aboutsummaryrefslogtreecommitdiff
path: root/platform/ext
diff options
context:
space:
mode:
authorMichel Jaouen <michel.jaouen@st.com>2021-10-07 14:38:08 +0200
committerDavid Hu <david.hu@arm.com>2021-10-14 10:21:29 +0200
commitf41c642d3bf0e4804cb528929e22dcb3f899e0e7 (patch)
tree2def7b817a61fb3549ee1101ceb914156c34653e /platform/ext
parent2aec0c8954723f867b02f152b0310e7fb7f27599 (diff)
downloadtrusted-firmware-m-f41c642d3bf0e4804cb528929e22dcb3f899e0e7.tar.gz
Build: Fix wrong flag Name CRYPTO_HW_ACCLERATOR in crypto back end.
Issue on flag name usage has been introduced with OTP used for crypto back end. CRYPTO_HW_ACCLERATOR is replaced by CRYPTO_HW_ACCELERATOR to avoid further issue. Change-Id: I83bd2ce65c3a87e08d2e85321805ca4db53d0d96 Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Diffstat (limited to 'platform/ext')
-rw-r--r--platform/ext/common/template/crypto_keys.c4
-rw-r--r--platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt2
-rw-r--r--platform/ext/target/stm/common/hal/accelerator/huk.c58
-rw-r--r--platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt1
-rw-r--r--platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt2
-rw-r--r--platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt2
6 files changed, 67 insertions, 2 deletions
diff --git a/platform/ext/common/template/crypto_keys.c b/platform/ext/common/template/crypto_keys.c
index b4cf6a7703..04b60090a9 100644
--- a/platform/ext/common/template/crypto_keys.c
+++ b/platform/ext/common/template/crypto_keys.c
@@ -29,7 +29,7 @@ enum tfm_plat_err_t tfm_plat_get_huk_derived_key(const uint8_t *label,
uint8_t *key,
size_t key_size)
{
-#ifdef CRYPTO_HW_ACCLERATOR
+#ifdef CRYPTO_HW_ACCELERATOR
return crypto_hw_accelerator_huk_derive_key(label, label_size, context,
context_size, key, key_size);
#else
@@ -66,7 +66,7 @@ out:
memset(huk_buf, 0, sizeof(huk_buf));
return err;
-#endif /* CRYPTO_HW_ACCLERATOR */
+#endif /* CRYPTO_HW_ACCELERATOR */
}
#ifdef SYMMETRIC_INITIAL_ATTESTATION
diff --git a/platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt b/platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt
index be417f9618..908ca2bd97 100644
--- a/platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt
+++ b/platform/ext/target/stm/b_u585i_iot02a/accelerator/CMakeLists.txt
@@ -56,6 +56,7 @@ target_sources(crypto_service_crypto_hw
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha1_alt.c
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha256_alt.c
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/stm.c
+ ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/huk.c
)
target_include_directories(crypto_service_crypto_hw
@@ -66,6 +67,7 @@ target_include_directories(crypto_service_crypto_hw
${PLATFORM_DIR}/ext/target/stm/common/stm32u5xx/hal/Inc/
${PLATFORM_DIR}/ext/target/stm/common/stm32u5xx/Device/Include/
${PLATFORM_DIR}/ext/cmsis
+ ${PLATFORM_DIR}/include
)
target_include_directories(crypto_service_mbedcrypto
PUBLIC
diff --git a/platform/ext/target/stm/common/hal/accelerator/huk.c b/platform/ext/target/stm/common/hal/accelerator/huk.c
new file mode 100644
index 0000000000..8a47be3185
--- /dev/null
+++ b/platform/ext/target/stm/common/hal/accelerator/huk.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2021 STMicroelectronics. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+#include <stddef.h>
+#include <string.h>
+#include "crypto_hw.h"
+#include "psa/crypto_types.h"
+#include "tfm_plat_crypto_keys.h"
+#include "tfm_plat_otp.h"
+#include "mbedtls/hkdf.h"
+
+
+int crypto_hw_accelerator_huk_derive_key(const uint8_t *label,
+ size_t label_size,
+ const uint8_t *context,
+ size_t context_size,
+ uint8_t *key,
+ size_t key_size)
+{
+ uint8_t huk_buf[32];
+ int err = -1;
+ int mbedtls_err;
+
+ if (key == NULL) {
+ return -1;
+ }
+
+ if (label == NULL && label_size != 0) {
+ return -1;
+ }
+
+ if (context == NULL && context_size != 0) {
+ return -1;
+ }
+
+ err = tfm_plat_otp_read(PLAT_OTP_ID_HUK, sizeof(huk_buf), huk_buf);
+ if (err != TFM_PLAT_ERR_SUCCESS) {
+ goto out;
+ }
+
+ mbedtls_err = mbedtls_hkdf(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+ label, label_size, huk_buf, sizeof(huk_buf),
+ context, context_size, key, key_size);
+ if (mbedtls_err) {
+ err = -1;
+ goto out;
+ }
+
+out:
+ memset(huk_buf, 0, sizeof(huk_buf));
+
+ return err;
+}
+
diff --git a/platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt b/platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt
index 6899d54e0d..553d2f212a 100644
--- a/platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt
+++ b/platform/ext/target/stm/common/stm32u5xx/CMakeLists.txt
@@ -62,6 +62,7 @@ target_include_directories(platform_s
${CMAKE_CURRENT_SOURCE_DIR}/hal/Inc
${CMAKE_CURRENT_SOURCE_DIR}/secure
${MBEDCRYPTO_PATH}/library
+ ${CMAKE_SOURCE_DIR}/include
)
target_sources(platform_s
diff --git a/platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt b/platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt
index 5f2cd45fe6..6ac4059a91 100644
--- a/platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt
+++ b/platform/ext/target/stm/nucleo_l552ze_q/accelerator/CMakeLists.txt
@@ -56,6 +56,7 @@ target_sources(crypto_service_crypto_hw
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha1_alt.c
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha256_alt.c
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/stm.c
+ ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/huk.c
)
target_include_directories(crypto_service_crypto_hw
@@ -75,6 +76,7 @@ target_include_directories(crypto_service_mbedcrypto
${PLATFORM_DIR}/ext/target/stm/common/stm32l5xx/hal/Inc/
${PLATFORM_DIR}/ext/target/stm/common/stm32l5xx/Device/Include/
${PLATFORM_DIR}/ext/cmsis
+ ${PLATFORM_DIR}/include
)
target_compile_definitions(crypto_service_crypto_hw
diff --git a/platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt b/platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt
index 0ea04e2bd8..7cdef5f130 100644
--- a/platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt
+++ b/platform/ext/target/stm/stm32l562e_dk/accelerator/CMakeLists.txt
@@ -66,6 +66,7 @@ target_sources(crypto_service_crypto_hw
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha1_alt.c
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/sha256_alt.c
${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/stm.c
+ ${PLATFORM_DIR}/ext/target/stm/common/hal/accelerator/huk.c
)
target_include_directories(crypto_service_crypto_hw
@@ -76,6 +77,7 @@ target_include_directories(crypto_service_crypto_hw
${PLATFORM_DIR}/ext/target/stm/common/stm32l5xx/hal/Inc/
${PLATFORM_DIR}/ext/target/stm/common/stm32l5xx/Device/Include/
${PLATFORM_DIR}/ext/cmsis
+ ${PLATFORM_DIR}/include
)
target_include_directories(crypto_service_mbedcrypto