1 /*
2 * SPDX-License-Identifier: BSD-3-Clause
3 * SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
4 *
5 */
6
7 #include <string.h>
8 #include "tfm_plat_crypto_keys.h"
9 #include "tfm_builtin_key_ids.h"
10 #include "tfm_plat_otp.h"
11 #include "psa_manifest/pid.h"
12 #include "tfm_builtin_key_loader.h"
13
14 #define NUMBER_OF_ELEMENTS_OF(x) sizeof(x)/sizeof(*x)
15 #define MAPPED_TZ_NS_AGENT_DEFAULT_CLIENT_ID -0x3c000000
16 #define TFM_NS_PARTITION_ID MAPPED_TZ_NS_AGENT_DEFAULT_CLIENT_ID
17 #define MAPPED_RSE_MBOX_NS_AGENT_DEFAULT_CLIENT_ID -0x04000000
18 #define TFM_NS_MAILBOX_PARTITION_ID MAPPED_RSE_MBOX_NS_AGENT_DEFAULT_CLIENT_ID
19
tfm_plat_get_huk(uint8_t * buf,size_t buf_len,size_t * key_len,psa_key_bits_t * key_bits,psa_algorithm_t * algorithm,psa_key_type_t * type)20 static enum tfm_plat_err_t tfm_plat_get_huk(uint8_t *buf, size_t buf_len,
21 size_t *key_len,
22 psa_key_bits_t *key_bits,
23 psa_algorithm_t *algorithm,
24 psa_key_type_t *type)
25 {
26 enum tfm_plat_err_t err;
27
28 err = tfm_plat_otp_read(PLAT_OTP_ID_HUK, buf_len, buf);
29 if (err != TFM_PLAT_ERR_SUCCESS) {
30 return err;
31 }
32
33 err = tfm_plat_otp_get_size(PLAT_OTP_ID_HUK, key_len);
34 if (err != TFM_PLAT_ERR_SUCCESS) {
35 return err;
36 }
37
38 *key_bits = *key_len * 8;
39 *algorithm = PSA_ALG_HKDF(PSA_ALG_SHA_256);
40 *type = PSA_KEY_TYPE_DERIVE;
41
42 return TFM_PLAT_ERR_SUCCESS;
43 }
44
45 #ifdef TFM_PARTITION_INITIAL_ATTESTATION
tfm_plat_get_iak(uint8_t * buf,size_t buf_len,size_t * key_len,psa_key_bits_t * key_bits,psa_algorithm_t * algorithm,psa_key_type_t * type)46 static enum tfm_plat_err_t tfm_plat_get_iak(uint8_t *buf, size_t buf_len,
47 size_t *key_len,
48 psa_key_bits_t *key_bits,
49 psa_algorithm_t *algorithm,
50 psa_key_type_t *type)
51 {
52 enum tfm_plat_err_t err;
53 #ifndef SYMMETRIC_INITIAL_ATTESTATION
54 psa_ecc_family_t curve_type;
55 #endif /* SYMMETRIC_INITIAL_ATTESTATION */
56
57 err = tfm_plat_otp_read(PLAT_OTP_ID_IAK_LEN,
58 sizeof(size_t), (uint8_t*)key_len);
59 if (err != TFM_PLAT_ERR_SUCCESS) {
60 return err;
61 }
62 *key_bits = *key_len * 8;
63
64 if (buf_len < *key_len) {
65 return TFM_PLAT_ERR_SYSTEM_ERR;
66 }
67
68 #ifdef SYMMETRIC_INITIAL_ATTESTATION
69 err = tfm_plat_otp_read(PLAT_OTP_ID_IAK_TYPE,
70 sizeof(psa_algorithm_t), (uint8_t*)algorithm);
71 if (err != TFM_PLAT_ERR_SUCCESS) {
72 return err;
73 }
74
75 *type = PSA_KEY_TYPE_HMAC;
76 #else /* SYMMETRIC_INITIAL_ATTESTATION */
77 err = tfm_plat_otp_read(PLAT_OTP_ID_IAK_TYPE, sizeof(psa_ecc_family_t),
78 &curve_type);
79 if (err != TFM_PLAT_ERR_SUCCESS) {
80 return err;
81 }
82
83 *algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
84 *type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve_type);
85 #endif /* SYMMETRIC_INITIAL_ATTESTATION */
86
87 return tfm_plat_otp_read(PLAT_OTP_ID_IAK, *key_len, buf);
88 }
