1 /**
2   ******************************************************************************
3   * @file    otp_provision.c
4   * @author  MCD Application Team
5   * @brief   File provisionning otp value
6   *
7   *
8   ******************************************************************************
9   * @attention
10   *
11   * <h2><center>&copy; Copyright (c) 2020-2021 STMicroelectronics.
12   * All rights reserved.</center></h2>
13   * <h2><center>&copy; Copyright (c) 2022 Cypress Semiconductor Corporation
14   * (an Infineon company) or an affiliate of Cypress Semiconductor Corporation.
15   * All rights reserved.</center></h2>
16   *
17   * This software component is licensed by ST under BSD 3-Clause license,
18   * the "License"; You may not use this file except in compliance with the
19   * License. You may obtain a copy of the License at:
20   *                        opensource.org/licenses/BSD-3-Clause
21   *
22   ******************************************************************************
23   */
24 #include "template/flash_otp_nv_counters_backend.h"
25 #include "tfm_plat_otp.h"
26 #include "tfm_attest_hal.h"
27 #include "psa/crypto.h"
28 
29 #define INT2LE(A) (uint8_t)(A & 0xFF), (uint8_t )((A >> 8) & 0xFF),\
30          (uint8_t )((A >> 16) & 0xFF), (uint8_t )((A >> 24) & 0xFF)
31 
32 
33 #define INT64NULL 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
34                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
35                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
36                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
37                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
38                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
39                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
40                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0
41 #if defined(__ICCARM__)
42 __root
43 #endif
44 #if defined(__ICCARM__)
45 #pragma default_function_attributes = @ ".BL2_OTP_Const"
46 #else
47 __attribute__((section(".BL2_OTP_Const")))
48 #endif /* __ICCARM__ */
49 const struct flash_otp_nv_counters_region_t otp_stm_provision = {
50     .init_value = OTP_NV_COUNTERS_INITIALIZED,
51     .huk = {
52         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
53         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
54         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
55         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
56     },
57  /* IAK */
58 #if 1
59     .iak= {
60         0xA9, 0xB4, 0x54, 0xB2, 0x6D, 0x6F, 0x90, 0xA4,
61         0xEA, 0x31, 0x19, 0x35, 0x64, 0xCB, 0xA9, 0x1F,
62         0xEC, 0x6F, 0x9A, 0x00, 0x2A, 0x7D, 0xC0, 0x50,
63         0x4B, 0x92, 0xA1, 0x93, 0x71, 0x34, 0x58, 0x5F
64     },
65 #else
66     .iak= {
67         0xA8, 0xB4, 0x54, 0xB2, 0x6D, 0x6F, 0x90, 0xA4,
68         0xEA, 0x31, 0x19, 0x35, 0x64, 0xCB, 0xA9, 0x1F,
69         0xEC, 0x6F, 0x9A, 0x00, 0x2A, 0x7D, 0xC0, 0x50,
70         0x4B, 0x92, 0xA1, 0x93, 0x71, 0x34, 0x58, 0x5F
71     },
72 #endif
73     /* IAK len */
74     .iak_len = { INT2LE(32) },
75 #ifdef SYMMETRIC_INITIAL_ATTESTATION
76     /* IAK type */
77     .iak_type= { INT2LE(PSA_ALG_HMAC(PSA_ALG_SHA_256))},
78 #else
79     /* IAK type */
80     .iak_type= { INT2LE(PSA_ECC_FAMILY_SECP_R1) },
81 #endif /* SYMMETRIC_INITIAL_ATTESTATION */
82     /* IAK id */
83     .iak_id = {'s','t','m','.','e','x','a','m','p',\
84                'l','e','.','x','c','u','b','e','!'},
85     /* boot seed */
86     .boot_seed ={
87         0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7,
