TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / next / TF-M / trusted-firmware-m / d0f4e1d284508bc8833cd03076f02f542d827fc7^! / . / bl2 / ext
commitd0f4e1d284508bc8833cd03076f02f542d827fc7[log] [tgz]
authorTamas Ban <tamas.ban@arm.com>Thu Jul 11 09:39:03 2019 +0100
committerTamas Ban <tamas.ban@arm.com>Fri Sep 06 06:59:34 2019 +0000
treec49a27b6779a8624cd5fe3695d329ccb6d5d7b7a
parent32d8464997546f720580d3f9d4ef8cac1a557a83 [diff]
Build: Add hardware key support to MCUBoot

Makes possible in MCUBoot to get the hash of ROTPK
from SoC.

Change-Id: I1a26a526c025b38dce49e91903d69bb9c5d619c0
Signed-off-by: Tamas Ban <tamas.ban@arm.com>

diff --git a/bl2/ext/mcuboot/CMakeLists.txt b/bl2/ext/mcuboot/CMakeLists.txt
index cac109d..4bb7f14 100644
--- a/bl2/ext/mcuboot/CMakeLists.txt
+++ b/bl2/ext/mcuboot/CMakeLists.txt

@@ -39,13 +39,19 @@
 set(BUILD_NATIVE_DRIVERS On)
 set(BUILD_STARTUP On)
 set(BUILD_TARGET_CFG Off)
-set(BUILD_TARGET_HARDWARE_KEYS Off)
 set(BUILD_TARGET_NV_COUNTERS On)
 set(BUILD_CMSIS_DRIVERS On)
 set(BUILD_TIME Off)
 set(BUILD_UART_STDOUT On)
 set(BUILD_FLASH On)
 set(BUILD_PLAT_TEST Off)
+
+if (MCUBOOT_HW_KEY)
+	set(BUILD_TARGET_HARDWARE_KEYS On)
+else()
+	set(BUILD_TARGET_HARDWARE_KEYS Off)
+endif()
+
 if(NOT DEFINED PLATFORM_CMAKE_FILE)
 	message (FATAL_ERROR "Platform specific CMake is not defined. Please set PLATFORM_CMAKE_FILE.")
 elseif(NOT EXISTS ${PLATFORM_CMAKE_FILE})
@@ -131,6 +137,7 @@
 message(STATUS "MCUBOOT_IMAGE_NUMBER is set to: '${MCUBOOT_IMAGE_NUMBER}'.")
 message(STATUS "MCUBOOT_UPGRADE_STRATEGY is set to: '${MCUBOOT_UPGRADE_STRATEGY}'.")
 message(STATUS "MCUBOOT_SIGNATURE_TYPE is set to: '${MCUBOOT_SIGNATURE_TYPE}'.")
+message(STATUS "MCUBOOT_HW_KEY is set to: '${MCUBOOT_HW_KEY}'.")
 
 #Set macro definitions for the project.
 target_compile_definitions(${PROJECT_NAME} PRIVATE
@@ -160,6 +167,10 @@
 	message(FATAL_ERROR "ERROR: MCUBoot supports the ${_upgrade_strategies} upgrade strategies only.")
 endif()
 
+if (MCUBOOT_HW_KEY)
+	target_compile_definitions(${PROJECT_NAME} PRIVATE MCUBOOT_HW_KEY)
+endif()
+
 #Set install location. Keep original value to avoid overriding command line settings.
 if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
 	set(CMAKE_INSTALL_PREFIX "${CMAKE_BINARY_DIR}/install" CACHE PATH "Default install location for MCUBoot." FORCE)

diff --git a/bl2/ext/mcuboot/MCUBoot.cmake b/bl2/ext/mcuboot/MCUBoot.cmake
index c6d5b94..5261c02 100644
--- a/bl2/ext/mcuboot/MCUBoot.cmake
+++ b/bl2/ext/mcuboot/MCUBoot.cmake

@@ -55,6 +55,21 @@
 		message(FATAL_ERROR "${MCUBOOT_SIGNATURE_TYPE} is not supported as firmware signing algorithm")
 	endif()
 
