1 /*
2 * Copyright (c) 2017-2024 Arm Limited. All rights reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <string.h>
18 #include "tfm_plat_crypto_keys.h"
19 #include "tfm_builtin_key_ids.h"
20 #include "tfm_plat_otp.h"
21 #include "psa_manifest/pid.h"
22 #include "tfm_builtin_key_loader.h"
23
24 #define NUMBER_OF_ELEMENTS_OF(x) sizeof(x)/sizeof(*x)
25 #define MAPPED_TZ_NS_AGENT_DEFAULT_CLIENT_ID -0x3c000000
26 #define TFM_NS_PARTITION_ID MAPPED_TZ_NS_AGENT_DEFAULT_CLIENT_ID
27
tfm_plat_get_huk(uint8_t * buf,size_t buf_len,size_t * key_len,psa_key_bits_t * key_bits,psa_algorithm_t * algorithm,psa_key_type_t * type)28 static enum tfm_plat_err_t tfm_plat_get_huk(uint8_t *buf, size_t buf_len,
29 size_t *key_len,
30 psa_key_bits_t *key_bits,
31 psa_algorithm_t *algorithm,
32 psa_key_type_t *type)
33 {
34 enum tfm_plat_err_t err;
35
36 err = tfm_plat_otp_read(PLAT_OTP_ID_HUK, buf_len, buf);
37 if (err != TFM_PLAT_ERR_SUCCESS) {
38 return err;
39 }
40
41 err = tfm_plat_otp_get_size(PLAT_OTP_ID_HUK, key_len);
42 if (err != TFM_PLAT_ERR_SUCCESS) {
43 return err;
44 }
45
46 *key_bits = *key_len * 8;
47 *algorithm = PSA_ALG_HKDF(PSA_ALG_SHA_256);
48 *type = PSA_KEY_TYPE_DERIVE;
49
50 return TFM_PLAT_ERR_SUCCESS;
51 }
52
53 #ifdef TFM_PARTITION_INITIAL_ATTESTATION
tfm_plat_get_iak(uint8_t * buf,size_t buf_len,size_t * key_len,psa_key_bits_t * key_bits,psa_algorithm_t * algorithm,psa_key_type_t * type)54 static enum tfm_plat_err_t tfm_plat_get_iak(uint8_t *buf, size_t buf_len,
55 size_t *key_len,
56 psa_key_bits_t *key_bits,
57 psa_algorithm_t *algorithm,
58 psa_key_type_t *type)
59 {
60 enum tfm_plat_err_t err;
61 #ifndef SYMMETRIC_INITIAL_ATTESTATION
62 psa_ecc_family_t curve_type;
63 #endif /* SYMMETRIC_INITIAL_ATTESTATION */
64
65 err = tfm_plat_otp_read(PLAT_OTP_ID_IAK_LEN,
66 sizeof(size_t), (uint8_t*)key_len);
67 if(err != TFM_PLAT_ERR_SUCCESS) {
68 return err;
69 }
70 *key_bits = *key_len * 8;
71
72 if (buf_len < *key_len) {
73 return TFM_PLAT_ERR_SYSTEM_ERR;
74 }
75
76 #ifdef SYMMETRIC_INITIAL_ATTESTATION
77 err = tfm_plat_otp_read(PLAT_OTP_ID_IAK_TYPE,
78 sizeof(psa_algorithm_t), (uint8_t*)algorithm);
79 if(err != TFM_PLAT_ERR_SUCCESS) {
80 return err;
81 }
82
83 *type = PSA_KEY_TYPE_HMAC;
84 #else /* SYMMETRIC_INITIAL_ATTESTATION */
85 err = tfm_plat_otp_read(PLAT_OTP_ID_IAK_TYPE, sizeof(psa_ecc_family_t),
86 &curve_type);
87 if(err != TFM_PLAT_ERR_SUCCESS) {
88 return err;
89 }
90
91 *algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
92 *type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve_type);
93 #endif /* SYMMETRIC_INITIAL_ATTESTATION */
94
95 return tfm_plat_otp_read(PLAT_OTP_ID_IAK, *key_len, buf);
96 }
97 #endif /* TFM_PARTITION_INITIAL_ATTESTATION */
98
