diff options
author | Raef Coles <raef.coles@arm.com> | 2022-03-02 13:58:19 +0000 |
---|---|---|
committer | Anton Komlev <Anton.Komlev@arm.com> | 2022-08-07 23:42:33 +0200 |
commit | 22844433759f36d0e6bc2b26e1d4f411cf0211f5 (patch) | |
tree | f64a60c1d1d87a4d4ffce2bb330898fa918b3ba4 /secure_fw/partitions | |
parent | b97e09877c126fdbc45359098369ab0618317131 (diff) | |
download | trusted-firmware-m-22844433759f36d0e6bc2b26e1d4f411cf0211f5.tar.gz |
Crypto: Use PSA builtin keys for HUK derivation
Change-Id: Ia727e7f30cf28e6926107d473d9307add18562a5
Signed-off-by: Raef Coles <raef.coles@arm.com>
Diffstat (limited to 'secure_fw/partitions')
-rw-r--r-- | secure_fw/partitions/crypto/crypto_key_derivation.c | 159 |
1 files changed, 10 insertions, 149 deletions
diff --git a/secure_fw/partitions/crypto/crypto_key_derivation.c b/secure_fw/partitions/crypto/crypto_key_derivation.c index 20e3a8a4a0..384ea6e46f 100644 --- a/secure_fw/partitions/crypto/crypto_key_derivation.c +++ b/secure_fw/partitions/crypto/crypto_key_derivation.c @@ -12,132 +12,13 @@ #include "tfm_mbedcrypto_include.h" -/* Required for mbedtls_calloc in tfm_crypto_huk_derivation_input_bytes */ -#include "mbedtls/platform.h" - #include "tfm_crypto_api.h" #include "tfm_crypto_defs.h" -#include "tfm_plat_crypto_keys.h" - #ifndef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER #error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER must be selected in Mbed TLS config file" #endif -#ifdef TFM_PARTITION_TEST_PS -#include "psa_manifest/pid.h" -#endif /* TFM_PARTITION_TEST_PS */ - -#ifndef TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED -static psa_status_t tfm_crypto_huk_derivation_setup( - psa_key_derivation_operation_t *operation, - psa_algorithm_t alg) -{ - operation->MBEDTLS_PRIVATE(alg) = TFM_CRYPTO_ALG_HUK_DERIVATION; - return PSA_SUCCESS; -} - -static psa_status_t tfm_crypto_huk_derivation_input_bytes( - psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length) -{ - psa_status_t status; - int32_t partition_id; - psa_tls12_prf_key_derivation_t *tls12_prf; - - if (step != PSA_KEY_DERIVATION_INPUT_LABEL) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - /* Concatenate the caller's partition ID with the supplied label to prevent - * two different partitions from deriving the same key. - */ - status = tfm_crypto_get_caller_id(&partition_id); - if (status != PSA_SUCCESS) { - return status; - } - -#ifdef TFM_PARTITION_TEST_PS - /* The PS tests run some operations under the wrong partition ID - this - * causes the key derivation to change. - */ - if (partition_id == TFM_SP_PS_TEST) { - partition_id = TFM_SP_PS; - } -#endif /* TFM_PARTITION_TEST_PS */ - - /* Put the label in the tls12_prf ctx to make it available in the output key - * step. - */ - tls12_prf = &(operation->MBEDTLS_PRIVATE(ctx).MBEDTLS_PRIVATE(tls12_prf)); - tls12_prf->MBEDTLS_PRIVATE(label) = - mbedtls_calloc(1, sizeof(partition_id) + data_length); - if (tls12_prf->MBEDTLS_PRIVATE(label) == NULL) { - return PSA_ERROR_INSUFFICIENT_MEMORY; - } - (void)memcpy(tls12_prf->MBEDTLS_PRIVATE(label), &partition_id, - sizeof(partition_id)); - (void)memcpy(tls12_prf->MBEDTLS_PRIVATE(label) + sizeof(partition_id), - data, data_length); - tls12_prf->MBEDTLS_PRIVATE(label_length) = sizeof(partition_id) + - data_length; - - return PSA_SUCCESS; -} - -static psa_status_t tfm_crypto_huk_derivation_output_key( - const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *operation, - mbedtls_svc_key_id_t *key_id) -{ - enum tfm_plat_err_t err; - size_t bytes = PSA_BITS_TO_BYTES(psa_get_key_bits(attributes)); - psa_tls12_prf_key_derivation_t *tls12_prf = - &(operation->MBEDTLS_PRIVATE(ctx).MBEDTLS_PRIVATE(tls12_prf)); - - if (sizeof(tls12_prf->MBEDTLS_PRIVATE(output_block)) < bytes) { - return PSA_ERROR_INSUFFICIENT_MEMORY; - } - - /* Derive key material