1 /*
2 * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8 #include "otp.h"
9
10 #include <stdint.h>
11
12 #include "region_defs.h"
13 #include "tfm_plat_otp.h"
14 #include "tfm_plat_nv_counters.h"
15 #include "util.h"
16
17 #ifdef TEST_BL1_1
18 extern uint8_t tfm_bl1_key_test_1_buf[];
19 extern uint8_t tfm_bl1_key_test_2_buf[];
20 #endif /* TEST_BL1_1 */
21
22 fih_int bl1_otp_read(uint8_t *dst, uint8_t *src, size_t size);
23 fih_int bl1_otp_write(uint8_t *dst, uint8_t *src, size_t size);
24
bl1_otp_init(void)25 fih_int bl1_otp_init(void)
26 {
27 fih_int fih_rc;
28 enum tfm_plat_err_t plat_err;
29
30 plat_err = tfm_plat_otp_init();
31 fih_rc = fih_int_encode_zero_equality(plat_err);
32
33 plat_err = tfm_plat_init_nv_counter();
34 fih_rc = fih_int_encode_zero_equality(plat_err);
35
36 return fih_rc;
37 }
38
bl1_otp_read_bl1_2_image_hash(uint8_t * hash)39 fih_int bl1_otp_read_bl1_2_image_hash(uint8_t *hash)
40 {
41 fih_int fih_rc;
42 enum tfm_plat_err_t plat_err;
43
44 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_BL1_2_IMAGE_HASH, BL1_2_HASH_SIZE,
45 hash);
46 fih_rc = fih_int_encode_zero_equality(plat_err);
47
48 FIH_RET(fih_rc);
49 }
50
bl1_otp_read_bl2_image_hash(uint8_t * hash)51 fih_int bl1_otp_read_bl2_image_hash(uint8_t *hash)
52 {
53 fih_int fih_rc;
54 enum tfm_plat_err_t plat_err;
55
56 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_BL2_IMAGE_HASH, BL2_HASH_SIZE,
57 hash);
58 fih_rc = fih_int_encode_zero_equality(plat_err);
59
60 FIH_RET(fih_rc);
61 }
62
bl1_otp_read_nv_counter(enum tfm_bl1_nv_counter_id_t counter_id,uint32_t * count)63 fih_int bl1_otp_read_nv_counter(enum tfm_bl1_nv_counter_id_t counter_id,
64 uint32_t *count)
65 {
66 fih_int fih_rc;
67 enum tfm_plat_err_t plat_err;
68
69 plat_err = tfm_plat_read_nv_counter(PLAT_NV_COUNTER_BL1_0,
70 sizeof(uint32_t), (uint8_t *)count);
71 fih_rc = fih_int_encode_zero_equality(plat_err);
72
73 FIH_RET(fih_rc);
74 }
75
bl1_otp_write_nv_counter(enum tfm_bl1_nv_counter_id_t counter_id,uint32_t count)76 fih_int bl1_otp_write_nv_counter(enum tfm_bl1_nv_counter_id_t counter_id,
77 uint32_t count)
78 {
79 fih_int fih_rc;
80 enum tfm_plat_err_t plat_err;
81
82 plat_err = tfm_plat_set_nv_counter(PLAT_NV_COUNTER_BL1_0, count);
83 fih_rc = fih_int_encode_zero_equality(plat_err);
84
85 FIH_RET(fih_rc);
86 }
87
bl1_otp_read_key(enum tfm_bl1_key_id_t key_id,uint8_t * key_buf)88 fih_int bl1_otp_read_key(enum tfm_bl1_key_id_t key_id, uint8_t *key_buf)
89 {
90 fih_int fih_rc;
91 enum tfm_plat_err_t plat_err;
92
93 switch (key_id) {
94 case TFM_BL1_KEY_HUK:
95 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_HUK, 32, key_buf);
96 fih_rc = fih_int_encode_zero_equality(plat_err);
97 break;
98 case TFM_BL1_KEY_GUK:
99 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_GUK, GUK_SIZE, key_buf);
100 fih_rc = fih_int_encode_zero_equality(plat_err);
101 break;
102 case TFM_BL1_KEY_BL2_ENCRYPTION:
103 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_KEY_BL2_ENCRYPTION, 32,
104 key_buf);
105 fih_rc = fih_int_encode_zero_equality(plat_err);
106 break;
107 case TFM_BL1_KEY_ROTPK_0:
108 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_BL1_ROTPK_0, 56, key_buf);
109 fih_rc = fih_int_encode_zero_equality(plat_err);
110 break;
111 default:
112 FIH_RET(FIH_FAILURE);
113 }
114
115 FIH_RET(fih_rc);
116 }
117