99 #ifdef TFM_PARTITION_INITIAL_ATTESTATION
100 /**
101 * @brief Table describing per-user key policy for the IAK
102 *
103 */
104 static const tfm_plat_builtin_key_per_user_policy_t g_iak_per_user_policy[] = {
105 {.user = TFM_SP_INITIAL_ATTESTATION,
106 #ifdef SYMMETRIC_INITIAL_ATTESTATION
107 .usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT,
108 #else
109 .usage = PSA_KEY_USAGE_SIGN_HASH,
110 #endif /* SYMMETRIC_INITIAL_ATTESTATION */
111 },
112 #ifdef TEST_S_ATTESTATION
113 {.user = TFM_SP_SECURE_TEST_PARTITION, .usage = PSA_KEY_USAGE_VERIFY_HASH},
114 #endif /* TEST_S_ATTESTATION */
115 #ifdef TEST_NS_ATTESTATION
116 {.user = TFM_NS_PARTITION_ID, .usage = PSA_KEY_USAGE_VERIFY_HASH},
117 #endif /* TEST_NS_ATTESTATION */
118 };
119 #endif /* TFM_PARTITION_INITIAL_ATTESTATION */
120
121 /**
122 * @brief Table describing per-key user policies
123 *
124 */
125 static const tfm_plat_builtin_key_policy_t g_builtin_keys_policy[] = {
126 {.key_id = TFM_BUILTIN_KEY_ID_HUK, .per_user_policy = 0, .usage = PSA_KEY_USAGE_DERIVE},
127 #ifdef TFM_PARTITION_INITIAL_ATTESTATION
128 {.key_id = TFM_BUILTIN_KEY_ID_IAK,
129 .per_user_policy = NUMBER_OF_ELEMENTS_OF(g_iak_per_user_policy),
130 .policy_ptr = g_iak_per_user_policy},
131 #endif /* TFM_PARTITION_INITIAL_ATTESTATION */
132 };
133
134 /**
135 * @brief Table describing the builtin-in keys (plaform keys) available in the platform. Note
136 * that to bind the keys to the tfm_builtin_key_loader driver, the lifetime must be
137 * explicitly set to the one associated to the driver, i.e. TFM_BUILTIN_KEY_LOADER_LIFETIME
138 */
139 static const tfm_plat_builtin_key_descriptor_t g_builtin_keys_desc[] = {
140 {.key_id = TFM_BUILTIN_KEY_ID_HUK,
141 .slot_number = TFM_BUILTIN_KEY_SLOT_HUK,
142 .lifetime = TFM_BUILTIN_KEY_LOADER_LIFETIME,
143 .loader_key_func = tfm_plat_get_huk},
144 #ifdef TFM_PARTITION_INITIAL_ATTESTATION
145 {.key_id = TFM_BUILTIN_KEY_ID_IAK,
146 .slot_number = TFM_BUILTIN_KEY_SLOT_IAK,
147 .lifetime = TFM_BUILTIN_KEY_LOADER_LIFETIME,
148 .loader_key_func = tfm_plat_get_iak},
149 #endif /* TFM_PARTITION_INITIAL_ATTESTATION */
150 };
151
tfm_plat_builtin_key_get_policy_table_ptr(const tfm_plat_builtin_key_policy_t * desc_ptr[])152 size_t tfm_plat_builtin_key_get_policy_table_ptr(const tfm_plat_builtin_key_policy_t *desc_ptr[])
153 {
154 *desc_ptr = &g_builtin_keys_policy[0];
155 return NUMBER_OF_ELEMENTS_OF(g_builtin_keys_policy);
156 }
157
tfm_plat_builtin_key_get_desc_table_ptr(const tfm_plat_builtin_key_descriptor_t * desc_ptr[])158 size_t tfm_plat_builtin_key_get_desc_table_ptr(const tfm_plat_builtin_key_descriptor_t *desc_ptr[])
159 {
160 *desc_ptr = &g_builtin_keys_desc[0];
161 return NUMBER_OF_ELEMENTS_OF(g_builtin_keys_desc);
162 }
163
