HV: wrap and enable hkdf_sha256 key derivation based on mbedtls

Derive multiple seeds to support multiple guest VMs

Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>

hypervisor/Makefile

@@ -157,7 +157,11 @@ C_SRCS += lib/mdelay.c
 C_SRCS += lib/div.c
 C_SRCS += lib/string.c
 C_SRCS += lib/memory.c
-C_SRCS += lib/crypto/hkdf.c
+C_SRCS += lib/crypto/hkdf_wrap.c
+C_SRCS += lib/crypto/mbedtls/hkdf.c
+C_SRCS += lib/crypto/mbedtls/sha256.c
+C_SRCS += lib/crypto/mbedtls/md.c
+C_SRCS += lib/crypto/mbedtls/md_wrap.c
 C_SRCS += lib/sprintf.c
 C_SRCS += common/softirq.c
 C_SRCS += common/hv_main.c

hypervisor/arch/x86/trusty.c

@@ -5,7 +5,7 @@
  */
 
 #include <hypervisor.h>
-#include <hkdf.h>
+#include <hkdf_wrap.h>
 
 #define ACRN_DBG_TRUSTY 6U
 

hypervisor/include/lib/crypto/hkdf_wrap.h

@@ -4,8 +4,8 @@
  * SPDX-License-Identifier: BSD-3-Clause
  */
 
-#ifndef HKDF_H
-#define HKDF_H
+#ifndef HKDF_WRAP_H
+#define HKDF_WRAP_H
 
 #include <types.h>
 
@@ -38,7 +38,7 @@
  */
 int hkdf_sha256(uint8_t *out_key, size_t out_len,
 		const uint8_t *secret, size_t secret_len,
-		__unused const uint8_t *salt, __unused size_t salt_len,
-		__unused const uint8_t *info, __unused size_t info_len);
+		const uint8_t *salt, size_t salt_len,
+		const uint8_t *info, size_t info_len);
 
-#endif  /* HKDF_H */
+#endif  /* HKDF_WRAP_H */

hypervisor/lib/crypto/hkdf.c

@@ -1,24 +0,0 @@
-/*
- * Copyright (C) 2018 Intel Corporation. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <rtl.h>
-#include <hkdf.h>
-
-int hkdf_sha256(uint8_t *out_key, size_t out_len,
-		const uint8_t *secret, size_t secret_len,
-		__unused const uint8_t *salt, __unused size_t salt_len,
-		__unused const uint8_t *info, __unused size_t info_len)
-{
-	/* FIXME: currently, we only support one AaaG/Trusty
-	 * instance, so just simply copy the h/w seed to Trusty.
-	 * In the future, we will choose another crypto library
-	 * to derive multiple seeds in order to support multiple
-	 * AaaG/Trusty instances.
-	 */
-	(void)memcpy_s(out_key, out_len, secret, secret_len);
-
-	return 1;
-}

hypervisor/lib/crypto/hkdf_wrap.c

@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2018 Intel Corporation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <rtl.h>
+#include "mbedtls/hkdf.h"
+
+int hkdf_sha256(uint8_t *out_key, size_t out_len,
+		const uint8_t *secret, size_t secret_len,
+		const uint8_t *salt, size_t salt_len,
+		const uint8_t *info, size_t info_len)
+{
+	const mbedtls_md_info_t *md;
+
+	md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
+	if (!md) {
+		return 0;
+	}
+
+	if (mbedtls_hkdf(md,
+			salt, salt_len,
+			secret, secret_len,
+			info, info_len,
+			out_key, out_len) != 0) {
+		return 0;
+	}
+
+	return 1;
+}

hypervisor/lib/crypto/mbedtls/hkdf.c

@@ -168,7 +168,7 @@ int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
         }
 
         num_to_copy = i != n ? hash_len : okm_len - where;
-        memcpy( okm + where, t, num_to_copy );
+        memcpy_s( okm + where, num_to_copy, t, num_to_copy );
         where += hash_len;
         t_len = hash_len;
     }

hypervisor/lib/crypto/mbedtls/md.c

@@ -24,6 +24,7 @@
  *  This file is part of mbed TLS (https://tls.mbed.org)
  */
 
+#include <hypervisor.h>
 #include "md.h"
 #include "md_internal.h"
 

hypervisor/lib/crypto/mbedtls/md.h

@@ -28,12 +28,14 @@
 #ifndef MBEDTLS_MD_H
 #define MBEDTLS_MD_H
 
+#include <rtl.h>
 #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE                -0x5080  /**< The selected feature is not available. */
 #define MBEDTLS_ERR_MD_BAD_INPUT_DATA                     -0x5100  /**< Bad input parameters to function. */
 #define MBEDTLS_ERR_MD_ALLOC_FAILED                       -0x5180  /**< Failed to allocate memory. */
 #define MBEDTLS_ERR_MD_FILE_IO_ERROR                      -0x5200  /**< Opening or reading of file failed. */
 #define MBEDTLS_ERR_MD_HW_ACCEL_FAILED                    -0x5280  /**< MD hardware accelerator failed. */
 
+#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len)
 #define mbedtls_calloc    calloc
 #define mbedtls_free      free
 

hypervisor/lib/crypto/mbedtls/md_wrap.c

@@ -24,6 +24,7 @@
  *  This file is part of mbed TLS (https://tls.mbed.org)
  */
 
+#include <hypervisor.h>
 #include "md_internal.h"
 #include "sha256.h"
 

hypervisor/lib/crypto/mbedtls/sha256.c

@@ -221,7 +221,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
 
     if( left && ilen >= fill )
     {
-        memcpy( (void *) (ctx->buffer + left), input, fill );
+        memcpy_s( (void *) (ctx->buffer + left), fill, input, fill );
 
         if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
             return( ret );
@@ -241,7 +241,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
     }
 
     if( ilen > 0 )
-        memcpy( (void *) (ctx->buffer + left), input, ilen );
+        memcpy_s( (void *) (ctx->buffer + left), ilen, input, ilen );
 
     return( 0 );
 }

hypervisor/lib/crypto/mbedtls/sha256.h

@@ -28,6 +28,7 @@
 #ifndef MBEDTLS_SHA256_H
 #define MBEDTLS_SHA256_H
 
+#include <types.h>
 #define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED                -0x0037  /**< SHA-256 hardware accelerator failed */
 
 /**