aboutsummaryrefslogtreecommitdiff
path: root/platform
diff options
context:
space:
mode:
authorBalint Matyi <Balint.Matyi@arm.com>2020-03-23 09:45:22 +0100
committerBalint Matyi <Balint.Matyi@arm.com>2020-04-28 09:44:57 +0100
commit7e31db26838649655ab4613b0e990c050a77f489 (patch)
tree3f3088d35fbb7fbb76c30656918fb1b77e84e054 /platform
parentb37ac45566fdea4a80cddb4687f3e399027f14cc (diff)
downloadtrusted-firmware-m-7e31db26838649655ab4613b0e990c050a77f489.tar.gz
Platform: Use crypto keys from eMRAM on Musca-S1
Changes the CC312 library to use the persistent eMRAM instead of the volatile OTP on the Musca-S1. Adds matching crypto function implementations using the eMRAM into the S1 platform directory. Signed-off-by: Balint Matyi <Balint.Matyi@arm.com> Change-Id: Icdce419ce770de38baa023266ed25ce541e9d4cf
Diffstat (limited to 'platform')
-rw-r--r--platform/ext/target/musca_s1/dummy_crypto_keys.c97
1 files changed, 94 insertions, 3 deletions
diff --git a/platform/ext/target/musca_s1/dummy_crypto_keys.c b/platform/ext/target/musca_s1/dummy_crypto_keys.c
index 19da4fde4b..e7303c0671 100644
--- a/platform/ext/target/musca_s1/dummy_crypto_keys.c
+++ b/platform/ext/target/musca_s1/dummy_crypto_keys.c
@@ -22,6 +22,8 @@
#ifdef CRYPTO_HW_ACCELERATOR_OTP_ENABLED
#include "crypto_hw.h"
#include "mbedtls_cc_mng_int.h"
+#include "mbedtls_cc_util_key_derivation.h"
+#include "cc_otp_defs.h"
#endif /* CRYPTO_HW_ACCELERATOR_OTP_ENABLED */
/* FIXME: Functions in this file should be implemented by platform vendor. For
@@ -32,6 +34,9 @@
#define TFM_KEY_LEN_BYTES 16
+#define CC312_NULL_CONTEXT "NO SALT!"
+#define CC_BITS_IN_32BIT_WORD 32
+
#ifndef CRYPTO_HW_ACCELERATOR_OTP_ENABLED
static const uint8_t sample_tfm_key[TFM_KEY_LEN_BYTES] =
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, \
@@ -80,6 +85,9 @@ enum tfm_plat_err_t tfm_plat_get_huk_derived_key(const uint8_t *label,
#ifdef CRYPTO_HW_ACCELERATOR_OTP_ENABLED
int rc;
uint32_t lcs;
+ struct mbedtls_util_keydata mram_key = { 0 };
+ uint32_t huk[CC_OTP_HUK_SIZE_IN_WORDS] = { 0 };
+ int i = 0;
rc = crypto_hw_accelerator_get_lcs(&lcs);
if (rc) {
@@ -90,8 +98,27 @@ enum tfm_plat_err_t tfm_plat_get_huk_derived_key(const uint8_t *label,
return TFM_PLAT_ERR_UNSUPPORTED;
}
- rc = crypto_hw_accelerator_huk_derive_key(label, label_size, context,
- context_size, key, key_size);
+ for (i = 0; i < CC_OTP_HUK_SIZE_IN_WORDS; i++) {
+ CC_READ_MRAM_WORD((CC_OTP_HUK_OFFSET + i) * sizeof(uint32_t), huk[i]);
+ }
+
+ mram_key.pKey = (uint8_t*)huk;
+
+ mram_key.keySize = CC_OTP_HUK_SIZE_IN_WORDS * sizeof(uint32_t);
+
+ if (context == NULL || context_size == 0) {
+ /* The CC312 requires the context to not be null, so a default
+ * is given.
