diff --git a/.github/workflows/test-wolfhsm-simulator.yml b/.github/workflows/test-wolfhsm-simulator.yml index a5646d1ac1..35e40da06e 100644 --- a/.github/workflows/test-wolfhsm-simulator.yml +++ b/.github/workflows/test-wolfhsm-simulator.yml @@ -91,7 +91,7 @@ jobs: ./Build/wh_posix_server.elf --type tcp --nvminit $tmpfile & else # --flags=0x100 sets the WH_NVM_FLAGS_USAGE_VERIFY flag - ./Build/wh_posix_server.elf --type tcp --client 12 --id 255 --flags 0x100 --key ../../../../../wolfboot_signing_private_key_pub.der & + ./Build/wh_posix_server.elf --type tcp --client 1 --id 255 --flags 0x100 --key ../../../../../wolfboot_signing_private_key_pub.der & fi TCP_SERVER_PID=$! echo "TCP_SERVER_PID=$TCP_SERVER_PID" >> $GITHUB_ENV diff --git a/Makefile b/Makefile index 7a7006b38e..638f48ea26 100644 --- a/Makefile +++ b/Makefile @@ -119,6 +119,17 @@ ifneq ($(USER_NVM_INIT),) NVM_CONFIG:=$(USER_NVM_INIT) endif +# Eliminates compilation and linkage of the built-in wolfBoot keystore +WOLFBOOT_NO_KEYSTORE := +ifeq ($(WOLFHSM_CLIENT),1) + WOLFBOOT_NO_KEYSTORE := 1 +endif +ifeq ($(WOLFHSM_SERVER),1) + ifneq ($(CERT_CHAIN_VERIFY),) + WOLFBOOT_NO_KEYSTORE := 1 + endif +endif + ifeq ($(SIGN),NONE) PRIVATE_KEY= else @@ -139,6 +150,14 @@ else endif ifeq ($(FLASH_OTP_KEYSTORE),1) OBJS+=./src/flash_otp_keystore.o + else ifeq ($(WOLFBOOT_NO_KEYSTORE),1) + CFLAGS+=-DWOLFBOOT_NO_KEYSTORE + # No built-in keystore is compiled in, but firmware images must still be + # signed (for test/factory builds). src/keystore.o normally triggers + # generation of the signing key via 'src/keystore.c: $(PRIVATE_KEY)'. + # Without it, tie the key to the bootloader build so the signing key is + # still produced before any downstream signing step runs. + WOLFBOOT_SIGN_KEY_DEP=$(PRIVATE_KEY) else OBJS+=./src/keystore.o endif @@ -547,8 +566,8 @@ factory_wstage1.bin: $(BINASSEMBLE) stage1/loader_stage1.bin wolfboot.bin $(BOOT wolfboot_stage1.bin: wolfboot.elf stage1/loader_stage1.bin $(Q) cp stage1/loader_stage1.bin wolfboot_stage1.bin -wolfboot.elf: include/target.h $(LSCRIPT) $(OBJS) $(BINASSEMBLE) FORCE - $(Q)(test $(SIGN) = NONE) || (test $(FLASH_OTP_KEYSTORE) = 1) || (grep -q $(SIGN_ALG) src/keystore.c) || \ +wolfboot.elf: include/target.h $(LSCRIPT) $(OBJS) $(BINASSEMBLE) $(WOLFBOOT_SIGN_KEY_DEP) FORCE + $(Q)(test $(SIGN) = NONE) || (test $(FLASH_OTP_KEYSTORE) = 1) || (test "$(WOLFBOOT_NO_KEYSTORE)" = "1") || (grep -q $(SIGN_ALG) src/keystore.c) || \ (echo "Key mismatch: please run 'make keysclean' to remove all keys if you want to change algorithm" && false) @echo "\t[LD] $@" @echo $(OBJS) diff --git a/config/examples/sim-wolfHSM-client-ecc.config b/config/examples/sim-wolfHSM-client-ecc.config index ab92342ac5..a7eec82479 100644 --- a/config/examples/sim-wolfHSM-client-ecc.config +++ b/config/examples/sim-wolfHSM-client-ecc.config @@ -23,9 +23,5 @@ WOLFBOOT_FIXED_PARTITIONS=1 WOLFHSM_CLIENT=1 -# Uncomment the following to use wolfHSM ephemeral keys from the keystore -# for image auth -#WOLFHSM_CLIENT_LOCAL_KEYS=1 - # Uncomment for verbose wolfHSM printf statements #CFLAGS_EXTRA+=-DDEBUG_CRYPTOCB -DDEBUG_CRYPTOCB_VERBOSE diff --git a/config/examples/sim-wolfHSM-client-mldsa.config b/config/examples/sim-wolfHSM-client-mldsa.config index 17627f3d05..57d23e680a 100644 --- a/config/examples/sim-wolfHSM-client-mldsa.config +++ b/config/examples/sim-wolfHSM-client-mldsa.config @@ -44,9 +44,5 @@ WOLFBOOT_FIXED_PARTITIONS=1 WOLFHSM_CLIENT=1 -# Uncomment the following to use public wolfHSM ephemeral keys from the keystore -# for image auth -#WOLFHSM_CLIENT_LOCAL_KEYS=1 - # Uncomment for verbose wolfHSM printf statements #CFLAGS_EXTRA+=-DDEBUG_CRYPTOCB -DDEBUG_CRYPTOCB_VERBOSE diff --git a/docs/wolfHSM.md b/docs/wolfHSM.md index 6bdc040cac..77368d773b 100644 --- a/docs/wolfHSM.md +++ b/docs/wolfHSM.md @@ -74,16 +74,12 @@ This section describes the configuration options available for wolfHSM integrati This option enables wolfHSM client support in wolfBoot. Without defining this option, support for wolfHSM client mode is not compiled in. +In client mode, wolfBoot always uses HSM-resident public keys for firmware authentication; public keys are never baked into a local `keystore.c`. The key to verify against is referenced either by the reserved key ID defined in the HAL (`hsmKeyIdPubKey`), or, when certificate-chain verification (`WOLFBOOT_CERT_CHAIN_VERIFY`) is enabled, by the leaf key ID resolved from the verified chain. + ### `WOLFBOOT_ENABLE_WOLFHSM_SERVER` This option enables wolfHSM server support in wolfBoot. When defined, wolfBoot includes an embedded wolfHSM server that provides HSM functionality locally within the bootloader. This is mutually exclusive with `WOLFBOOT_ENABLE_WOLFHSM_CLIENT`. -### `WOLFBOOT_USE_WOLFHSM_PUBKEY_ID` - -This option enables use of the reserved wolfHSM public key ID for firmware authentication, and is typically the desired behavior for using wolfHSM. When this option is defined, wolfBoot will use the reserved wolfHSM keyId defined by the HAL (`hsmKeyIdPubKey`). This option is meant to be used in conjunction with the `--nolocalkeys` keygen option, as the key material in the keystore will not be used. - -If this option is not defined, cryptographic operations are still performed on the wolfHSM server, but wolfBoot assumes the key material is present in the keystore and NOT stored on the HSM. This means that wolfBoot will first load keys from the keystore, send the key material to the wolfHSM server at the time of use (cached as ephemeral keys), and finally evict the key from the HSM after usage. This behavior is typically only useful for debugging or testing scenarios, where the keys may not be pre-loaded onto the HSM. The keystore for use in this mode should not be generated with the `--nolocalkeys` option. - ## HAL Implementations In addition to the standard wolfBoot HAL functions, wolfHSM-enabled platforms must also implement or instantiate the following wolfHSM-specific items in the platform HAL: @@ -126,7 +122,7 @@ The wolfBoot simulator supports using wolfHSM with all algorithms mentioned in [ #### wolfHSM Client Mode Build -To build the simulator configured to use wolfHSM client mode, ensure you build with the `WOLFHSM_CLIENT=1` makefile option. This will automatically define `WOLFBOOT_USE_WOLFHSM_PUBKEY_ID`, and requires the public key corresponding to the private key that signed the image to be pre-loaded into the HSM at the keyId specified by `hsmKeyIdPubKey` in the simulator HAL. +To build the simulator configured to use wolfHSM client mode, ensure you build with the `WOLFHSM_CLIENT=1` makefile