1 /*
2  * attest_symmetric_iat_decode.c
3  *
4  * Copyright (c) 2019, Laurence Lundblade.
5  * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
6  *
7  * SPDX-License-Identifier: BSD-3-Clause
8  *
9  * See BSD-3-Clause license in README.md
10  */
11 
12 #include "attest_token_decode.h"
13 #include "attest.h"
14 #include "psa/crypto.h"
15 #include "q_useful_buf.h"
16 #include "qcbor_util.h"
17 #include "t_cose_common.h"
18 #include "t_cose_mac0_verify.h"
19 #include "tfm_crypto_defs.h"
20 
21 /* Only support HMAC as MAC algorithm in COSE_Mac0 so far */
22 #define SYMMETRIC_IAK_MAX_SIZE        PSA_MAC_MAX_SIZE
23 
24 #if DOMAIN_NS == 1U
25 /*
26  * Public function. See attest_token_decode.h
27  * It is not allowed to let NS side fetch the symmetric IAK and perform the MAC
28  * verification.
29  */
30 enum attest_token_err_t
attest_token_decode_validate_token(struct attest_token_decode_context * me,struct q_useful_buf_c token)31 attest_token_decode_validate_token(struct attest_token_decode_context *me,
32                                    struct q_useful_buf_c               token)
33 {
34     enum t_cose_err_t              t_cose_error;
35     enum attest_token_err_t        return_value;
36     /* Decode only without signature verification */
37     int32_t                        t_cose_options = T_COSE_OPT_DECODE_ONLY;
38     struct t_cose_mac0_verify_ctx  verify_ctx;
39     struct t_cose_key              attest_key = T_COSE_NULL_KEY;
40 
41     t_cose_mac0_verify_init(&verify_ctx, t_cose_options);
42 
43     t_cose_mac0_set_verify_key(&verify_ctx, attest_key);
44 
45     t_cose_error = t_cose_mac0_verify(&verify_ctx,
46                                       token, /* COSE to verify */
47                                       &me->payload, /* Payload from token */
48                                       NULL
49                                      );
50 
51     return_value = map_t_cose_errors(t_cose_error);
52     me->last_error = return_value;
53 
54     return return_value;
55 }
56 
57 #else /* DOMAIN_NS == 1U */
58 
59 /*
60  * Public function. See attest_token_decode.h
61  * Decode the received COSE_Mac0 structure and verify the tag. Authentication
62  * tag verification in tests is for debug purpose only. The symmetric Initial
63  * Attestation key (IAK) should not be able to be used by anything other than
64  * the Attestation partition in real products.
65  */
66 enum attest_token_err_t
attest_token_decode_validate_token(struct attest_token_decode_context * me,struct q_useful_buf_c token)67 attest_token_decode_validate_token(struct attest_token_decode_context *me,
68                                    struct q_useful_buf_c               token)
69 {
70     enum t_cose_err_t              t_cose_error;
71     enum attest_token_err_t        return_value;
72     int32_t                        t_cose_options = 0;
73     struct t_cose_mac0_verify_ctx  verify_ctx;
74     struct t_cose_key              attest_key;
75     psa_key_handle_t               key_handle = TFM_BUILTIN_KEY_ID_IAK;
76 
77     if (me->options & TOKEN_OPT_SHORT_CIRCUIT_SIGN) {
78         t_cose_options |= T_COSE_OPT_ALLOW_SHORT_CIRCUIT;
79     }
80 
81     t_cose_mac0_verify_init(&verify_ctx, t_cose_options);
82 
83     attest_key.crypto_lib = T_COSE_CRYPTO_LIB_PSA;
84     attest_key.k.key_handle = (uint64_t)key_handle;
85     t_cose_mac0_set_verify_key(&verify_ctx, attest_key);
86 
87     t_cose_error = t_cose_mac0_verify(&verify_ctx,
88                                       token, /* COSE to verify */
89                                       &me->payload, /* Payload from token */
90                                       NULL);
91 
92     return_value = map_t_cose_errors(t_cose_error);
93     me->last_error = return_value;
94 
95     return return_value;
96 }
97 #endif /* DOMAIN_NS == 1U */
98