Platform: Use OTP as backing for NV seed
Change from a dummy implementation to loading the inital NV seed into
ITS from the OTP HAL. Enable by default on all platforms that have no
other entropy source. Tidy up cmake config related to entropy sources.
Tidy up mbedtls config changes. This will fallback to a dummy
implementation in library model, but will provide a runtime warning when
that happens.
Change-Id: Ica877a07dc08c1ed67d14cf37cc6b4a1f8479018
Signed-off-by: Raef Coles <raef.coles@arm.com>
diff --git a/platform/CMakeLists.txt b/platform/CMakeLists.txt
index 18b2cf2..0a66eda 100755
--- a/platform/CMakeLists.txt
+++ b/platform/CMakeLists.txt
@@ -50,6 +50,7 @@
$<$<BOOL:${PLATFORM_DUMMY_CRYPTO_KEYS}>:ext/common/template/crypto_keys.c>
$<$<BOOL:${PLATFORM_DUMMY_ROTPK}>:ext/common/template/tfm_rotpk.c>
$<$<BOOL:${PLATFORM_DUMMY_IAK}>:ext/common/template/tfm_initial_attestation_key_material.c>
+ $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:ext/common/template/crypto_nv_seed.c>
$<$<AND:$<NOT:$<BOOL:${ATTEST_TEST_GET_PUBLIC_KEY}>>,$<NOT:$<BOOL:${SYMMETRIC_INITIAL_ATTESTATION}>>,$<BOOL:${PLATFORM_DUMMY_IAK}>,$<BOOL:${TEST_S_ATTESTATION}>>:ext/common/template/tfm_initial_attest_pub_key.c>
$<$<OR:$<BOOL:${PLATFORM_DUMMY_NV_COUNTERS}>,$<BOOL:${PLATFORM_DEFAULT_OTP}>>:ext/common/template/flash_otp_nv_counters_backend.c>
$<$<BOOL:${PLATFORM_DEFAULT_OTP}>:ext/common/template/otp_flash.c>
@@ -65,6 +66,7 @@
tfm_secure_api
tfm_arch
tfm_partition_defs
+ crypto_service_mbedtls
)
target_compile_definitions(platform_s
@@ -176,22 +178,3 @@
$<$<BOOL:${FORWARD_PROT_MSG}>:FORWARD_PROT_MSG=${FORWARD_PROT_MSG}>
$<$<BOOL:${TFM_CODE_SHARING}>:CODE_SHARING>
)
-
-#========================= Crypto =============================================#
-if (TFM_PARTITION_CRYPTO)
- target_sources(tfm_psa_rot_partition_crypto
- PRIVATE
- $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/template/crypto_nv_seed.c>
- $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/ext/common/template/crypto_dummy_nv_seed.c>
- )
-
- target_compile_definitions(tfm_psa_rot_partition_crypto
- PRIVATE
- $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:PLATFORM_DUMMY_NV_SEED>
- )
-
- target_include_directories(crypto_service_mbedcrypto
- PUBLIC
- $<$<BOOL:${PLATFORM_DUMMY_NV_SEED}>:${CMAKE_CURRENT_SOURCE_DIR}/include>
- )
-endif()
diff --git a/platform/ext/common/template/crypto_dummy_nv_seed.c b/platform/ext/common/template/crypto_dummy_nv_seed.c
deleted file mode 100644
index fd6c2c7..0000000
--- a/platform/ext/common/template/crypto_dummy_nv_seed.c
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#include "mbedtls/entropy.h"
-#include "tfm_plat_crypto_dummy_nv_seed.h"
-
-/* NOTE: The seed value here is only an example, please do not use it in
- * production. Platform vendor should implement their own seed value.
