[All] Pre-commit

TofMassilia13320 · TofMassilia13320 · commit 72b087052b9e · 2026-02-26T14:48:47.000+01:00
diff --git a/README.md b/README.md
@@ -19,7 +19,7 @@ Provides a set of product services that format all commands supported by the tar
 <b>- Core layer</b>
 Contains generic definition for ST Secure Element and functions for communicating with target secure element.
 
-## Package documentation 
+## Package documentation
 
 HTML documentation can either be downloaded as standalone package from the STSELib github repository [release section](https://github.com/STMicroelectronics/STSELib/releases)
 or compiled from the library sources by executing following commands from the STSELib root directory:
@@ -31,9 +31,9 @@ or compiled from the library sources by executing following commands from the ST
 
 > [!NOTE]
 >
-> Doxygen version 1.14.0 is required to build the documentation  
+> Doxygen version 1.14.0 is required to build the documentation
 
-## STSELib Integration    
+## STSELib Integration
 
 ### 1. Add STSELib as a Git submodule
 
diff --git a/api/stse_derive_keys.c b/api/stse_derive_keys.c
@@ -25,8 +25,7 @@ stse_ReturnCode_t stse_derive_key(
     PLAT_UI8 *pContext,
     PLAT_UI16 context_len,
     PLAT_UI8 *pOutput_key,
-    PLAT_UI16 key_length)
-{
+    PLAT_UI16 key_length) {
     stsafea_hkdf_input_key_t input_key = {0};
     stsafea_hkdf_salt_t salt = {0};
     stsafea_hkdf_info_t info = {0};
@@ -64,7 +63,7 @@ stse_ReturnCode_t stse_derive_key(
     return stsafea_derive_keys(
         pSTSE,
         &input_key,
-        1, 1,           /* Extract=1, Expand=1 */
+        1, 1, /* Extract=1, Expand=1 */
         &salt,
         &info,
         &okm_map,
@@ -78,14 +77,13 @@ stse_ReturnCode_t stse_derive_key_simple(
     PLAT_UI8 *pContext,
     PLAT_UI16 context_len,
     PLAT_UI8 *pOutput_key,
-    PLAT_UI16 key_length)
-{
+    PLAT_UI16 key_length) {
     /* Directly call the main function with NULL salt */
     return stse_derive_key(
         pSTSE,
         master_slot,
-        NULL,           /* No salt */
-        0,              /* Salt length 0 */
+        NULL, /* No salt */
+        0,    /* Salt length 0 */
         pContext,
         context_len,
         pOutput_key,
@@ -97,8 +95,7 @@ stse_ReturnCode_t stse_derive_key_extract(
     PLAT_UI8 master_slot,
     PLAT_UI8 *pSalt,
     PLAT_UI16 salt_length,
-    PLAT_UI8 *pPrk_slot)
-{
+    PLAT_UI8 *pPrk_slot) {
     stsafea_hkdf_input_key_t input_key = {0};
     stsafea_hkdf_salt_t salt = {0};
     stsafea_hkdf_output_t output = {0};
@@ -122,7 +119,7 @@ stse_ReturnCode_t stse_derive_key_extract(
     ret = stsafea_derive_keys(
         pSTSE,
         &input_key,
-        1, 0,           /* Extract=1, Expand=0 */
+        1, 0, /* Extract=1, Expand=0 */
         &salt,
         NULL,
         NULL,
@@ -142,8 +139,7 @@ stse_ReturnCode_t stse_derive_key_expand(
     PLAT_UI8 *pContext,
     PLAT_UI16 context_len,
     PLAT_UI8 *pOutput_key,
-    PLAT_UI16 key_length)
-{
+    PLAT_UI16 key_length) {
     stsafea_hkdf_input_key_t input_key = {0};
     stsafea_hkdf_info_t info = {0};
     stsafea_hkdf_okm_description_t okm_map = {0};
@@ -175,7 +171,7 @@ stse_ReturnCode_t stse_derive_key_expand(
     return stsafea_derive_keys(
         pSTSE,
         &input_key,
-        0, 1,           /* Extract=0, Expand=1 */
+        0, 1, /* Extract=0, Expand=1 */
         NULL,
         &info,
         &okm_map,
@@ -190,12 +186,11 @@ stse_ReturnCode_t stse_derive_session_keys(
     PLAT_UI8 *pEnc_key,
     PLAT_UI16 enc_key_len,
     PLAT_UI8 *pMac_key,
-    PLAT_UI16 mac_key_len)
-{
+    PLAT_UI16 mac_key_len) {
     stse_ReturnCode_t ret;
     PLAT_UI8 prk_slot;
     PLAT_UI8 salt[4];
-    
+
     /* Validate parameters */
     if (pSTSE == NULL || pEnc_key == NULL || pMac_key == NULL) {
         return STSE_SERVICE_INVALID_PARAMETER;
@@ -214,16 +209,16 @@ stse_ReturnCode_t stse_derive_session_keys(
     }
 
