core: introduce CFG_CORE_HUK_SUBKEY_COMPAT

Adds CFG_CORE_HUK_SUBKEY_COMPAT which if set to 'y' makes huk_subkey_derive() produce RPMB and SSK keys identical to the legacy code. Reviewed-by: Joakim Bech <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>
vingu-linaro · Apr 30, 2019 · 1788873 · 1788873
1 parent fa0525f
commit 1788873
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 0 deletions.
diff --git a/core/kernel/huk_subkey.c b/core/kernel/huk_subkey.c
@@ -6,13 +6,56 @@
 #include <crypto/crypto.h>
 #include <kernel/huk_subkey.h>
 #include <kernel/tee_common_otp.h>
+#include <tee/tee_fs_key_manager.h>
 
 static TEE_Result mac_usage(void *ctx, uint32_t usage)
 {
 	return crypto_mac_update(ctx, TEE_ALG_HMAC_SHA256,
 				 (const void *)&usage, sizeof(usage));
 }
 
+#ifdef CFG_CORE_HUK_SUBKEY_COMPAT
+/*
+ * This gives the result of the default tee_otp_get_die_id()
+ * implementation.
+ */
+static void get_dummy_die_id(uint8_t *buffer, size_t len)
+{
+	static const char pattern[4] = { 'B', 'E', 'E', 'F' };
+	size_t i;
+
+	for (i = 0; i < len; i++)
+		buffer[i] = pattern[i % 4];
+}
+
+/*
+ * This does special treatment for RPMB and SSK key derivations to give
+ * the same result as when huk_subkey_derive() wasn't used.
+ */
+static TEE_Result huk_compat(void *ctx, enum huk_subkey_usage usage)
+{
+	TEE_Result res = TEE_SUCCESS;
+	uint8_t chip_id[TEE_FS_KM_CHIP_ID_LENGTH] = { 0 };
+	static uint8_t ssk_str[] = "ONLY_FOR_tee_fs_ssk";
+
+	switch (usage) {
+	case HUK_SUBKEY_RPMB:
+		return TEE_SUCCESS;
+	case HUK_SUBKEY_SSK:
+		get_dummy_die_id(chip_id, sizeof(chip_id));
+		res = crypto_mac_update(ctx, TEE_ALG_HMAC_SHA256,
+					chip_id, sizeof(chip_id));
+		if (res)
+			return res;
+		return crypto_mac_update(ctx, TEE_ALG_HMAC_SHA256,
+					 ssk_str, sizeof(ssk_str));
+	default:
+		return mac_usage(ctx, usage);
+	}
+
+}
+#endif /*CFG_CORE_HUK_SUBKEY_COMPAT*/
+
 TEE_Result huk_subkey_derive(enum huk_subkey_usage usage,
 			     const void *const_data, size_t const_data_len,
 			     uint8_t *subkey, size_t subkey_len)
@@ -39,7 +82,11 @@ TEE_Result huk_subkey_derive(enum huk_subkey_usage usage,
 	if (res)
 		goto out;
 
+#ifdef CFG_CORE_HUK_SUBKEY_COMPAT
+	res = huk_compat(ctx, usage);
+#else
 	res = mac_usage(ctx, usage);
+#endif
 	if (res)
 		goto out;
 

diff --git a/mk/config.mk b/mk/config.mk
@@ -463,3 +463,5 @@ $(call force,CFG_CORE_RWDATA_NOEXEC,y)
 CFG_VIRT_GUEST_COUNT ?= 2
 endif
 
+# Enables backwards compatible derivation of RPMB and SSK keys
+CFG_CORE_HUK_SUBKEY_COMPAT ?= y