Platform: Use OTP as backing for NV seed
Change from a dummy implementation to loading the inital NV seed into
ITS from the OTP HAL. Enable by default on all platforms that have no
other entropy source. Tidy up cmake config related to entropy sources.
Tidy up mbedtls config changes. This will fallback to a dummy
implementation in library model, but will provide a runtime warning when
that happens.
Change-Id: Ica877a07dc08c1ed67d14cf37cc6b4a1f8479018
Signed-off-by: Raef Coles <raef.coles@arm.com>
diff --git a/config/check_config.cmake b/config/check_config.cmake
index 940e70b..2a7ead8 100644
--- a/config/check_config.cmake
+++ b/config/check_config.cmake
@@ -90,8 +90,8 @@
########################### TF-M crypto ########################################
-tfm_invalid_config(PLATFORM_DUMMY_NV_SEED AND CRYPTO_HW_ACCELERATOR)
-tfm_invalid_config(NOT PLATFORM_DUMMY_NV_SEED AND NOT CRYPTO_HW_ACCELERATOR)
+tfm_invalid_config(CRYPTO_NV_SEED AND CRYPTO_HW_ACCELERATOR)
+tfm_invalid_config(NOT CRYPTO_NV_SEED AND NOT CRYPTO_HW_ACCELERATOR)
########################### Test check config ##################################
diff --git a/config/config_default.cmake b/config/config_default.cmake
index 841e377..8db2455 100644
--- a/config/config_default.cmake
+++ b/config/config_default.cmake
@@ -108,6 +108,7 @@
set(CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED FALSE CACHE BOOL "Disable PSA Crypto asymmetric key encryption module")
set(CRYPTO_KEY_DERIVATION_MODULE_DISABLED FALSE CACHE BOOL "Disable PSA Crypto key derivation module")
set(CRYPTO_IOVEC_BUFFER_SIZE 5120 CACHE STRING "Default size of the internal scratch buffer used for PSA FF IOVec allocations")
+set(CRYPTO_NV_SEED ON CACHE BOOL "Use stored NV seed to provide entropy")
set(TFM_PARTITION_INITIAL_ATTESTATION ON CACHE BOOL "Enable Initial Attestation partition")
set(SYMMETRIC_INITIAL_ATTESTATION OFF CACHE BOOL "Use symmetric crypto for inital attestation")
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h
index 6f16a3d..d87b6aa 100644
--- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h
@@ -2011,6 +2011,10 @@
/* \} name SECTION: Customisation configuration options */
+#ifdef CRYPTO_NV_SEED
+#include "tfm_mbedcrypto_config_extra_nv_seed.h"
+#endif /* CRYPTO_NV_SEED */
+
#ifdef CRYPTO_HW_ACCELERATOR
#include "mbedtls_accelerator_config.h"
#elif defined(MBEDTLS_ENTROPY_NV_SEED)
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_extra_nv_seed.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_extra_nv_seed.h
new file mode 100644
index 0000000..9ea7add
--- /dev/null
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_extra_nv_seed.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#if defined(TFM_PSA_API) || !defined(PLATFORM_DUMMY_NV_SEED)
+
+#include "tfm_plat_crypto_nv_seed.h"
+
+#ifndef MBEDTLS_ENTROPY_NV_SEED
+#define MBEDTLS_ENTROPY_NV_SEED
+#endif /* !MBEDTLS_ENTROPY_NV_SEED */
+
+#ifdef MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+#undef MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
+
+#ifndef MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
+#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO tfm_plat_crypto_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+#endif /* !MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */
+
+#ifndef MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO
+#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO tfm_plat_crypto_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+#endif /* !MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */
+
+#endif /* defined(TFM_PSA_API) || !defined(PLATFORM_DUMMY_NV_SEED) */
