1 /*
2 * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8 #include "otp.h"
9
10 #include <stdint.h>
11
12 #include "region_defs.h"
13 #include "tfm_plat_otp.h"
14 #include "tfm_plat_nv_counters.h"
15 #include "util.h"
16
17 #ifdef TEST_BL1_1
18 extern uint8_t tfm_bl1_key_test_1_buf[];
19 extern uint8_t tfm_bl1_key_test_2_buf[];
20 #endif /* TEST_BL1_1 */
21
22 fih_int bl1_otp_read(uint8_t *dst, uint8_t *src, size_t size);
23 fih_int bl1_otp_write(uint8_t *dst, uint8_t *src, size_t size);
24
bl1_otp_init(void)25 fih_int bl1_otp_init(void)
26 {
27 fih_int fih_rc;
28 enum tfm_plat_err_t plat_err;
29
30 plat_err = tfm_plat_otp_init();
31 fih_rc = fih_int_encode_zero_equality(plat_err);
32 if (fih_not_eq(fih_rc, FIH_SUCCESS)) {
33 return fih_rc;
34 }
35
36 plat_err = tfm_plat_init_nv_counter();
37 fih_rc = fih_int_encode_zero_equality(plat_err);
38
39 return fih_rc;
40 }
41
bl1_otp_read_bl1_2_image_hash(uint8_t * hash)42 fih_int bl1_otp_read_bl1_2_image_hash(uint8_t *hash)
43 {
44 fih_int fih_rc;
45 enum tfm_plat_err_t plat_err;
46
47 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_BL1_2_IMAGE_HASH, BL1_2_HASH_SIZE,
48 hash);
49 fih_rc = fih_int_encode_zero_equality(plat_err);
50
51 FIH_RET(fih_rc);
52 }
53
bl1_otp_read_bl2_image_hash(uint8_t * hash)54 fih_int bl1_otp_read_bl2_image_hash(uint8_t *hash)
55 {
56 fih_int fih_rc;
57 enum tfm_plat_err_t plat_err;
58
59 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_BL2_IMAGE_HASH, BL2_HASH_SIZE,
60 hash);
61 fih_rc = fih_int_encode_zero_equality(plat_err);
62
63 FIH_RET(fih_rc);
64 }
65
bl1_otp_read_nv_counter(enum tfm_bl1_nv_counter_id_t counter_id,uint32_t * count)66 fih_int bl1_otp_read_nv_counter(enum tfm_bl1_nv_counter_id_t counter_id,
67 uint32_t *count)
68 {
69 fih_int fih_rc;
70 enum tfm_plat_err_t plat_err;
71
72 plat_err = tfm_plat_read_nv_counter(PLAT_NV_COUNTER_BL1_0,
73 sizeof(uint32_t), (uint8_t *)count);
74 fih_rc = fih_int_encode_zero_equality(plat_err);
75
76 FIH_RET(fih_rc);
77 }
78
bl1_otp_write_nv_counter(enum tfm_bl1_nv_counter_id_t counter_id,uint32_t count)79 fih_int bl1_otp_write_nv_counter(enum tfm_bl1_nv_counter_id_t counter_id,
80 uint32_t count)
81 {
82 fih_int fih_rc;
83 enum tfm_plat_err_t plat_err;
84
85 plat_err = tfm_plat_set_nv_counter(PLAT_NV_COUNTER_BL1_0, count);
86 fih_rc = fih_int_encode_zero_equality(plat_err);
87
88 FIH_RET(fih_rc);
89 }
90
bl1_otp_read_key(enum tfm_bl1_key_id_t key_id,uint8_t * key_buf)91 fih_int bl1_otp_read_key(enum tfm_bl1_key_id_t key_id, uint8_t *key_buf)
92 {
93 fih_int fih_rc;
94 enum tfm_plat_err_t plat_err;
95
96 switch (key_id) {
97 case TFM_BL1_KEY_HUK:
98 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_HUK, 32, key_buf);
99 fih_rc = fih_int_encode_zero_equality(plat_err);
100 break;
101 case TFM_BL1_KEY_GUK:
102 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_GUK, GUK_SIZE, key_buf);
103 fih_rc = fih_int_encode_zero_equality(plat_err);
104 break;
105 case TFM_BL1_KEY_BL2_ENCRYPTION:
106 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_KEY_BL2_ENCRYPTION, 32,
107 key_buf);
108 fih_rc = fih_int_encode_zero_equality(plat_err);
109 break;
110 case TFM_BL1_KEY_ROTPK_0:
111 plat_err = tfm_plat_otp_read(PLAT_OTP_ID_BL1_ROTPK_0, 56, key_buf);
112 fih_rc = fih_int_encode_zero_equality(plat_err);
113 break;
114 default:
115 FIH_RET(FIH_FAILURE);
116 }
117
118 FIH_RET(fih_rc);
119 }
120
