From ddfd38e83058491c30ddeb59c384c374d570d9a2 Mon Sep 17 00:00:00 2001
From: Qixiang Xu <qixiang.xu@arm.com>
Date: Thu, 24 Aug 2017 14:28:08 +0800
Subject: [PATCH 1/3] plat/arm : update BL size macros to give BL1 and BL2 more
 space for TBB

For Trusted Board Boot, BL1 RW section and BL2 need more space to
support the ECDSA algorithm. Specifically, PLAT_ARM_MAX_BL1_RW_SIZE
is increased on ARM platforms.

And on the Juno platform:
    - BL2 size, PLAT_ARM_MAX_BL2_SIZE is increased.
    - SCP_BL2 is loaded into the space defined by BL31_BASE ->
      BL31_RW_BASE. In order to maintain the same size space for
      SCP_BL2,PLAT_ARM_MAX_BL31_SIZE is increased.

Change-Id: I379083f918b40ab1c765da4e71780d89f0058040
Co-Authored-By: David Cunado <david.cunado@arm.com>
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
---
 include/plat/arm/board/common/board_arm_def.h |  2 +-
 plat/arm/board/juno/include/platform_def.h    | 10 +++++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/include/plat/arm/board/common/board_arm_def.h b/include/plat/arm/board/common/board_arm_def.h
index 751c3bb10..4d145005d 100644
--- a/include/plat/arm/board/common/board_arm_def.h
+++ b/include/plat/arm/board/common/board_arm_def.h
@@ -64,7 +64,7 @@
  * PLAT_ARM_MAX_BL1_RW_SIZE is calculated using the current BL1 RW debug size
  * plus a little space for growth.
  */
-#define PLAT_ARM_MAX_BL1_RW_SIZE	0xA000
+#define PLAT_ARM_MAX_BL1_RW_SIZE	0xB000
 
 /*
  * PLAT_ARM_MAX_BL2_SIZE is calculated using the current BL2 debug size plus a
diff --git a/plat/arm/board/juno/include/platform_def.h b/plat/arm/board/juno/include/platform_def.h
index f1714e137..7794af550 100644
--- a/plat/arm/board/juno/include/platform_def.h
+++ b/plat/arm/board/juno/include/platform_def.h
@@ -96,7 +96,7 @@
  * plus a little space for growth.
  */
 #if TRUSTED_BOARD_BOOT
-# define PLAT_ARM_MAX_BL1_RW_SIZE	0x9000
+# define PLAT_ARM_MAX_BL1_RW_SIZE	0xA000
 #else
 # define PLAT_ARM_MAX_BL1_RW_SIZE	0x6000
 #endif
@@ -106,7 +106,7 @@
  * little space for growth.
  */
 #if TRUSTED_BOARD_BOOT
-# define PLAT_ARM_MAX_BL2_SIZE		0x18000
+# define PLAT_ARM_MAX_BL2_SIZE		0x19000
 #else
 # define PLAT_ARM_MAX_BL2_SIZE		0xC000
 #endif
@@ -114,8 +114,12 @@
 /*
  * PLAT_ARM_MAX_BL31_SIZE is calculated using the current BL31 debug size plus a
  * little space for growth.
+ * SCP_BL2 image is loaded into the space BL31 -> BL1_RW_BASE.
+ * For TBB use case, PLAT_ARM_MAX_BL1_RW_SIZE has been increased and therefore
+ * PLAT_ARM_MAX_BL31_SIZE has been increased to ensure SCP_BL2 has the same
+ * space available.
  */
-#define PLAT_ARM_MAX_BL31_SIZE		0x1D000
+#define PLAT_ARM_MAX_BL31_SIZE		0x1E000
 
 /*
  * Since free SRAM space is scant, enable the ASSERTION message size

From 9db9c65a112e6e3a0bb9588b8e30a22265cbfbaf Mon Sep 17 00:00:00 2001
From: Qixiang Xu <qixiang.xu@arm.com>
Date: Thu, 24 Aug 2017 15:12:20 +0800
Subject: [PATCH 2/3] Add support for TBBR using ECDSA keys in ARM platforms

    - fixed compile error when KEY_ALG=ecdsa
    - add new option ecdsa for TF_MBEDTLS_KEY_ALG
    - add new option devel_ecdsa for ARM_ROTPK_LOCATION
    - add ecdsa key at plat/arm/board/common/rotpk/
    - reduce the mbedtls heap memory size to 13k