+ */
+ context = (const uint8_t *)CC312_NULL_CONTEXT;
+ context_size = sizeof(CC312_NULL_CONTEXT);
+ }
+
+ rc = mbedtls_util_key_derivation_cmac(CC_UTIL_USER_KEY, &mram_key,
+ label, label_size,
+ context, context_size,
+ key, key_size);
+
if (rc) {
return TFM_PLAT_ERR_SYSTEM_ERR;
}
@@ -106,6 +133,39 @@ enum tfm_plat_err_t tfm_plat_get_huk_derived_key(const uint8_t *label,
return TFM_PLAT_ERR_SUCCESS;
}
+/*
+ * Count number of zero bits in 32-bit word.
+ * Copied from:
+ * lib/ext/cryptocell-312-runtime/host/src/ \
+ * cc3x_productionlib/common/prod_util.c: CC_PROD_GetZeroCount(..)
+ */
+#ifdef CRYPTO_HW_ACCELERATOR_OTP_ENABLED
+static int get_zero_bits_count(uint32_t *buf,
+ uint32_t buf_word_size,
+ uint32_t *zero_count)
+{
+ uint32_t val;
+ uint32_t index = 0;
+
+ *zero_count = 0;
+ for (index = 0; index < buf_word_size; index++) {
+ val = buf[index];
+ val = val - ((val >> 1) & 0x55555555);
+ val = (val & 0x33333333) + ((val >> 2) & 0x33333333);
+ val = ((((val + (val >> 4)) & 0xF0F0F0F) * 0x1010101) >> 24);
+ *zero_count += (32 - val);
+ }
+ /* All 0's and all 1's is forbidden */
+ if ((*zero_count == 0)
+ || (*zero_count == buf_word_size*CC_BITS_IN_32BIT_WORD)) {
+ *zero_count = 0;
+ return -1;
+ }
+
+ return 0;
+}
+#endif
+
enum tfm_plat_err_t
tfm_plat_get_initial_attest_key(uint8_t *key_buf,
uint32_t size,
@@ -114,6 +174,12 @@ tfm_plat_get_initial_attest_key(uint8_t *key_buf,
{
uint32_t key_size = initial_attestation_private_key_size;
int rc;
+#ifdef CRYPTO_HW_ACCELERATOR_OTP_ENABLED
+ uint32_t *key = (uint32_t *)key_buf;
+ uint32_t zero_count;
+ uint32_t otp_zero_count;
+ int i;
+#endif
if (size < key_size) {
return TFM_PLAT_ERR_SYSTEM_ERR;
@@ -124,7 +190,32 @@ tfm_plat_get_initial_attest_key(uint8_t *key_buf,
/* Copy the private key to the buffer, it MUST be present */
#ifdef CRYPTO_HW_ACCELERATOR_OTP_ENABLED
- rc = crypto_hw_accelerator_get_attestation_private_key(key_buf, &size);
+ if (key == NULL ||
+ size < CC_OTP_ATTESTATION_KEY_SIZE_IN_WORDS * sizeof(uint32_t)) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+ size = CC_OTP_ATTESTATION_KEY_SIZE_IN_WORDS * sizeof(uint32_t);
+
+ for (i = 0; i < CC_OTP_ATTESTATION_KEY_SIZE_IN_WORDS; i++) {
+ CC_READ_MRAM_WORD((CC_OTP_ATTESTATION_KEY_OFFSET + i) *
+ sizeof(uint32_t), key[i]);
+ }
+
+ /* Verify the zero number of private key */
+ rc = get_zero_bits_count((uint32_t *)key_buf,
+ CC_OTP_ATTESTATION_KEY_SIZE_IN_WORDS,
+ &zero_count);
+ if (rc) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+
+ CC_READ_MRAM_WORD(CC_OTP_ATTESTATION_KEY_ZERO_COUNT_OFFSET *
+ sizeof(uint32_t), otp_zero_count);
+
+ if (otp_zero_count != zero_count) {
+ return TFM_PLAT_ERR_SYSTEM_ERR;
+ }
+
key_size = size;
#else
copy_key(key_buf, initial_attestation_private_key, key_size);