secure_storage: Add AEAD key provider for Series 2 HSE

asmellby · jhedberg · commit 9b1319f8b117 · 2025-10-01T14:41:46.000+03:00
Add AEAD key provider using AES-CMAC to derive a storage key from
a device-unique builtin key on devices with hardware Secure Engine.

The key provider is used with the AEAD transform implementation in
the Secure Storage subsystem.

Signed-off-by: Aksel Skauge Mellbye &lt;aksel.mellbye@silabs.com&gt;
diff --git a/soc/silabs/silabs_s2/CMakeLists.txt b/soc/silabs/silabs_s2/CMakeLists.txt
@@ -1,2 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
 # Copyright (c) 2025 Silicon Laboratories Inc.
+
+zephyr_library_sources_ifdef(CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_PROVIDER_SILABS
+  secure_storage_aead_get.c
+)
diff --git a/soc/silabs/silabs_s2/Kconfig b/soc/silabs/silabs_s2/Kconfig
@@ -34,4 +34,18 @@ config MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
 	  implement mbedtls_psa_platform_get_builtin_key().
 
 endif
+
+if SECURE_STORAGE
+
+config SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_PROVIDER_SILABS
+	bool "Secure Storage ITS transform AEAD key provider using Silicon Labs SE builtin key"
+	default y
+	depends on $(dt_has_compat,$(DT_COMPAT_SILABS_GECKO_SEMAILBOX))
+	select MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+	select PSA_WANT_KEY_TYPE_AES
+	select PSA_WANT_ALG_CMAC
+	imply HWINFO
+
+endif
+
 endif
diff --git a/soc/silabs/silabs_s2/Kconfig.defconfig b/soc/silabs/silabs_s2/Kconfig.defconfig
@@ -1,2 +1,13 @@
 # SPDX-License-Identifier: Apache-2.0
 # Copyright (c) 2025 Silicon Laboratories Inc.
+
+if SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_PROVIDER_SILABS
+
+choice SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_PROVIDER
+	default SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_PROVIDER_CUSTOM
+endchoice
+
+configdefault SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_SIZE
+	default 16
+
+endif
diff --git a/soc/silabs/silabs_s2/secure_storage_aead_get.c b/soc/silabs/silabs_s2/secure_storage_aead_get.c
@@ -0,0 +1,75 @@
+/*
+ * SPDX-License-Identifier: Apache-2.0
+ * Copyright (c) 2025 Silicon Laboratories Inc.
+ */
+
+#include <../library/psa_crypto_driver_wrappers.h>
+#include <zephyr/secure_storage/its/transform/aead_get.h>
+#include <zephyr/drivers/hwinfo.h>
+#include <zephyr/logging/log.h>
+#include <psa/crypto.h>
+#include <string.h>
+
+LOG_MODULE_DECLARE(secure_storage, CONFIG_SECURE_STORAGE_LOG_LEVEL);
+
+psa_status_t secure_storage_its_transform_aead_get_key(
+	secure_storage_its_uid_t uid,
+	uint8_t key[static CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_SIZE])
+{
+	psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+	psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+	psa_key_lifetime_t builtin_lifetime;
+	psa_drv_slot_number_t builtin_slot;
+
+	size_t builtin_key_buffer_length = 0;
+	uint8_t builtin_key_buffer[4];
+	size_t session_key_length = 0;
+	ssize_t hwinfo_ret;
+	struct {
+		uint8_t device_id[8];
+		secure_storage_its_uid_t uid;
+	} __packed data;
+
+	/* Use device ID combined with storage uid as IV for key derivation */
+	hwinfo_ret = hwinfo_get_device_id(data.device_id, sizeof(data.device_id));
+	if (hwinfo_ret < sizeof(data.device_id)) {
+		LOG_ERR("Failed to get device ID. (%zd)", hwinfo_ret);
+		return PSA_ERROR_HARDWARE_FAILURE;
+	}
+	data.uid = uid;
+
+	/* Get builtin key attributes */
+	psa_set_key_id(&attributes, SL_SE_BUILTIN_KEY_TRUSTZONE_ID);
+	status = mbedtls_psa_platform_get_builtin_key(psa_get_key_id(&attributes),
+						      &builtin_lifetime, &builtin_slot);
+	if (status != PSA_SUCCESS) {
+		return status;
+	}
+
+	/* Load builtin key using PSA driver API. Need to use driver wrapper directly since we are
+	 * implementing the key storage used by the PSA crypto core, and therefore can't rely on
+	 * the regular PSA crypto API.
+	 */
+	psa_set_key_lifetime(&attributes, builtin_lifetime);
+	status = psa_driver_wrapper_get_builtin_key(builtin_slot, &attributes, builtin_key_buffer,
+						    sizeof(builtin_key_buffer),
+						    &builtin_key_buffer_length);
+	if (status != PSA_SUCCESS) {
+		return status;
+	}
+
+	/* Derive session key from built-in key using AES-CMAC */
+	status = psa_driver_wrapper_mac_compute(
+		&attributes, builtin_key_buffer, builtin_key_buffer_length, PSA_ALG_CMAC,
+		(const uint8_t *)&data, sizeof(data), key,
+		CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_SIZE, &session_key_length);
+
+	/* Verify that key derivation was successful before transferring the key to the caller */
+	if (status != PSA_SUCCESS ||
+	    session_key_length != CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_SIZE) {
+		memset(key, 0, CONFIG_SECURE_STORAGE_ITS_TRANSFORM_AEAD_KEY_SIZE);
+		return PSA_ERROR_HARDWARE_FAILURE;
+	}
+
+	return status;
+}
