Merge changes from topic "xl/fwu-trial-run" into integration

* changes:
fix(fwu): fwu NV ctr upgraded on trial run
feat(docs): platform hook for whether NV ctr is shared
feat(fwu): add platfor

Merge changes from topic "xl/fwu-trial-run" into integration

* changes:
fix(fwu): fwu NV ctr upgraded on trial run
feat(docs): platform hook for whether NV ctr is shared
feat(fwu): add platform hook for shared NV ctr

show more ...

fix(fwu): fwu NV ctr upgraded on trial run

The NV ctr value should not upgraded on trial run.
The NV ctr value upgrade is done in BL1 while the detection
of trial run happens in BL2, so the value is

fix(fwu): fwu NV ctr upgraded on trial run

The NV ctr value should not upgraded on trial run.
The NV ctr value upgrade is done in BL1 while the detection
of trial run happens in BL2, so the value is always upgraded.
Fix the problem by setting the upgrade of NV ctr value in BL2
if the NV ctr is shared among components.

Change-Id: Id681fce0482e3000eaef4f4a8f7d8c1023ccaf1a
Signed-off-by: Xialin Liu <xialin.liu@arm.com>

show more ...

Merge changes from topic "psa_key_id_mgmt" into integration

* changes:
feat(auth): extend REGISTER_CRYPTO_LIB calls
feat(bl): adding psa crypto - crypto_mod_finish()
feat(fvp): increase BL1 RW

Merge changes from topic "psa_key_id_mgmt" into integration

* changes:
feat(auth): extend REGISTER_CRYPTO_LIB calls
feat(bl): adding psa crypto - crypto_mod_finish()
feat(fvp): increase BL1 RW for PSA Crypto
feat(auth): mbedtls psa key id mgmt
feat(auth): add crypto_mod_finish() function
feat(auth): add update of current_pk_oid in auth
feat(auth): add util file for current pk_oid
feat(auth): increase mbedtls heap for PSA RSA
feat(auth): introducing auth.mk

show more ...

feat(auth): add update of current_pk_oid in auth

Adding the set of current_pk_oid during the authentication process,
include the new file in auth makefile.

Signed-off-by: Lauren Wehrmeister <lauren

feat(auth): add update of current_pk_oid in auth

Adding the set of current_pk_oid during the authentication process,
include the new file in auth makefile.

Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I3e05b8607060b424e34642d23e4960d2ef0f71f0

show more ...

Merge changes from topic "topics/fwu_metadata_v2_migration" into integration

* changes:
style(fwu): change the metadata fields to align with specification
style(partition): use GUID values for G

Merge changes from topic "topics/fwu_metadata_v2_migration" into integration

* changes:
style(fwu): change the metadata fields to align with specification
style(partition): use GUID values for GPT partition fields
feat(st): add logic to boot the platform from an alternate bank
feat(st): add a function to clear the FWU trial state counter
feat(fwu): add a function to obtain an alternate FWU bank to boot
feat(fwu): add some sanity checks for the FWU metadata
feat(fwu): modify the check for getting the FWU bank's state
feat(st): get the state of the active bank directly
feat(fwu): add a config flag for including image info in the FWU metadata
feat(fwu): migrate FWU metadata structure to version 2
feat(fwu): document the config flag for including image info in the FWU metadata
feat(fwu): update the URL links for the FWU specification

show more ...

feat(fwu): modify the check for getting the FWU bank's state

The version 2 of the FWU metadata structure has a field bank_state in
the top level of the structure which can be used to check if a give

feat(fwu): modify the check for getting the FWU bank's state

The version 2 of the FWU metadata structure has a field bank_state in
the top level of the structure which can be used to check if a given
bank is in the either of Trial State, Accepted State, or in an Invalid
State. This is different from the binary states of Valid/Accepted
States that the bank could be in, as defined in the earlier version of
the specification.

Replace the fwu_is_trial_run_state() API with
fwu_get_active_bank_state() to get the state the current active bank
is in. The value returned by this API is then used by the caller to
take appropriate action.

Change-Id: I764f486840a3713bfe5f8e03d0634bfe09b23590
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>

show more ...