88         0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF,
89         0xB0, 0xB1, 0xB2, 0xB3, 0xB4, 0xB5, 0xB6, 0xB7,
90         0xB8, 0xB9, 0xBA, 0xBB, 0xBC, 0xBD, 0xBE, 0xBF,
91     },
92     .lcs= {INT2LE(PLAT_OTP_LCS_SECURED)},
93 
94     /* implementation id */
95     .implementation_id = {
96         0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
97         0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
98         0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
99         0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
100     },
101     /* certification reference */
102     .cert_ref = { '0','6','0','4','5','6','5','2','7',
103                   '2','8','2','9','1','0','0','1','0'},
104     /* verification_service_url */
105     .verification_service_url = "www.trustedfirmware.org",
106     /* attestation_profile_definition */
107     .profile_definition ="PSA_IOT_PROFILE_1",
108 #if (MCUBOOT_SIGN_RSA_LEN == 2048)
109 
110     .bl2_rotpk_0 = {
111         0xfc, 0x57, 0x01, 0xdc, 0x61, 0x35, 0xe1, 0x32,
112         0x38, 0x47, 0xbd, 0xc4, 0x0f, 0x04, 0xd2, 0xe5,
113         0xbe, 0xe5, 0x83, 0x3b, 0x23, 0xc2, 0x9f, 0x93,
114         0x59, 0x3d, 0x00, 0x01, 0x8c, 0xfa, 0x99, 0x94,
115      },
116     .bl2_rotpk_1 = {
117         0xe1, 0x80, 0x15, 0x99, 0x3d, 0x6d, 0x27, 0x60,
118         0xb4, 0x99, 0x27, 0x4b, 0xae, 0xf2, 0x64, 0xb8,
119         0x3a, 0xf2, 0x29, 0xe9, 0xa7, 0x85, 0xf3, 0xd5,
120         0xbf, 0x00, 0xb9, 0xd3, 0x2c, 0x1f, 0x03, 0x96,
121     }
122     .bl2_nv_counter_0 = { INT64NULL },
123     .bl2_nv_counter_1 = { INT64NULL },
124     .bl2_nv_counter_2 = { INT64NULL },
125     .bl2_rotpk_2 =  {
126         0xe1, 0x80, 0x15, 0x99, 0x3d, 0x6d, 0x27, 0x60,
127         0xb4, 0x99, 0x27, 0x4b, 0xae, 0xf2, 0x64, 0xb8,
128         0x3a, 0xf2, 0x29, 0xe9, 0xa7, 0x85, 0xf3, 0xd5,
129         0xbf, 0x00, 0xb9, 0xd3, 0x2c, 0x1f, 0x03, 0x96,
130 
131     },
132 #elif (MCUBOOT_SIGN_RSA_LEN == 3072)
133 
134     .bl2_rotpk_0 = {
135         0xbf, 0xe6, 0xd8, 0x6f, 0x88, 0x26, 0xf4, 0xff,
136         0x97, 0xfb, 0x96, 0xc4, 0xe6, 0xfb, 0xc4, 0x99,
137         0x3e, 0x46, 0x19, 0xfc, 0x56, 0x5d, 0xa2, 0x6a,
138         0xdf, 0x34, 0xc3, 0x29, 0x48, 0x9a, 0xdc, 0x38,
139      },
140     .bl2_rotpk_1 = {
141         0xb3, 0x60, 0xca, 0xf5, 0xc9, 0x8c, 0x6b, 0x94,
142         0x2a, 0x48, 0x82, 0xfa, 0x9d, 0x48, 0x23, 0xef,
143         0xb1, 0x66, 0xa9, 0xef, 0x6a, 0x6e, 0x4a, 0xa3,
144         0x7c, 0x19, 0x19, 0xed, 0x1f, 0xcc, 0xc0, 0x49,
145     },
146     .bl2_nv_counter_0 = { INT64NULL },
147     .bl2_nv_counter_1 = { INT64NULL },
148     .bl2_nv_counter_2 = { INT64NULL },
149     .bl2_rotpk_2 =  {
150         0xb3, 0x60, 0xca, 0xf5, 0xc9, 0x8c, 0x6b, 0x94,
151         0x2a, 0x48, 0x82, 0xfa, 0x9d, 0x48, 0x23, 0xef,
152         0xb1, 0x66, 0xa9, 0xef, 0x6a, 0x6e, 0x4a, 0xa3,
153         0x7c, 0x19, 0x19, 0xed, 0x1f, 0xcc, 0xc0, 0x49,
154     },
155 #endif
156     /* Entropy seed */
157     .entropy_seed ={
158         0x12, 0x13, 0x23, 0x34, 0x0a, 0x05, 0x89, 0x78,
159         0xa3, 0x66, 0x8c, 0x0d, 0x97, 0x55, 0x53, 0xca,
160         0xb5, 0x76, 0x18, 0x62, 0x29, 0xc6, 0xb6, 0x79,
161         0x75, 0xc8, 0x5a, 0x8d, 0x9e, 0x11, 0x8f, 0x85,
162         0xde, 0xc4, 0x5f, 0x66, 0x21, 0x52, 0xf9, 0x39,
163         0xd9, 0x77, 0x93, 0x28, 0xb0, 0x5e, 0x02, 0xfa,
164         0x58, 0xb4, 0x16, 0xc8, 0x0f, 0x38, 0x91, 0xbb,
165         0x28, 0x17, 0xcd, 0x8a, 0xc9, 0x53, 0x72, 0x66,
166     },
167 #ifdef PLATFORM_DEFAULT_NV_COUNTERS
168     .flash_nv_counters = { 0x0, 0x0, 0x0 },
169 #endif
170     .swap_count =  1
171 };
172