89 #endif /* TFM_PARTITION_INITIAL_ATTESTATION */
90
91 #ifdef TFM_PARTITION_INITIAL_ATTESTATION
92 /**
93 * @brief Table describing per-user key policy for the IAK
94 *
95 */
96 static const tfm_plat_builtin_key_per_user_policy_t g_iak_per_user_policy[] = {
97 {.user = TFM_SP_INITIAL_ATTESTATION,
98 #ifdef SYMMETRIC_INITIAL_ATTESTATION
99 .usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT,
100 #else
101 .usage = PSA_KEY_USAGE_SIGN_HASH,
102 #endif /* SYMMETRIC_INITIAL_ATTESTATION */
103 },
104 #ifdef TEST_S_ATTESTATION
105 {.user = TFM_SP_SECURE_TEST_PARTITION, .usage = PSA_KEY_USAGE_VERIFY_HASH},
106 #endif /* TEST_S_ATTESTATION */
107 #ifdef TEST_NS_ATTESTATION
108 {.user = TFM_NS_PARTITION_ID, .usage = PSA_KEY_USAGE_VERIFY_HASH},
109 {.user = TFM_NS_MAILBOX_PARTITION_ID, .usage = PSA_KEY_USAGE_VERIFY_HASH},
110 #endif /* TEST_NS_ATTESTATION */
111 };
112 #endif /* TFM_PARTITION_INITIAL_ATTESTATION */
113
114 /**
115 * @brief Table describing per-key user policies
116 *
117 */
118 static const tfm_plat_builtin_key_policy_t g_builtin_keys_policy[] = {
119 {.key_id = TFM_BUILTIN_KEY_ID_HUK, .per_user_policy = 0, .usage = PSA_KEY_USAGE_DERIVE},
120 #ifdef TFM_PARTITION_INITIAL_ATTESTATION
121 {.key_id = TFM_BUILTIN_KEY_ID_IAK,
122 .per_user_policy = NUMBER_OF_ELEMENTS_OF(g_iak_per_user_policy),
123 .policy_ptr = g_iak_per_user_policy},
124 #endif /* TFM_PARTITION_INITIAL_ATTESTATION */
125 };
126
127 /**
128 * @brief Table describing the builtin-in keys (plaform keys) available in the platform. Note
129 * that to bind the keys to the tfm_builtin_key_loader driver, the lifetime must be
130 * explicitly set to the one associated to the driver, i.e. TFM_BUILTIN_KEY_LOADER_LIFETIME
131 */
132 static const tfm_plat_builtin_key_descriptor_t g_builtin_keys_desc[] = {
133 {.key_id = TFM_BUILTIN_KEY_ID_HUK,
134 .slot_number = TFM_BUILTIN_KEY_SLOT_HUK,
135 .lifetime = TFM_BUILTIN_KEY_LOADER_LIFETIME,
136 .loader_key_func = tfm_plat_get_huk},
137 #ifdef TFM_PARTITION_INITIAL_ATTESTATION
138 {.key_id = TFM_BUILTIN_KEY_ID_IAK,
139 .slot_number = TFM_BUILTIN_KEY_SLOT_IAK,
140 .lifetime = TFM_BUILTIN_KEY_LOADER_LIFETIME,
141 .loader_key_func = tfm_plat_get_iak},
142 #endif /* TFM_PARTITION_INITIAL_ATTESTATION */
143 };
144
tfm_plat_builtin_key_get_policy_table_ptr(const tfm_plat_builtin_key_policy_t * desc_ptr[])145 size_t tfm_plat_builtin_key_get_policy_table_ptr(const tfm_plat_builtin_key_policy_t *desc_ptr[])
146 {
147 *desc_ptr = &g_builtin_keys_policy[0];
148 return NUMBER_OF_ELEMENTS_OF(g_builtin_keys_policy);
149 }
150
tfm_plat_builtin_key_get_desc_table_ptr(const tfm_plat_builtin_key_descriptor_t * desc_ptr[])151 size_t tfm_plat_builtin_key_get_desc_table_ptr(const tfm_plat_builtin_key_descriptor_t *desc_ptr[])
152 {
153 *desc_ptr = &g_builtin_keys_desc[0];
154 return NUMBER_OF_ELEMENTS_OF(g_builtin_keys_desc);
155 }
156
