[nrf noup] Overwrite SessionKeystore implementations for KMU

Currently, Cracen KMU doesn't support PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8) yet, so we need to use PSA_ALG_CCM. Also we need to use PSA_KEY_USAGE_EXPORT to copy key from ITS to KMU slots. Signed-off-by: Arkadiusz Balys <[email protected]>
nrfconnect · Jan 28, 2025 · 9017448 · 9017448
1 parent a35590d
commit 9017448
Show file tree

Hide file tree

Showing 2 changed files with 115 additions and 0 deletions.
diff --git a/src/platform/nrfconnect/crypto/KMUSessionKeystore.cpp b/src/platform/nrfconnect/crypto/KMUSessionKeystore.cpp
@@ -24,6 +24,112 @@
 namespace chip {
 namespace Crypto {
 
+namespace {
+class KeyAttributesBase
+{
+public:
+    KeyAttributesBase(psa_key_type_t type, psa_algorithm_t algorithm, psa_key_usage_t usageFlags, size_t bits)
+    {
+        psa_set_key_type(&mAttrs, type);
+        psa_set_key_algorithm(&mAttrs, algorithm);
+        psa_set_key_usage_flags(&mAttrs, usageFlags);
+        psa_set_key_bits(&mAttrs, bits);
+    }
+
+    ~KeyAttributesBase() { psa_reset_key_attributes(&mAttrs); }
+
+    const psa_key_attributes_t & Get() { return mAttrs; }
+
+private:
+    psa_key_attributes_t mAttrs = PSA_KEY_ATTRIBUTES_INIT;
+};
+
+// TODO: Remove this class once the Cracen supports copying keys and PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8)
+class KMUAesKeyAttributes : public KeyAttributesBase
+{
+public:
+    // TODO: Currently we need to use EXPORT flag because the Cracen does not support copying keys from ITS to KMU
+    // We need to use PSA_ALG_CCM because the KMU does not support PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG
+    KMUAesKeyAttributes() :
+        KeyAttributesBase(PSA_KEY_TYPE_AES, PSA_ALG_CCM, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT,
+                          CHIP_CRYPTO_SYMMETRIC_KEY_LENGTH_BYTES * 8)
+    {}
+};
+
+// TODO: Remove this class once the Cracen supports copying keys
+class KMUHmacKeyAttributes : public KeyAttributesBase
+{
+public:
+    // TODO: Currently we need to use EXPORT flag because the Cracen does not support copying keys from ITS to KMU
+    KMUHmacKeyAttributes() :
+        KeyAttributesBase(PSA_KEY_TYPE_HMAC, PSA_ALG_HMAC(PSA_ALG_SHA_256), PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT,
+                          CHIP_CRYPTO_SYMMETRIC_KEY_LENGTH_BYTES * 8)
+    {}
+};
+} // namespace
+
+// TODO: Remove this implementation once the Cracen supports the base AesKeyAttributes implementation from PSASessionKeystore
+CHIP_ERROR KMUSessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key)
+{
+    // Destroy the old key if already allocated
+    DestroyKey(key);
+
+    KMUAesKeyAttributes attrs;
+    psa_status_t status =
+        psa_import_key(&attrs.Get(), keyMaterial, sizeof(Symmetric128BitsKeyByteArray), &key.AsMutable<psa_key_id_t>());
+    LogPsaError(status);
+    VerifyOrReturnError(status == PSA_SUCCESS, CHIP_ERROR_INTERNAL);
+
+    return CHIP_NO_ERROR;
+}
+
+// TODO: Remove this implementation once the Cracen supports the base HmacKeyAttributes implementation from PSASessionKeystore
+CHIP_ERROR KMUSessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128KeyHandle & key)
+{
+    // Destroy the old key if already allocated
+    DestroyKey(key);
+
+    KMUHmacKeyAttributes attrs;
+    psa_status_t status =
+        psa_import_key(&attrs.Get(), keyMaterial, sizeof(Symmetric128BitsKeyByteArray), &key.AsMutable<psa_key_id_t>());
+    LogPsaError(status);
+    VerifyOrReturnError(status == PSA_SUCCESS, CHIP_ERROR_INTERNAL);
+
+    return CHIP_NO_ERROR;
+}
+
+// TODO: Remove this implementation once the Cracen supports the base AesKeyAttributes implementation from PSASessionKeystore
+CHIP_ERROR KMUSessionKeystore::DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info,
+                                         Aes128KeyHandle & key)
+{
+    PsaKdf kdf;
+    ReturnErrorOnFailure(kdf.Init(secret.Span(), salt, info));
+
+    KMUAesKeyAttributes attrs;
+
+    return kdf.DeriveKey(attrs.Get(), key.AsMutable<psa_key_id_t>());
+}
+
+CHIP_ERROR KMUSessionKeystore::DeriveSessionKeys(PsaKdf & kdf, Aes128KeyHandle & i2rKey, Aes128KeyHandle & r2iKey,
+                                                 AttestationChallenge & attestationChallenge)
+{
+    CHIP_ERROR error;
+    KMUAesKeyAttributes attrs;
+
+    SuccessOrExit(error = kdf.DeriveKey(attrs.Get(), i2rKey.AsMutable<psa_key_id_t>()));
+    SuccessOrExit(error = kdf.DeriveKey(attrs.Get(), r2iKey.AsMutable<psa_key_id_t>()));
+    SuccessOrExit(error = kdf.DeriveBytes(MutableByteSpan(attestationChallenge.Bytes(), AttestationChallenge::Capacity())));
+
+exit:
+    if (error != CHIP_NO_ERROR)
+    {
+        DestroyKey(i2rKey);
+        DestroyKey(r2iKey);
+    }
+
+    return error;
+}
+
 #if CHIP_CONFIG_ENABLE_ICD_CIP
 CHIP_ERROR KMUSessionKeystore::PersistICDKey(Symmetric128BitsKeyHandle & key)
 {

diff --git a/src/platform/nrfconnect/crypto/KMUSessionKeystore.h b/src/platform/nrfconnect/crypto/KMUSessionKeystore.h
@@ -28,6 +28,15 @@ class KMUSessionKeystore : public PSASessionKeystore
 #if CHIP_CONFIG_ENABLE_ICD_CIP
     CHIP_ERROR PersistICDKey(Symmetric128BitsKeyHandle & key) override;
 #endif
+
+    // TODO: Remove these functions once the Cracen supports the base AesKeyAttributes and HmacKeyAttributes implementation from
+    // PSASessionKeystore
+    CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) override;
+    CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128KeyHandle & key) override;
+    CHIP_ERROR DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info,
+                         Aes128KeyHandle & key) override;
+    CHIP_ERROR DeriveSessionKeys(PsaKdf & kdf, Aes128KeyHandle & i2rKey, Aes128KeyHandle & r2iKey,
+                                 AttestationChallenge & attestationChallenge) override;
 };
 
 } // namespace Crypto