Home
last modified time | relevance | path

Searched hist:b47697c078cd85dc91544d04cf0dcdf69ba3cf8c (Results 1 – 2 of 2) sorted by relevance

/optee_os/core/drivers/crypto/stm32/
H A Dstm32_saes.hb47697c078cd85dc91544d04cf0dcdf69ba3cf8c Fri Jul 07 08:42:54 UTC 2023 Thomas Bourgoin <thomas.bourgoin@foss.st.com> drivers: stm32_saes: redefine huk_subkey_derive()

We set huk_subkey_derive() as a weak function and we define it in SAES
driver to be able to use SAES IP to make a secure key derivation from
the SAES only accessible SOC unique secret key.

We use the Key Derivation function (KDF) in counter mode defined in [1]
using as the PRF (pseudo random function) the PRF(AES-CMAC).
PRF(AES-CMAC) is hardware accelerated by SAES, and use the secure DHUK
(derived hardware unique key) only readable by the SAES IP.

Link: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf [1]
Co-developed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
H A Dstm32_saes.cb47697c078cd85dc91544d04cf0dcdf69ba3cf8c Fri Jul 07 08:42:54 UTC 2023 Thomas Bourgoin <thomas.bourgoin@foss.st.com> drivers: stm32_saes: redefine huk_subkey_derive()

We set huk_subkey_derive() as a weak function and we define it in SAES
driver to be able to use SAES IP to make a secure key derivation from
the SAES only accessible SOC unique secret key.

We use the Key Derivation function (KDF) in counter mode defined in [1]
using as the PRF (pseudo random function) the PRF(AES-CMAC).
PRF(AES-CMAC) is hardware accelerated by SAES, and use the secure DHUK
(derived hardware unique key) only readable by the SAES IP.

Link: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf [1]
Co-developed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>