- */
-#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
-const unsigned char seed_value[MBEDTLS_ENTROPY_BLOCK_SIZE] = {
- 0x12, 0x13, 0x23, 0x34, 0x0a, 0x05, 0x89, 0x78,
- 0xa3, 0x66, 0x8c, 0x0d, 0x97, 0x55, 0x53, 0xca,
- 0xb5, 0x76, 0x18, 0x62, 0x29, 0xc6, 0xb6, 0x79,
- 0x75, 0xc8, 0x5a, 0x8d, 0x9e, 0x11, 0x8f, 0x85,
- 0xde, 0xc4, 0x5f, 0x66, 0x21, 0x52, 0xf9, 0x39,
- 0xd9, 0x77, 0x93, 0x28, 0xb0, 0x5e, 0x02, 0xfa,
- 0x58, 0xb4, 0x16, 0xc8, 0x0f, 0x38, 0x91, 0xbb,
- 0x28, 0x17, 0xcd, 0x8a, 0xc9, 0x53, 0x72, 0x66,
-};
-#else
-const unsigned char seed_value[MBEDTLS_ENTROPY_BLOCK_SIZE] = {
- 0x12, 0x13, 0x23, 0x34, 0x0a, 0x05, 0x89, 0x78,
- 0xa3, 0x66, 0x8c, 0x0d, 0x97, 0x55, 0x53, 0xca,
- 0xb5, 0x76, 0x18, 0x62, 0x29, 0xc6, 0xb6, 0x79,
- 0x75, 0xc8, 0x5a, 0x8d, 0x9e, 0x11, 0x8f, 0x85,
-};
-#endif
-
-int tfm_plat_crypto_create_entropy_seed(void)
-{
- return tfm_plat_crypto_nv_seed_write(seed_value,
- MBEDTLS_ENTROPY_BLOCK_SIZE);
-}
diff --git a/platform/ext/common/template/crypto_nv_seed.c b/platform/ext/common/template/crypto_nv_seed.c
index 90e3d0a..960dbcc 100644
--- a/platform/ext/common/template/crypto_nv_seed.c
+++ b/platform/ext/common/template/crypto_nv_seed.c
@@ -5,14 +5,21 @@
*
*/
-#include <stddef.h>
#include "tfm_plat_crypto_nv_seed.h"
+#include "tfm_plat_otp.h"
#include "psa/internal_trusted_storage.h"
#ifndef TFM_PSA_API
#include "mbedtls/entropy.h"
-static unsigned char seed_buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+/* This implementation stores the seed in ITS. Under library model, calling ITS
+ * from the crypto_init function is forbidden and results in a crash. Therefore,
+ * if library model is enabled then a dummy seed will be returned every time,
+ * avoiding ITS calls, which is not secure. A runtime warning about this will be
+ * emitted.
+ */
+
+static unsigned char seed_buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = {0};
/*
\brief Copy the seed to the destination buffer
@@ -31,7 +38,34 @@
p_dst++;
}
}
-#endif
+#endif /* !TFM_PSA_API */
+
+int tfm_plat_crypto_provision_entropy_seed(void)
+{
+#ifdef TFM_PSA_API
+ enum tfm_plat_err_t plat_err;
+ int err;
+ uint8_t buf[64];
+
+ /* If the seed is already provisioned, then return successfully */
+ err = tfm_plat_crypto_nv_seed_read(buf, sizeof(buf));
+ if (err == TFM_CRYPTO_NV_SEED_SUCCESS) {
+ return err;
+ }
+
+ plat_err = tfm_plat_otp_read(PLAT_OTP_ID_ENTROPY_SEED, sizeof(buf), buf);
+ if(plat_err != TFM_PLAT_ERR_SUCCESS) {
+ return TFM_CRYPTO_NV_SEED_FAILED;
+ }
+
+ err = tfm_plat_crypto_nv_seed_write(buf, sizeof(buf));
+ if (err != TFM_CRYPTO_NV_SEED_SUCCESS) {
+ return err;
+ }
+#endif /* TFM_PSA_API */
+
+ return TFM_CRYPTO_NV_SEED_SUCCESS;
+}
int tfm_plat_crypto_nv_seed_read(unsigned char *buf, size_t buf_len)
{
diff --git a/platform/ext/target/arm/diphda/config.cmake b/platform/ext/target/arm/diphda/config.cmake
index f0fd77d..3db1185 100644
--- a/platform/ext/target/arm/diphda/config.cmake
+++ b/platform/ext/target/arm/diphda/config.cmake
@@ -14,7 +14,7 @@
set(TFM_MULTI_CORE_TOPOLOGY ON CACHE BOOL "Whether to build for a dual-cpu architecture")
set(TFM_PLAT_SPECIFIC_MULTI_CORE_COMM ON CACHE BOOL "Whether to use a platform specific inter core communication instead of mailbox in dual-cpu topology")
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(NS FALSE CACHE BOOL "Whether to build NS app")
set(PLATFORM_DUMMY_ROTPK FALSE CACHE BOOL "Use dummy root of trust public key. Dummy key is the public key for the default keys in bl2. Should not be used in production.")
diff --git a/platform/ext/target/arm/musca_b1/secure_enclave/config.cmake b/platform/ext/target/arm/musca_b1/secure_enclave/config.cmake
index e918f14..6325b14 100644
--- a/platform/ext/target/arm/musca_b1/secure_enclave/config.cmake
+++ b/platform/ext/target/arm/musca_b1/secure_enclave/config.cmake
@@ -22,6 +22,6 @@
# Crypto hardware accelerator is turned on by default
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(PSA_API_TEST_TARGET "musca_b1" CACHE STRING "Target to use when building the PSA API tests")
diff --git a/platform/ext/target/arm/musca_b1/sse_200/config.cmake b/platform/ext/target/arm/musca_b1/sse_200/config.cmake
index 2c93b98..859a88a 100644
--- a/platform/ext/target/arm/musca_b1/sse_200/config.cmake
+++ b/platform/ext/target/arm/musca_b1/sse_200/config.cmake
@@ -11,7 +11,7 @@
if (NOT FORWARD_PROT_MSG)
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
- set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+ set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
if(CRYPTO_HW_ACCELERATOR_OTP_STATE STREQUAL "ENABLED")
set(PLATFORM_DUMMY_CRYPTO_KEYS FALSE CACHE BOOL "Use dummy crypto keys. Should not be used in production.")
