TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / f824e742209dfaa17e0ff24373778b4efe99ac19^! / . / bl2 / ext / mcuboot / bl2_main.c
commitf824e742209dfaa17e0ff24373778b4efe99ac19[log] [tgz]
authorTamas Ban <tamas.ban@arm.com>Fri Oct 25 21:22:26 2019 +0100
committerDavid Vincze <david.vincze@arm.com>Fri Nov 29 16:35:29 2019 +0100
tree5ead4b04d932448590ec4ecee00117335f63cbb0
parentd2485afc47b03190880afd07bf53eeeb654295dd [diff] [blame]
Boot: Add OTP provisioning functionality to MCUBoot

Add functionality to program hash of ROT public key and HUK to OTP. The
implementation is based on the CryptoCell CMPU and DMPU production
libraries.

If MCUBOOT_IMAGE_NUMBER=1, store the whole 32 byte hash of:
    bl2/ext/mcuboot/root-rsa-<2048|3072>.pem key.

If MCUBOOT_IMAGE_NUMBER=2, separately store
the first 16 bytes of the hash of:
    bl2/ext/mcuboot/root-rsa-<2048|3072>.pem key
and the first 16 bytes of the hash of:
    bl2/ext/mcuboot/root-rsa-<2048|3072>_1.pem key.

OTP provisioning is disabled by default. In order to enable,
add this to CMake command line:
 -DCRYPTO_HW_ACCELERATOR_OTP_STATE=PROVISIONING

Change-Id: Ica589319001f5ed77d853ba45ad8e6d3c266d172
Signed-off-by: Xu Yong <yong.xu@arm.com>

diff --git a/bl2/ext/mcuboot/bl2_main.c b/bl2/ext/mcuboot/bl2_main.c
index 26461c1..f1e289d 100644
--- a/bl2/ext/mcuboot/bl2_main.c
+++ b/bl2/ext/mcuboot/bl2_main.c

@@ -31,9 +31,10 @@
 #if BOOT_LOG_LEVEL > BOOT_LOG_LEVEL_OFF
 #include "uart_stdout.h"
 #endif
-#ifdef CRYPTO_HW_ACCELERATOR
+#if defined(CRYPTO_HW_ACCELERATOR) || \
+    defined(CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING)
 #include "crypto_hw.h"
-#endif /* CRYPTO_HW_ACCELERATOR */
+#endif
 
 /* Avoids the semihosting issue */
 #if defined (__ARMCC_VERSION) && (__ARMCC_VERSION >= 6010050)
@@ -213,6 +214,24 @@
     }
 #endif /* CRYPTO_HW_ACCELERATOR */
 
+/* This is a workaround to program the TF-M related cryptographic keys
+ * to CC312 OTP memory. This functionality is independent from secure boot,
+ * this is usually done in the factory floor during chip manufacturing.
+ */
+#ifdef CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING
+    BOOT_LOG_INF("OTP provisioning started.");
+    rc = crypto_hw_accelerator_otp_provisioning();
+    if (rc) {
+        BOOT_LOG_ERR("OTP provisioning FAILED: 0x%X", rc);
+        while (1);
+    } else {
+        BOOT_LOG_INF("OTP provisioning succeeded. TF-M won't be loaded.");
+
+        /* We don't need to boot - the only aim is provisioning. */
+        while (1);
+    }
+#endif /* CRYPTO_HW_ACCELERATOR_OTP_PROVISIONING */
+
     BOOT_LOG_INF("Bootloader chainload address offset: 0x%x",
                  rsp.br_image_off);
     flash_area_warn_on_open();