GitBucket
Newer
/*
* Copyright (c) 2019, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
*/
#ifndef __TFM_ATTEST_HAL_H__
#define __TFM_ATTEST_HAL_H__
#include <stdint.h>
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Security lifecycle of the device
*/
enum tfm_security_lifecycle_t {
TFM_SLC_UNKNOWN = 0x0000u,
TFM_SLC_ASSEMBLY_AND_TEST = 0x1000u,
TFM_SLC_PSA_ROT_PROVISIONING = 0x2000u,
TFM_SLC_SECURED = 0x3000u,
TFM_SLC_NON_PSA_ROT_DEBUG = 0x4000u,
TFM_SLC_RECOVERABLE_PSA_ROT_DEBUG = 0x5000u,
TFM_SLC_DECOMMISSIONED = 0x6000u,
};
/**
* \brief Retrieve the security lifecycle of the device
*
* Security lifecycle is a mandatory claim in the initial attestation token.
*
* \return According to \ref tfm_security_lifecycle_t
*/
enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void);
/**
* \brief Retrieve the verification service indicator for initial attestation.
*
* It is used by relying party to locate a validation service for the token.
* It can be a text string that can be used to locate the service or can be a
* URL specifying the address of the service.
*
* \param[out] size Length of the string, without the termination zero byte.
*
* \return NULL pointer if not available otherwise the address of the
* verification service string in the device memory.
*/
const char *
tfm_attest_hal_get_verification_service(uint32_t *size);
/**
* \brief Retrieve the name of the profile definition document for initial
* attestation.
*
* This document describes the 'profile' of the initial attestation token,
* being a full description of the claims, their usage, verification and
* token signing.
*
* \param[out] size Length of the document name, without the termination zero
* byte.
*
* \return NULL pointer if not available otherwise the address of the document
* name string in the device memory.
*/
const char *
tfm_attest_hal_get_profile_definition(uint32_t *size);
#ifdef __cplusplus
}
#endif
#endif /* __TFM_ATTEST_HAL_H__ */