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h
index d3526f3..997dccc 100644
--- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h
@@ -2006,6 +2006,10 @@
/* \} name SECTION: Customisation configuration options */
+#ifdef CRYPTO_NV_SEED
+#include "tfm_mbedcrypto_config_extra_nv_seed.h"
+#endif /* CRYPTO_NV_SEED */
+
#ifdef CRYPTO_HW_ACCELERATOR
#include "mbedtls_accelerator_config.h"
#elif defined(MBEDTLS_ENTROPY_NV_SEED)
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h
index eebd4b0..5d25f29 100644
--- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h
@@ -2006,6 +2006,10 @@
/* \} name SECTION: Customisation configuration options */
+#ifdef CRYPTO_NV_SEED
+#include "tfm_mbedcrypto_config_extra_nv_seed.h"
+#endif /* CRYPTO_NV_SEED */
+
#ifdef CRYPTO_HW_ACCELERATOR
#include "mbedtls_accelerator_config.h"
#elif defined(MBEDTLS_ENTROPY_NV_SEED)
diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h
index eecf026..7822925 100644
--- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h
+++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h
@@ -2006,6 +2006,10 @@
/* \} name SECTION: Customisation configuration options */
+#ifdef CRYPTO_NV_SEED
+#include "tfm_mbedcrypto_config_extra_nv_seed.h"
+#endif /* CRYPTO_NV_SEED */
+
#ifdef CRYPTO_HW_ACCELERATOR
#include "mbedtls_accelerator_config.h"
#elif defined(MBEDTLS_ENTROPY_NV_SEED)
diff --git a/platform/CMakeLists.txt b/platform/CMakeLists.txt
index 18b2cf2..0a66eda 100755
--- a/platform/CMakeLists.txt
+++ b/platform/CMakeLists.txt
@@ -50,6 +50,7 @@
$<$<BOOL:${PLATFORM_DUMMY_CRYPTO_KEYS}>:ext/common/template/crypto_keys.c>
$<$<BOOL:${PLATFORM_DUMMY_ROTPK}>:ext/common/template/tfm_rotpk.c>
$<$<BOOL:${PLATFORM_DUMMY_IAK}>:ext/common/template/tfm_initial_attestation_key_material.c>
+ $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:ext/common/template/crypto_nv_seed.c>
$<$<AND:$<NOT:$<BOOL:${ATTEST_TEST_GET_PUBLIC_KEY}>>,$<NOT:$<BOOL:${SYMMETRIC_INITIAL_ATTESTATION}>>,$<BOOL:${PLATFORM_DUMMY_IAK}>,$<BOOL:${TEST_S_ATTESTATION}>>:ext/common/template/tfm_initial_attest_pub_key.c>
$<$<OR:$<BOOL:${PLATFORM_DUMMY_NV_COUNTERS}>,$<BOOL:${PLATFORM_DEFAULT_OTP}>>:ext/common/template/flash_otp_nv_counters_backend.c>
$<$<BOOL:${PLATFORM_DEFAULT_OTP}>:ext/common/template/otp_flash.c>
@@ -65,6 +66,7 @@
tfm_secure_api
tfm_arch
tfm_partition_defs
+ crypto_service_mbedtls
)
target_compile_definitions(platform_s
@@ -176,22 +178,3 @@
$<$<BOOL:${FORWARD_PROT_MSG}>:FORWARD_PROT_MSG=${FORWARD_PROT_MSG}>
$<$<BOOL:${TFM_CODE_SHARING}>:CODE_SHARING>
)
-
-#========================= Crypto =============================================#
-if (TFM_PARTITION_CRYPTO)
- target_sources(tfm_psa_rot_partition_crypto
- PRIVATE
- $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/template/crypto_nv_seed.c>
- $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/template/crypto_dummy_nv_seed.c>
- )
-
- target_compile_definitions(tfm_psa_rot_partition_crypto
- PRIVATE
- $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:PLATFORM_DUMMY_NV_SEED>
- )
-
- target_include_directories(crypto_service_mbedcrypto
- PUBLIC
- $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/include>
- )
-endif()
diff --git a/platform/ext/common/template/crypto_dummy_nv_seed.c b/platform/ext/common/template/crypto_dummy_nv_seed.c
deleted file mode 100644
index fd6c2c7..0000000
--- a/platform/ext/common/template/crypto_dummy_nv_seed.c
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "mbedtls/entropy.h"
-#include "tfm_plat_crypto_dummy_nv_seed.h"
-
-/* NOTE: The seed value here is only an example, please do not use it in
- * production. Platform vendor should implement their own seed value.
