SEED, size, buf);
101 if(err != TFM_PLAT_ERR_SUCCESS) {
102 return err;
103 }
104
105 return TFM_PLAT_ERR_SUCCESS;
106 }
107
tfm_plat_get_implementation_id(uint32_t * size,uint8_t * buf)108 enum tfm_plat_err_t tfm_plat_get_implementation_id(uint32_t *size,
109 uint8_t *buf)
110 {
111 enum tfm_plat_err_t err;
112 size_t otp_size;
113 size_t copy_size;
114
115 err = tfm_plat_otp_read(PLAT_OTP_ID_IMPLEMENTATION_ID, *size, buf);
116 if(err != TFM_PLAT_ERR_SUCCESS) {
117 return err;
118 }
119
120 err = tfm_plat_otp_get_size(PLAT_OTP_ID_IMPLEMENTATION_ID, &otp_size);
121 if(err != TFM_PLAT_ERR_SUCCESS) {
122 return err;
123 }
124
125 /* Actually copied data is always the smaller */
126 copy_size = *size < otp_size ? *size : otp_size;
127 /* Binary data */
128 *size = copy_size;
129
130 return TFM_PLAT_ERR_SUCCESS;
131 }
132
tfm_plat_get_cert_ref(uint32_t * size,uint8_t * buf)133 enum tfm_plat_err_t tfm_plat_get_cert_ref(uint32_t *size, uint8_t *buf)
134 {
135 enum tfm_plat_err_t err;
136 size_t otp_size;
137 size_t copy_size;
138
139 err = tfm_plat_otp_read(PLAT_OTP_ID_CERT_REF, *size, buf);
140 if(err != TFM_PLAT_ERR_SUCCESS) {
141 return err;
142 }
143
144 err = tfm_plat_otp_get_size(PLAT_OTP_ID_CERT_REF, &otp_size);
145 if(err != TFM_PLAT_ERR_SUCCESS) {
146 return err;
147 }
148
149 /* Actually copied data is always the smaller */
150 copy_size = *size < otp_size ? *size : otp_size;
151 /* String content */
152 *size = tfm_strnlen((char*)buf, copy_size);
153
154 return TFM_PLAT_ERR_SUCCESS;
155 }
156
tfm_attest_hal_get_platform_config(uint32_t * size,uint8_t * buf)157 enum tfm_plat_err_t tfm_attest_hal_get_platform_config(uint32_t *size,
158 uint8_t *buf)
159 {
160 uint32_t dummy_plat_config = 0xDEADBEEF;
161
162 if (*size < sizeof(dummy_plat_config)) {
163 return TFM_PLAT_ERR_SYSTEM_ERR;
164 }
165
166 memcpy(buf, &dummy_plat_config, sizeof(dummy_plat_config));
167 *size = sizeof(dummy_plat_config);
168
169 return TFM_PLAT_ERR_SUCCESS;
170 }
171
tfm_attest_hal_get_platform_hash_algo(uint32_t * size,uint8_t * buf)172 enum tfm_plat_err_t tfm_attest_hal_get_platform_hash_algo(uint32_t *size,
173 uint8_t *buf)
174 {
175 #ifdef MEASUREMENT_HASH_ALGO_NAME
176 const char hash_algo[] = MEASUREMENT_HASH_ALGO_NAME;
177 #else
178 const char hash_algo[] = "not-hash-extended";
179 #endif
180
181 if (*size < sizeof(hash_algo) - 1) {
182 return TFM_PLAT_ERR_SYSTEM_ERR;
183 }
184
185 /* Not including the null-terminator. */
186 memcpy(buf, hash_algo, sizeof(hash_algo) - 1);
187 *size = sizeof(hash_algo) - 1;
188
189 return TFM_PLAT_ERR_SUCCESS;
190 }
191
