github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-05-05 15:06:58 +00:00
Code Issues Projects Releases Wiki Activity
e49929a776
acrn-hypervisor/hypervisor/include/lib/crypto/crypto_api.h
Chen, Gang G fc9ec5d88f hv: Derive decryption key from Seed for Trusty to decrypt attestation keybox 
CSE FW uses an AEK (Attestation keybox Encryption Key) to encrypt the keybox
with AES-256-GCM algorithm before sending it to Android/Trusty. This key is
derived from the latest platform Seed by CSE FW with KDF (key derivation function)
HMAC-SHA256. After Trusty retrieves this encrypted keybox over HECI/MEI driver,
Trusty needs the same AEKkey to decrypt it. Hence, before Trusty launches,
Hypervisor derives the same AEK key from Platform Seed with the same algorithm
and the same derivation parameters, then sends this AEK along with Trusty vSeed
to Trusty world memory.

Since Platform Seed is only visible to Hypervisor and it must not be
sent to any guest VM, only Hypervisor can derive this AEK from this
Platform Seed, just like previous per-Trusty virtual Seed derivation.
Please note that Android Attestation Keybox is shared in a single hardware
platform, so all the Trusty instance/world can get the same AEK for
decryption even if there are multiple Android User OS/VMs running
on top of Hypervisor.

v1 --> v2:
	Add detailed description why we need the patch to derive an extra key

v2 --> v3:
	Convert API descriptions to Doxygen

Tracked-On: #1812
Reviewed-by: Bing Zhu <bing.zhu@intel.com>
Reviewed-by: Kai Wang <kai.z.wang@intel.com>
Signed-off-by: Chen Gang G <gang.g.chen@intel.com>
Acked-by: Bing Zhu <bing.zhu@intel.com>
2018-11-20 09:22:37 +08:00

65 lines
2.0 KiB
C
Raw Blame History

/*
* Copyright (C) 2018 Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/**
* @file crypto_api.h
*
* @brief public APIs for crypto functions
*/
#ifndef CRYPTO_API_H
#define CRYPTO_API_H
#include <types.h>
/**
* @brief HMAC-based Extract-and-Expand Key Derivation Function.
*
* @param out_key Pointer to key buffer which is used to save
* hkdf_sha256 result
* @param out_len The length of out_key
* @param secret Pointer to input keying material
* @param secret_len The length of secret
* @param salt Pointer to salt buffer, it is optional
* if not provided (salt == NULL), it is set internally
* to a string of hashlen(32) zeros
* @param salt_len The length of the salt value
* Ignored if salt is NULL
* @param info Pointer to application specific information, it is
* optional. Ignored if info == NULL or a zero-length string
* @param info_len: The length of the info, ignored if info is NULL
*
* @return int 1 - Success 0 - Failure
*/
int hkdf_sha256(uint8_t *out_key, size_t out_len,
const uint8_t *secret, size_t secret_len,
const uint8_t *salt, size_t salt_len,
const uint8_t *info, size_t info_len);
/**
* @brief This function calculates the full generic HMAC
* on the input buffer with the provided key.
*
* The function allocates the context, performs the
* calculation, and frees the context.
*
* The HMAC result is calculated as
* output = generic HMAC(hmac key, input buffer).
*
* @param out_key The generic HMAC result
* @param secret The HMAC secret key
* @param secret_len The length of the HMAC secret key in Bytes
* @param salt The buffer holding the input data
* @param salt_len The length of the input data
*
* @return int 1 - Success 0 - Failure
*/
int hmac_sha256(uint8_t *out_key,
const uint8_t *secret, size_t secret_len,
const uint8_t *salt, size_t salt_len);
#endif /* CRYPTO_API_H */
Reference in New Issue View Git Blame Copy Permalink