nrf_security: cracen: kmu: add slot blocking function

Plus some minor improvements.

Signed-off-by: Tomi Fontanilles <[email protected]>

Author: tomi-font

subsys/nrf_security/src/drivers/cracen/common/include/cracen/lib_kmu.h

@@ -92,6 +92,18 @@ int lib_kmu_provision_slot(int slot_id, struct kmu_src *kmu_src);
  */
 int lib_kmu_push_slot(int slot_id);
 
+/** @brief Block one or more consecutive KMU slots.
+ *
+ *  @param[in] slot_id ID of the first KMU slot to block.
+ *  @param[in] slot_count Number of consecutive slots to block.
+ *
+ *  @return LIB_KMU_SUCCESS        If the operation was successful.
+ *  @return -LIB_KMU_ERROR         If the operation returned an error.
+ *
+ *  @note This uses the `PUSHBLOCK` task on devices that do not have the `BLOCK` one.
+ */
+int lib_kmu_block_slot_range(int slot_id, unsigned int slot_count);
+
 /** @brief Revoke the KMU slot.
  *
  *  @param[in] slot_id Slot id of the KMU slot.

subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_kmu.h

@@ -55,16 +55,22 @@ enum cracen_kmu_metadata_key_usage_scheme {
 	CRACEN_KMU_KEY_USAGE_SCHEME_RAW
 };
 
-/**
- * @brief Retrieves the slot number for a given key handle.
+/** Retrieves the slot number for a given key handle.
  *
  * @param[in]  key_id      Key handler.
  * @param[out] lifetime    Lifetime for key.
  * @param[out] slot_number The key's slot number.
- *
- * @return psa_status_t
  */
 psa_status_t cracen_kmu_get_key_slot(mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime,
 				     psa_drv_slot_number_t *slot_number);
 
+/** Blocks a key in the KMU.
+ *
+ * @param[in] key_attr Attributes of the key to block.
+ *
+ * @note The underlying operation performed is a `BLOCK` on devices
+ *       that support it, and a `PUSHBLOCK` on those that don't.
+ */
+psa_status_t cracen_kmu_block(const psa_key_attributes_t *key_attr);
+
 #endif /* CRACEN_PSA_KMU_H */

subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c

@@ -155,7 +155,7 @@ static psa_status_t cracen_kmu_encrypt(const uint8_t *key, size_t key_length,
 				     encrypted_buffer_length);
 
 	if (status == PSA_SUCCESS) {
-		*encrypted_buffer_length += 16;
+		*encrypted_buffer_length += CRACEN_KMU_SLOT_KEY_SIZE;
 	}
 	return status;
 }
@@ -261,6 +261,13 @@ static psa_status_t read_primary_slot_metadata(unsigned int slot_id, kmu_metadat
 	return PSA_SUCCESS;
 }
 
+static psa_status_t get_kmu_slot_id_and_metadata(mbedtls_svc_key_id_t key_id,
+						 unsigned int *slot_id, kmu_metadata *metadata)
+{
+	*slot_id = CRACEN_PSA_GET_KMU_SLOT(MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id));
+	return read_primary_slot_metadata(*slot_id, metadata);
+}
+
 static bool can_sign(const psa_key_attributes_t *key_attr)
 {
 	return (psa_get_key_usage_flags(key_attr) & PSA_KEY_USAGE_SIGN_MESSAGE) ||
@@ -338,24 +345,66 @@ static psa_status_t end_provisioning(uint32_t slot_id, uint32_t num_slots)
 	return PSA_SUCCESS;
 }
 