# Musca-B1 with OTP enabled is provisioned with a random Initial
diff --git a/platform/ext/target/arm/musca_s1/config.cmake b/platform/ext/target/arm/musca_s1/config.cmake
index 523264b..1d16c1b 100644
--- a/platform/ext/target/arm/musca_s1/config.cmake
+++ b/platform/ext/target/arm/musca_s1/config.cmake
@@ -6,7 +6,7 @@
#-------------------------------------------------------------------------------
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(TFM_CRYPTO_TEST_ALG_CFB OFF CACHE BOOL "Test CFB cryptography mode")
if(CRYPTO_HW_ACCELERATOR_OTP_STATE STREQUAL "ENABLED")
diff --git a/platform/ext/target/stm/b_u585i_iot02a/config.cmake b/platform/ext/target/stm/b_u585i_iot02a/config.cmake
index a1158ce..347b526 100644
--- a/platform/ext/target/stm/b_u585i_iot02a/config.cmake
+++ b/platform/ext/target/stm/b_u585i_iot02a/config.cmake
@@ -12,5 +12,5 @@
################################## Dependencies ################################
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
diff --git a/platform/ext/target/stm/nucleo_l552ze_q/config.cmake b/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
index a1158ce..347b526 100644
--- a/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
+++ b/platform/ext/target/stm/nucleo_l552ze_q/config.cmake
@@ -12,5 +12,5 @@
################################## Dependencies ################################
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
diff --git a/platform/ext/target/stm/stm32l562e_dk/config.cmake b/platform/ext/target/stm/stm32l562e_dk/config.cmake
index 5e98476..c6da659 100644
--- a/platform/ext/target/stm/stm32l562e_dk/config.cmake
+++ b/platform/ext/target/stm/stm32l562e_dk/config.cmake
@@ -12,6 +12,6 @@
################################## Dependencies ################################
set(CRYPTO_HW_ACCELERATOR ON CACHE BOOL "Whether to enable the crypto hardware accelerator on supported platforms")
-set(PLATFORM_DUMMY_NV_SEED FALSE CACHE BOOL "Use dummy NV seed implementation. Should not be used in production.")
+set(CRYPTO_NV_SEED OFF CACHE BOOL "Use stored NV seed to provide entropy")
set(MBEDCRYPTO_BUILD_TYPE minsizerel CACHE STRING "Build type of Mbed Crypto library")
set(TFM_EXTRA_GENERATED_FILE_LIST_PATH ${CMAKE_CURRENT_SOURCE_DIR}/platform/ext/target/stm/common/generated_file_list.yaml CACHE PATH "Path to extra generated file list. Appended to stardard TFM generated file list." FORCE)
diff --git a/platform/include/tfm_plat_crypto_dummy_nv_seed.h b/platform/include/tfm_plat_crypto_dummy_nv_seed.h
deleted file mode 100644
index 08bec76..0000000
--- a/platform/include/tfm_plat_crypto_dummy_nv_seed.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-#ifndef __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__
-#define __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__
-
-#include "tfm_plat_crypto_nv_seed.h"
-
-/**
- * \brief Create a dummy entropy seed when platform doesn't provision the seed.
- * Do NOT call this function in production.
- *
- * \return Return TFM_CRYPTO_NV_SEED_SUCCESS on success,
- * or TFM_CRYPTO_NV_SEED_FAILED on failure.
- */
-int tfm_plat_crypto_create_entropy_seed(void);
-
-#endif /* __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__ */
diff --git a/platform/include/tfm_plat_crypto_nv_seed.h b/platform/include/tfm_plat_crypto_nv_seed.h
index 9b897c8..fe29672 100644
--- a/platform/include/tfm_plat_crypto_nv_seed.h
+++ b/platform/include/tfm_plat_crypto_nv_seed.h
@@ -17,6 +17,14 @@
#define TFM_CRYPTO_NV_SEED_FAILED -1
/**
+ * \brief Provision Seed to NV storage. Fails if a seed is already in storage.
+ *
+ * \return Return TFM_CRYPTO_NV_SEED_SUCCESS on success,
+ * or TFM_CRYPTO_NV_SEED_FAILED on failure.
+ */
+int tfm_plat_crypto_provision_entropy_seed(void);
+
+/**
* \brief Read Seed from NV storage.
*
* \param[out] buf Buffer to store the seed