Attestation
Description
System and configuration attestation.
API for retrieveing attestation tokens from the SE.
Functions |
|
| sl_status_t | sl_se_attestation_get_psa_iat_token ( sl_se_command_context_t *cmd_ctx, const uint8_t *auth_challenge, size_t challenge_size, uint8_t *token_buf, size_t token_buf_size, size_t *token_size) |
|
Get the PSA initial attest token from the SE.
|
|
| sl_status_t | sl_se_attestation_get_psa_iat_token_size ( sl_se_command_context_t *cmd_ctx, size_t challenge_size, size_t *token_size) |
|
Get the size of a PSA initial attest token with the given nonce.
|
|
| sl_status_t | sl_se_attestation_get_config_token ( sl_se_command_context_t *cmd_ctx, const uint8_t *auth_challenge, size_t challenge_size, uint8_t *token_buf, size_t token_buf_size, size_t *token_size) |
|
Get an attested (signed) security configuration token from the SE.
|
|
| sl_status_t | sl_se_attestation_get_config_token_size ( sl_se_command_context_t *cmd_ctx, size_t challenge_size, size_t *token_size) |
|
Get the size of a security configuration token.
|
|
Macros |
|
| #define | SL_SE_ATTESTATION_CHALLENGE_SIZE_32 (32U) |
|
32 byte challenge size
|
|
| #define | SL_SE_ATTESTATION_CHALLENGE_SIZE_48 (48U) |
|
48 byte challenge size
|
|
| #define | SL_SE_ATTESTATION_CHALLENGE_SIZE_64 (64U) |
|
64 byte challenge size
|
|
Function Documentation
◆ sl_se_attestation_get_psa_iat_token()
| sl_status_t sl_se_attestation_get_psa_iat_token | ( | sl_se_command_context_t * |
cmd_ctx,
|
| const uint8_t * |
auth_challenge,
|
||
| size_t |
challenge_size,
|
||
| uint8_t * |
token_buf,
|
||
| size_t |
token_buf_size,
|
||
| size_t * |
token_size
|
||
| ) |
Get the PSA initial attest token from the SE.
- Parameters
-
[in] cmd_ctxPointer to an SE command context object. [in] auth_challengeBuffer with a challenge object selected by the caller. [in] challenge_sizeSize of the challenge object in bytes. Must be either 32, 48 or 64. [out] token_bufBuffer where the output token will be stored. [in] token_buf_sizeSize of token_buf in bytes. Must be at least the size found by calling sl_se_attestation_get_psa_iat_token_size with equivalent arguments, and padded to word alignment. [out] token_sizeNumber of bytes actually used in token_buf.
- Warning
- Once a nonce/challenge has been used, the same challenge should not be used ever again, to prevent replay attacks.
- The output will be length-extended to the next word-multiple.
- Returns
- Status code, sl_status.h.
◆ sl_se_attestation_get_psa_iat_token_size()
| sl_status_t sl_se_attestation_get_psa_iat_token_size | ( | sl_se_command_context_t * |
cmd_ctx,
|
| size_t |
challenge_size,
|
||
| size_t * |
token_size
|
||
| ) |
Get the size of a PSA initial attest token with the given nonce.
- Parameters
-
[in] cmd_ctxPointer to an SE command context object. [in] challenge_sizeSize of the challenge object in bytes. Must be either 32, 48 or 64. [out] token_sizePointer to output word. Result is stored here.
- Returns
- Status code, sl_status.h.
◆ sl_se_attestation_get_config_token()
| sl_status_t sl_se_attestation_get_config_token | ( | sl_se_command_context_t * |
cmd_ctx,
|
| const uint8_t * |
auth_challenge,
|
||
| size_t |
challenge_size,
|
||
| uint8_t * |
token_buf,
|
||
| size_t |
token_buf_size,
|
||
| size_t * |
token_size
|
||
| ) |
Get an attested (signed) security configuration token from the SE.
- Parameters
-
[in] cmd_ctxPointer to an SE command context object. [in] auth_challengeBuffer with a challenge object selected by the caller. [in] challenge_sizeSize of the challenge object in bytes. Must be 32. [out] token_bufBuffer where the output token will be stored. [in] token_buf_sizeSize of token_buf in bytes. Must be at least the size found by calling sl_se_attestation_get_config_token_size with equivalent arguments, and padded to word alignment. [out] token_sizeNumber of bytes actually used in token_buf.
- Warning
- Once a nonce/challenge has been used, the same challenge should not be used ever again, to prevent replay attacks.
- The output will be length-extended to the next word-multiple.
- Returns
- Status code, sl_status.h.
◆ sl_se_attestation_get_config_token_size()
| sl_status_t sl_se_attestation_get_config_token_size | ( | sl_se_command_context_t * |
cmd_ctx,
|
| size_t |
challenge_size,
|
||
| size_t * |
token_size
|
||
| ) |
Get the size of a security configuration token.
- Parameters
-
[in] cmd_ctxPointer to an SE command context object. [in] challenge_sizeSize of the challenge object in bytes. Must be 32. [out] token_sizePointer to output word. Result is stored here.
- Returns
- Status code, sl_status.h.
Macro Definition Documentation
◆ SL_SE_ATTESTATION_CHALLENGE_SIZE_32
| #define SL_SE_ATTESTATION_CHALLENGE_SIZE_32 (32U) |
32 byte challenge size
◆ SL_SE_ATTESTATION_CHALLENGE_SIZE_48
| #define SL_SE_ATTESTATION_CHALLENGE_SIZE_48 (48U) |
48 byte challenge size
◆ SL_SE_ATTESTATION_CHALLENGE_SIZE_64
| #define SL_SE_ATTESTATION_CHALLENGE_SIZE_64 (64U) |
64 byte challenge size