+static psa_status_t get_kmu_slot_count(kmu_metadata metadata, const psa_key_attributes_t *key_attr,
+				       unsigned int *slot_count)
+{
+	switch (metadata.size) {
+	case METADATA_ALG_KEY_BITS_128:
+		*slot_count = 1;
+		break;
+	case METADATA_ALG_KEY_BITS_192:
+	case METADATA_ALG_KEY_BITS_255:
+	case METADATA_ALG_KEY_BITS_256:
+		if (psa_get_key_type(key_attr) ==
+			PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1)) {
+			*slot_count = 4;
+		} else {
+			*slot_count = 2;
+		}
+		break;
+	case METADATA_ALG_KEY_BITS_384_SEED:
+		*slot_count = 3;
+		break;
+	default:
+		return PSA_ERROR_DATA_INVALID;
+	}
+
+	if (metadata.key_usage_scheme == CRACEN_KMU_KEY_USAGE_SCHEME_ENCRYPTED) {
+		*slot_count += 2; /* nonce + tag */
+	}
+
+	return PSA_SUCCESS;
+}
+
+static psa_status_t get_kmu_slot_id_and_count(const psa_key_attributes_t *key_attr,
+					      unsigned int *slot_id, unsigned int *slot_count)
+{
+	kmu_metadata metadata;
+	psa_status_t status;
+
+	status = get_kmu_slot_id_and_metadata(psa_get_key_id(key_attr), slot_id, &metadata);
+	if (status != PSA_SUCCESS) {
+		return status;
+	}
+
+	return get_kmu_slot_count(metadata, key_attr, slot_count);
+}
+
 psa_status_t cracen_kmu_destroy_key(const psa_key_attributes_t *attributes)
 {
 	psa_key_location_t location =
 		PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes));
 
 	if (location == PSA_KEY_LOCATION_CRACEN_KMU) {
-		uint32_t slot_id = CRACEN_PSA_GET_KMU_SLOT(
-			MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(attributes)));
-		size_t num_slots = DIV_ROUND_UP(PSA_BITS_TO_BYTES(psa_get_key_bits(attributes)),
-						CRACEN_KMU_SLOT_KEY_SIZE);
 		psa_status_t status;
+		unsigned int slot_id, slot_count;
 
-		if (CRACEN_PSA_GET_KEY_USAGE_SCHEME(MBEDTLS_SVC_KEY_ID_GET_KEY_ID(
-			    psa_get_key_id(attributes))) == CRACEN_KMU_KEY_USAGE_SCHEME_ENCRYPTED) {
-			num_slots += 2;
+		status = get_kmu_slot_id_and_count(attributes, &slot_id, &slot_count);
+		if (status != PSA_SUCCESS) {
+			return status;
 		}
 
-		status = set_provisioning_in_progress(slot_id, num_slots);
+		status = set_provisioning_in_progress(slot_id, slot_count);
 		if (status != PSA_SUCCESS) {
 			return status;
 		}
@@ -522,8 +571,8 @@ static psa_status_t convert_to_psa_attributes(kmu_metadata *metadata,
 	return PSA_SUCCESS;
 }
 
-psa_status_t convert_from_psa_attributes(const psa_key_attributes_t *key_attr,
-					 kmu_metadata *metadata)
+static psa_status_t convert_from_psa_attributes(const psa_key_attributes_t *key_attr,
+						kmu_metadata *metadata)
 {
 	memset(metadata, 0, sizeof(*metadata));
 	metadata->metadata_version = 0;
@@ -737,8 +786,6 @@ psa_status_t cracen_kmu_provision(const psa_key_attributes_t *key_attr, int slot
 	 */
 	uint8_t encrypted_workmem[CRACEN_KMU_SLOT_KEY_SIZE * 4] = {};
 #endif
-	size_t encrypted_outlen = 0;
-
 	psa_status_t status = clean_up_unfinished_provisioning();
 
 	if (status != PSA_SUCCESS) {
@@ -788,19 +835,17 @@ psa_status_t cracen_kmu_provision(const psa_key_attributes_t *key_attr, int slot
 		status = cracen_kmu_encrypt(encrypted_workmem + CRACEN_KMU_SLOT_KEY_SIZE,
 					    ROUND_UP(key_buffer_size, CRACEN_KMU_SLOT_KEY_SIZE),
 					    &metadata, encrypted_workmem, sizeof(encrypted_workmem),
-					    &encrypted_outlen);
+					    &key_buffer_size);
 
 		if (status != PSA_SUCCESS) {
 			return status;
 		}
 		key_buffer = encrypted_workmem;
-		key_buffer_size = encrypted_outlen;
 	}
 #endif /* PSA_NEED_CRACEN_KMU_ENCRYPTED_KEYS */
 