     /* Step 2: Derive encryption key with context "ENC" */
-    ret = stse_derive_key_expand(pSTSE, prk_slot, (PLAT_UI8*)"ENC", 3, 
-                              pEnc_key, enc_key_len);
+    ret = stse_derive_key_expand(pSTSE, prk_slot, (PLAT_UI8 *)"ENC", 3,
+                                 pEnc_key, enc_key_len);
     if (ret != STSE_OK) {
         return ret;
     }
 
     /* Step 3: Derive MAC key with context "MAC" */
-    ret = stse_derive_key_expand(pSTSE, prk_slot, (PLAT_UI8*)"MAC", 3, 
-                              pMac_key, mac_key_len);
-    
+    ret = stse_derive_key_expand(pSTSE, prk_slot, (PLAT_UI8 *)"MAC", 3,
+                                 pMac_key, mac_key_len);
+
     return ret;
 }
 
@@ -235,8 +230,7 @@ stse_ReturnCode_t stse_derive_key_to_slot(
     PLAT_UI8 *pContext,
     PLAT_UI16 context_len,
     stsafe_output_key_description_information_t *pKey_info,
-    PLAT_UI8 *pOutput_slot)
-{
+    PLAT_UI8 *pOutput_slot) {
     stsafea_hkdf_input_key_t input_key = {0};
     stsafea_hkdf_salt_t salt = {0};
     stsafea_hkdf_info_t info = {0};
@@ -274,7 +268,7 @@ stse_ReturnCode_t stse_derive_key_to_slot(
     ret = stsafea_derive_keys(
         pSTSE,
         &input_key,
-        1, 1,           /* Extract=1, Expand=1 */
+        1, 1, /* Extract=1, Expand=1 */
         &salt,
         &info,
         &okm_map,
@@ -295,17 +289,16 @@ stse_ReturnCode_t stse_derive_key_expand_multiple(
     PLAT_UI16 *pContext_lens,
     PLAT_UI8 **pOutput_keys,
     PLAT_UI16 *pKey_lengths,
-    PLAT_UI8 num_keys)
-{
+    PLAT_UI8 num_keys) {
     stsafea_hkdf_input_key_t input_key = {0};
     stsafea_hkdf_info_t info = {0};
-    stsafea_hkdf_okm_description_t okm_map[32]; 
+    stsafea_hkdf_okm_description_t okm_map[32];
     stsafea_hkdf_output_t output = {0};
     stsafea_hkdf_derived_key_output_t derived_keys_out[32];
     PLAT_UI8 i;
 
     /* Validate parameters */
-    if (pSTSE == NULL || pOutput_keys == NULL || pKey_lengths == NULL || 
+    if (pSTSE == NULL || pOutput_keys == NULL || pKey_lengths == NULL ||
         num_keys == 0 || num_keys > 32) {
         return STSE_SERVICE_INVALID_PARAMETER;
     }
@@ -327,7 +320,7 @@ stse_ReturnCode_t stse_derive_key_expand_multiple(
     for (i = 0; i < num_keys; i++) {
         okm_map[i].destination = STSAFEA_KEY_SOURCE_RESPONSE;
         okm_map[i].response.key_length = pKey_lengths[i];
-        
+
         derived_keys_out[i].response.data = pOutput_keys[i];
     }
 
@@ -338,7 +331,7 @@ stse_ReturnCode_t stse_derive_key_expand_multiple(
     return stsafea_derive_keys(
         pSTSE,
         &input_key,
-        0, 1,           /* Extract=0, Expand=1 */
+        0, 1, /* Extract=0, Expand=1 */
         NULL,
         &info,
         okm_map,
@@ -355,8 +348,7 @@ stse_ReturnCode_t stse_derive_key_from_ikm(
     PLAT_UI8 *pContext,
     PLAT_UI16 context_len,
     PLAT_UI8 *pOutput_key,
-    PLAT_UI16 key_length)
-{
+    PLAT_UI16 key_length) {
     stsafea_hkdf_input_key_t input_key = {0};
     stsafea_hkdf_salt_t salt = {0};
     stsafea_hkdf_info_t info = {0};
@@ -365,7 +357,7 @@ stse_ReturnCode_t stse_derive_key_from_ikm(
     stsafea_hkdf_derived_key_output_t derived_key_out = {0};
 
