diff options
author | Satish Kumar <satish.kumar01@arm.com> | 2021-10-26 07:08:57 +0100 |
---|---|---|
committer | Anton Komlev <Anton.Komlev@arm.com> | 2021-11-26 11:46:16 +0100 |
commit | a5312fd8fca6d5600ccb88326de6bf8e753915fb (patch) | |
tree | 5c0dcd4f5fab383574a5043300f9066b717b1a10 /bl2/src/provisioning.c | |
parent | d71461e3152d9c0af757b12590745007f10efda3 (diff) | |
download | trusted-firmware-m-a5312fd8fca6d5600ccb88326de6bf8e753915fb.tar.gz |
platform: add secure debug public key to the otp
The commit adds secure debug public key hash to the OTP
layout. The commit provides the implementation of reading
and writing the key from cc312 based OTP backend.
Change-Id: Ic130aa9a301c79d49d61ae3b2e7162772de17893
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Diffstat (limited to 'bl2/src/provisioning.c')
-rw-r--r-- | bl2/src/provisioning.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/bl2/src/provisioning.c b/bl2/src/provisioning.c index b2b8ba6434..c78f1f28a0 100644 --- a/bl2/src/provisioning.c +++ b/bl2/src/provisioning.c @@ -26,6 +26,10 @@ __PACKED_STRUCT bl2_assembly_and_test_provisioning_data_t { #ifdef BL1 uint8_t bl1_rotpk_0[32]; #endif /* BL1 */ + +#ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG + uint8_t secure_debug_pk[32]; +#endif /* PLATFORM_PSA_ADAC_SECURE_DEBUG */ }; #ifdef TFM_DUMMY_PROVISIONING @@ -99,6 +103,15 @@ static const struct bl2_assembly_and_test_provisioning_data_t bl2_assembly_and_t #error "No public key available for given signing algorithm." #endif /* MCUBOOT_SIGN_RSA_LEN */ #endif /* BL1 */ + +#ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG + { + 0xf4, 0x0c, 0x8f, 0xbf, 0x12, 0xdb, 0x78, 0x2a, + 0xfd, 0xf4, 0x75, 0x96, 0x6a, 0x06, 0x82, 0x36, + 0xe0, 0x32, 0xab, 0x80, 0xd1, 0xb7, 0xf1, 0xbc, + 0x9f, 0xe7, 0xd8, 0x7a, 0x88, 0xcb, 0x26, 0xd0, + }, +#endif /* PLATFORM_PSA_ADAC_SECURE_DEBUG */ }; #else static const struct bl2_assembly_and_test_provisioning_data_t bl2_assembly_and_test_prov_data; @@ -168,6 +181,15 @@ enum tfm_plat_err_t provision_assembly_and_test(void) } #endif /* BL1 */ +#ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG + err = tfm_plat_otp_write(PLAT_OTP_ID_SECURE_DEBUG_PK, + sizeof(bl2_assembly_and_test_prov_data.secure_debug_pk), + bl2_assembly_and_test_prov_data.secure_debug_pk); + if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) { + return err; + } +#endif /* PLATFORM_PSA_ADAC_SECURE_DEBUG */ + return err; } |