 	/* Verify that required slots are empty */
-	const size_t num_slots =  DIV_ROUND_UP(MAX(encrypted_outlen, key_buffer_size),
-						   CRACEN_KMU_SLOT_KEY_SIZE);
+	const size_t num_slots = DIV_ROUND_UP(key_buffer_size, CRACEN_KMU_SLOT_KEY_SIZE);
 
 	for (size_t i = 0; i < num_slots; i++) {
 		if (!lib_kmu_is_slot_empty(slot_id + i)) {
@@ -853,12 +898,13 @@ psa_status_t cracen_kmu_provision(const psa_key_attributes_t *key_attr, int slot
 psa_status_t cracen_kmu_get_key_slot(mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime,
 				     psa_drv_slot_number_t *slot_number)
 {
-	unsigned int slot_id = CRACEN_PSA_GET_KMU_SLOT(MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id));
+	psa_status_t status;
+	unsigned int slot_id;
 	kmu_metadata metadata;
-	const psa_status_t ret = read_primary_slot_metadata(slot_id, &metadata);
 
-	if (ret != PSA_SUCCESS) {
-		return ret;
+	status = get_kmu_slot_id_and_metadata(key_id, &slot_id, &metadata);
+	if (status != PSA_SUCCESS) {
+		return status;
 	}
 
 	psa_key_persistence_t read_only = metadata.rpolicy == LIB_KMU_REV_POLICY_ROTATING
@@ -872,6 +918,22 @@ psa_status_t cracen_kmu_get_key_slot(mbedtls_svc_key_id_t key_id, psa_key_lifeti
 	return PSA_SUCCESS;
 }
 
+psa_status_t cracen_kmu_block(const psa_key_attributes_t *key_attr)
+{
+	psa_status_t status;
+	unsigned int slot_id, slot_count;
+
+	status = get_kmu_slot_id_and_count(key_attr, &slot_id, &slot_count);
+	if (status != PSA_SUCCESS) {
+		return status;
+	}
+
+	if (lib_kmu_block_slot_range(slot_id, slot_count) != LIB_KMU_SUCCESS) {
+		return PSA_ERROR_GENERIC_ERROR;
+	}
+	return PSA_SUCCESS;
+}
+
 static psa_status_t push_kmu_key_to_ram(uint8_t *key_buffer, size_t key_buffer_size)
 {
 	if (key_buffer_size > sizeof(kmu_push_area)) {
@@ -931,32 +993,15 @@ psa_status_t cracen_kmu_get_builtin_key(psa_drv_slot_number_t slot_number,
 	if (key_buffer_size >= opaque_key_size) {
 		*key_buffer_length = opaque_key_size;
 		kmu_opaque_key_buffer *key = (kmu_opaque_key_buffer *)key_buffer;
+		unsigned int slot_count;
 
 		key->key_usage_scheme = metadata.key_usage_scheme;
-		switch (metadata.size) {
-		case METADATA_ALG_KEY_BITS_128:
-			key->number_of_slots = 1;
-			break;
-		case METADATA_ALG_KEY_BITS_192:
-		case METADATA_ALG_KEY_BITS_255:
-		case METADATA_ALG_KEY_BITS_256:
-			if (psa_get_key_type(attributes) ==
-			    PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1)) {
-				key->number_of_slots = 4;
-			} else {
-				key->number_of_slots = 2;
-			}
-			break;
-		case METADATA_ALG_KEY_BITS_384_SEED:
-			key->number_of_slots = 3;
-			break;
-		default:
-			return PSA_ERROR_DATA_INVALID;
-		}
 
