Platform: AN552: Create unique provisioning bundle

If TFM_DUMMY_PROVISIONING is OFF then calculate the
hash of the new private keys' public pair and use that for
provisioning.
The other keys can also be generated if needed or can be
set in the config files.

The provisioning bundle build is supported by armclang, gcc
and iar as well.

Change-Id: I32af4a34720cfa0aeda1220499aa9404a0056cad
Signed-off-by: Dávid Házi <[email protected]>
Signed-off-by: Bence Balogh <[email protected]>

Author: bence-balogh

docs/platform/arm/mps3/an552/README.rst

@@ -26,6 +26,27 @@ Build instructions with platform name: arm/mps3/an552
    provisioning code and provisioning values. The provisioning bundle has to be placed
    on the ``0x10022000`` address.
 
+.. note::
+
+   If ``-DPLATFORM_DEFAULT_PROVISIONING=OFF`` and ``-DTFM_DUMMY_PROVISIONING=OFF`` are set
+   then unique values can be used for provisioning. The ${MCUBOOT_KEY_S} and ${MCUBOOT_KEY_NS}
+   will be used for signing and provisioning so any unique private signing key can be used.
+   If ``-DMCUBOOT_GENERATE_SIGNING_KEYPAIR=ON`` is set then a new mcuboot signing public and private
+   keypair is going to be generated and it's going to be used to sign the S and NS binaries.
+
+   The hash of the public key is going to be written into the ``provisioning_data.c`` automatically.
+   The other keys and seeds can be changed by passing the new values to the build command,
+   otherwise the default values going to be used:
+   ``tf-m/platform/ext/target/arm/mps3/an552/provisioning/provisioning_config.cmake``
+   Optionally it's possible to pass a new config file with the ``-DPROVISIONING_KEYS_CONFIG``
+   flag.
+
+   The new generated keypair can be found in the ``<build dir>/bin`` folder or in the
+   ``<install directory>/image_signing/keys`` after installation.
+   The generated provisioning_data.c file can be found at
+   ``<build directory>/platform/target/provisioning/provisioning_data.c``
+
+
 To run the example code on AN552
 --------------------------------
 FPGA image is available to download `here <https://developer.arm.com/tools-and-software/development-boards/fpga-prototyping-boards/download-fpga-images>`__

platform/ext/target/arm/mps3/an552/config.cmake

@@ -10,6 +10,7 @@
 # Make FLIH IRQ test as the default IRQ test on Corstone-310
 set(TEST_NS_SLIH_IRQ                  OFF   CACHE BOOL    "Whether to build NS regression Second-Level Interrupt Handling tests")
 set(PSA_API_TEST_TARGET           "cs3x0"   CACHE STRING  "PSA_API_TARGET name")
+set(PROVISIONING_KEYS_CONFIG      "${CMAKE_SOURCE_DIR}/platform/ext/target/arm/mps3/an552/provisioning/provisioning_config.cmake"   CACHE FILEPATH  "The config file which has the keys and seeds for provisioning")
 
 if(BL2)
     set(BL2_TRAILER_SIZE 0x800 CACHE STRING "Trailer size")

platform/ext/target/arm/mps3/an552/provisioning/CMakeLists.txt

@@ -10,14 +10,24 @@ find_package(Python3)
 
 add_executable(provisioning_bundle)
 
+# The armclang toolchain file does not set the CMAKE_OBJCOPY
+# but it's used for the armclang build as well.
+unset(CMAKE_OBJCOPY CACHE)
+find_program(CMAKE_OBJCOPY NAMES "arm-none-eabi-objcopy")
+if(NOT CMAKE_OBJCOPY)
+    message(FATAL_ERROR "GNU ARM objcopy not found!")
+endif()
+
 set_target_properties(provisioning_bundle
     PROPERTIES
         SUFFIX ".axf"
+        RUNTIME_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/bin"
 )
 
 target_add_scatter_file(provisioning_bundle
     $<$<C_COMPILER_ID:ARMClang>:${CMAKE_CURRENT_SOURCE_DIR}/provisioning_bundle.sct>
     $<$<C_COMPILER_ID:GNU>:${CMAKE_CURRENT_SOURCE_DIR}/provisioning_bundle.ld>
+    $<$<C_COMPILER_ID:IAR>:${CMAKE_CURRENT_SOURCE_DIR}/provisioning_bundle.icf>
 )
 
 target_link_options(provisioning_bundle
@@ -35,7 +45,7 @@ target_link_options(provisioning_bundle
 target_sources(provisioning_bundle
     PRIVATE
         ./provisioning_code.c
-        $<$<BOOL:${TFM_DUMMY_PROVISIONING}>:./dummy_provisioning_data.c>
+        $<IF:$<BOOL:${TFM_DUMMY_PROVISIONING}>,dummy_provisioning_data.c,${CMAKE_CURRENT_BINARY_DIR}/provisioning_data.c>
 )
 
