/* * * Copyright 2019 NXP * SPDX-License-Identifier: Apache-2.0 */ /** @file * * ex_sss_se050x_auth.c: *The purpose and scope of this file* * * Project: sss-doc-upstream * * $Date: Mar 10, 2019 $ * $Author: ing05193 $ * $Revision$ */ /* ***************************************************************************************************************** * Includes * ***************************************************************************************************************** */ #include #include "ex_sss_auth.h" #include "ex_sss_boot_int.h" #include "nxLog_App.h" #include "nxScp03_Types.h" /* ***************************************************************************************************************** * Internal Definitions * ***************************************************************************************************************** */ /* ***************************************************************************************************************** * Type Definitions * ***************************************************************************************************************** */ /* ***************************************************************************************************************** * Global and Static Variables * Total Size: NNNbytes * ***************************************************************************************************************** */ /* ***************************************************************************************************************** * Private Functions Prototypes * ***************************************************************************************************************** */ #if SSS_HAVE_SE #if SSS_HAVE_SCP_SCP03_SSS static sss_status_t ex_sss_se_prepare_host_platformscp( NXSCP03_AuthCtx_t *pCtx, ex_SE05x_authCtx_t *pauthctx, sss_key_store_t *pKs); static sss_status_t Alloc_Scp03key_toSEAuthctx(sss_object_t *keyObject, sss_key_store_t *pKs, uint32_t keyId); #endif /* ***************************************************************************************************************** * Public Functions * ***************************************************************************************************************** */ #if SSS_HAVE_HOSTCRYPTO_ANY sss_status_t ex_sss_se_prepare_host(sss_session_t *host_session, sss_key_store_t *host_ks, SE_Connect_Ctx_t *se05x_open_ctx, ex_SE05x_authCtx_t *se05x_auth_ctx, SE_AuthType_t auth_type) { sss_status_t status = kStatus_SSS_Fail; if (host_session->subsystem == kType_SSS_SubSystem_NONE) { sss_type_t hostsubsystem = kType_SSS_SubSystem_NONE; hostsubsystem = kType_SSS_Software; status = sss_host_session_open(host_session, hostsubsystem, 0, kSSS_ConnectionType_Plain, NULL); if (kStatus_SSS_Success != status) { LOG_E("Failed to open Host Session"); goto cleanup; } status = sss_host_key_store_context_init(host_ks, host_session); if (kStatus_SSS_Success != status) { LOG_E("Host: sss_key_store_context_init failed"); goto cleanup; } status = sss_host_key_store_allocate(host_ks, __LINE__); if (kStatus_SSS_Success != status) { LOG_E("Host: sss_key_store_allocate failed"); goto cleanup; } } switch (auth_type) { #if SSS_HAVE_SCP_SCP03_SSS case kSSS_AuthType_SCP03: status = ex_sss_se_prepare_host_platformscp(&se05x_open_ctx->auth.ctx.scp03, se05x_auth_ctx, host_ks); break; #endif case kSSS_AuthType_None: /* Nothing to do */ status = kStatus_SSS_Success; break; default: status = kStatus_SSS_Fail; LOG_E("Not handled"); } if (kStatus_SSS_Success != status) { LOG_E( "Host: ex_sss_se05x_prepare_host_ " "failed", auth_type); goto cleanup; } se05x_open_ctx->auth.authType = auth_type; cleanup: return status; } #endif // SSS_HAVE_HOSTCRYPTO_ANY /* ***************************************************************************************************************** * Private Functions * ***************************************************************************************************************** */ #if SSS_HAVE_SCP_SCP03_SSS /* Function to Set Init and Allocate static Scp03Keys and Init Allocate dynamic keys */ static sss_status_t ex_sss_se_prepare_host_platformscp( NXSCP03_AuthCtx_t *pAuthCtx, ex_SE05x_authCtx_t *pEx_auth, sss_key_store_t *pKs) { sss_status_t status = kStatus_SSS_Fail; uint8_t KEY_ENC[] = EX_SSS_AUTH_SE05X_KEY_ENC; uint8_t KEY_MAC[] = EX_SSS_AUTH_SE05X_KEY_MAC; uint8_t KEY_DEK[] = EX_SSS_AUTH_SE05X_KEY_DEK; pAuthCtx->pStatic_ctx = &pEx_auth->scp03.ex_static; pAuthCtx->pDyn_ctx = &pEx_auth->scp03.ex_dyn; NXSCP03_StaticCtx_t *pStatic_ctx = pAuthCtx->pStatic_ctx; NXSCP03_DynCtx_t *pDyn_ctx = pAuthCtx->pDyn_ctx; pStatic_ctx->keyVerNo = EX_SSS_AUTH_SE05X_KEY_VERSION_NO; /* Init Allocate ENC Static Key */ status = Alloc_Scp03key_toSEAuthctx(&pStatic_ctx->Enc, pKs, MAKE_TEST_ID(__LINE__)); if (status != kStatus_SSS_Success) { return status; } /* Set ENC Static Key */ status = sss_host_key_store_set_key(pKs, &pStatic_ctx->Enc, KEY_ENC, 16, 16 * 8, NULL, 0); if (status != kStatus_SSS_Success) { return status; } /* Init Allocate MAC Static Key */ status = Alloc_Scp03key_toSEAuthctx(&pStatic_ctx->Mac, pKs, MAKE_TEST_ID(__LINE__)); if (status != kStatus_SSS_Success) { return status; } /* Set MAC Static Key */ status = sss_host_key_store_set_key(pKs, &pStatic_ctx->Mac, KEY_MAC, 16, 16 * 8, NULL, 0); if (status != kStatus_SSS_Success) { return status; } /* Init Allocate DEK Static Key */ status = Alloc_Scp03key_toSEAuthctx(&pStatic_ctx->Dek, pKs, MAKE_TEST_ID(__LINE__)); if (status != kStatus_SSS_Success) { return status; } /* Set DEK Static Key */ status = sss_host_key_store_set_key(pKs, &pStatic_ctx->Dek, KEY_DEK, 16, 16 * 8, NULL, 0); if (status != kStatus_SSS_Success) { return status; } /* Init Allocate ENC Session Key */ status = Alloc_Scp03key_toSEAuthctx(&pDyn_ctx->Enc, pKs, MAKE_TEST_ID(__LINE__)); if (status != kStatus_SSS_Success) { return status; } /* Init Allocate MAC Session Key */ status = Alloc_Scp03key_toSEAuthctx(&pDyn_ctx->Mac, pKs, MAKE_TEST_ID(__LINE__)); if (status != kStatus_SSS_Success) { return status; } /* Init Allocate DEK Session Key */ status = Alloc_Scp03key_toSEAuthctx(&pDyn_ctx->Rmac, pKs, MAKE_TEST_ID(__LINE__)); return status; } #endif #if SSS_HAVE_SCP_SCP03_SSS static sss_status_t Alloc_Scp03key_toSEAuthctx(sss_object_t *keyObject, sss_key_store_t *pKs, uint32_t keyId) { sss_status_t status = kStatus_SSS_Fail; status = sss_host_key_object_init(keyObject, pKs); if (status != kStatus_SSS_Success) { return status; } status = sss_host_key_object_allocate_handle( keyObject, keyId, kSSS_KeyPart_Default, kSSS_CipherType_AES, 16, kKeyObject_Mode_Transient); return status; } #endif #endif