diff options
| author | Summer Qin <summer.qin@arm.com> | 2020-12-07 14:03:37 +0800 |
|---|---|---|
| committer | Summer Qin <summer.qin@arm.com> | 2021-05-08 10:31:08 +0800 |
| commit | a5448d601df8de06837ecfe8010c22253e3fb4be (patch) | |
| tree | efa1dedd515823ba330ecd6b8e5f07d37ffbb5ff /platform/include | |
| parent | d36e51fda4395aabb7a735262f9a5b836963b78d (diff) | |
Crypto: Add support for NV seed entropy
Add support for NV seed entropy based on MbedTLS in Crypto service.
Seed read and write operations use ITS services. Currently, only
support in IPC model since library model doesn't allow one partition
call another one during partition init process.
Port a reference implementation on AN521.
Change-Id: I4b5dd5ed667509a94a03efd97b80dd7420d9621e
Signed-off-by: Summer Qin <summer.qin@arm.com>
Diffstat (limited to 'platform/include')
| -rw-r--r-- | platform/include/tfm_plat_crypto_dummy_nv_seed.h | 21 | ||||
| -rw-r--r-- | platform/include/tfm_plat_crypto_nv_seed.h | 41 |
2 files changed, 62 insertions, 0 deletions
diff --git a/platform/include/tfm_plat_crypto_dummy_nv_seed.h b/platform/include/tfm_plat_crypto_dummy_nv_seed.h new file mode 100644 index 000000000..08bec766b --- /dev/null +++ b/platform/include/tfm_plat_crypto_dummy_nv_seed.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2021, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#ifndef __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__ +#define __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__ + +#include "tfm_plat_crypto_nv_seed.h" + +/** + * \brief Create a dummy entropy seed when platform doesn't provision the seed. + * Do NOT call this function in production. + * + * \return Return TFM_CRYPTO_NV_SEED_SUCCESS on success, + * or TFM_CRYPTO_NV_SEED_FAILED on failure. + */ +int tfm_plat_crypto_create_entropy_seed(void); + +#endif /* __TFM_PLAT_CRYPTO_DUMMY_NV_SEED_H__ */ diff --git a/platform/include/tfm_plat_crypto_nv_seed.h b/platform/include/tfm_plat_crypto_nv_seed.h new file mode 100644 index 000000000..39b9e377c --- /dev/null +++ b/platform/include/tfm_plat_crypto_nv_seed.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2021, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#ifndef __TFM_PLAT_CRYPTO_NV_SEED_H__ +#define __TFM_PLAT_CRYPTO_NV_SEED_H__ + +#include <stddef.h> + +#ifndef NV_SEED_FILE_ID +#define NV_SEED_FILE_ID 9 +#endif + +#define TFM_CRYPTO_NV_SEED_SUCCESS 0 +#define TFM_CRYPTO_NV_SEED_FAILED -1 + +/** + * \brief Read Seed from NV storage. + * + * \param[out] buf Buffer to store the seed + * \param[in] buf_len Buffer length to read + * + * \return Return TFM_CRYPTO_NV_SEED_SUCCESS on success, + * or TFM_CRYPTO_NV_SEED_FAILED on failure. + */ +int tfm_plat_crypto_nv_seed_read(unsigned char *buf, size_t buf_len); + +/** + * \brief Write Seed to NV storage. + * + * \param[in] buf Buffer storing the seed + * \param[in] buf_len Buffer length to write + * + * \return Return TFM_CRYPTO_NV_SEED_SUCCESS on success, + * or TFM_CRYPTO_NV_SEED_FAILED on failure. + */ +int tfm_plat_crypto_nv_seed_write(unsigned char *buf, size_t buf_len); + +#endif /* __TFM_PLAT_CRYPTO_NV_SEED_H__ */ |