From df91a52223295c917ef5a8eb6bfaf0ad0544b6b8 Mon Sep 17 00:00:00 2001
From: Jens Wiklander <jens.wiklander@linaro.org>
Date: Thu, 25 Apr 2019 16:06:02 +0200
Subject: core: derive SSK using huk_subkey_derive()

tee_fs_init_key_manager() uses huk_subkey_derive() to derive the SSK
instead of MAC:ing etc directly.

Note that this is only backwards compatible if
CFG_CORE_HUK_SUBKEY_COMPAT=y.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
---
 core/tee/tee_fs_key_manager.c | 31 +++++++------------------------
 1 file changed, 7 insertions(+), 24 deletions(-)

diff --git a/core/tee/tee_fs_key_manager.c b/core/tee/tee_fs_key_manager.c
index 1bdb7973..b5adad1e 100644
--- a/core/tee/tee_fs_key_manager.c
+++ b/core/tee/tee_fs_key_manager.c
@@ -15,9 +15,11 @@
  * RNG - Random Number Generator
  */
 
+#include <assert.h>
 #include <compiler.h>
 #include <crypto/crypto.h>
 #include <initcall.h>
+#include <kernel/huk_subkey.h>
 #include <kernel/panic.h>
 #include <kernel/tee_common_otp.h>
 #include <kernel/tee_ta_manager.h>
@@ -34,8 +36,6 @@ struct tee_fs_ssk {
 };
 
 static struct tee_fs_ssk tee_fs_ssk;
-static uint8_t string_for_ssk_gen[] = "ONLY_FOR_tee_fs_ssk";
-
 
 static TEE_Result do_hmac(void *out_key, size_t out_key_size,
 			  const void *in_key, size_t in_key_size,
@@ -137,29 +137,12 @@ static TEE_Result generate_fek(uint8_t *key, uint8_t len)
 
 static TEE_Result tee_fs_init_key_manager(void)
 {
-	int res = TEE_SUCCESS;
-	struct tee_hw_unique_key huk;
-	uint8_t chip_id[TEE_FS_KM_CHIP_ID_LENGTH];
-	uint8_t message[sizeof(chip_id) + sizeof(string_for_ssk_gen)];
-
-	/* Secure Storage Key Generation:
-	 *
-	 *     SSK = HMAC(HUK, message)
-	 *     message := concatenate(chip_id, static string)
-	 * */
-	tee_otp_get_hw_unique_key(&huk);
-	memset(chip_id, 0, sizeof(chip_id));
-	if (tee_otp_get_die_id(chip_id, sizeof(chip_id)))
-		return TEE_ERROR_BAD_STATE;
-
-	memcpy(message, chip_id, sizeof(chip_id));
-	memcpy(message + sizeof(chip_id), string_for_ssk_gen,
-			sizeof(string_for_ssk_gen));
-
-	res = do_hmac(tee_fs_ssk.key, sizeof(tee_fs_ssk.key),
-			huk.data, sizeof(huk.data),
-			message, sizeof(message));
+	TEE_Result res = TEE_SUCCESS;
+
+	COMPILE_TIME_ASSERT(TEE_FS_KM_SSK_SIZE <= HUK_SUBKEY_MAX_LEN);
 
+	res = huk_subkey_derive(HUK_SUBKEY_SSK, NULL, 0,
+				tee_fs_ssk.key, sizeof(tee_fs_ssk.key));
 	if (res == TEE_SUCCESS)
 		tee_fs_ssk.is_init = 1;
 
-- 
cgit v1.2.3