 target_include_directories(provisioning_bundle
@@ -101,3 +111,38 @@ target_include_directories(platform_bl2
     INTERFACE
         .
 )
+
+if(NOT TFM_DUMMY_PROVISIONING)
+    include(${PROVISIONING_KEYS_CONFIG})
+    add_custom_target(provisioning_data
+        SOURCES
+            provisioning_data.c
+    )
+
+    add_custom_command(OUTPUT provisioning_data.c
+        # FIXME: combining the two generator prepends the current path, so two is used
+        DEPENDS $<IF:$<BOOL:${MCUBOOT_GENERATE_SIGNING_KEYPAIR}>,generated_private_key,>
+                $<IF:$<BOOL:${MCUBOOT_GENERATE_SIGNING_KEYPAIR}>,$<TARGET_FILE_DIR:bl2>/generated_private_key_s.pem,${MCUBOOT_KEY_S}>
+        # FIXME: combining the two generator prepends the current path, so two is used
+        DEPENDS $<IF:$<BOOL:${MCUBOOT_GENERATE_SIGNING_KEYPAIR}>,generated_private_key,>
+                $<IF:$<BOOL:${MCUBOOT_GENERATE_SIGNING_KEYPAIR}>,$<TARGET_FILE_DIR:bl2>/generated_private_key_ns.pem,${MCUBOOT_KEY_NS}>
+        DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/provisioning_data_template.jinja2
+        DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/create_provisioning_data.py
+        WORKING_DIRECTORY ${MCUBOOT_PATH}/scripts
+        COMMAND ${Python3_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/create_provisioning_data.py
+            ${CMAKE_CURRENT_BINARY_DIR}/provisioning_data.c
+            --bl2_rot_priv_key_0 ${MCUBOOT_KEY_S}
+            --bl2_rot_priv_key_1 ${MCUBOOT_KEY_NS}
+            --template_path ${CMAKE_CURRENT_SOURCE_DIR}
+            --secure_debug_pk ${SECURE_DEBUG_PK}
+            --huk ${HUK}
+            --iak ${IAK}
+            --boot_seed ${BOOT_SEED}
+            --implementation_id ${IMPLEMENTATION_ID}
+            --certification_reference ${CERTIFICATION_REFERENCE}
+            --verification_service_url ${VERIFICATION_SERVICE_URL}
+            --entropy_seed ${ENTROPY_SEED}
+
+    )
+
+endif()

platform/ext/target/arm/mps3/an552/provisioning/bl2_provisioning.c

@@ -70,7 +70,7 @@ enum tfm_plat_err_t tfm_plat_provisioning_perform(void)
 
     if (lcs == PLAT_OTP_LCS_ASSEMBLY_AND_TEST) {
 
-        BOOT_LOG_INF("[INF] Waiting for CM provisioning bundle\r\n");
+        BOOT_LOG_INF("[INF] Waiting for provisioning bundle\r\n");
         while (encrypted_bundle->magic != BUNDLE_MAGIC ||
                encrypted_bundle->magic2 != BUNDLE_MAGIC) {
         }