- */
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-const unsigned char seed_value[MBEDTLS_ENTROPY_BLOCK_SIZE] = {
- 0x12, 0x13, 0x23, 0x34, 0x0a, 0x05, 0x89, 0x78,
- 0xa3, 0x66, 0x8c, 0x0d, 0x97, 0x55, 0x53, 0xca,
- 0xb5, 0x76, 0x18, 0x62, 0x29, 0xc6, 0xb6, 0x79,
- 0x75, 0xc8, 0x5a, 0x8d, 0x9e, 0x11, 0x8f, 0x85,
- 0xde, 0xc4, 0x5f, 0x66, 0x21, 0x52, 0xf9, 0x39,
- 0xd9, 0x77, 0x93, 0x28, 0xb0, 0x5e, 0x02, 0xfa,
- 0x58, 0xb4, 0x16, 0xc8, 0x0f, 0x38, 0x91, 0xbb,
- 0x28, 0x17, 0xcd, 0x8a, 0xc9, 0x53, 0x72, 0x66,
-};
-#else
-const unsigned char seed_value[MBEDTLS_ENTROPY_BLOCK_SIZE] = {
- 0x12, 0x13, 0x23, 0x34, 0x0a, 0x05, 0x89, 0x78,
- 0xa3, 0x66, 0x8c, 0x0d, 0x97, 0x55, 0x53, 0xca,
- 0xb5, 0x76, 0x18, 0x62, 0x29, 0xc6, 0xb6, 0x79,
- 0x75, 0xc8, 0x5a, 0x8d, 0x9e, 0x11, 0x8f, 0x85,
-};
-#endif
-
-int tfm_plat_crypto_create_entropy_seed(void)
-{
- return tfm_plat_crypto_nv_seed_write(seed_value,
- MBEDTLS_ENTROPY_BLOCK_SIZE);
-}
diff --git a/platform/ext/common/template/crypto_nv_seed.c b/platform/ext/common/template/crypto_nv_seed.c
index 90e3d0a..960dbcc 100644
--- a/platform/ext/common/template/crypto_nv_seed.c
+++ b/platform/ext/common/template/crypto_nv_seed.c
@@ -5,14 +5,21 @@
*
*/
-#include <stddef.h>
#include "tfm_plat_crypto_nv_seed.h"
+#include "tfm_plat_otp.h"
#include "psa/internal_trusted_storage.h"
#ifndef TFM_PSA_API
#include "mbedtls/entropy.h"
-static unsigned char seed_buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+/* This implementation stores the seed in ITS. Under library model, calling ITS
+ * from the crypto_init function is forbidden and results in a crash. Therefore,
+ * if library model is enabled then a dummy seed will be returned every time,
+ * avoiding ITS calls, which is not secure. A runtime warning about this will be
+ * emitted.
+ */
+
+static unsigned char seed_buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = {0};
/*
\brief Copy the seed to the destination buffer
@@ -31,7 +38,34 @@
p_dst++;
}
}
-#endif
+#endif /* !TFM_PSA_API */
+
+int tfm_plat_crypto_provision_entropy_seed(void)
+{
+#ifdef TFM_PSA_API
+ enum tfm_plat_err_t plat_err;
+ int err;
+ uint8_t buf[64];
+
+ /* If the seed is already provisioned, then return successfully */
+ err = tfm_plat_crypto_nv_seed_read(buf, sizeof(buf));
+ if (err == TFM_CRYPTO_NV_SEED_SUCCESS) {
+ return err;
+ }
+
+ plat_err = tfm_plat_otp_read(PLAT_OTP_ID_ENTROPY_SEED, sizeof(buf), buf);
+ if(plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_CRYPTO_NV_SEED_FAILED;
+ }
+
+ err = tfm_plat_crypto_nv_seed_write(buf, sizeof(buf));
+ if (err != TFM_CRYPTO_NV_SEED_SUCCESS) {
+ return err;
+ }
+#endif /* TFM_PSA_API */
+
+ return TFM_CRYPTO_NV_SEED_SUCCESS;
+}
int tfm_plat_crypto_nv_seed_read(unsigned char *buf, size_t buf_len)
{
diff --git a/platform/ext/target/arm/diphda/config.cmake b/platform/ext/target/arm/diphda/config.cmake
index f0fd77d..3db1185 100644
--- a/platform/ext/target/arm/diphda/config.cmake
+++ b/platform/ext/target/arm/diphda/config.cmake
@@ -14,7 +14,7 @@
set(TFM_MULTI_CORE_TOPOLOGY ON CACHE BOOL "Whether to build for a dual-cpu architecture")
set(TFM_PLAT_SPECIFIC_MULTI_CORE_COMM ON CACHE BOOL "Whether to use a platform specific inter core communication instead of mailbox in dual-cpu topology")
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(NS FALSE CACHE BOOL "Whether to build NS app")
set(PLATFORM_DUMMY_ROTPK FALSE CACHE BOOL "Use dummy root of trust public key. Dummy key is the public key for the default keys in bl2. Should not be used in production.")
