From 0fe605d77c57586dd4494520cfb71073f2ed760c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vidar=20Lilleb=C3=B8?= <vidar.lillebo@nordicsemi.no>
Date: Mon, 8 Apr 2024 12:13:15 +0200
Subject: [PATCH] nrf_security: Support platform keys with CMAC KDF
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Makes it possibly to use MKEK and MEXT as keys for CMAC
KDF.

Signed-off-by: Vidar Lillebø <vidar.lillebo@nordicsemi.no>
---
 .../configs/nrf-config.h.template             |  4 +++
 .../cracen/cracenpsa/include/cracen_psa.h     |  6 ++---
 .../cracen/cracenpsa/src/key_derivation.c     |  8 +++---
 .../cracen/cracenpsa/src/key_management.c     |  2 +-
 .../src/drivers/cracen/psa_driver.Kconfig     |  3 ++-
 .../src/psa_crypto_driver_wrappers.c          | 25 +++++++++++++++++++
 west.yml                                      |  2 +-
 7 files changed, 41 insertions(+), 9 deletions(-)

diff --git a/subsys/nrf_security/configs/nrf-config.h.template b/subsys/nrf_security/configs/nrf-config.h.template
index a2ebb43e6214..ccbd1d4966c4 100644
--- a/subsys/nrf_security/configs/nrf-config.h.template
+++ b/subsys/nrf_security/configs/nrf-config.h.template
@@ -31,6 +31,10 @@ extern "C" {
 #define MBEDTLS_ASN1_PARSE_C
 #endif
 
+#if defined(CONFIG_PSA_NEED_CRACEN_KEY_MANAGEMENT_DRIVER)
+#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+#endif
+
 /****************************************************************/
 /* Require built-in implementations based on PSA requirements
  *
diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa.h b/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa.h
index 6792f8bc2b68..1cfef7c894c6 100644
--- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa.h
+++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa.h
@@ -24,9 +24,9 @@
  * See "PSA Cryptography API" for documentation.
  */
 
-#define CRACEN_BUILTIN_IDENTITY_KEY_ID ((uint32_t)0x7ffff001)
-#define CRACEN_BUILTIN_MKEK_ID	       ((uint32_t)0x7ffff002)
-#define CRACEN_BUILTIN_MEXT_ID	       ((uint32_t)0x7ffff003)
+#define CRACEN_BUILTIN_IDENTITY_KEY_ID ((uint32_t)0x7fffc001)
+#define CRACEN_BUILTIN_MKEK_ID	       ((uint32_t)0x7fffc002)
+#define CRACEN_BUILTIN_MEXT_ID	       ((uint32_t)0x7fffc003)
 
 #define CRACEN_IDENTITY_KEY_SLOT_NUMBER 0
 #define CRACEN_MKEK_SLOT_NUMBER		1
diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_derivation.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_derivation.c
index f4d20389f6a8..09a76adf4889 100644
--- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_derivation.c
+++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_derivation.c
@@ -22,7 +22,7 @@
 #include <string.h>
 
 #define uint32_to_be(i)                                                                            \
-	((((i) & 0xFF) << 24) | ((((i) >> 8) & 0xFF) << 16) | ((((i) >> 16) & 0xFF) << 8) |        \
+	((((i)&0xFF) << 24) | ((((i) >> 8) & 0xFF) << 16) | ((((i) >> 16) & 0xFF) << 8) |          \
 	 (((i) >> 24) & 0xFF))
 
 static psa_status_t ecc_key_agreement_check_alg(psa_algorithm_t alg)
@@ -646,7 +646,8 @@ psa_status_t cracen_key_derivation_input_key(cracen_key_derivation_operation_t *
 	psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
 
 	if (operation->alg != PSA_ALG_SP800_108_COUNTER_CMAC) {
-		return PSA_ERROR_NOT_SUPPORTED;
+		return cracen_key_derivation_input_bytes(operation, step, key_buffer,
+							 key_buffer_size);
 	}
 
 	if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) {
@@ -1085,7 +1086,8 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_
 
