| /* |
| * Copyright (c) 2019-2020, Arm Limited. All rights reserved. |
| * |
| * SPDX-License-Identifier: BSD-3-Clause |
| * |
| */ |
| |
| #include <stdint.h> |
| #include "tfm_plat_crypto_keys.h" |
| /** |
| * \file tfm_rotpk.c |
| * |
| * This file contains the hash value (SHA256) of the public parts of the |
| * firmware signing keys in bl2/ext/mcuboot folder (*.pem files). |
| * This simulates when the hash of the Root of Trust Public Key is programmed |
| * to an immutable device memory to be able to validate the image verification |
| * key. |
| * |
| * \note These key-hash values must be provisioned to the SoC during the |
| * production, independently from firmware binaries. This solution |
| * (hard-coded key-hash values in firmware) is not suited for use in |
| * production! |
| */ |
| |
| #if defined(BL2) |
| #if (MCUBOOT_SIGN_RSA_LEN == 2048) |
| /* Hash of public key: bl2/ext/mcuboot/root-rsa-2048.pem */ |
| uint8_t rotpk_hash_0[ROTPK_HASH_LEN] = { |
| 0xfc, 0x57, 0x01, 0xdc, 0x61, 0x35, 0xe1, 0x32, |
| 0x38, 0x47, 0xbd, 0xc4, 0x0f, 0x04, 0xd2, 0xe5, |
| 0xbe, 0xe5, 0x83, 0x3b, 0x23, 0xc2, 0x9f, 0x93, |
| 0x59, 0x3d, 0x00, 0x01, 0x8c, 0xfa, 0x99, 0x94, |
| }; |
| /* Hash of public key: bl2/ext/mcuboot/root-rsa-2048_1.pem */ |
| #if (MCUBOOT_IMAGE_NUMBER == 2) |
| uint8_t rotpk_hash_1[ROTPK_HASH_LEN] = { |
| 0xe1, 0x80, 0x15, 0x99, 0x3d, 0x6d, 0x27, 0x60, |
| 0xb4, 0x99, 0x27, 0x4b, 0xae, 0xf2, 0x64, 0xb8, |
| 0x3a, 0xf2, 0x29, 0xe9, 0xa7, 0x85, 0xf3, 0xd5, |
| 0xbf, 0x00, 0xb9, 0xd3, 0x2c, 0x1f, 0x03, 0x96, |
| }; |
| #endif /* MCUBOOT_IMAGE_NUMBER */ |
| |
| #elif (MCUBOOT_SIGN_RSA_LEN == 3072) |
| /* Hash of public key: bl2/ext/mcuboot/root-rsa-3072.pem */ |
| uint8_t rotpk_hash_0[ROTPK_HASH_LEN] = { |
| 0xbf, 0xe6, 0xd8, 0x6f, 0x88, 0x26, 0xf4, 0xff, |
| 0x97, 0xfb, 0x96, 0xc4, 0xe6, 0xfb, 0xc4, 0x99, |
| 0x3e, 0x46, 0x19, 0xfc, 0x56, 0x5d, 0xa2, 0x6a, |
| 0xdf, 0x34, 0xc3, 0x29, 0x48, 0x9a, 0xdc, 0x38, |
| }; |
| /* Hash of public key: bl2/ext/mcuboot/root-rsa-3072_1.pem */ |
| #if (MCUBOOT_IMAGE_NUMBER == 2) |
| uint8_t rotpk_hash_1[ROTPK_HASH_LEN] = { |
| 0xb3, 0x60, 0xca, 0xf5, 0xc9, 0x8c, 0x6b, 0x94, |
| 0x2a, 0x48, 0x82, 0xfa, 0x9d, 0x48, 0x23, 0xef, |
| 0xb1, 0x66, 0xa9, 0xef, 0x6a, 0x6e, 0x4a, 0xa3, |
| 0x7c, 0x19, 0x19, 0xed, 0x1f, 0xcc, 0xc0, 0x49, |
| }; |
| #endif /* MCUBOOT_IMAGE_NUMBER */ |
| #else |
| #error "No public key available for given signing algorithm." |
| #endif |
| |
| const struct tfm_plat_rotpk_t device_rotpk[] = { |
| { |
| .key_hash = rotpk_hash_0, |
| .hash_len = ROTPK_HASH_LEN, |
| }, |
| #if (MCUBOOT_IMAGE_NUMBER == 2) |
| { |
| .key_hash = rotpk_hash_1, |
| .hash_len = ROTPK_HASH_LEN, |
| }, |
| #endif |
| }; |
| const uint32_t rotpk_key_cnt = MCUBOOT_IMAGE_NUMBER; |
| |
| /** |
| * \brief Copy the key to the destination buffer |
| * |
| * \param[out] p_dst Pointer to buffer where to store the key |
| * \param[in] p_src Pointer to the key |
| * \param[in] size Length of the key |
| */ |
| static inline void copy_key(uint8_t *p_dst, const uint8_t *p_src, size_t size) |
| { |
| uint32_t i; |
| |
| for (i = size; i > 0; i--) { |
| *p_dst = *p_src; |
| p_src++; |
| p_dst++; |
| } |
| } |
| |
| enum tfm_plat_err_t |
| tfm_plat_get_rotpk_hash(uint8_t image_id, |
| uint8_t *rotpk_hash, |
| uint32_t *rotpk_hash_size) |
| { |
| if(*rotpk_hash_size < ROTPK_HASH_LEN) { |
| return TFM_PLAT_ERR_SYSTEM_ERR; |
| } |
| |
| if (image_id >= rotpk_key_cnt) { |
| return TFM_PLAT_ERR_SYSTEM_ERR; |
| } |
| |
| *rotpk_hash_size = ROTPK_HASH_LEN; |
| copy_key(rotpk_hash, device_rotpk[image_id].key_hash, *rotpk_hash_size); |
| |
| return TFM_PLAT_ERR_SUCCESS; |
| } |
| |
| #endif /* BL2 */ |