diff --git a/platform/ext/target/arm/musca_b1/secure_enclave/config.cmake b/platform/ext/target/arm/musca_b1/secure_enclave/config.cmake
index e918f14..6325b14 100644
--- a/platform/ext/target/arm/musca_b1/secure_enclave/config.cmake
+++ b/platform/ext/target/arm/musca_b1/secure_enclave/config.cmake
@@ -22,6 +22,6 @@
# Crypto hardware accelerator is turned on by default
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(PSA_API_TEST_TARGET "musca_b1" CACHE STRING "Target to use when building the PSA API tests")
diff --git a/platform/ext/target/arm/musca_b1/sse_200/config.cmake b/platform/ext/target/arm/musca_b1/sse_200/config.cmake
index 2c93b98..859a88a 100644
--- a/platform/ext/target/arm/musca_b1/sse_200/config.cmake
+++ b/platform/ext/target/arm/musca_b1/sse_200/config.cmake
@@ -11,7 +11,7 @@
if (NOT FORWARD_PROT_MSG)
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
- set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+ set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
if(CRYPTO_HW_ACCELERATOR_OTP_STATE STREQUAL "ENABLED")
set(PLATFORM_DUMMY_CRYPTO_KEYS FALSE CACHE BOOL "Use dummy crypto keys. Should not be used in production.")
# Musca-B1 with OTP enabled is provisioned with a random Initial
diff --git a/platform/ext/target/arm/musca_s1/config.cmake b/platform/ext/target/arm/musca_s1/config.cmake
index 523264b..1d16c1b 100644
--- a/platform/ext/target/arm/musca_s1/config.cmake
+++ b/platform/ext/target/arm/musca_s1/config.cmake
@@ -6,7 +6,7 @@
#-------------------------------------------------------------------------------
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryptography mode")
if(CRYPTO_HW_ACCELERATOR_OTP_STATE STREQUAL "ENABLED")
diff --git a/platform/ext/target/stm/b_u585i_iot02a/config.cmake b/platform/ext/target/stm/b_u585i_iot02a/config.cmake
index a1158ce..347b526 100644
--- a/platform/ext/target/stm/b_u585i_iot02a/config.cmake
+++ b/platform/ext/target/stm/b_u585i_iot02a/config.cmake
@@ -12,5 +12,5 @@
################################## Dependencies ################################
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
diff --git a/platform/ext/target/stm/nucleo_l552ze_q/config.cmake b/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
index a1158ce..347b526 100644
--- a/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
+++ b/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
@@ -12,5 +12,5 @@
################################## Dependencies ################################
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
diff --git a/platform/ext/target/stm/stm32l562e_dk/config.cmake b/platform/ext/target/stm/stm32l562e_dk/config.cmake
index 5e98476..c6da659 100644
--- a/platform/ext/target/stm/stm32l562e_dk/config.cmake
+++ b/platform/ext/target/stm/stm32l562e_dk/config.cmake
@@ -12,6 +12,6 @@
################################## Dependencies ################################
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
set(TFM_EXTRA_GENERATED_FILE_LIST_PATH ${CMAKE_CURRENT_SOURCE_DIR}/platform/ext/target/stm/common/generated_file_list.yaml CACHE PATH "Path to extra generated file list. Appended to stardard TFM generated file list." FORCE)
diff --git a/platform/include/tfm_plat_crypto_dummy_nv_seed.h b/platform/include/tfm_plat_crypto_dummy_nv_seed.h
deleted file mode 100644
index 08bec76..0000000
--- a/platform/include/tfm_plat_crypto_dummy_nv_seed.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-#ifndef __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__
-#define __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__
-
-#include "tfm_plat_crypto_nv_seed.h"
-
-/**
- * \brief Create a dummy entropy seed when platform doesn't provision the seed.
- * Do NOT call this function in production.
- *
- * \return Return TFM_CRYPTO_NV_SEED_SUCCESS on success,
- * or TFM_CRYPTO_NV_SEED_FAILED on failure.