platform/ext/target/arm/mps3/an552/provisioning/create_provisioning_data.py

@@ -0,0 +1,140 @@
+#! /usr/bin/env python3
+#
+# -----------------------------------------------------------------------------
+# Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+# -----------------------------------------------------------------------------
+
+import re
+import os
+import sys
+import click
+from jinja2 import Environment, FileSystemLoader
+from cryptography.hazmat.primitives.hashes import Hash, SHA256
+
+# Add the cwd to the path so that if there is a version of imgtool in there then
+# it gets used over the system imgtool. Used so that imgtool from upstream
+# mcuboot is preferred over system imgtool
+cwd = os.getcwd()
+sys.path = [cwd] + sys.path
+import imgtool
+import imgtool.main
+
+parser_path = os.path.abspath(os.path.join(os.path.dirname(__file__), '../'))
+sys.path.append(parser_path)
+
+
+sign_bin_size_re = re.compile(r"^\s*RE_SIGN_BIN_SIZE\s*=\s*(.*)")
+load_addr_re = re.compile(r"^\s*RE_IMAGE_LOAD_ADDRESS\s*=\s*(.*)")
+rom_fixed_re = re.compile(r"^\s*RE_IMAGE_ROM_FIXED\s*=\s*(.*)")
+
+#This works around Python 2 and Python 3 handling character encodings
+#differently. More information about this issue at
+#https://click.palletsprojects.com/en/5.x/python3
+os.environ['LC_ALL'] = 'C.UTF-8'
+os.environ['LANG'] = 'C.UTF-8'
+
+
+def get_key_hash_c_array(key_file):
+    key = imgtool.main.load_key(key_file)
+    digest = Hash(SHA256())
+    digest.update(key.get_public_bytes())
+    return hex_to_c_array(digest.finalize())
+
+
+@click.argument('outfile')
+@click.option('--bl2_rot_priv_key_0', metavar='filename', required=True)
+@click.option('--bl2_rot_priv_key_1', metavar='filename', required=False)
+@click.option('--bl2_rot_priv_key_2', metavar='filename', required=False)
+@click.option('--bl2_rot_priv_key_3', metavar='filename', required=False)
+@click.option('--template_path', metavar='filename', required=True)
+@click.option('--secure_debug_pk', metavar='key', required=False)
+@click.option('--huk', metavar='key', required=False)
+@click.option('--iak', metavar='key', required=False)
+@click.option('--boot_seed', metavar='seed', required=False)
+@click.option('--implementation_id', metavar='id', required=False)
+@click.option('--certification_reference', metavar='reference', required=True)
+@click.option('--verification_service_url', metavar='url', required=True)
+@click.option('--entropy_seed', metavar='seed', required=False)
+@click.command(help='''Create a signed or unsigned image\n
+               INFILE and OUTFILE are parsed as Intel HEX if the params have
+               .hex extension, otherwise binary format is used''')
+def generate_provisioning_data_c(outfile, bl2_rot_priv_key_0,
+                                 bl2_rot_priv_key_1,
+                                 template_path, bl2_rot_priv_key_2,
+                                 bl2_rot_priv_key_3,
+                                 secure_debug_pk, huk, iak, boot_seed,
+                                 implementation_id,
+                                 certification_reference,
+                                 verification_service_url,
+                                 entropy_seed):
+
+    environment = Environment(loader=FileSystemLoader(template_path))
+    template = environment.get_template("provisioning_data_template.jinja2")
+
+    # getpubhash cannot be called directly because of its click decorators
+    bl2_rot_pub_key_0_hash = ""
+    if bool(bl2_rot_priv_key_0) is True:
+        bl2_rot_pub_key_0_hash = get_key_hash_c_array(bl2_rot_priv_key_0)
+
+    bl2_rot_pub_key_1_hash = ""
+    if bool(bl2_rot_priv_key_1) is True:
+        bl2_rot_pub_key_1_hash = get_key_hash_c_array(bl2_rot_priv_key_1)
+
+    bl2_rot_pub_key_2_hash = ""
+    if bool(bl2_rot_priv_key_2) is True:
+        bl2_rot_pub_key_2_hash = get_key_hash_c_array(bl2_rot_priv_key_2)
+
+    bl2_rot_pub_key_3_hash = ""
+    if bool(bl2_rot_priv_key_3) is True:
+        bl2_rot_pub_key_3_hash = get_key_hash_c_array(bl2_rot_priv_key_3)
+
+    if bool(huk) is False:
+        huk = hex_to_c_array(os.urandom(32))
+
+    if bool(iak) is False:
+        iak = hex_to_c_array(os.urandom(32))
+
+    if bool(boot_seed) is False:
+        boot_seed = hex_to_c_array(os.urandom(32))
+
+    if bool(implementation_id) is False:
+        implementation_id = hex_to_c_array(os.urandom(32))
+
+    if bool(entropy_seed) is False:
+        entropy_seed = hex_to_c_array(os.urandom(64))
+
+    key_arrays = {
+        "bl2_rotpk_0": bl2_rot_pub_key_0_hash,
+        "bl2_rotpk_1": bl2_rot_pub_key_1_hash,
+        "bl2_rotpk_2": bl2_rot_pub_key_2_hash,
+        "bl2_rotpk_3": bl2_rot_pub_key_3_hash,
+        "secure_debug_pk": secure_debug_pk,
+        "huk": huk,
+        "iak": iak,
+        "iak_len": "32",
+        "boot_seed": boot_seed,
+        "implementation_id": implementation_id,
+        "certification_reference": certification_reference,
+        "verification_service_url": verification_service_url,
+        "entropy_seed": entropy_seed
+    }
+
+    with open(outfile, "w") as F:
+        F.write(template.render(key_arrays))
+
+
+def hex_to_c_array(hex_val):
+    c_array = ""
+    for count, b in enumerate(hex_val):
+        if count % 8 == 0 and count != 0:
+            c_array = c_array + '\n'
+        c_array = c_array + "0x{:02x}, ".format(b)
+
+    return c_array
+
+
+if __name__ == '__main__':
+    generate_provisioning_data_c()