 	if (IS_ENABLED(PSA_NEED_CRACEN_SP800_108_COUNTER_CMAC) &&
 	    (operation->alg == PSA_ALG_SP800_108_COUNTER_CMAC)) {
-		if (operation->state == CRACEN_KD_STATE_CMAC_CTR_INPUT_LABEL ||
+		if (operation->state == CRACEN_KD_STATE_CMAC_CTR_KEY_LOADED ||
+		    operation->state == CRACEN_KD_STATE_CMAC_CTR_INPUT_LABEL ||
 		    operation->state == CRACEN_KD_STATE_CMAC_CTR_INPUT_CONTEXT ||
 		    operation->state == CRACEN_KD_STATE_CMAC_CTR_OUTPUT) {
 			if (operation->state != CRACEN_KD_STATE_CMAC_CTR_OUTPUT) {
diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c
index 4611939986ad..b06fbc8954d9 100644
--- a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c
+++ b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c
@@ -1217,7 +1217,7 @@ psa_status_t cracen_get_builtin_key(psa_drv_slot_number_t slot_number,
 							 PSA_KEY_LOCATION_CRACEN));
 		psa_set_key_type(attributes, PSA_KEY_TYPE_AES);
 		psa_set_key_bits(attributes, 256);
-		psa_set_key_algorithm(attributes, PSA_ALG_CMAC);
+		psa_set_key_algorithm(attributes, PSA_ALG_SP800_108_COUNTER_CMAC);
 		psa_set_key_usage_flags(attributes,
 					PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_VERIFY_DERIVATION);
 
diff --git a/subsys/nrf_security/src/drivers/cracen/psa_driver.Kconfig b/subsys/nrf_security/src/drivers/cracen/psa_driver.Kconfig
index 5e38c7bc7a04..6f505a14fbab 100644
--- a/subsys/nrf_security/src/drivers/cracen/psa_driver.Kconfig
+++ b/subsys/nrf_security/src/drivers/cracen/psa_driver.Kconfig
@@ -1688,7 +1688,8 @@ config PSA_NEED_CRACEN_KEY_MANAGEMENT_DRIVER
 		   PSA_NEED_CRACEN_KEY_TYPE_SRP_6_3072              	  || \
 		   PSA_NEED_CRACEN_KEY_TYPE_RSA_PUBLIC_KEY                || \
 		   PSA_NEED_CRACEN_KEY_TYPE_RSA_KEY_PAIR_IMPORT           || \
-		   PSA_NEED_CRACEN_KEY_TYPE_RSA_KEY_PAIR_EXPORT
+		   PSA_NEED_CRACEN_KEY_TYPE_RSA_KEY_PAIR_EXPORT           || \
+		   PSA_NEED_CRACEN_KEY_DERIVATION_DRIVER
 
 # CRACEN MAC Driver
 
diff --git a/subsys/nrf_security/src/psa_crypto_driver_wrappers.c b/subsys/nrf_security/src/psa_crypto_driver_wrappers.c
index 407d669787d2..d71adfebbc1f 100644
--- a/subsys/nrf_security/src/psa_crypto_driver_wrappers.c
+++ b/subsys/nrf_security/src/psa_crypto_driver_wrappers.c
@@ -2199,6 +2199,31 @@ psa_driver_wrapper_key_derivation_input_bytes(psa_key_derivation_operation_t *op
 	}
 }
 
+psa_status_t psa_driver_wrapper_key_derivation_input_key(psa_key_derivation_operation_t *operation,
+							 psa_key_derivation_step_t step,
+							 psa_key_attributes_t *attributes,
+							 const uint8_t *data, size_t data_length)
+{
+	switch (operation->id) {
+#if defined(PSA_NEED_CRACEN_KEY_DERIVATION_DRIVER)
+	case PSA_CRYPTO_CRACEN_DRIVER_ID:
+		return cracen_key_derivation_input_key(&operation->ctx.cracen_kdf_ctx, step,
+						       attributes, data, data_length);
+#endif /* PSA_NEED_CRACEN_KEY_DERIVATION_DRIVER */
+#if defined(PSA_NEED_OBERON_KEY_DERIVATION_DRIVER)
+	case PSA_CRYPTO_OBERON_DRIVER_ID:
+		return oberon_key_derivation_input_bytes(&operation->ctx.oberon_kdf_ctx, step, data,
+							 data_length);
+#endif /* PSA_NEED_OBERON_KEY_DERIVATION_DRIVER */
+
+	default:
+		(void)step;
+		(void)data;
+		(void)data_length;
+		return PSA_ERROR_BAD_STATE;
+	}
+}
+
 psa_status_t
 psa_driver_wrapper_key_derivation_input_integer(psa_key_derivation_operation_t *operation,
 						psa_key_derivation_step_t step, uint64_t value)
diff --git a/west.yml b/west.yml
index 2d1c5a543d5d..2262ee85a905 100644
--- a/west.yml
+++ b/west.yml
@@ -144,7 +144,7 @@ manifest:
     - name: oberon-psa-crypto
       path: modules/crypto/oberon-psa-crypto
       repo-path: sdk-oberon-psa-crypto
-      revision: 5028cb64083e01122e9360f59854fbf3d36e203d
+      revision: c6f564e8e09ac73cc31380e4042bd932013232d0
     - name: nrfxlib
       repo-path: sdk-nrfxlib
       path: nrfxlib