option. This requires the public key corresponding to the private key that signed the image to be pre-loaded into the HSM at the keyId specified by `hsmKeyIdPubKey` in the simulator HAL. ```sh # Grab the HSM client simulator configuration @@ -174,8 +170,10 @@ Next, in a new terminal window, run the wolfHSM POSIX TCP server, loading the pu cd lib/wolfHSM/examples/posix/tcp/wh_server_tcp make WOLFSSL_DIR=../../../../../wolfssl -# Run the server, loading the wolfBoot public key and using the client ID and keyId matching the values declared in `hal/sim.c`) -./Build/wh_server_tcp.elf --client 12 --id 255 --key ../../../../../../wolfboot_signing_private_key_pub.der & +# Run the server, loading the wolfBoot public key. The client ID (--client) must +# match WOLFHSM_CLIENT_ID from the build config (default 1) and the keyId (--id) +# must match hsmKeyIdPubKey in `hal/sim.c` (255 / 0xFF). +./Build/wh_server_tcp.elf --client 1 --id 255 --key ../../../../../../wolfboot_signing_private_key_pub.der & # The server will now be waiting for connections ``` diff --git a/hal/aurix_tc3xx.c b/hal/aurix_tc3xx.c index 71cdc89f21..6d40c525e1 100644 --- a/hal/aurix_tc3xx.c +++ b/hal/aurix_tc3xx.c @@ -95,6 +95,14 @@ static int _connectCb(void* context, whCommConnected connect); static whTransportMemClientContext tmcCtx[1] = {0}; static whTransportClientCb tmcCb[1] = {WH_TRANSPORT_MEM_CLIENT_CB}; +/* wolfHSM client ID presented to the HSM server. Defined by the build system + * (WOLFHSM_CLIENT_ID in options.mk, default 1); must match the client ID the + * keys are provisioned under in the whnvmtool config + * (tools/scripts/tc3xx/wolfBoot-wolfHSM-keys.nvminit). */ +#ifndef WOLFBOOT_WOLFHSM_CLIENT_ID +#error "WOLFBOOT_WOLFHSM_CLIENT_ID is not defined. Set WOLFHSM_CLIENT_ID in your .config or on the make command line." +#endif + /* Globally exported HAL symbols */ whClientContext hsmClientCtx = {0}; const int hsmDevIdHash = WH_DEV_ID_DMA; @@ -768,7 +776,7 @@ int hal_hsm_init_connect(void) .transport_cb = tmcCb, .transport_context = (void*)tmcCtx, .transport_config = (void*)tmcCfg, - .client_id = 1, + .client_id = WOLFBOOT_WOLFHSM_CLIENT_ID, .connect_cb = _connectCb, }}; diff --git a/hal/sim.c b/hal/sim.c index a5d234a311..63bf96d92f 100644 --- a/hal/sim.c +++ b/hal/sim.c @@ -170,11 +170,19 @@ static posixTransportTcpConfig mytcpconfig[1] = {{ .server_port = 23456, }}; +/* wolfHSM client ID presented to the HSM server. Defined by the build system + * (WOLFHSM_CLIENT_ID in options.mk, default 1); must match the client ID the + * server provisions the wolfBoot public key under (the example POSIX server's + * '--client' argument). */ +#ifndef WOLFBOOT_WOLFHSM_CLIENT_ID +#error "WOLFBOOT_WOLFHSM_CLIENT_ID is not defined. Set WOLFHSM_CLIENT_ID in your .config or on the make command line." +#endif + static whCommClientConfig cc_conf[1] = {{ .transport_cb = pttccb, .transport_context = (void*)tcc, .transport_config = (void*)mytcpconfig, - .client_id = 12, + .client_id = WOLFBOOT_WOLFHSM_CLIENT_ID, }}; static whClientConfig c_conf[1] = {{ .comm = cc_conf, diff --git a/options.mk b/options.mk index 37f676d797..64f7b07268 100644 --- a/options.mk +++ b/options.mk @@ -1390,13 +1390,21 @@ ifeq ($(WOLFHSM_CLIENT),1) # HSM out-of-band KEYGEN_OPTIONS += --exportpubkey --der - # Default to using public keys on the HSM - ifneq ($(WOLFHSM_CLIENT_LOCAL_KEYS),1) - KEYGEN_OPTIONS += --nolocalkeys - CFLAGS += -DWOLFBOOT_USE_WOLFHSM_PUBKEY_ID - # big enough for cert chain - CFLAGS += -DWOLFHSM_CFG_COMM_DATA_LEN=5000 - endif + # wolfHSM clients always use HSM-resident public keys, referenced by key ID or + # authenticated via a certificate chain. Public keys baked into a local + # keystore.c are not supported. + KEYGEN_OPTIONS += --nolocalkeys + # big enough for cert chain + CFLAGS += -DWOLFHSM_CFG_COMM_DATA_LEN=5000 + + # wolfHSM client ID presented to the HSM server during the connection + # handshake. Single value shared by all targets; defaults to 1. Override in the + # .config or on the make command line. This MUST match the client/user ID the + # server provisions the wolfBoot public key under -- e.g. the whnvmtool + # 'key ...' field (tools/scripts/tc3xx/*.nvminit) or the example + # POSIX server's '--client ' argument. + WOLFHSM_CLIENT_ID ?= 1 + CFLAGS += -DWOLFBOOT_WOLFHSM_CLIENT_ID=$(WOLFHSM_CLIENT_ID) # Ensure wolfHSM is configured to use certificate manager if we are # doing cert chain verification @@ -1410,6 +1418,13 @@ endif # wolfHSM server options ifeq ($(WOLFHSM_SERVER),1) + # Currently, cert chain auth is the only supported auth mechanism for wolfHSM + # server mode + ifeq ($(CERT_CHAIN_VERIFY),) + $(error WOLFHSM_SERVER=1 requires CERT_CHAIN_VERIFY=1: wolfHSM server mode \ + only supports certificate-chain authentication) + endif + WOLFCRYPT_OBJS += \ $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/cryptocb.o \ $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/coding.o \ diff --git a/src/image.c b/src/image.c index 3bedbef9ea..2be35718e0 100644 --- a/src/image.c +++ b/src/image.c @@ -214,10 +214,8 @@ static void wolfBoot_verify_signature_ecc(uint8_t key_slot, int ret, verify_res = 0; ecc_key ecc; mp_int r, s; -#if (!defined WOLFBOOT_ENABLE_WOLFHSM_CLIENT && \ - !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)) || \ - (defined WOLFBOOT_ENABLE_WOLFHSM_CLIENT && \ - !defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID)) +#if !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ + !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) uint8_t* pubkey = keystore_get_buffer(key_slot); int pubkey_sz = keystore_get_size(key_slot); int point_sz = pubkey_sz / 2; @@ -251,7 +249,7 @@ static void wolfBoot_verify_signature_ecc(uint8_t key_slot, uint8_t tmpSigBuf[ECC_MAX_SIG_SIZE] = {0}; size_t tmpSigSz = sizeof(tmpSigBuf); - #if defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID) || \ + #if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) || \ (defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) && \ defined(WOLFBOOT_CERT_CHAIN_VERIFY)) (void)key_slot; @@ -281,11 +279,11 @@ static void wolfBoot_verify_signature_ecc(uint8_t key_slot, ret = wh_Client_EccSetKeyId(&ecc, hsmKeyIdPubKey); #endif } - #else + #else /* WOLFBOOT_CERT_CHAIN_VERIFY */ #if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) ret = wh_Client_EccSetKeyId(&ecc, hsmKeyIdPubKey); #endif - #endif /* WOLFBOOT_USE_WOLFHSM_PUBKEY_ID */ + #endif /* !WOLFBOOT_CERT_CHAIN_VERIFY */ if (ret != 0) { return; } @@ -299,7 +297,7 @@ static void wolfBoot_verify_signature_ecc(uint8_t key_slot, return; } - #endif /* !WOLFBOOT_USE_WOLFHSM_PUBKEY_ID */ + #endif /* WOLFBOOT_ENABLE_WOLFHSM_CLIENT || (SERVER && CERT_CHAIN) */ /* wc_ecc_verify_hash_ex() doesn't trigger a crypto callback, so we need to use wc_ecc_verify_hash instead. Unfortunately, that requires converting the signature to intermediate DER format first */ @@ -436,10 +434,8 @@ static void wolfBoot_verify_signature_rsa_common(uint8_t key_slot, #endif #endif /* WOLFBOOT_SIGN_RSAPSS_ANY */ -#if (!defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ - !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)) || \ - (defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ - !defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID)) +#if !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ + !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) uint8_t *pubkey = keystore_get_buffer(key_slot); int pubkey_sz = keystore_get_size(key_slot); @@ -472,7 +468,7 @@ static void wolfBoot_verify_signature_rsa_common(uint8_t key_slot, if (ret != 0) { return; } -#if defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID) || \ +#if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) || \ (defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) && \ defined(WOLFBOOT_CERT_CHAIN_VERIFY)) (void)key_slot; @@ -519,7 +515,7 @@ static void wolfBoot_verify_signature_rsa_common(uint8_t key_slot, wc_FreeRsaKey(&rsa); return; } -#endif /* !WOLFBOOT_USE_WOLFHSM_PUBKEY_ID */ +#endif /* WOLFBOOT_ENABLE_WOLFHSM_CLIENT || (SERVER && CERT_CHAIN) */ XMEMCPY(output, sig, RSA_IMAGE_SIGNATURE_SIZE); #ifdef WOLFBOOT_SIGN_RSAPSS_ANY if (is_pss) { @@ -532,14 +528,7 @@ static void wolfBoot_verify_signature_rsa_common(uint8_t key_slot, RSA_VERIFY_FN(ret, wc_RsaSSL_VerifyInline, output, RSA_IMAGE_SIGNATURE_SIZE, &digest_out, &rsa); } -#if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ - !defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID) - /* evict the key after use, since we aren't using the RSA import API */ - if (WH_ERROR_OK != wh_Client_KeyEvict(&hsmClientCtx, hsmKeyId)) { - wc_FreeRsaKey(&rsa); - return; - } -#elif defined(WOLFBOOT_CERT_CHAIN_VERIFY) +#if defined(WOLFBOOT_CERT_CHAIN_VERIFY) if (g_leafKeyIdValid) { #if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) (void)wh_Client_KeyEvict(&hsmClientCtx, g_certLeafKeyId); @@ -548,7 +537,7 @@ static void wolfBoot_verify_signature_rsa_common(uint8_t key_slot, #endif g_leafKeyIdValid = 0; } -#endif /* !WOLFBOOT_USE_WOLFHSM_PUBKEY_ID */ +#endif /* WOLFBOOT_CERT_CHAIN_VERIFY */ #else /* wolfCrypt software RSA verify */ ret = wc_InitRsaKey_ex(&rsa, NULL, WOLFBOOT_DEVID_PUBKEY); @@ -735,9 +724,8 @@ static void wolfBoot_verify_signature_ml_dsa(uint8_t key_slot, { int ret = 0; wc_MlDsaKey ml_dsa; -#if !defined WOLFBOOT_ENABLE_WOLFHSM_CLIENT || \ - (defined WOLFBOOT_ENABLE_WOLFHSM_CLIENT && \ - !defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID)) +#if !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ + !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) uint8_t * pubkey = NULL; int pub_len = 0; #endif @@ -747,9 +735,8 @@ static void wolfBoot_verify_signature_ml_dsa(uint8_t key_slot, wolfBoot_printf("info: ML-DSA %d verify_signature: pubkey %d, sig %d\n", ML_DSA_LEVEL, KEYSTORE_PUBKEY_SIZE, ML_DSA_IMAGE_SIGNATURE_SIZE); -#if !defined WOLFBOOT_ENABLE_WOLFHSM_CLIENT || \ - (defined WOLFBOOT_ENABLE_WOLFHSM_CLIENT && \ - !defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID)) +#if !defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ + !defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) pubkey = keystore_get_buffer(key_slot); if (pubkey == NULL) { @@ -774,28 +761,37 @@ static void wolfBoot_verify_signature_ml_dsa(uint8_t key_slot, } } -#if defined WOLFBOOT_ENABLE_WOLFHSM_CLIENT && \ - defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID) - /* Use key slot ID directly with wolfHSM */ +#if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) || \ + (defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) && \ + defined(WOLFBOOT_CERT_CHAIN_VERIFY)) + /* Use the public key ID directly with wolfHSM (no local keystore) */ + (void)key_slot; #if defined(WOLFBOOT_CERT_CHAIN_VERIFY) /* If using certificate chain verification and we have a verified leaf key * ID */ if (g_leafKeyIdValid) { /* Use the leaf key ID from certificate verification */ + #if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) ret = wh_Client_MlDsaSetKeyId(&ml_dsa, g_certLeafKeyId); + #elif defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) + ret = wh_Server_MlDsaKeyCacheExport(&hsmServerCtx, g_certLeafKeyId, + &ml_dsa); + #endif wolfBoot_printf( "Using leaf cert public key (ID: %08x) for ML-DSA verification\n", (unsigned int)g_certLeafKeyId); } else { /* Default behavior: use the pre-configured public key ID */ + #if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) ret = wh_Client_MlDsaSetKeyId(&ml_dsa, hsmKeyIdPubKey); + #endif } #else ret = wh_Client_MlDsaSetKeyId(&ml_dsa, hsmKeyIdPubKey); #endif if (ret != 0) { - wolfBoot_printf("error: wh_Client_MlDsaSetKeyId returned %d\n", ret); + wolfBoot_printf("error: ML-DSA set key ID returned %d\n", ret); } #else /* Make sure pub key matches parameters and import it */ @@ -820,8 +816,7 @@ static void wolfBoot_verify_signature_ml_dsa(uint8_t key_slot, ret); } } -#endif /* !defined WOLFBOOT_ENABLE_WOLFHSM_CLIENT && - !defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID) */ +#endif /* WOLFBOOT_ENABLE_WOLFHSM_CLIENT || (SERVER && CERT_CHAIN) */ /* Make sure sig len matches parameters. */ @@ -880,6 +875,19 @@ static void wolfBoot_verify_signature_ml_dsa(uint8_t key_slot, #endif } +#if defined(WOLFBOOT_CERT_CHAIN_VERIFY) && \ + (defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) || \ + defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER)) + if (g_leafKeyIdValid) { +#if defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) + (void)wh_Client_KeyEvict(&hsmClientCtx, g_certLeafKeyId); +#elif defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) + (void)wh_Server_KeystoreEvictKey(&hsmServerCtx, g_certLeafKeyId); +#endif + g_leafKeyIdValid = 0; + } +#endif /* WOLFBOOT_CERT_CHAIN_VERIFY && WOLFHSM */ + wc_MlDsaKey_Free(&ml_dsa); } @@ -1076,7 +1084,7 @@ static int image_sha256(struct wolfBoot_image *img, uint8_t *hash) return 0; } -#ifndef WOLFBOOT_NO_SIGN +#if !defined(WOLFBOOT_NO_SIGN) && !defined(WOLFBOOT_NO_KEYSTORE) /** * @brief Calculate the SHA256 hash of the key. @@ -1187,7 +1195,7 @@ static int image_sha384(struct wolfBoot_image *img, uint8_t *hash) return 0; } -#ifndef WOLFBOOT_NO_SIGN +#if !defined(WOLFBOOT_NO_SIGN) && !defined(WOLFBOOT_NO_KEYSTORE) /** * @brief Calculate SHA-384 hash of a public key in the keystore. @@ -1303,7 +1311,7 @@ static int image_sha3_384(struct wolfBoot_image *img, uint8_t *hash) wc_Sha3_384_Free(&sha3_ctx); return 0; } -#ifndef WOLFBOOT_NO_SIGN +#if !defined(WOLFBOOT_NO_SIGN) && !defined(WOLFBOOT_NO_KEYSTORE) /** * @brief Calculate SHA3-384 hash of a public key in the keystore. @@ -2267,10 +2275,14 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img) } key_slot = 0; -#elif defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) && \ - defined(WOLFBOOT_USE_WOLFHSM_PUBKEY_ID) +#elif defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) /* Don't care about the key slot, we are using a fixed wolfHSM keyId */ key_slot = 0; +#elif defined(WOLFBOOT_ENABLE_WOLFHSM_SERVER) && \ + defined(WOLFBOOT_CERT_CHAIN_VERIFY) + /* Don't care about the key slot, we are using the public key from the + * leaf cert */ + key_slot = 0; #else key_slot = keyslot_id_by_sha(pubkey_hint); if (key_slot < 0) { @@ -2298,8 +2310,17 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img) return -1; img->sha_hash = digest; } - key_mask = keystore_get_mask(key_slot); image_part = image_type & HDR_IMG_TYPE_PART_MASK; +#ifdef WOLFBOOT_NO_KEYSTORE + /* No local keystore is linked: there is no per-key partition permission + * mask to consult. Key authorization and usage are enforced by the HSM + * (cert-chain root-of-trust plus per-key usage flags), so the wolfBoot + * keystore mask check does not apply here. */ + (void)key_slot; + (void)key_mask; + (void)image_part; +#else + key_mask = keystore_get_mask(key_slot); /* Check if the key permission mask matches the current partition id */ if (((1U << image_part) & key_mask) != (1U << image_part)) { @@ -2307,6 +2328,7 @@ int wolfBoot_verify_authenticity(struct wolfBoot_image *img) } CONFIRM_MASK_VALID(image_part, key_mask); +#endif #if defined(WOLFBOOT_CERT_CHAIN_VERIFY) && \ (defined(WOLFBOOT_ENABLE_WOLFHSM_CLIENT) || \ @@ -2510,7 +2532,8 @@ uint8_t* wolfBoot_peek_image(struct wolfBoot_image *img, uint32_t offset, return p; } -#if !defined(WOLFBOOT_NO_SIGN) && !defined(WOLFBOOT_RENESAS_SCEPROTECT) +#if !defined(WOLFBOOT_NO_SIGN) && !defined(WOLFBOOT_RENESAS_SCEPROTECT) && \ + !defined(WOLFBOOT_NO_KEYSTORE) /* Compare fixed-size key hints without early exit to avoid leaking hash prefix * matches through lookup timing. */ diff --git a/tools/config.mk b/tools/config.mk index 98aa0dcae2..0928b8339b 100644 --- a/tools/config.mk +++ b/tools/config.mk @@ -92,7 +92,7 @@ ifeq ($(ARCH),) BIG_ENDIAN?=0 FLASH_MULTI_SECTOR_ERASE=0 WOLFHSM_CLIENT=0 - WOLFHSM_CLIENT_LOCAL_KEYS=0 + WOLFHSM_CLIENT_ID?=1 endif # Global default: 0 means "use the FIT image's `load` property verbatim". @@ -134,6 +134,6 @@ CONFIG_VARS:= ARCH TARGET SIGN HASH MCUXSDK MCUXPRESSO MCUXPRESSO_CPU MCUXPRESSO NO_ARM_ASM \ SIGN_SECONDARY \ WOLFHSM_CLIENT \ - WOLFHSM_CLIENT_LOCAL_KEYS \ + WOLFHSM_CLIENT_ID \ WOLFHSM_NVM_ROOT_CA_LIST \ ENCRYPT_CACHE diff --git a/tools/scripts/tc3xx/wolfBoot-wolfHSM-keys.nvminit b/tools/scripts/tc3xx/wolfBoot-wolfHSM-keys.nvminit index 8966cb739e..c3f0291d78 100644 --- a/tools/scripts/tc3xx/wolfBoot-wolfHSM-keys.nvminit +++ b/tools/scripts/tc3xx/wolfBoot-wolfHSM-keys.nvminit @@ -3,4 +3,7 @@ # Key format is: # key