Jarkko,

On 25.09.2023, at 17:34, Jarkko Sakkinen [off-list ref] wrote:

On Mon Sep 18, 2023 at 5:18 PM EEST, David Gstir wrote:

quoted

DCP (Data Co-Processor) is the little brother of NXP's CAAM IP.

Beside of accelerated crypto operations, it also offers support for
hardware-bound keys. Using this feature it is possible to implement a blob
mechanism just like CAAM offers. Unlike on CAAM, constructing and
parsing the blob has to happen in software.

We chose the following format for the blob:

Who is we?

The authors of this patch. But I’ll rephrase that to get rid
of the academic paper style.

And there is no choosing anything if the below structure if hardware
defined (not software defined):

The below structure is actually software-defined by this patch.
Contrary to CAAM, DCP does not have a key blob feature.
DCP’s hardware-bound UNIQUE or OTP key is used to bind
these key blobs to a specific DCP chip.

quoted

/*
* struct dcp_blob_fmt - DCP BLOB format.
*
* @fmt_version: Format version, currently being %1
* @blob_key: Random AES 128 key which is used to encrypt @payload,
*            @blob_key itself is encrypted with OTP or UNIQUE device key in
*            AES-128-ECB mode by DCP.
* @nonce: Random nonce used for @payload encryption.
* @payload_len: Length of the plain text @payload.
* @payload: The payload itself, encrypted using AES-128-GCM and @blob_key,
*           GCM auth tag of size AES_BLOCK_SIZE is attached at the end of it.
*
* The total size of a DCP BLOB is sizeof(struct dcp_blob_fmt) + @payload_len +
* AES_BLOCK_SIZE.
*/
struct dcp_blob_fmt {
__u8 fmt_version;
__u8 blob_key[AES_KEYSIZE_128];
__u8 nonce[AES_KEYSIZE_128];
__le32 payload_len;
__u8 payload[];
} __packed;

@payload is the key provided by trusted_key_ops->seal().

By default the UNIQUE device key is used, it is also possible to use
the OTP key. While the UNIQUE device key should be unique it is not
entirely clear whether this is the case due to unclear documentation.
If someone wants to be sure they can burn their own unique key
into the OTP fuse and set the use_otp_key module parameter.

Co-developed-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
Co-developed-by: David Oberhollenzer <redacted>
Signed-off-by: David Oberhollenzer <redacted>
Signed-off-by: David Gstir <david@sigma-star.at>
---
.../admin-guide/kernel-parameters.txt         |  13 +

Separate commit for this.

quoted

MAINTAINERS                                   |   9 +

Ditto (i.e. total two additional patches).

Will do for v4! 

Thanks,
- David