-		if (key->key_usage_scheme == CRACEN_KMU_KEY_USAGE_SCHEME_ENCRYPTED) {
-			key->number_of_slots += 2;
+		status = get_kmu_slot_count(metadata, attributes, &slot_count);
+		if (status != PSA_SUCCESS) {
+			return status;
 		}
+		key->number_of_slots = slot_count;
 
 		key->slot_id = slot_number;
 	} else {

subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.h

@@ -50,23 +50,18 @@ int cracen_kmu_clean_key(const uint8_t *user_data);
  *
  * If the key is available the key_buffer will be filled with a valid
  * instance of @ref kmu_opaque_key_buffer.
- *
- * @return psa_status_t
  */
 psa_status_t cracen_kmu_get_builtin_key(psa_drv_slot_number_t slot_number,
 					psa_key_attributes_t *attributes, uint8_t *key_buffer,
 					size_t key_buffer_size, size_t *key_buffer_length);
 
 /**
  * @brief Provision a key in the KMU.
- *
- * @return psa_status_t
  */
 psa_status_t cracen_kmu_provision(const psa_key_attributes_t *key_attr, int slot_id,
 				  const uint8_t *key_buffer, size_t key_buffer_size);
 
 /**
- * @brief Destroy PSA key stored in KMU.
- *
+ * @brief Destroy a key stored in the KMU.
  */
 psa_status_t cracen_kmu_destroy_key(const psa_key_attributes_t *attributes);

subsys/nrf_security/src/drivers/cracen/cracenpsa/src/lib_kmu.c

@@ -16,14 +16,22 @@
 
 #include <cracen/lib_kmu.h>
 
+#ifdef KMU_TASKS_BLOCK_ResetValue
+#define HAS_BLOCK_TASK 1
+#endif
+
 void lib_kmu_clear_all_events(void)
 {
 	NRF_KMU_S->EVENTS_METADATAREAD = 0;
 	NRF_KMU_S->EVENTS_ERROR = 0;
 	NRF_KMU_S->EVENTS_PROVISIONED = 0;
 	NRF_KMU_S->EVENTS_PUSHED = 0;
 	NRF_KMU_S->EVENTS_REVOKED = 0;
+#if HAS_BLOCK_TASK
+	NRF_KMU_S->EVENTS_BLOCKED = 0;
+#else
 	NRF_KMU_S->EVENTS_PUSHBLOCKED = 0;
+#endif
 }
 
 static int trigger_task_and_wait_for_event_or_error(volatile uint32_t *task,
@@ -109,6 +117,32 @@ int lib_kmu_push_slot(int slot_id)
 							&(NRF_KMU_S->EVENTS_PUSHED));
 }
 
+static int block_kmu_slot(int slot_id)
+{
+	NRF_KMU_S->KEYSLOT = slot_id;
+
+#if HAS_BLOCK_TASK
+	return trigger_task_and_wait_for_event_or_error(&(NRF_KMU_S->TASKS_BLOCK),
+							&(NRF_KMU_S->EVENTS_BLOCKED));
+#else
+	return trigger_task_and_wait_for_event_or_error(&(NRF_KMU_S->TASKS_PUSHBLOCK),
+							&(NRF_KMU_S->EVENTS_PUSHBLOCKED));
+#endif
+}
+
+int lib_kmu_block_slot_range(int slot_id, unsigned int slot_count)
+{
+	int ret;
+
+	for (unsigned int i = 0; i != slot_count; ++i) {
+		ret = block_kmu_slot(slot_id + i);
+		if (ret != LIB_KMU_SUCCESS) {
+			return ret;
+		}
+	}
+	return LIB_KMU_SUCCESS;
+}
+
 int lib_kmu_revoke_slot(int slot_id)
 {
 #if !defined(__NRF_TFM__)