     /* Validate parameters */
-    if (pSTSE == NULL || pIkm == NULL || pOutput_key == NULL || 
+    if (pSTSE == NULL || pIkm == NULL || pOutput_key == NULL ||
         ikm_length == 0 || key_length == 0) {
         return STSE_SERVICE_INVALID_PARAMETER;
     }
@@ -397,10 +389,10 @@ stse_ReturnCode_t stse_derive_key_from_ikm(
     return stsafea_derive_keys(
         pSTSE,
         &input_key,
-        1, 1,           /* Extract=1, Expand=1 */
+        1, 1, /* Extract=1, Expand=1 */
         &salt,
         &info,
         &okm_map,
         1,
         &output);
-}
+}
diff --git a/api/stse_derive_keys.h b/api/stse_derive_keys.h
@@ -212,7 +212,6 @@ stse_ReturnCode_t stse_derive_key_from_ikm(
     PLAT_UI8 *pOutput_key,
     PLAT_UI16 key_length);
 
-    
 #endif /* STSE_DERIVE_KEYS_H */
 
-/*! @}*/
+/*! @}*/
diff --git a/api/stse_ecc.h b/api/stse_ecc.h
@@ -77,9 +77,9 @@ stse_ReturnCode_t stse_ecc_verify_signature(
  * \param[in]  message_length  Message length
  * \param[out] pSignature      Signature buffer (concatenation of R and S)
  * \return     \ref STSE_OK on success ; \ref stse_ReturnCode_t error code otherwise
- * 
+ *
  * \note The signature output is the concatenation of R and S values (R|S as defined in ASN.1 DER encoding).
- * 
+ *
  * \details 	\include{doc} stse_ecc_generate_signature.dox
  */
 stse_ReturnCode_t stse_ecc_generate_signature(
@@ -99,9 +99,9 @@ stse_ReturnCode_t stse_ecc_generate_signature(
  * \param[in] 	pPublic_key 				Remote public key
  * \param[out] 	pShared_secret				Shared secret returned by the STSE
  * \return \ref STSE_OK on success ; \ref stse_ReturnCode_t error code otherwise
- * 
+ *
  * \details 	\include{doc} stse_ecc_establish_shared_secret.dox
- * 
+ *
  * \note The public key format must match the expected ECC representation (typically concatenation of X and Y coordinates for uncompressed, or X with a prefix for compressed).
  */
 stse_ReturnCode_t stse_ecc_establish_shared_secret(
diff --git a/core/stse_generic_typedef.h b/core/stse_generic_typedef.h
@@ -214,10 +214,10 @@ typedef enum stse_zone_update_atomicity_t {
  * \brief STSE data storage access condition enumeration
  */
 typedef enum stse_zone_ac_t {
-    STSE_AC_ALWAYS = 0,         /*!< Zone/counter access always granted */
-    STSE_AC_HOST,               /*!< Zone/counter access granted on Host C-MAC validation */
-    STSE_AC_AUTH_AND_HOST = 6,  /*!< Zone/counter access granted on true Authentic entity status (verify entity signature) + Host C-MAC validation */
-    STSE_AC_NEVER = 7           /*!< Zone/counter access never granted */
+    STSE_AC_ALWAYS = 0,        /*!< Zone/counter access always granted */
+    STSE_AC_HOST,              /*!< Zone/counter access granted on Host C-MAC validation */
+    STSE_AC_AUTH_AND_HOST = 6, /*!< Zone/counter access granted on true Authentic entity status (verify entity signature) + Host C-MAC validation */
+    STSE_AC_NEVER = 7          /*!< Zone/counter access never granted */
 } stse_zone_ac_t;
 
 /**
diff --git a/doc/resources/dox_files/APIs/derive_keys/stse_derive_key.dox b/doc/resources/dox_files/APIs/derive_keys/stse_derive_key.dox
@@ -24,15 +24,15 @@ The following diagram illustrates the interactions performed between the Host an
     PLAT_UI8 derived_key[32];
     PLAT_UI8 salt[] = {0x01, 0x02, 0x03, 0x04};
     PLAT_UI8 context[] = "app-context";
-    
+
     stse_ret = stse_derive_key(
         &stse_handler,
-        STSE_MASTER_KEY_SLOT, 
+        STSE_MASTER_KEY_SLOT,
         salt, sizeof(salt),
         context, sizeof(context)-1,
         derived_key, 32
     );
-    
+
     if (stse_ret != STSE_OK)
     {
         /* Handle Error */
@@ -41,4 +41,4 @@ The following diagram illustrates the interactions performed between the Host an
 
 \sa stse_init
 
-<div style="page-break-after: always;"></div>
+<div style="page-break-after: always;"></div>
diff --git a/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_expand.dox b/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_expand.dox
@@ -22,7 +22,7 @@ This command performs the HKDF-Expand step only. It takes a previously extracted
     /* ## HKDF Expand from PRK */
     PLAT_UI8 output_key[16];
     PLAT_UI8 context[] = "expansion-context";
-    
+
     /* Assumes prk_slot was populated by a previous extract call */
     stse_ret = stse_derive_key_expand(
         &stse_handler,
@@ -34,4 +34,4 @@ This command performs the HKDF-Expand step only. It takes a previously extracted
 
