aboutsummaryrefslogtreecommitdiff
path: root/bl2/src/provisioning.c
diff options
context:
space:
mode:
authorSatish Kumar <satish.kumar01@arm.com>2021-10-26 07:08:57 +0100
committerAnton Komlev <Anton.Komlev@arm.com>2021-11-26 11:46:16 +0100
commita5312fd8fca6d5600ccb88326de6bf8e753915fb (patch)
tree5c0dcd4f5fab383574a5043300f9066b717b1a10 /bl2/src/provisioning.c
parentd71461e3152d9c0af757b12590745007f10efda3 (diff)
downloadtrusted-firmware-m-a5312fd8fca6d5600ccb88326de6bf8e753915fb.tar.gz
platform: add secure debug public key to the otp
The commit adds secure debug public key hash to the OTP layout. The commit provides the implementation of reading and writing the key from cc312 based OTP backend. Change-Id: Ic130aa9a301c79d49d61ae3b2e7162772de17893 Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Diffstat (limited to 'bl2/src/provisioning.c')
-rw-r--r--bl2/src/provisioning.c22
1 files changed, 22 insertions, 0 deletions
diff --git a/bl2/src/provisioning.c b/bl2/src/provisioning.c
index b2b8ba6434..c78f1f28a0 100644
--- a/bl2/src/provisioning.c
+++ b/bl2/src/provisioning.c
@@ -26,6 +26,10 @@ __PACKED_STRUCT bl2_assembly_and_test_provisioning_data_t {
#ifdef BL1
uint8_t bl1_rotpk_0[32];
#endif /* BL1 */
+
+#ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG
+ uint8_t secure_debug_pk[32];
+#endif /* PLATFORM_PSA_ADAC_SECURE_DEBUG */
};
#ifdef TFM_DUMMY_PROVISIONING
@@ -99,6 +103,15 @@ static const struct bl2_assembly_and_test_provisioning_data_t bl2_assembly_and_t
#error "No public key available for given signing algorithm."
#endif /* MCUBOOT_SIGN_RSA_LEN */
#endif /* BL1 */
+
+#ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG
+ {
+ 0xf4, 0x0c, 0x8f, 0xbf, 0x12, 0xdb, 0x78, 0x2a,
+ 0xfd, 0xf4, 0x75, 0x96, 0x6a, 0x06, 0x82, 0x36,
+ 0xe0, 0x32, 0xab, 0x80, 0xd1, 0xb7, 0xf1, 0xbc,
+ 0x9f, 0xe7, 0xd8, 0x7a, 0x88, 0xcb, 0x26, 0xd0,
+ },
+#endif /* PLATFORM_PSA_ADAC_SECURE_DEBUG */
};
#else
static const struct bl2_assembly_and_test_provisioning_data_t bl2_assembly_and_test_prov_data;
@@ -168,6 +181,15 @@ enum tfm_plat_err_t provision_assembly_and_test(void)
}
#endif /* BL1 */
+#ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG
+ err = tfm_plat_otp_write(PLAT_OTP_ID_SECURE_DEBUG_PK,
+ sizeof(bl2_assembly_and_test_prov_data.secure_debug_pk),
+ bl2_assembly_and_test_prov_data.secure_debug_pk);
+ if (err != TFM_PLAT_ERR_SUCCESS && err != TFM_PLAT_ERR_UNSUPPORTED) {
+ return err;
+ }
+#endif /* PLATFORM_PSA_ADAC_SECURE_DEBUG */
+
return err;
}