1 /**
2   ******************************************************************************
3   * @file    otp_provision.c
4   * @author  MCD Application Team
5   * @brief   File provisionning otp value
6   *
7   *
8   ******************************************************************************
9   * @attention
10   *
11   * <h2><center>&copy; Copyright (c) 2020-2021 STMicroelectronics.
12   * All rights reserved.</center></h2>
13   * <h2><center>&copy; Copyright (c) 2022 Cypress Semiconductor Corporation
14   * (an Infineon company) or an affiliate of Cypress Semiconductor Corporation.
15   * All rights reserved.</center></h2>
16   *
17   * This software component is licensed by ST under BSD 3-Clause license,
18   * the "License"; You may not use this file except in compliance with the
19   * License. You may obtain a copy of the License at:
20   *                        opensource.org/licenses/BSD-3-Clause
21   *
22   ******************************************************************************
23   */
24 #include "template/flash_otp_nv_counters_backend.h"
25 #include "tfm_plat_otp.h"
26 #include "tfm_attest_hal.h"
27 #include "psa/crypto.h"
28 
29 #define INT2LE(A) (uint8_t)(A & 0xFF), (uint8_t )((A >> 8) & 0xFF),\
30          (uint8_t )((A >> 16) & 0xFF), (uint8_t )((A >> 24) & 0xFF)
31 
32 
33 #define INT64NULL 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
34                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
35                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
36                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
37                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
38                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
39                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,  \
40                   0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0
41 #if defined(__ICCARM__)
42 __root
43 #endif
44 #if defined(__ICCARM__)
45 #pragma default_function_attributes = @ ".BL2_OTP_Const"
46 #else
47 __attribute__((section(".BL2_OTP_Const")))
48 #endif /* __ICCARM__ */
49 const struct flash_otp_nv_counters_region_t otp_stm_provision = {
50     .init_value = OTP_NV_COUNTERS_INITIALIZED,
51     .huk = {
52         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
53         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
54         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
55         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
56     },
57  /* IAK */
58 #if 1
59     .iak= {
60         0xA9, 0xB4, 0x54, 0xB2, 0x6D, 0x6F, 0x90, 0xA4,
61         0xEA, 0x31, 0x19, 0x35, 0x64, 0xCB, 0xA9, 0x1F,
62         0xEC, 0x6F, 0x9A, 0x00, 0x2A, 0x7D, 0xC0, 0x50,
63         0x4B, 0x92, 0xA1, 0x93, 0x71, 0x34, 0x58, 0x5F
64     },
65 #else
66     .iak= {
67         0xA8, 0xB4, 0x54, 0xB2, 0x6D, 0x6F, 0x90, 0xA4,
68         0xEA, 0x31, 0x19, 0x35, 0x64, 0xCB, 0xA9, 0x1F,
69         0xEC, 0x6F, 0x9A, 0x00, 0x2A, 0x7D, 0xC0, 0x50,
70         0x4B, 0x92, 0xA1, 0x93, 0x71, 0x34, 0x58, 0x5F
71     },
72 #endif
73     /* IAK len */
74     .iak_len = { INT2LE(32) },
75 #ifdef SYMMETRIC_INITIAL_ATTESTATION
76     /* IAK type */
77     .iak_type= { INT2LE(PSA_ALG_HMAC(PSA_ALG_SHA_256))},
78 #else
79     /* IAK type */
80     .iak_type= { INT2LE(PSA_ECC_FAMILY_SECP_R1) },
81 #endif /* SYMMETRIC_INITIAL_ATTESTATION */
82     /* IAK id */
83     .iak_id = {'s','t','m','.','e','x','a','m','p',\
84                'l','e','.','x','c','u','b','e','!'},
85     /* boot seed */
86     .boot_seed ={
87         0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7,
