The attestation key derivation and platform attestation token
creation functionality is provided by the Delegated Attestation
partition in RSS.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2d8c0e6589d11e7c81c698adf75ee2a993e3a0c6
Delegated attestation is a service provided by RSS to:
- Derive a delegated attestation key: Realm Attestation Key
- Query the platform attestation token
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I3edf09fcbef24bca7c8a000ffac8c1ab64dfb812
When the measured boot service was upstreamed to TF-M, its static
handle was reallocated into the user partitions range. This change
updates the static handle here to make the service accessible.
Also removes the SIDs and Versions, since they are unused when a
service is accessed through a stateless handle, which encodes both
service ID and version. The attestation and measured boot services
only support access through their handles.
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
Change-Id: I9d2ff1aad19470728289d574be3d5d11bdabeef4
A secure enclave could provide an alternate
backend for measured boot. This API can be used
to store measurements in a secure enclave, which
provides the measured boot runtime service.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2448e324e7ece6b318403c5937dfe7abea53d0f3