Change-Id: I3f7a6170af93fdbaaa7bf2fffb4680a9f6113c13
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
---
 docs/user-guide.rst                                |   9 +++++++++
 drivers/auth/mbedtls/mbedtls_common.c              |   2 +-
 include/drivers/auth/mbedtls/mbedtls_config.h      |   6 +++---
 plat/arm/board/common/board_arm_trusted_boot.c     |  13 +++++++++++--
 plat/arm/board/common/board_common.mk              |   6 +++++-
 plat/arm/board/common/rotpk/arm_rotpk_ecdsa.der    | Bin 0 -> 91 bytes
 .../board/common/rotpk/arm_rotpk_ecdsa_sha256.bin  |   1 +
 plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem |   5 +++++
 plat/arm/board/juno/platform.mk                    |   3 ---
 9 files changed, 35 insertions(+), 10 deletions(-)
 create mode 100644 plat/arm/board/common/rotpk/arm_rotpk_ecdsa.der
 create mode 100644 plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin
 create mode 100644 plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem

diff --git a/docs/user-guide.rst b/docs/user-guide.rst
index 1ff080d73..67af42562 100644
--- a/docs/user-guide.rst
+++ b/docs/user-guide.rst
@@ -643,6 +643,11 @@ ARM development platform specific build options
       ``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``. To use
       this option, ``arm_rotprivk_rsa.pem`` must be specified as ``ROT_KEY`` when
       creating the certificates.
+   -  ``devel_ecdsa`` : return a development public key hash embedded in the BL1
+      and BL2 binaries. This hash has been obtained from the ECDSA public key
+      ``arm_rotpk_ecdsa.der``, located in ``plat/arm/board/common/rotpk``. To use
+      this option, ``arm_rotprivk_ecdsa.pem`` must be specified as ``ROT_KEY``
+      when creating the certificates.
 
 -  ``ARM_TSP_RAM_LOCATION``: location of the TSP binary. Options:
 
@@ -990,6 +995,10 @@ images with support for these features:
       in the ARM platform port. The private/public RSA key pair may be
       found in ``plat/arm/board/common/rotpk``.
 
+   -  ``ARM_ROTPK_LOCATION=devel_ecdsa``: use the ROTPK hash that is hardcoded
+      in the ARM platform port. The private/public ECDSA key pair may be
+      found in ``plat/arm/board/common/rotpk``.
+
    Example of command line using RSA development keys:
 
    ::
diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c
index e9aa409b5..cc57af39d 100644
--- a/drivers/auth/mbedtls/mbedtls_common.c
+++ b/drivers/auth/mbedtls/mbedtls_common.c
@@ -15,7 +15,7 @@
  * mbed TLS heap
  */
 #if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA)
-#define MBEDTLS_HEAP_SIZE		(14*1024)
+#define MBEDTLS_HEAP_SIZE		(13*1024)
 #elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
 #define MBEDTLS_HEAP_SIZE		(7*1024)
 #endif
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h
index fdeb52bb6..7aa4dee10 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/mbedtls_config.h
@@ -9,8 +9,8 @@
 /*
  * Key algorithms currently supported on mbed TLS libraries
  */
-#define TF_MBEDTLS_RSA		1
-#define TF_MBEDTLS_ECDSA	2
+#define TF_MBEDTLS_RSA			1
+#define TF_MBEDTLS_ECDSA		2
 
 /*
  * Configuration file to build mbed TLS with the required features for
@@ -30,7 +30,6 @@
 #define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
 #define MBEDTLS_X509_CHECK_KEY_USAGE
 #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
-#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
 
 #define MBEDTLS_ASN1_PARSE_C
 #define MBEDTLS_ASN1_WRITE_C
@@ -56,6 +55,7 @@
 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
 #define MBEDTLS_RSA_C
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
 #endif
 
 #define MBEDTLS_SHA256_C
diff --git a/plat/arm/board/common/board_arm_trusted_boot.c b/plat/arm/board/common/board_arm_trusted_boot.c
index 5d36d1780..6c03c91b5 100644
--- a/plat/arm/board/common/board_arm_trusted_boot.c
+++ b/plat/arm/board/common/board_arm_trusted_boot.c
@@ -18,6 +18,7 @@
 /* ROTPK locations */
 #define ARM_ROTPK_REGS_ID		1
 #define ARM_ROTPK_DEVEL_RSA_ID		2
+#define ARM_ROTPK_DEVEL_ECDSA_ID	3
 
 static const unsigned char rotpk_hash_hdr[] =		\
 		"\x30\x31\x30\x0D\x06\x09\x60\x86\x48"	\
@@ -41,6 +42,12 @@ static const unsigned char arm_devel_rotpk_hash[] =	\
 		"\x37\x7A\x72\x47\x1B\xEC\x32\x73"	\
 		"\xE9\x92\x32\xE2\x49\x59\xF6\x5E"	\
 		"\x8B\x4A\x4A\x46\xD8\x22\x9A\xDA";
+#elif (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_ECDSA_ID)
+static const unsigned char arm_devel_rotpk_hash[] =	\
+		"\x2E\x40\xBF\x6E\xF9\x12\xBB\x98"	\
+		"\x31\x71\x09\x0E\x1E\x15\x3D\x0B"	\
+		"\xFD\xD1\xCC\x69\x4A\x98\xEB\x8B"	\
+		"\xA0\xB0\x20\x86\x4E\x6C\x07\x17";
 #endif
 