88         0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF,
89         0xB0, 0xB1, 0xB2, 0xB3, 0xB4, 0xB5, 0xB6, 0xB7,
90         0xB8, 0xB9, 0xBA, 0xBB, 0xBC, 0xBD, 0xBE, 0xBF,
91     },
92     .lcs= {INT2LE(PLAT_OTP_LCS_SECURED)},
93 
94     /* implementation id */
95     .implementation_id = {
96         0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
97         0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
98         0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
99         0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
100     },
101     /* certification reference */
102     .cert_ref = { '0','6','0','4','5','6','5','2','7',
103                   '2','8','2','9','1','0','0','1','0'},
104     /* verification_service_url */
105     .verification_service_url = "www.trustedfirmware.org",
106     /* attestation_profile_definition */
107     .profile_definition ="PSA_IOT_PROFILE_1",
108 #if (MCUBOOT_SIGN_RSA_LEN == 2048)
109 
110     .bl2_rotpk_0 = {
111         0xfc, 0x57, 0x01, 0xdc, 0x61, 0x35, 0xe1, 0x32,
112         0x38, 0x47, 0xbd, 0xc4, 0x0f, 0x04, 0xd2, 0xe5,
113         0xbe, 0xe5, 0x83, 0x3b, 0x23, 0xc2, 0x9f, 0x93,
114         0x59, 0x3d, 0x00, 0x01, 0x8c, 0xfa, 0x99, 0x94,
115      },
116     .bl2_rotpk_1 = {
117         0xe1, 0x80, 0x15, 0x99, 0x3d, 0x6d, 0x27, 0x60,
118         0xb4, 0x99, 0x27, 0x4b, 0xae, 0xf2, 0x64, 0xb8,
119         0x3a, 0xf2, 0x29, 0xe9, 0xa7, 0x85, 0xf3, 0xd5,
120         0xbf, 0x00, 0xb9, 0xd3, 0x2c, 0x1f, 0x03, 0x96,
121     }
122     .bl2_nv_counter_0 = { INT64NULL },
123     .bl2_nv_counter_1 = { INT64NULL },
124     .bl2_nv_counter_2 = { INT64NULL },
125     .bl2_rotpk_2 =  {
126         0xe1, 0x80, 0x15, 0x99, 0x3d, 0x6d, 0x27, 0x60,
127         0xb4, 0x99, 0x27, 0x4b, 0xae, 0xf2, 0x64, 0xb8,
128         0x3a, 0xf2, 0x29, 0xe9, 0xa7, 0x85, 0xf3, 0xd5,
129         0xbf, 0x00, 0xb9, 0xd3, 0x2c, 0x1f, 0x03, 0x96,
130 
131     },
132 #elif (MCUBOOT_SIGN_RSA_LEN == 3072)
133     .bl2_rotpk_0 = {
134         0xbf, 0xe6, 0xd8, 0x6f, 0x88, 0x26, 0xf4, 0xff,
135         0x97, 0xfb, 0x96, 0xc4, 0xe6, 0xfb, 0xc4, 0x99,
136         0x3e, 0x46, 0x19, 0xfc, 0x56, 0x5d, 0xa2, 0x6a,
137         0xdf, 0x34, 0xc3, 0x29, 0x48, 0x9a, 0xdc, 0x38,
138      },
139     .bl2_rotpk_1 = {
140         0xb3, 0x60, 0xca, 0xf5, 0xc9, 0x8c, 0x6b, 0x94,
141         0x2a, 0x48, 0x82, 0xfa, 0x9d, 0x48, 0x23, 0xef,
142         0xb1, 0x66, 0xa9, 0xef, 0x6a, 0x6e, 0x4a, 0xa3,
143         0x7c, 0x19, 0x19, 0xed, 0x1f, 0xcc, 0xc0, 0x49,
144     },
145     .bl2_nv_counter_0 = { INT64NULL },
146     .bl2_nv_counter_1 = { INT64NULL },
147     .bl2_nv_counter_2 = { INT64NULL },
148     .bl2_rotpk_2 =  {
149         0xb3, 0x60, 0xca, 0xf5, 0xc9, 0x8c, 0x6b, 0x94,
150         0x2a, 0x48, 0x82, 0xfa, 0x9d, 0x48, 0x23, 0xef,
151         0xb1, 0x66, 0xa9, 0xef, 0x6a, 0x6e, 0x4a, 0xa3,
152         0x7c, 0x19, 0x19, 0xed, 0x1f, 0xcc, 0xc0, 0x49,
153     },
154 #endif
155     /* Entropy seed */
156     .entropy_seed ={
157         0x12, 0x13, 0x23, 0x34, 0x0a, 0x05, 0x89, 0x78,
158         0xa3, 0x66, 0x8c, 0x0d, 0x97, 0x55, 0x53, 0xca,
159         0xb5, 0x76, 0x18, 0x62, 0x29, 0xc6, 0xb6, 0x79,
160         0x75, 0xc8, 0x5a, 0x8d, 0x9e, 0x11, 0x8f, 0x85,
161         0xde, 0xc4, 0x5f, 0x66, 0x21, 0x52, 0xf9, 0x39,
162         0xd9, 0x77, 0x93, 0x28, 0xb0, 0x5e, 0x02, 0xfa,
163         0x58, 0xb4, 0x16, 0xc8, 0x0f, 0x38, 0x91, 0xbb,
164         0x28, 0x17, 0xcd, 0x8a, 0xc9, 0x53, 0x72, 0x66,
165     },
166 #ifdef PLATFORM_DEFAULT_NV_COUNTERS
167     .flash_nv_counters = { 0x0, 0x0, 0x0 },
168 #endif
169     .swap_count =  1
170 };
171 
172 
173