from the HUK and output it to the operation buffer */ - /* The function below accesses an abstracted functionality at platform level - * to get a key derived from the HUK. The specific algorithm is abstracted - * away to the platform implementation (i.e. it can be HMAC-based KDF or - * CMAC based KDF, the latter for example when CC-312 is present) - */ - err = tfm_plat_get_huk_derived_key(tls12_prf->MBEDTLS_PRIVATE(label), - tls12_prf->MBEDTLS_PRIVATE(label_length), - NULL, 0, - tls12_prf->MBEDTLS_PRIVATE(output_block), - bytes); - if (err != TFM_PLAT_ERR_SUCCESS) { - return PSA_ERROR_HARDWARE_FAILURE; - } - - return psa_import_key(attributes, tls12_prf->MBEDTLS_PRIVATE(output_block), - bytes, key_id); -} - -static psa_status_t tfm_crypto_huk_derivation_abort( - psa_key_derivation_operation_t *operation) -{ - psa_tls12_prf_key_derivation_t *tls12_prf = - &(operation->MBEDTLS_PRIVATE(ctx).MBEDTLS_PRIVATE(tls12_prf)); - - if (tls12_prf->MBEDTLS_PRIVATE(label) != NULL) { - (void)memset(tls12_prf->MBEDTLS_PRIVATE(label), 0, - tls12_prf->MBEDTLS_PRIVATE(label_length)); - mbedtls_free(tls12_prf->MBEDTLS_PRIVATE(label)); - } - - (void)memset(operation, 0, sizeof(*operation)); - - return PSA_SUCCESS; -} -#endif /* TFM_CRYPTO_KEY_DERIVATION_MODULE_DISABLED */ - /*! * \addtogroup tfm_crypto_api_shim_layer * @@ -186,11 +67,7 @@ psa_status_t tfm_crypto_key_derivation_interface(psa_invec in_vec[], switch (sid) { case TFM_CRYPTO_KEY_DERIVATION_SETUP_SID: { - if (iov->alg == TFM_CRYPTO_ALG_HUK_DERIVATION) { - status = tfm_crypto_huk_derivation_setup(operation, iov->alg); - } else { - status = psa_key_derivation_setup(operation, iov->alg); - } + status = psa_key_derivation_setup(operation, iov->alg); if (status != PSA_SUCCESS) { goto release_operation_and_return; @@ -212,14 +89,8 @@ psa_status_t tfm_crypto_key_derivation_interface(psa_invec in_vec[], const uint8_t *data = in_vec[1].base; size_t data_length = in_vec[1].len; - if (operation->MBEDTLS_PRIVATE(alg) == TFM_CRYPTO_ALG_HUK_DERIVATION) { - return tfm_crypto_huk_derivation_input_bytes(operation, - iov->step, data, - data_length); - } else { - return psa_key_derivation_input_bytes(operation, iov->step, data, - data_length); - } + return psa_key_derivation_input_bytes(operation, iov->step, data, + data_length); } case TFM_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES_SID: { @@ -249,13 +120,8 @@ psa_status_t tfm_crypto_key_derivation_interface(psa_invec in_vec[], return status; } - if (operation->MBEDTLS_PRIVATE(alg) == TFM_CRYPTO_ALG_HUK_DERIVATION) { - status = tfm_crypto_huk_derivation_output_key(&key_attributes, - operation, encoded_key); - } else { - status = psa_key_derivation_output_key(&key_attributes, operation, - encoded_key); - } + status = psa_key_derivation_output_key(&key_attributes, operation, + encoded_key); *key_handle = encoded_key->MBEDTLS_PRIVATE(key_id); } @@ -266,20 +132,15 @@ psa_status_t tfm_crypto_key_derivation_interface(psa_invec in_vec[], *p_handle = iov->op_handle; if (status != PSA_SUCCESS) { /* - * If lookup() failed to find out a valid operation, it is unable to - * determine whether the key is derived from HUK or not. - * Return PSA_SUCCESS directly as lookup() failure is ignored by - * psa_key_derivation_abort() error code list and - * psa_key_derivation_abort() can be called mulitple times. + * If lookup() failed to find out a valid operation, it is not + * an error for _abort(), as it is allowed to be called multiple + * times, and it is likely the operation has just already been + * aborted. */ return PSA_SUCCESS; } - if (operation->MBEDTLS_PRIVATE(alg) == TFM_CRYPTO_ALG_HUK_DERIVATION) { - status = tfm_crypto_huk_derivation_abort(operation); - } else { - status = psa_key_derivation_abort(operation); - } + status = psa_key_derivation_abort(operation); goto release_operation_and_return; } |