1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2019, Linaro Limited 4 */ 5 6 #ifndef __KERNEL_HUK_SUBKEY_H 7 #define __KERNEL_HUK_SUBKEY_H 8 9 #include <tee_api_types.h> 10 #include <types_ext.h> 11 #include <utee_defines.h> 12 13 /* 14 * enum huk_subkey_usage - subkey usage identifier 15 * @HUK_SUBKEY_RPMB: RPMB key 16 * @HUK_SUBKEY_SSK: Secure Storage key 17 * @HUK_SUBKEY_DIE_ID: Representing the die ID 18 * @HUK_SUBKEY_UNIQUE_TA: TA unique key 19 * @HUK_SUBKEY_TA_ENC: TA encryption key 20 * @HUK_SUBKEY_SE050: SCP03 set of encryption keys 21 * 22 * Add more identifiers as needed, be careful to not change the already 23 * assigned numbers as that will affect the derived subkey. 24 */ 25 enum huk_subkey_usage { 26 /* 27 * All IDs are explicitly assigned to make it easier to keep then 28 * constant. 29 */ 30 HUK_SUBKEY_RPMB = 0, 31 HUK_SUBKEY_SSK = 1, 32 HUK_SUBKEY_DIE_ID = 2, 33 HUK_SUBKEY_UNIQUE_TA = 3, 34 HUK_SUBKEY_TA_ENC = 4, 35 HUK_SUBKEY_SE050 = 5, 36 }; 37 38 #define HUK_SUBKEY_MAX_LEN TEE_SHA256_HASH_SIZE 39 40 /* 41 * huk_subkey_derive() - Derive a subkey from the hardware unique key 42 * @usage: Intended usage of the subkey 43 * @const_data: Constant data to generate different subkeys with 44 * the same usage 45 * @const_data_len: Length of constant data 46 * @subkey: Generated subkey 47 * @subkey_len: Required size of the subkey, sizes larger than 48 * HUK_SUBKEY_MAX_LEN are not accepted. 49 * 50 * Returns a subkey derived from the hardware unique key. Given the same 51 * input the same subkey is returned each time. 52 * 53 * Return TEE_SUCCES on success or an error code on failure. 54 */ 55 TEE_Result huk_subkey_derive(enum huk_subkey_usage usage, 56 const void *const_data, size_t const_data_len, 57 uint8_t *subkey, size_t subkey_len); 58 59 60 #endif /*__KERNEL_HUK_SUBKEY_H*/ 61