diff options
author | Michel Jaouen <michel.jaouen@st.com> | 2021-10-07 14:38:08 +0200 |
---|---|---|
committer | David Hu <david.hu@arm.com> | 2021-10-14 10:21:29 +0200 |
commit | f41c642d3bf0e4804cb528929e22dcb3f899e0e7 (patch) | |
tree | 2def7b817a61fb3549ee1101ceb914156c34653e /platform/ext | |
parent | 2aec0c8954723f867b02f152b0310e7fb7f27599 (diff) | |
download | trusted-firmware-m-f41c642d3bf0e4804cb528929e22dcb3f899e0e7.tar.gz |
Build: Fix wrong flag Name CRYPTO_HW_ACCLERATOR in crypto back end.
Issue on flag name usage has been introduced with OTP used for
crypto back end. CRYPTO_HW_ACCLERATOR is replaced by
CRYPTO_HW_ACCELERATOR to avoid further issue.
Change-Id: I83bd2ce65c3a87e08d2e85321805ca4db53d0d96
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Diffstat (limited to 'platform/ext')
6 files changed, 67 insertions, 2 deletions
diff --git a/platform/ext/common/template/crypto_keys.c b/platform/ext/common/template/crypto_keys.c index b4cf6a7703..04b60090a9 100644 --- a/platform/ext/common/template/crypto_keys.c +++ b/platform/ext/common/template/crypto_keys.c @@ -29,7 +29,7 @@ enum tfm_plat_err_t tfm_plat_get_huk_derived_key(const uint8_t *label, uint8_t *key, size_t key_size) { -#ifdef CRYPTO_HW_ACCLERATOR +#ifdef CRYPTO_HW_ACCELERATOR return crypto_hw_accelerator_huk_derive_key(label, label_size, context, context_size, key, key_size); #else @@ -66,7 +66,7 @@ out: memset(huk_buf, 0, sizeof(huk_buf)); return err; -#endif /* CRYPTO_HW_ACCLERATOR */ +#endif /* CRYPTO_HW_ACCELERATOR */ } #ifdef SYMMETRIC_INITIAL_ATTESTATION diff --git a/platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt b/platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt index be417f9618..908ca2bd97 100644 --- a/platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt +++ b/platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt @@ -56,6 +56,7 @@ target_sources(crypto_service_crypto_hw ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha1_alt.c ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha256_alt.c ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/stm.c + ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/huk.c ) target_include_directories(crypto_service_crypto_hw @@ -66,6 +67,7 @@ target_include_directories(crypto_service_crypto_hw ${PLATFORM_DIR}/ext/target/stm/common/stm32u5xx/hal/Inc/ ${PLATFORM_DIR}/ext/target/stm/common/stm32u5xx/Device/Include/ ${PLATFORM_DIR}/ext/cmsis + ${PLATFORM_DIR}/include ) target_include_directories(crypto_service_mbedcrypto PUBLIC diff --git a/platform/ext/target/stm/common/hal/accelerator/huk.c b/platform/ext/target/stm/common/hal/accelerator/huk.c new file mode 100644 index 0000000000..8a47be3185 --- /dev/null +++ b/platform/ext/target/stm/common/hal/accelerator/huk.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. + * Copyright (c) 2021 STMicroelectronics. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#include <stddef.h> +#include <string.h> +#include "crypto_hw.h" +#include "psa/crypto_types.h" +#include "tfm_plat_crypto_keys.h" +#include "tfm_plat_otp.h" +#include "mbedtls/hkdf.h" + + +int crypto_hw_accelerator_huk_derive_key(const uint8_t *label, + size_t label_size, + const uint8_t *context, + size_t context_size, + uint8_t *key, + size_t key_size) +{ + uint8_t huk_buf[32]; + int err = -1; + int mbedtls_err; + + if (key == NULL) { + return -1; + } + + if (label == NULL && label_size != 0) { + return -1; + } + + if (context == NULL && context_size != 0) { + return -1; + } + + err = tfm_plat_otp_read(PLAT_OTP_ID_HUK, sizeof(huk_buf), huk_buf); + if (err != TFM_PLAT_ERR_SUCCESS) { + goto out; + } + + mbedtls_err = mbedtls_hkdf(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + label, label_size, huk_buf, sizeof(huk_buf), + context, context_size, key, key_size); + if (mbedtls_err) { + err = -1; + goto out; + } + +out: + memset(huk_buf, 0, sizeof(huk_buf)); + + return err; +} + diff --git a/platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt b/platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt index 6899d54e0d..553d2f212a 100644 --- a/platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt +++ b/platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt @@ -62,6 +62,7 @@ target_include_directories(platform_s ${CMAKE_CURRENT_SOURCE_DIR}/hal/Inc ${CMAKE_CURRENT_SOURCE_DIR}/secure ${MBEDCRYPTO_PATH}/library + ${CMAKE_SOURCE_DIR}/include ) target_sources(platform_s diff --git a/platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt b/platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt index 5f2cd45fe6..6ac4059a91 100644 --- a/platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt +++ b/platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt @@ -56,6 +56,7 @@ target_sources(crypto_service_crypto_hw ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha1_alt.c ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha256_alt.c ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/stm.c + ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/huk.c ) target_include_directories(crypto_service_crypto_hw @@ -75,6 +76,7 @@ target_include_directories(crypto_service_mbedcrypto ${PLATFORM_DIR}/ext/target/stm/common/stm32l5xx/hal/Inc/ ${PLATFORM_DIR}/ext/target/stm/common/stm32l5xx/Device/Include/ ${PLATFORM_DIR}/ext/cmsis + ${PLATFORM_DIR}/include ) target_compile_definitions(crypto_service_crypto_hw diff --git a/platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt b/platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt index 0ea04e2bd8..7cdef5f130 100644 --- a/platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt +++ b/platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt @@ -66,6 +66,7 @@ target_sources(crypto_service_crypto_hw ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha1_alt.c ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha256_alt.c ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/stm.c + ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/huk.c ) target_include_directories(crypto_service_crypto_hw @@ -76,6 +77,7 @@ target_include_directories(crypto_service_crypto_hw ${PLATFORM_DIR}/ext/target/stm/common/stm32l5xx/hal/Inc/ ${PLATFORM_DIR}/ext/target/stm/common/stm32l5xx/Device/Include/ ${PLATFORM_DIR}/ext/cmsis + ${PLATFORM_DIR}/include ) target_include_directories(crypto_service_mbedcrypto |