 /*
@@ -69,7 +76,8 @@ int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
 	memcpy(rotpk_hash_der, rotpk_hash_hdr, rotpk_hash_hdr_len);
 	dst = (uint8_t *)&rotpk_hash_der[rotpk_hash_hdr_len];
 
-#if (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_RSA_ID)
+#if (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_RSA_ID) \
+	|| (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_ECDSA_ID)
 	memcpy(dst, arm_devel_rotpk_hash, SHA256_BYTES);
 #elif (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_REGS_ID)
 	uint32_t *src, tmp;
@@ -121,7 +129,8 @@ int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
 		*dst++ = (uint8_t)((tmp >> 8) & 0xFF);
 		*dst++ = (uint8_t)(tmp & 0xFF);
 	}
-#endif /* (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_RSA_ID) */
+#endif /* (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_RSA_ID) \
+		  || (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_ECDSA_ID) */
 
 	*key_ptr = (void *)rotpk_hash_der;
 	*key_len = (unsigned int)sizeof(rotpk_hash_der);
diff --git a/plat/arm/board/common/board_common.mk b/plat/arm/board/common/board_common.mk
index 46672982c..643047ce7 100644
--- a/plat/arm/board/common/board_common.mk
+++ b/plat/arm/board/common/board_common.mk
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -22,7 +22,11 @@ ifneq (${TRUSTED_BOARD_BOOT},0)
     ifeq (${ARM_ROTPK_LOCATION}, regs)
         ARM_ROTPK_LOCATION_ID = ARM_ROTPK_REGS_ID
     else ifeq (${ARM_ROTPK_LOCATION}, devel_rsa)
+        KEY_ALG := rsa
         ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_RSA_ID
+    else ifeq (${ARM_ROTPK_LOCATION}, devel_ecdsa)
+        KEY_ALG := ecdsa
+        ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_ECDSA_ID
     else
         $(error "Unsupported ARM_ROTPK_LOCATION value")
     endif
diff --git a/plat/arm/board/common/rotpk/arm_rotpk_ecdsa.der b/plat/arm/board/common/rotpk/arm_rotpk_ecdsa.der
new file mode 100644
index 0000000000000000000000000000000000000000..254787720cfd07278a7dd446f9feec5e06f1d431
GIT binary patch
literal 91
zcmXqrG!SNE*J|@PXUoLM#sOw9GqN)~F|f>j=CRkr;^Cqtp9>y_?AG59<;C;=Q2Xrz
vzZ+lv{5iF@ZUIj{*OdoJUQ^=V1l77EpO~Nc>)7eK?BKOJN2l;gwM_&7S+Xee

literal 0
HcmV?d00001

diff --git a/plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin b/plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin
new file mode 100644
index 000000000..c5e123abb
--- /dev/null
+++ b/plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin
@@ -0,0 +1 @@
+.@¿nù»˜1q	=ýÑÌiJ˜ë‹ ° †Nl
\ No newline at end of file
diff --git a/plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem b/plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem
new file mode 100644
index 000000000..fb328e3cd
--- /dev/null
+++ b/plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEINSaX6nvzS3teiBJA7WlTLRKJOajpy29o2cArLbUXoZBoAoGCCqGSM49
+AwEHoUQDQgAEm+ZIvTQ44aKk83DhVLsvsFpKDP/Ch9vA+4Hp+fmVfX6gDH8K1OBi
+SpRf7FJ9RGPIn2H6xst+a1OtLMWUDRqGkQ==
+-----END EC PRIVATE KEY-----
diff --git a/plat/arm/board/juno/platform.mk b/plat/arm/board/juno/platform.mk
index 79916cdad..5cd125bff 100644
--- a/plat/arm/board/juno/platform.mk
+++ b/plat/arm/board/juno/platform.mk
@@ -91,6 +91,3 @@ include plat/arm/common/arm_common.mk
 include plat/arm/soc/common/soc_css.mk
 include plat/arm/css/common/css_common.mk
 
-ifeq (${KEY_ALG},ecdsa)
-    $(error "ECDSA key algorithm is not fully supported on Juno.")
-endif

From dcbf3932fd58537695dfcd8ccacb1a76fd193b48 Mon Sep 17 00:00:00 2001
From: Qixiang Xu <qixiang.xu@arm.com>
Date: Thu, 24 Aug 2017 15:26:39 +0800
Subject: [PATCH 3/3] Dynamic selection of ECDSA or RSA

Add new option rsa+ecdsa for TF_MBEDTLS_KEY_ALG, which selects
rsa or ecdsa depending on the certificate used.

