Blame - platform/ext/common/cc312/cc312.c - TF-M/trusted-firmware-m.git

blob: f1a65e3d16d69fabe389abeaf4431252eb2b2a40 [file] [log] [blame]

Raef Coles	a657a9c	2019-10-24 14:36:43 +0100	[diff] [blame]	1	/*
				2	* Copyright (c) 2019, Arm Limited. All rights reserved.
				3	*
				4	* SPDX-License-Identifier: BSD-3-Clause
				5	*
				6	*/
				7
				8	#include "crypto_hw.h"
				9
				10	#include "cc_lib.h"
				11	#include "cc_pal_buff_attr.h"
				12	#include "cc_rnd_common.h"
				13	#include "mbedtls/platform.h"
				14	#include "mbedtls/ctr_drbg.h"
				15	#include "mbedtls/entropy.h"
Tamas Ban	80f2824	2019-10-25 22:13:53 +0100	[diff] [blame]	16	#include "mbedtls_cc_mng_int.h"
Raef Coles	a657a9c	2019-10-24 14:36:43 +0100	[diff] [blame]	17	#include "arm_cmse.h"
Xu Yong	84678d0	2019-09-30 10:13:28 +0800	[diff] [blame]	18	#include "mbedtls_cc_util_key_derivation.h"
				19	#include "tfm_attest_hal.h"
				20
				21	#define CC312_NULL_CONTEXT "NO SALT!"
Raef Coles	a657a9c	2019-10-24 14:36:43 +0100	[diff] [blame]	22
				23	CCRndContext_t* CC312_pRndCtx = NULL;
				24	CCRndWorkBuff_t* CC312_pRndWorkBuff = NULL;
				25	mbedtls_ctr_drbg_context* CC312_pRndState = NULL;
				26	mbedtls_entropy_context* CC312_pMbedtlsEntropy = NULL;
				27
				28	CCError_t CC_PalDataBufferAttrGet(const unsigned char *pDataBuffer,
				29	size_t buffSize, uint8_t buffType,
				30	uint8_t *pBuffNs)
				31	{
				32	CC_UNUSED_PARAM(buffType);
				33
				34	*pBuffNs = DATA_BUFFER_IS_SECURE;
				35	if (cmse_check_address_range((void*)pDataBuffer, buffSize, CMSE_NONSECURE)) {
				36	*pBuffNs = DATA_BUFFER_IS_NONSECURE;
				37	}
				38
				39	return CC_OK;
				40	}
				41
				42	/*
				43	* \brief Initialize the CC312 crypto accelerator
				44	*/
				45
				46	int crypto_hw_accelerator_init(void)
				47	{
				48	int ret = 0;
				49
				50	/* Allocate memory on heap */
				51	CC312_pRndCtx = mbedtls_calloc(1, sizeof(CCRndContext_t));
				52	CC312_pRndWorkBuff = mbedtls_calloc(1, sizeof(CCRndWorkBuff_t));
				53	CC312_pRndState = mbedtls_calloc(1, sizeof(mbedtls_ctr_drbg_context));
				54	CC312_pMbedtlsEntropy = mbedtls_calloc(1, sizeof(mbedtls_entropy_context));
				55
				56	/* Check if memory allocation was successful */
				57	if ( !CC312_pRndCtx \|\| !CC312_pRndWorkBuff
				58	\|\| !CC312_pRndState \|\| !CC312_pMbedtlsEntropy) {
				59	mbedtls_free(CC312_pRndCtx);
				60	mbedtls_free(CC312_pRndWorkBuff);
				61	mbedtls_free(CC312_pRndState);
				62	mbedtls_free(CC312_pMbedtlsEntropy);
				63
				64	return -1;
				65	}
				66
				67	/* Init Rnd context's inner members */
				68	CC312_pRndCtx->rndState = CC312_pRndState;
				69	CC312_pRndCtx->entropyCtx = CC312_pMbedtlsEntropy;
				70
				71	/* Initialise CryptoCell library */
				72	ret = CC_LibInit(CC312_pRndCtx, CC312_pRndWorkBuff);
				73	if (ret != CC_LIB_RET_OK) {
