diff --git a/drivers/auth/cryptocell/cryptocell_crypto.c b/drivers/auth/cryptocell/cryptocell_crypto.c index a507d0a..6bf27a9 100644 --- a/drivers/auth/cryptocell/cryptocell_crypto.c +++ b/drivers/auth/cryptocell/cryptocell_crypto.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -303,4 +303,3 @@ */ REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash); - diff --git a/drivers/auth/cryptocell/cryptocell_crypto.mk b/drivers/auth/cryptocell/cryptocell_crypto.mk index a631829..27c1e85 100644 --- a/drivers/auth/cryptocell/cryptocell_crypto.mk +++ b/drivers/auth/cryptocell/cryptocell_crypto.mk @@ -20,7 +20,8 @@ TF_LDFLAGS += -L$(CCSBROM_LIB_PATH) LDLIBS += -lcc_712sbromx509 -CRYPTOCELL_SOURCES := drivers/auth/cryptocell/cryptocell_crypto.c +CRYPTOCELL_SOURCES := drivers/auth/cryptocell/cryptocell_crypto.c \ + drivers/auth/cryptocell/cryptocell_plat_helpers.c -BL1_SOURCES += ${CRYPTOCELL_SOURCES} -BL2_SOURCES += ${CRYPTOCELL_SOURCES} +BL1_SOURCES += ${CRYPTOCELL_SOURCES} +BL2_SOURCES += ${CRYPTOCELL_SOURCES} diff --git a/drivers/auth/cryptocell/cryptocell_plat_helpers.c b/drivers/auth/cryptocell/cryptocell_plat_helpers.c new file mode 100644 index 0000000..1bd9c6b --- /dev/null +++ b/drivers/auth/cryptocell/cryptocell_plat_helpers.c @@ -0,0 +1,113 @@ +/* + * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include +#include +#include + +#include + +#include +#include + +#include +#include +#include +#include + +/* + * Return the ROTPK hash + * + * dst: buffer into which the ROTPK hash will be copied into + * len: length of the provided buffer, which must be at least enough for a + * SHA256 hash + * flags: a pointer to integer that will be set to indicate the ROTPK status + * + * Return: 0 = success, Otherwise = error + */ +int cc_get_rotpk_hash(unsigned char *dst, unsigned int len, unsigned int *flags) +{ + CCError_t error; + uint32_t lcs; + + assert(dst != NULL); + assert(len >= HASH_RESULT_SIZE_IN_WORDS); + assert(flags != NULL); + + error = NVM_GetLCS(PLAT_CRYPTOCELL_BASE, &lcs); + if (error != CC_OK) + return 1; + + /* If the lifecycle state is `SD`, return failure */ + if (lcs == CC_BSV_SECURITY_DISABLED_LCS) + return 1; + + /* + * If the lifecycle state is `CM` or `DM`, ROTPK shouldn't be verified. + * Return success after setting ROTPK_NOT_DEPLOYED flag + */ + if ((lcs == CC_BSV_CHIP_MANUFACTURE_LCS) || + (lcs == CC_BSV_DEVICE_MANUFACTURE_LCS)) { + *flags = ROTPK_NOT_DEPLOYED; + return 0; + } + + /* Copy the DER header */ + error = NVM_ReadHASHPubKey(PLAT_CRYPTOCELL_BASE, + CC_SB_HASH_BOOT_KEY_256B, + (uint32_t *)dst, HASH_RESULT_SIZE_IN_WORDS); + if (error != CC_OK) + return 1; + + *flags = ROTPK_IS_HASH; + return 0; +} + +/* + * Return the non-volatile counter value stored in the platform. The cookie + * specifies the OID of the counter in the certificate. + * + * Return: 0 = success, Otherwise = error + */ +int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr) +{ + CCError_t error = CC_FAIL; + + if (strcmp(cookie, TRUSTED_FW_NVCOUNTER_OID) == 0) { + error = NVM_GetSwVersion(PLAT_CRYPTOCELL_BASE, + CC_SW_VERSION_COUNTER1, nv_ctr); + } else if (strcmp(cookie, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { + error = NVM_GetSwVersion(PLAT_CRYPTOCELL_BASE, + CC_SW_VERSION_COUNTER2, nv_ctr); + } + + return (error != CC_OK); +} + +/* + * Store a new non-volatile counter value in the counter specified by the OID + * in the cookie. This function is not expected to be called if the Lifecycle + * state is RMA as the values in the certificate are expected to always match + * the nvcounter values. But if called when the LCS is RMA, the underlying + * helper functions will return success but without updating the counter. + * + * Return: 0 = success, Otherwise = error + */ +int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr) +{ + CCError_t error = CC_FAIL; + + if (strcmp(cookie, TRUSTED_FW_NVCOUNTER_OID) == 0) { + error = NVM_SetSwVersion(PLAT_CRYPTOCELL_BASE, + CC_SW_VERSION_COUNTER1, nv_ctr); + } else if (strcmp(cookie, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { + error = NVM_SetSwVersion(PLAT_CRYPTOCELL_BASE, + CC_SW_VERSION_COUNTER2, nv_ctr); + } + + return (error != CC_OK); +} + diff --git a/include/drivers/arm/cryptocell/cc_rotpk.h b/include/drivers/arm/cryptocell/cc_rotpk.h new file mode 100644 index 0000000..9398496 --- /dev/null +++ b/include/drivers/arm/cryptocell/cc_rotpk.h @@ -0,0 +1,13 @@ +/* + * Copyright (c) 2019, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef _CC_ROTPK_H +#define _CC_ROTPK_H + +int cc_get_rotpk_hash(unsigned char *dst, unsigned int len, + unsigned int *flags); + +#endif diff --git a/plat/arm/board/common/board_arm_trusted_boot.c b/plat/arm/board/common/board_arm_trusted_boot.c index e3c6805..c71e932 100644 --- a/plat/arm/board/common/board_arm_trusted_boot.c +++ b/plat/arm/board/common/board_arm_trusted_boot.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -181,12 +181,7 @@ } #else /* ARM_CRYPTOCELL_INTEG */ -#include -#include -#include - -CASSERT(HASH_RESULT_SIZE_IN_BYTES == SHA256_BYTES, - assert_mismatch_in_hash_result_size); +#include /* * Return the ROTPK hash in the following ASN.1 structure in DER format: @@ -205,90 +200,16 @@ unsigned int *flags) { unsigned char *dst; - CCError_t error; - uint32_t lcs; assert(key_ptr != NULL); assert(key_len != NULL); assert(flags != NULL); - error = NVM_GetLCS(PLAT_CRYPTOCELL_BASE, &lcs); - if (error != CC_OK) - return 1; - - /* If the lifecycle state is `SD`, return failure */ - if (lcs == CC_BSV_SECURITY_DISABLED_LCS) - return 1; - - /* - * If the lifecycle state is `CM` or `DM`, ROTPK shouldn't be verified. - * Return success after setting ROTPK_NOT_DEPLOYED flag - */ - if ((lcs == CC_BSV_CHIP_MANUFACTURE_LCS) || - (lcs == CC_BSV_DEVICE_MANUFACTURE_LCS)) { - *key_len = 0; - *flags = ROTPK_NOT_DEPLOYED; - return 0; - } - /* Copy the DER header */ memcpy(rotpk_hash_der, rotpk_hash_hdr, rotpk_hash_hdr_len); dst = &rotpk_hash_der[rotpk_hash_hdr_len]; - error = NVM_ReadHASHPubKey(PLAT_CRYPTOCELL_BASE, - CC_SB_HASH_BOOT_KEY_256B, - (uint32_t *)dst, HASH_RESULT_SIZE_IN_WORDS); - if (error != CC_OK) - return 1; - *key_ptr = rotpk_hash_der; *key_len = sizeof(rotpk_hash_der); - *flags = ROTPK_IS_HASH; - return 0; + return cc_get_rotpk_hash(dst, SHA256_BYTES, flags); } - -/* - * Return the non-volatile counter value stored in the platform. The cookie - * specifies the OID of the counter in the certificate. - * - * Return: 0 = success, Otherwise = error - */ -int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr) -{ - CCError_t error = CC_FAIL; - - if (strcmp(cookie, TRUSTED_FW_NVCOUNTER_OID) == 0) { - error = NVM_GetSwVersion(PLAT_CRYPTOCELL_BASE, - CC_SW_VERSION_COUNTER1, nv_ctr); - } else if (strcmp(cookie, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { - error = NVM_GetSwVersion(PLAT_CRYPTOCELL_BASE, - CC_SW_VERSION_COUNTER2, nv_ctr); - } - - return (error != CC_OK); -} - -/* - * Store a new non-volatile counter value in the counter specified by the OID - * in the cookie. This function is not expected to be called if the Lifecycle - * state is RMA as the values in the certificate are expected to always match - * the nvcounter values. But if called when the LCS is RMA, the underlying - * helper functions will return success but without updating the counter. - * - * Return: 0 = success, Otherwise = error - */ -int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr) -{ - CCError_t error = CC_FAIL; - - if (strcmp(cookie, TRUSTED_FW_NVCOUNTER_OID) == 0) { - error = NVM_SetSwVersion(PLAT_CRYPTOCELL_BASE, - CC_SW_VERSION_COUNTER1, nv_ctr); - } else if (strcmp(cookie, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { - error = NVM_SetSwVersion(PLAT_CRYPTOCELL_BASE, - CC_SW_VERSION_COUNTER2, nv_ctr); - } - - return (error != CC_OK); -} - #endif /* ARM_CRYPTOCELL_INTEG */