+	#Configure in which format (full or hash) include the public key to the image manifest
+	#
+	#|-----------------------|-----------------------|-------------------|--------------------|
+	#|                       |Key format in manifest |Key in MCUBoot code|     Key in HW      |
+	#|-----------------------|-----------------------|-------------------|--------------------|
+	#|MCUBOOT_HW_KEY ==  On  |    Full public key    |  No key embedded  | Hash of public key |
+	#|-----------------------|-----------------------|-------------------|--------------------|
+	#|MCUBOOT_HW_KEY ==  Off |   Hash of public key  |  Full public key  |   No key in HW     |
+	#|-----------------------|-----------------------|-------------------|--------------------|
+	if (MCUBOOT_HW_KEY)
+		set(PUBLIC_KEY_FORMAT "full")
+	else()
+		set(PUBLIC_KEY_FORMAT "hash")
+	endif()
+
 	set(PARTIAL_CONTENT_FOR_PREPROCESSING "#include \"${FLASH_LAYOUT}\"\n\n"
 		"/* Enumeration that is used by the assemble.py and imgtool.py scripts\n"
 		" * for correct binary generation when nested macros are used\n"
@@ -145,6 +160,7 @@
 						ARGS sign
 							 --layout ${PREPROCESSED_FILE}_s.c
 							 -k ${KEY_FILE}
+							 --public-key-format ${PUBLIC_KEY_FORMAT}
 							 --align 1
 							 -v ${IMAGE_VERSION_S}
 							 ${ADD_NS_IMAGE_MIN_VER}
@@ -158,6 +174,7 @@
 						ARGS sign
 							 --layout ${PREPROCESSED_FILE}_ns.c
 							 -k ${KEY_FILE}
+							 --public-key-format ${PUBLIC_KEY_FORMAT}
 							 --align 1
 							 -v ${IMAGE_VERSION_NS}
 							 ${ADD_S_IMAGE_MIN_VER}
@@ -236,6 +253,7 @@
 						ARGS sign
 							 --layout ${PREPROCESSED_FILE}
 							 -k ${KEY_FILE}
+							 --public-key-format ${PUBLIC_KEY_FORMAT}
 							 --align 1
 							 -v ${IMAGE_VERSION}
 							 ${ADD_SECURITY_COUNTER}

diff --git a/bl2/ext/mcuboot/MCUBootConfig.cmake b/bl2/ext/mcuboot/MCUBootConfig.cmake
index e7cc5c0..800e8fb 100644
--- a/bl2/ext/mcuboot/MCUBootConfig.cmake
+++ b/bl2/ext/mcuboot/MCUBootConfig.cmake

@@ -25,6 +25,8 @@
 	set_property(CACHE MCUBOOT_SIGNATURE_TYPE PROPERTY STRINGS "RSA-3072;RSA-2048")
 	validate_cache_value(MCUBOOT_SIGNATURE_TYPE)
 
+	set(MCUBOOT_HW_KEY Off CACHE BOOL "Configure to use HW key for image verification. Otherwise key is embedded in MCUBoot image.")
+
 	if ((${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "NO_SWAP" OR
 		 ${MCUBOOT_UPGRADE_STRATEGY} STREQUAL "RAM_LOADING") AND
 		NOT (MCUBOOT_IMAGE_NUMBER EQUAL 1))
@@ -37,11 +39,13 @@
 
 	if (DEFINED MCUBOOT_IMAGE_NUMBER OR
 		DEFINED MCUBOOT_UPGRADE_STRATEGY OR
-		DEFINED MCUBOOT_SIGNATURE_TYPE)
+		DEFINED MCUBOOT_SIGNATURE_TYPE OR
+		DEFINED MCUBOOT_HW_KEY)
 		message(WARNING "Ignoring the values of MCUBOOT_* variables as BL2 option is set to False.")
 		set(MCUBOOT_IMAGE_NUMBER "")
 		set(MCUBOOT_UPGRADE_STRATEGY "")
 		set(MCUBOOT_SIGNATURE_TYPE "")
+		set(MCUBOOT_HW_KEY "")
 	endif()
 
 	if (DEFINED SECURITY_COUNTER OR