- */
-int tfm_plat_crypto_create_entropy_seed(void);
-
-#endif /* __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__ */
diff --git a/platform/include/tfm_plat_crypto_nv_seed.h b/platform/include/tfm_plat_crypto_nv_seed.h
index 9b897c8..fe29672 100644
--- a/platform/include/tfm_plat_crypto_nv_seed.h
+++ b/platform/include/tfm_plat_crypto_nv_seed.h
@@ -17,6 +17,14 @@
#define TFM_CRYPTO_NV_SEED_FAILED -1
/**
+ * \brief Provision Seed to NV storage. Fails if a seed is already in storage.
+ *
+ * \return Return TFM_CRYPTO_NV_SEED_SUCCESS on success,
+ * or TFM_CRYPTO_NV_SEED_FAILED on failure.
+ */
+int tfm_plat_crypto_provision_entropy_seed(void);
+
+/**
* \brief Read Seed from NV storage.
*
* \param[out] buf Buffer to store the seed
diff --git a/secure_fw/partitions/crypto/CMakeLists.txt b/secure_fw/partitions/crypto/CMakeLists.txt
index fd9fe4b..f2801d3 100644
--- a/secure_fw/partitions/crypto/CMakeLists.txt
+++ b/secure_fw/partitions/crypto/CMakeLists.txt
@@ -143,6 +143,7 @@
PSA_CRYPTO_SECURE
# Workaround for https://github.com/ARMmbed/mbedtls/issues/1077
$<$<OR:$<STREQUAL:${CMAKE_SYSTEM_ARCHITECTURE},armv8-m.base>,$<STREQUAL:${CMAKE_SYSTEM_ARCHITECTURE},armv6-m>>:MULADDC_CANNOT_USE_R7>
+ $<$<BOOL:${CRYPTO_NV_SEED}>:CRYPTO_NV_SEED>
$<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:PLATFORM_DUMMY_NV_SEED>
)
cmake_policy(SET CMP0079 NEW)
@@ -200,3 +201,13 @@
PUBLIC
crypto_service_mbedcrypto_config
)
+
+target_link_libraries(crypto_service_mbedtls
+ PRIVATE
+ platform_s
+)
+
+target_link_libraries(crypto_service_mbedx509
+ PRIVATE
+ platform_s
+)
diff --git a/secure_fw/partitions/crypto/crypto_init.c b/secure_fw/partitions/crypto/crypto_init.c
index 6dd7bf2..0694ae6 100644
--- a/secure_fw/partitions/crypto/crypto_init.c
+++ b/secure_fw/partitions/crypto/crypto_init.c
@@ -17,9 +17,9 @@
*/
#include "mbedtls/memory_buffer_alloc.h"
-#ifdef PLATFORM_DUMMY_NV_SEED
-#include "tfm_plat_crypto_dummy_nv_seed.h"
-#endif
+#ifdef CRYPTO_NV_SEED
+#include "tfm_plat_crypto_nv_seed.h"
+#endif /* CRYPTO_NV_SEED */
#ifndef TFM_PSA_API
#include "tfm_secure_api.h"
@@ -276,12 +276,20 @@
static psa_status_t tfm_crypto_engine_init(void)
{
-#ifdef PLATFORM_DUMMY_NV_SEED
- LOG_INFFMT("\033[1;34m[Crypto] Dummy Entropy NV Seed is not suitable for production!\033[0m\r\n");
- if (tfm_plat_crypto_create_entropy_seed() != TFM_CRYPTO_NV_SEED_SUCCESS) {
+
+#ifdef CRYPTO_NV_SEED
+#ifdef TFM_PSA_API
+ if (tfm_plat_crypto_provision_entropy_seed() != TFM_CRYPTO_NV_SEED_SUCCESS) {
return PSA_ERROR_GENERIC_ERROR;
}
-#endif
+#else
+ LOG_INFFMT("\033[1;31m[Crypto] ");
+ LOG_INFFMT("TF-M in library mode uses a dummy NV seed. ");
+ LOG_INFFMT("This is not suitable for production! ");
+ LOG_INFFMT("This device is \033[1;1mNOT SECURE");
+ LOG_INFFMT("\033[0m\r\n");
+#endif /* TFM_PSA_API */
+#endif /* CRYPTO_NV_SEED */
/* Initialise the Mbed Crypto memory allocator to use static
* memory allocation from the provided buffer instead of using