				74	mbedtls_free(CC312_pRndCtx);
				75	mbedtls_free(CC312_pRndWorkBuff);
				76	mbedtls_free(CC312_pRndState);
				77	mbedtls_free(CC312_pMbedtlsEntropy);
				78
				79	return ret;
				80	}
				81
				82	return 0;
				83	}
				84
				85	/*
				86	* \brief Deallocate the CC312 crypto accelerator
				87	*/
				88	int crypto_hw_accelerator_finish(void)
				89	{
				90	int ret = 0;
				91
				92	ret = CC_LibFini(CC312_pRndCtx);
				93	if(ret != CC_LIB_RET_OK) {
				94	return ret;
				95	}
				96
				97	mbedtls_free(CC312_pRndCtx);
				98	mbedtls_free(CC312_pRndWorkBuff);
				99	mbedtls_free(CC312_pRndState);
				100	mbedtls_free(CC312_pMbedtlsEntropy);
				101
				102	return 0;
				103	}
Tamas Ban	80f2824	2019-10-25 22:13:53 +0100	[diff] [blame]	104
				105	int crypto_hw_accelerator_get_lcs(uint32_t *lcs)
				106	{
				107	return mbedtls_mng_lcsGet(lcs);
				108	}
Xu Yong	84678d0	2019-09-30 10:13:28 +0800	[diff] [blame]	109
				110	int crypto_hw_accelerator_huk_derive_key(const uint8_t *label,
				111	size_t label_size,
				112	const uint8_t *context,
				113	size_t context_size,
				114	uint8_t *key,
				115	size_t key_size)
				116	{
				117
				118	if (context == NULL \|\| context_size == 0) {
				119	/* The CC312 requires the context to not be null, so a default
				120	* is given.
				121	*/
				122	context = (const uint8_t *)CC312_NULL_CONTEXT;
				123	context_size = sizeof(CC312_NULL_CONTEXT);
				124	}
				125
				126	return mbedtls_util_key_derivation_cmac(CC_UTIL_ROOT_KEY, NULL,
				127	label, label_size,
				128	context, context_size,
				129	key, key_size);
				130
				131	}
Tamas Ban	2e297a5	2019-10-27 21:44:22 +0100	[diff] [blame^]	132
				133	int crypto_hw_accelerator_get_rotpk_hash(uint8_t image_id,
				134	uint8_t *rotpk_hash,
				135	uint32_t *rotpk_hash_size)
				136	{
				137	int32_t ret;
				138	mbedtls_mng_pubKeyType_t key_index;
				139	uint32_t rotpk_hash_size_in_words;
				140
				141	if (image_id == 0) {
				142	#if (MCUBOOT_IMAGE_NUMBER == 1)
				143	key_index = CC_MNG_HASH_BOOT_KEY_256B;
				144	rotpk_hash_size_in_words = 8;
				145	#elif (MCUBOOT_IMAGE_NUMBER == 2)
				146	key_index = CC_MNG_HASH_BOOT_KEY_0_128B;
				147	rotpk_hash_size_in_words = 4;
				148	} else if (image_id == 1) {
				149	key_index = CC_MNG_HASH_BOOT_KEY_1_128B;
				150	rotpk_hash_size_in_words = 4;
				151	#endif /* MCUBOOT_IMAGE_NUMBER == 1 */
				152	} else {
				153	return -1;
				154	}
				155
				156	if (rotpk_hash_size < rotpk_hash_size_in_words sizeof(uint32_t)) {
				157	return -1;
				158	}
				159	rotpk_hash_size = rotpk_hash_size_in_words sizeof(uint32_t);
				160
				161	ret = mbedtls_mng_pubKeyHashGet(key_index, (uint32_t *)rotpk_hash,
				162	rotpk_hash_size_in_words);
				163	if (ret) {
				164	return ret;
				165	}
				166
				167	return 0;
				168	}