Merge "refactor(auth): remove return_if_error() macro" into integration

refactor(auth): remove return_if_error() macro

The usage of this macro hinders the accuracy of code coverage
data. Lines of code calling this macro always appear as covered because
the test conditio

refactor(auth): remove return_if_error() macro

The usage of this macro hinders the accuracy of code coverage
data. Lines of code calling this macro always appear as covered because
the test condition within it always gets executed; however, the branch
is not necessarily taken. Consequently, we lose branch coverage
information on these error code paths.

Besides, it is debatable whether such a simple macro really improves
code readability or on the contrary obfuscates the code...

For these reasons, this patch inlines the macro code everywhere it was
called.

It also adds some error messages in all these places to help narrowing
down authentication failures. These messages only get displayed and
compiled into the binaries when building TF-A with 'LOG_VERBOSE' level
of verbosity. We use the same message string everywhere in order to
limit the memory footprint increase for 'LOG_VERBOSE' builds.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I461078bb8c6fd6811d2cbefbe3614e17e83796f2

show more ...

Merge "fix(auth): don't overwrite pk with converted pk when rotpk is hash" into integration

fix(auth): don't overwrite pk with converted pk when rotpk is hash

crypto_mod_verify_signature() expects a pointer to the full pk.

In case of stm32mp1 crypto_verify_signature() will call
get_plain_

fix(auth): don't overwrite pk with converted pk when rotpk is hash

crypto_mod_verify_signature() expects a pointer to the full pk.

In case of stm32mp1 crypto_verify_signature() will call
get_plain_pk_from_asn1() on the converted pk which fails.

Fixes: f1e693a775

Signed-off-by: Robin van der Gracht <robin@protonic.nl>
Change-Id: Ia9bdaa10e1b09f9758e5fa608a063b5212c428c3

show more ...

Merge changes from topic "mb/mb-signer-id" into integration

* changes:
feat(qemu): add dummy plat_mboot_measure_key() function
docs(rss): update RSS doc for signer-ID
feat(imx): add dummy 'pla

Merge changes from topic "mb/mb-signer-id" into integration

* changes:
feat(qemu): add dummy plat_mboot_measure_key() function
docs(rss): update RSS doc for signer-ID
feat(imx): add dummy 'plat_mboot_measure_key' function
feat(tc): implement platform function to measure and publish Public Key
feat(auth): measure and publicise the Public Key
feat(fvp): implement platform function to measure and publish Public Key
feat(fvp): add public key-OID information in RSS metadata structure
feat(auth): add explicit entries for key OIDs
feat(rss): set the signer-ID in the RSS metadata
feat(auth): create a zero-OID for Subject Public Key
docs: add details about plat_mboot_measure_key function
feat(measured-boot): introduce platform function to measure and publish Public Key

show more ...

feat(auth): measure and publicise the Public Key

Once the Public Key has been verified, call 'plat_mboot_measure_key'
to measure and publicise it.

Change-Id: I46ea71dcbba96db3706602ccd89f22596ae684

feat(auth): measure and publicise the Public Key

Once the Public Key has been verified, call 'plat_mboot_measure_key'
to measure and publicise it.

Change-Id: I46ea71dcbba96db3706602ccd89f22596ae68416
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "mb/trusted-boot-update" into integration

* changes:
refactor(auth)!: unify REGISTER_CRYPTO_LIB
refactor(auth): replace plat_convert_pk
docs(auth): add auth_decrypt in

Merge changes from topic "mb/trusted-boot-update" into integration

* changes:
refactor(auth)!: unify REGISTER_CRYPTO_LIB
refactor(auth): replace plat_convert_pk
docs(auth): add auth_decrypt in CM chapter
feat(auth): compare platform and certificate ROTPK for authentication
docs(auth): add 'calc_hash' function's details in CM

show more ...

refactor(auth): replace plat_convert_pk

Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declar

refactor(auth): replace plat_convert_pk

Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declaration.
A new optional function pointer convert_pk is added to crypto_lib_desc_t.
A new function crypto_mod_convert_pk() will either call
crypto_lib_desc.convert_pk() if it is defined, or do the same
as what was done by the weak function otherwise.