Change-Id: I08d9e99bdbba361ed2ec5624248dc382c750ad47
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
---
 docs/auth-framework.rst                       | 11 +++++----
 drivers/auth/mbedtls/mbedtls_common.c         |  3 ++-
 drivers/auth/mbedtls/mbedtls_crypto.mk        | 24 ++++++++++++-------
 include/drivers/auth/mbedtls/mbedtls_config.h |  7 ++++++
 4 files changed, 32 insertions(+), 13 deletions(-)

diff --git a/docs/auth-framework.rst b/docs/auth-framework.rst
index 765d9f89b..3a054c7fb 100644
--- a/docs/auth-framework.rst
+++ b/docs/auth-framework.rst
@@ -921,9 +921,12 @@ three functions:
     int verify_hash(void *data_ptr, unsigned int data_len,
                     void *digest_info_ptr, unsigned int digest_info_len);
 
-The key algorithm (rsa, ecdsa) must be specified in the build system using the
-``TF_MBEDTLS_KEY_ALG`` variable, so the Makefile can include the corresponding
-sources in the build.
+The mbedTLS library algorithm support is configured by the
+``TF_MBEDTLS_KEY_ALG`` variable which can take in 3 values: `rsa`, `ecdsa` or
+`rsa+ecdsa`. This variable allows the Makefile to include the corresponding
+sources in the build for the various algorthms. Setting the variable to
+`rsa+ecdsa` enables support for both rsa and ecdsa algorithms in the mbedTLS
+library.
 
 Note: If code size is a concern, the build option ``MBEDTLS_SHA256_SMALLER`` can
 be defined in the platform Makefile. It will make mbed TLS use an implementation
@@ -931,7 +934,7 @@ of SHA-256 with smaller memory footprint (~1.5 KB less) but slower (~30%).
 
 --------------
 
-*Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.*
+*Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.*
 
 .. _Trusted Board Boot: ./trusted-board-boot.rst
 .. _Platform Porting Guide: ./porting-guide.rst
diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c
index cc57af39d..205c2432a 100644
--- a/drivers/auth/mbedtls/mbedtls_common.c
+++ b/drivers/auth/mbedtls/mbedtls_common.c
@@ -14,7 +14,8 @@
 /*
  * mbed TLS heap
  */
-#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA)
+#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA) \
+	|| (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
 #define MBEDTLS_HEAP_SIZE		(13*1024)
 #elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
 #define MBEDTLS_HEAP_SIZE		(7*1024)
diff --git a/drivers/auth/mbedtls/mbedtls_crypto.mk b/drivers/auth/mbedtls/mbedtls_crypto.mk
index 21b857bff..d6fc7eb53 100644
--- a/drivers/auth/mbedtls/mbedtls_crypto.mk
+++ b/drivers/auth/mbedtls/mbedtls_crypto.mk
@@ -41,18 +41,26 @@ MBEDTLS_CRYPTO_SOURCES		:=	drivers/auth/mbedtls/mbedtls_crypto.c	\
 					)
 
 # Key algorithm specific files
+MBEDTLS_ECDSA_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
+					ecdsa.c					\
+					ecp_curves.c				\
+					ecp.c					\
+					)
+
+MBEDTLS_RSA_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
+					rsa.c					\
+					)
+
 ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
-    MBEDTLS_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
-    					ecdsa.c					\
-    					ecp_curves.c				\
-    					ecp.c					\
-    					)
+    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_ECDSA_CRYPTO_SOURCES)
     TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_ECDSA
 else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
-    MBEDTLS_CRYPTO_SOURCES	+=	$(addprefix ${MBEDTLS_DIR}/library/,	\
-    					rsa.c					\
-    					)
+    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_RSA_CRYPTO_SOURCES)
     TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA
+else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
+    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_ECDSA_CRYPTO_SOURCES)
+    MBEDTLS_CRYPTO_SOURCES	+=	$(MBEDTLS_RSA_CRYPTO_SOURCES)
+    TF_MBEDTLS_KEY_ALG_ID	:=	TF_MBEDTLS_RSA_AND_ECDSA
 else
     $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
 endif
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h
index 7aa4dee10..ca2d9fad8 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/mbedtls_config.h
@@ -11,6 +11,7 @@
  */
 #define TF_MBEDTLS_RSA			1
 #define TF_MBEDTLS_ECDSA		2
+#define TF_MBEDTLS_RSA_AND_ECDSA	3
 
 /*
  * Configuration file to build mbed TLS with the required features for
@@ -56,6 +57,12 @@
 #elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA)
 #define MBEDTLS_RSA_C
 #define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#elif (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+#define MBEDTLS_RSA_C
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #endif
 
 #define MBEDTLS_SHA256_C