platform/ext/target/arm/mps3/an552/provisioning/provisioning_bundle.icf

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2023 Arm Limited. All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "region_defs.h"
+
+do not initialize { section .noinit };
+do not initialize { readwrite };
+
+define block VALUES with fixed order, maximum size = PROVISIONING_BUNDLE_VALUES_SIZE {
+       ro object *provisioning_data.o
+};
+"VALUES": place at address PROVISIONING_BUNDLE_VALUES_START { block VALUES };
+
+define ram region DATA = [from PROVISIONING_BUNDLE_DATA_START size PROVISIONING_BUNDLE_DATA_SIZE];
+
+define block RW_DATA {
+    rw data
+};
+"RW_DATA": place at start of DATA { block RW_DATA };
+
+define block RO_DATA {
+    ro data
+} except  {
+    ro object *provisioning_data.o
+};
+"RO_DATA": place in DATA { block RO_DATA };
+
+define block BSS_DATA {
+    zi section .bss
+};
+"BSS_DATA": place in DATA { block BSS_DATA };
+
+define block CODE with fixed order, alignment = 4, maximum size = PROVISIONING_BUNDLE_CODE_SIZE {
+    ro section DO_PROVISION,
+    ro code,
+};
+"CODE": place at address PROVISIONING_BUNDLE_CODE_START { block CODE };

platform/ext/target/arm/mps3/an552/provisioning/provisioning_bundle.ld

@@ -59,7 +59,7 @@ SECTIONS
 
     VALUES :
     {
-        *_provisioning_data.o(.rodata.data)
+        *provisioning_data.o(.rodata.data)
     } > VALUES
 
 }

platform/ext/target/arm/mps3/an552/provisioning/provisioning_config.cmake

@@ -0,0 +1,48 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2023, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+
+set(SECURE_DEBUG_PK "0xf4, 0x0c, 0x8f, 0xbf, 0x12, 0xdb, 0x78, 0x2a, \
+0xfd, 0xf4, 0x75, 0x96, 0x6a, 0x06, 0x82, 0x36, \
+0xe0, 0x32, 0xab, 0x80, 0xd1, 0xb7, 0xf1, 0xbc, \
+0x9f, 0xe7, 0xd8, 0x7a, 0x88, 0xcb, 0x26, 0xd0," CACHE STRING "")
+
+set(HUK "0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, \
+0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, \
+0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, \
+0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f" CACHE STRING "Hardware unique key")
+
+set(IAK "0xA9, 0xB4, 0x54, 0xB2, 0x6D, 0x6F, 0x90, 0xA4, \
+0xEA, 0x31, 0x19, 0x35, 0x64, 0xCB, 0xA9, 0x1F, \
+0xEC, 0x6F, 0x9A, 0x00, 0x2A, 0x7D, 0xC0, 0x50, \
+0x4B, 0x92, 0xA1, 0x93, 0x71, 0x34, 0x58, 0x5F" CACHE STRING "Initial attestaion key")
+
+set(IAK_LEN "32" CACHE STRING "Initial attestaion key len")
+
+set(BOOT_SEED "0xA0, 0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7, \
+0xA8, 0xA9, 0xAA, 0xAB, 0xAC, 0xAD, 0xAE, 0xAF, \
+0xB0, 0xB1, 0xB2, 0xB3, 0xB4, 0xB5, 0xB6, 0xB7, \
+0xB8, 0xB9, 0xBA, 0xBB, 0xBC, 0xBD, 0xBE, 0xBF," CACHE STRING "")
+
+set(IMPLEMENTATION_ID     "0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, \
+0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, \
+0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, \
+0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD," CACHE STRING "")
+
+set(CERTIFICATION_REFERENCE "0604565272829-10010" CACHE STRING "")
+
+set(VERIFICATION_SERVICE_URL "www.trustedfirmware.org" CACHE STRING "")
+
+set(ENTROPY_SEED "0x12, 0x13, 0x23, 0x34, 0x0a, 0x05, 0x89, 0x78, \
+0xa3, 0x66, 0x8c, 0x0d, 0x97, 0x55, 0x53, 0xca, \
+0xb5, 0x76, 0x18, 0x62, 0x29, 0xc6, 0xb6, 0x79, \
+0x75, 0xc8, 0x5a, 0x8d, 0x9e, 0x11, 0x8f, 0x85, \
+0xde, 0xc4, 0x5f, 0x66, 0x21, 0x52, 0xf9, 0x39, \
+0xd9, 0x77, 0x93, 0x28, 0xb0, 0x5e, 0x02, 0xfa, \
+0x58, 0xb4, 0x16, 0xc8, 0x0f, 0x38, 0x91, 0xbb, \
+0x28, 0x17, 0xcd, 0x8a, 0xc9, 0x53, 0x72, 0x66" CACHE STRING "")
+
+