[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/17174

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I9358867f8bfd5e96b5ee238c066877da368e43c6

show more ...

feat(auth): compare platform and certificate ROTPK for authentication

Compared the full ROTPK with the ROTPK obtained from the certificate
when the platform supports full ROTPK instead of hash of RO

feat(auth): compare platform and certificate ROTPK for authentication

Compared the full ROTPK with the ROTPK obtained from the certificate
when the platform supports full ROTPK instead of hash of ROTPK.

Additionally, changed the code to verify the ROTPK before relying on
it for signature verification.

Change-Id: I52bb9deb1a1dd5b184d3156bddad14c238692de7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes Id4570f91,Ibdf1af70 into integration

* changes:
fix(auth): properly validate X.509 extensions
fix(auth): avoid out-of-bounds read in auth_nvctr()

fix(auth): avoid out-of-bounds read in auth_nvctr()

auth_nvctr() does not check that the buffer provided is long enough to
hold an ASN.1 INTEGER, or even that the buffer is non-empty. Since
auth_nv

fix(auth): avoid out-of-bounds read in auth_nvctr()

auth_nvctr() does not check that the buffer provided is long enough to
hold an ASN.1 INTEGER, or even that the buffer is non-empty. Since
auth_nvctr() will only ever read 6 bytes, it is possible to read up to
6 bytes past the end of the buffer.

This out-of-bounds read turns out to be harmless. The only caller of
auth_nvctr() always passes a pointer into an X.509 TBSCertificate, and
all in-tree chains of trust require that the certificate’s signature has
already been validated. This means that the signature algorithm
identifier is at least 4 bytes and the signature itself more than that.
Therefore, the data read will be from the certificate itself. Even if
the certificate signature has not been validated, an out-of-bounds read
is still not possible. Since there are at least two bytes (tag and
length) in both the signature algorithm ID and the signature itself, an
out-of-bounds read would require that the tag byte of the signature
algorithm ID would need to be either the tag or length byte of the
DER-encoded nonvolatile counter. However, this byte must be
(MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) (0x30), which is
greater than 4 and not equal to MBEDTLS_ASN1_INTEGER (2). Therefore,
auth_nvctr() will error out before reading the integer itself,
preventing an out-of-bounds read.

Change-Id: Ibdf1af702fbeb98a94c0c96456ebddd3d392ad44
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>

show more ...

Merge changes from topic "stm32mp1-trusted-boot" into integration

* changes:
docs(st): update documentation for TRUSTED_BOARD_BOOT
fix(build): ensure that the correct rule is called for tools

Merge changes from topic "stm32mp1-trusted-boot" into integration

* changes:
docs(st): update documentation for TRUSTED_BOARD_BOOT
fix(build): ensure that the correct rule is called for tools
feat(stm32mp1): add the platform specific build for tools
fix(stm32mp13-fdts): remove secure status
feat(stm32mp1-fdts): add CoT and fuse references for authentication
feat(stm32mp1): add a check on TRUSTED_BOARD_BOOT with secure chip
feat(stm32mp1): add the decryption support
feat(stm32mp1): add the TRUSTED_BOARD_BOOT support
feat(stm32mp1): update ROM code API for header v2 management
feat(stm32mp1): remove unused function from boot API
refactor(stm32mp1): remove authentication using STM32 image mode
fix(fconf): fix type error displaying disable_auth
feat(tbbr): increase PK_DER_LEN size
fix(auth): correct sign-compare warning
feat(auth): allow to verify PublicKey with platform format PK
feat(cert-create): update for ECDSA brainpoolP256r/t1 support
feat(stm32mp1): add RNG initialization in BL2 for STM32MP13
feat(st-crypto): remove BL32 HASH driver usage
feat(stm32mp1): add a stm32mp crypto library
feat(st-crypto): add STM32 RNG driver
feat(st-crypto): add AES decrypt/auth by SAES IP
feat(st-crypto): add ECDSA signature check with PKA
feat(st-crypto): update HASH for new hardware version used in STM32MP13

show more ...

feat(auth): allow to verify PublicKey with platform format PK

In some platform the digest of the public key saved in the OTP is not
the digest of the exact same public key buffer needed to check the

feat(auth): allow to verify PublicKey with platform format PK

In some platform the digest of the public key saved in the OTP is not
the digest of the exact same public key buffer needed to check the
signature. Typically, platform checks signature using the DER ROTPK
whereas some others add some related information. Add a new platform
weak function to transform the public key buffer used by
verify_signature to a platform specific public key.