 \sa stse_init
 
-<div style="page-break-after: always;"></div>
+<div style="page-break-after: always;"></div>
diff --git a/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_expand_multiple.dox b/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_expand_multiple.dox
@@ -24,7 +24,7 @@ This function uses the HKDF-Expand command to derive multiple keys (up to 32) in
     PLAT_UI8 *outputs[2];
     PLAT_UI16 lengths[2] = {16, 16};
     PLAT_UI8 key1[16], key2[16];
-    
+
     outputs[0] = key1;
     outputs[1] = key2;
 
@@ -40,4 +40,4 @@ This function uses the HKDF-Expand command to derive multiple keys (up to 32) in
 
 \sa stse_init
 
-<div style="page-break-after: always;"></div>
+<div style="page-break-after: always;"></div>
diff --git a/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_extract.dox b/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_extract.dox
@@ -23,7 +23,7 @@ This command performs the HKDF-Extract step only. It generates a Pseudo-Random K
     /* ## HKDF Extract PRK */
     PLAT_UI8 salt[] = {0xAA, 0xBB, 0xCC, 0xDD};
     PLAT_UI8 prk_slot;
-    
+
     stse_ret = stse_derive_key_extract(
         &stse_handler,
         STSE_MASTER_KEY_SLOT,
@@ -34,4 +34,4 @@ This command performs the HKDF-Extract step only. It generates a Pseudo-Random K
 
 \sa stse_init
 
-<div style="page-break-after: always;"></div>
+<div style="page-break-after: always;"></div>
diff --git a/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_from_ikm.dox b/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_from_ikm.dox
@@ -34,4 +34,4 @@ This function derives a key using raw Input Key Material (IKM) provided in the c
 
 \sa stse_init
 
-<div style="page-break-after: always;"></div>
+<div style="page-break-after: always;"></div>
diff --git a/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_simple.dox b/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_simple.dox
@@ -22,10 +22,10 @@ This function simplifies the key derivation process by using a default empty sal
     /* ## Simple Key Derivation */
     PLAT_UI8 derived_key[32];
     PLAT_UI8 context[] = "app-key-v1";
-    
+
     stse_ret = stse_derive_key_simple(
         &stse_handler,
-        STSE_MASTER_KEY_SLOT, 
+        STSE_MASTER_KEY_SLOT,
         context,
         (PLAT_UI16)strlen((char*)context),
         derived_key,
@@ -35,4 +35,4 @@ This function simplifies the key derivation process by using a default empty sal
 
 \sa stse_init
 
-<div style="page-break-after: always;"></div>
+<div style="page-break-after: always;"></div>
diff --git a/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_to_slot.dox b/doc/resources/dox_files/APIs/derive_keys/stse_derive_key_to_slot.dox
@@ -26,7 +26,7 @@ This function performs HKDF derivation (Extract + Expand) but keeps the resultin
         .type = STSAFEA_KEY_TYPE_AES_128,
         .usage = STSAFEA_KEY_USAGE_ENCRYPT | STSAFEA_KEY_USAGE_DECRYPT
     };
-    
+
     stse_ret = stse_derive_key_to_slot(
         &stse_handler,
         STSE_MASTER_KEY_SLOT,
@@ -39,4 +39,4 @@ This function performs HKDF derivation (Extract + Expand) but keeps the resultin
 
 \sa stse_init
 
-<div style="page-break-after: always;"></div>
+<div style="page-break-after: always;"></div>
diff --git a/doc/resources/dox_files/APIs/derive_keys/stse_derive_session_keys.dox b/doc/resources/dox_files/APIs/derive_keys/stse_derive_session_keys.dox
diff --git a/services/stsafea/stsafea_data_partition.c b/services/stsafea/stsafea_data_partition.c
diff --git a/services/stsafea/stsafea_derive_keys.c b/services/stsafea/stsafea_derive_keys.c
diff --git a/services/stsafea/stsafea_derive_keys.h b/services/stsafea/stsafea_derive_keys.h
diff --git a/services/stsafea/stsafea_sessions.c b/services/stsafea/stsafea_sessions.c

Original file line number	Diff line number	Diff line change
`@@ -34,4 +34,4 @@ This function derives a key using raw Input Key Material (IKM) provided in the c`
`34`	`34`
`35`	`35`	`\sa stse_init`
`36`	`36`
`37`		`-<div style="page-break-after: always;"></div>`
	`37`	`+<div style="page-break-after: always;"></div>`