forked from davidsaada/mbed-os
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Direct access rot rebased (ARMmbed#158)
* Add direct root access functions for getting RoT from kvstore. * Use naming consistent with cloud client configs * Change configs to use kvstore
- Loading branch information
Showing
13 changed files
with
111 additions
and
134 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
https://github.com/ARMmbed/mbed-os/#6a0a86538c0b9b2bfcc4583b1e2b7fea8f4e71e9 | ||
https://github.com/ARMmbed/mbed-os/#41ecde9c30842a9f2f93a7b1542ea414709a90cb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
// ---------------------------------------------------------------------------- | ||
// Copyright 2019 ARM Ltd. | ||
// | ||
// SPDX-License-Identifier: Apache-2.0 | ||
// | ||
// Licensed under the Apache License, Version 2.0 (the "License"); | ||
// you may not use this file except in compliance with the License. | ||
// You may obtain a copy of the License at | ||
// | ||
// http://www.apache.org/licenses/LICENSE-2.0 | ||
// | ||
// Unless required by applicable law or agreed to in writing, software | ||
// distributed under the License is distributed on an "AS IS" BASIS, | ||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
// See the License for the specific language governing permissions and | ||
// limitations under the License. | ||
// ---------------------------------------------------------------------------- | ||
|
||
#if defined(ARM_BOOTLOADER_USE_KVSTORE_ROT) && ARM_BOOTLOADER_USE_KVSTORE_ROT == 1 | ||
|
||
#include <inttypes.h> | ||
#include <stddef.h> | ||
#include "DirectAccessDevicekey.h" | ||
|
||
#define DEVICE_KEY_SIZE_IN_BYTES (128/8) | ||
|
||
/** | ||
* @brief Function to get the device root of trust | ||
* @details The device root of trust should be a 128 bit value. It should never leave the device. | ||
* It should be unique to the device. It should have enough entropy to avoid conventional | ||
* entropy attacks. The porter should implement the following device signature to provide | ||
* device root of trust on different platforms. | ||
* | ||
* @param key_buf buffer to be filled with the device root of trust. | ||
* @param length length of the buffer provided to make sure no overflow occurs. | ||
* | ||
* @return 0 on success, non-zero on failure. | ||
*/ | ||
extern "C" int8_t mbed_cloud_client_get_rot_128bit(uint8_t *key_buf, uint32_t length) | ||
{ | ||
int8_t error = 0; | ||
uint32_t tdb_start_offset = 0; | ||
uint32_t tdb_end_offset = 0; | ||
size_t actual_len_bytes = 0; | ||
|
||
// Check params | ||
if (length < DEVICE_KEY_SIZE_IN_BYTES || key_buf == NULL) { | ||
error = -1; | ||
} | ||
|
||
// Get TDB parameters | ||
if (error == 0) { | ||
error = get_expected_internal_TDBStore_position(&tdb_start_offset, | ||
&tdb_end_offset); | ||
} | ||
|
||
// Read ROT | ||
if (error == 0) { | ||
error = direct_access_to_devicekey(tdb_start_offset, | ||
tdb_end_offset, | ||
key_buf, | ||
DEVICE_KEY_SIZE_IN_BYTES, | ||
&actual_len_bytes); | ||
if (actual_len_bytes != DEVICE_KEY_SIZE_IN_BYTES) { | ||
error = -1; | ||
} | ||
} | ||
|
||
return error; | ||
} | ||
|
||
#endif // #if defined(ARM_BOOTLOADER_USE_KVSTORE_ROT) && ARM_BOOTLOADER_USE_KVSTORE_ROT == 1 |
This file was deleted.
Oops, something went wrong.