Mark this new weak function as deprecated as it will be replaced
by another framework implementation.

Change-Id: I71017b41e3eca9398cededf317ad97e9b511be5f
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>

show more ...

Merge changes from topic "decouple-tb-mb" into integration

* changes:
refactor(renesas): disable CRYPTO_SUPPORT option
refactor(fvp): avoid Measured-Boot dependency on Trusted-Boot
refactor(me

Merge changes from topic "decouple-tb-mb" into integration

* changes:
refactor(renesas): disable CRYPTO_SUPPORT option
refactor(fvp): avoid Measured-Boot dependency on Trusted-Boot
refactor(measured-boot): avoid Measured-Boot dependency on Trusted-Boot
build: introduce CRYPTO_SUPPORT build option

show more ...

refactor(measured-boot): avoid Measured-Boot dependency on Trusted-Boot

Measured-Boot and Trusted-Boot are orthogonal to each other and hence
removed dependency of Trusted-Boot on Measured-Boot by m

refactor(measured-boot): avoid Measured-Boot dependency on Trusted-Boot

Measured-Boot and Trusted-Boot are orthogonal to each other and hence
removed dependency of Trusted-Boot on Measured-Boot by making below
changes -
1. BL1 and BL2 main functions are used for initializing Crypto module
instead of the authentication module
2. Updated Crypto module registration macro for MEASURED_BOOT with only
necessary callbacks for calculating image hashes
3. The 'load_auth_image' function is now used for the image measurement
during Trusted or Non-Trusted Boot flow

Change-Id: I3570e80bae8ce8f5b58d84bd955aa43e925d9fff
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "fw-update-2" into integration

* changes:
feat(sw_crc32): add software CRC32 support
refactor(hw_crc32): renamed hw_crc32 to tf_crc32
feat(fwu): avoid booting with an

Merge changes from topic "fw-update-2" into integration

* changes:
feat(sw_crc32): add software CRC32 support
refactor(hw_crc32): renamed hw_crc32 to tf_crc32
feat(fwu): avoid booting with an alternate boot source
docs(fwu): add firmware update documentation
feat(fwu): avoid NV counter upgrade in trial run state
feat(plat/arm): add FWU support in Arm platforms
feat(fwu): initialize FWU driver in BL2
feat(fwu): add FWU driver
feat(fwu): introduce FWU platform-specific functions declarations
docs(fwu_metadata): add FWU metadata build options
feat(fwu_metadata): add FWU metadata header and build options

show more ...

feat(fwu): avoid NV counter upgrade in trial run state

Avoided NV counter update when the system is running in
trial run state.

Change-Id: I5da6a6760f8a9faff777f2ff879156e9c3c76726
Signed-off-by: M

feat(fwu): avoid NV counter upgrade in trial run state

Avoided NV counter update when the system is running in
trial run state.

Change-Id: I5da6a6760f8a9faff777f2ff879156e9c3c76726
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "fix(driver/auth): avoid NV counter upgrade without certificate validation" into integration

fix(driver/auth): avoid NV counter upgrade without certificate validation

Platform NV counter get updated (if cert NV counter > plat NV counter)
before authenticating the certificate if the platform

fix(driver/auth): avoid NV counter upgrade without certificate validation

Platform NV counter get updated (if cert NV counter > plat NV counter)
before authenticating the certificate if the platform specifies NV
counter method before signature authentication in its CoT, and this
provides an opportunity for a tempered certificate to upgrade the
platform NV counter. This is theoretical issue, as in practice none
of the standard CoT (TBBR, dualroot) or upstream platforms ones (NXP)
exercised this issue.

To fix this issue, modified the auth_nvctr method to do only NV
counter check, and flags if the NV counter upgrade is needed or not.
Then ensured that the platform NV counter gets upgraded with the NV
counter value from the certificate only after that certificate gets
authenticated.

This change is verified manually by modifying the CoT that specifies
certificate with:
1. NV counter authentication before signature authentication
method
2. NV counter authentication method only

Change-Id: I1ad17f1a911fb1035a1a60976cc26b2965b05166
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...