From 9cc10bc9558504e1a9f03f5d535d9041255e1391 Mon Sep 17 00:00:00 2001
From: Jens Wiklander <jens.wiklander@linaro.org>
Date: Thu, 25 Apr 2019 16:12:19 +0200
Subject: core: derive RPMB key using huk_subkey_derive()

tee_rpmb_key_gen() uses huk_subkey_derive() to derive the RPMB instead
of MAC:ing etc directly.

Note that this is only backwards compatible if
CFG_CORE_HUK_SUBKEY_COMPAT=y.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
---
 core/tee/tee_rpmb_fs.c | 57 +++++---------------------------------------------
 1 file changed, 5 insertions(+), 52 deletions(-)

diff --git a/core/tee/tee_rpmb_fs.c b/core/tee/tee_rpmb_fs.c
index de4868d1..e3039b76 100644
--- a/core/tee/tee_rpmb_fs.c
+++ b/core/tee/tee_rpmb_fs.c
@@ -5,6 +5,7 @@
 
 #include <assert.h>
 #include <crypto/crypto.h>
+#include <kernel/huk_subkey.h>
 #include <kernel/misc.h>
 #include <kernel/msg_param.h>
 #include <kernel/mutex.h>
@@ -268,49 +269,15 @@ out:
 
 #else /* !CFG_RPMB_TESTKEY */
 
-/*
- * NOTE: We need a common API to get hw unique key and it
- * should return error when the hw unique is not a valid
- * one as stated below.
- * We need to make sure the hw unique we get is valid by:
- * 1. In case of HUK is used, checking if OTP is hidden (in
- *    which case only zeros will be returned) or not;
- * 2. In case of SSK is used, checking if SSK in OTP is
- *    write_locked (which means a valid key is provisioned)
- *    or not.
- *
- * Maybe tee_get_hw_unique_key() should be exposed as
- * generic API for getting hw unique key!
- */
-static TEE_Result tee_get_hw_unique_key(struct tee_hw_unique_key *hwkey)
-{
-	if (!hwkey)
-		return TEE_ERROR_BAD_PARAMETERS;
-
-	return tee_otp_get_hw_unique_key(hwkey);
-}
-
 static TEE_Result tee_rpmb_key_gen(uint16_t dev_id __unused,
 				   uint8_t *key, uint32_t len)
 {
-	TEE_Result res;
-	struct tee_hw_unique_key hwkey;
 	uint8_t message[RPMB_EMMC_CID_SIZE];
-	void *ctx = NULL;
 
-	if (!key || RPMB_KEY_MAC_SIZE != len) {
-		res = TEE_ERROR_BAD_PARAMETERS;
-		goto out;
-	}
+	if (!key || RPMB_KEY_MAC_SIZE != len)
+		return TEE_ERROR_BAD_PARAMETERS;
 
 	IMSG("RPMB: Using generated key");
-	res = tee_get_hw_unique_key(&hwkey);
-	if (res != TEE_SUCCESS)
-		goto out;
-
-	res = crypto_mac_alloc_ctx(&ctx, TEE_ALG_HMAC_SHA256);
-	if (res)
-		goto out;
 
 	/*
 	 * PRV/CRC would be changed when doing eMMC FFU
@@ -323,22 +290,8 @@ static TEE_Result tee_rpmb_key_gen(uint16_t dev_id __unused,
 	memcpy(message, rpmb_ctx->cid, RPMB_EMMC_CID_SIZE);
 	memset(message + RPMB_CID_PRV_OFFSET, 0, 1);
 	memset(message + RPMB_CID_CRC_OFFSET, 0, 1);
-	res = crypto_mac_init(ctx, TEE_ALG_HMAC_SHA256, hwkey.data,
-			      HW_UNIQUE_KEY_LENGTH);
-	if (res != TEE_SUCCESS)
-		goto out;
-
-	res = crypto_mac_update(ctx, TEE_ALG_HMAC_SHA256,
-				    message,
-				    RPMB_EMMC_CID_SIZE);
-	if (res != TEE_SUCCESS)
-		goto out;
-
-	res = crypto_mac_final(ctx, TEE_ALG_HMAC_SHA256, key, len);
-
-out:
-	crypto_mac_free_ctx(ctx, TEE_ALG_HMAC_SHA256);
-	return res;
+	return huk_subkey_derive(HUK_SUBKEY_RPMB, message, sizeof(message),
+				 key, len);
 }
 
 #endif /* !CFG_RPMB_TESTKEY */
-- 
cgit v1.2.3