OTMPK的‘真面目’

小恩GG

问题

在应用手册《How to use i.MXRT Security Boot》给出的Encrypt XIP启动流程图中(如下所示)，第一步需要将EKIB解密成KIB，而其中的Key可以是SW_GP2或者OTPMK值，并且OTPMK只对BEE和DCP‘可见’，且每一块芯片都有唯一的OTPMK。

客户想使用SDK软件库中的dcp例程实现ECB加密，其中加密Key为OTPMK，但是在多块MIMXRT1050开发板测试后发现，明文经加密而产生的密文居然都是一样的 (如图2所示)，这样反推可得各开发板芯片所对应的OTPMK值相同，而这与前面的描述明显不符，那到底是哪里出了差错呢？

分析与解决

经过进一步测试发现，上述相同的密文与Key全为0加密产生的密文一致，表明OTPMK并未真正参与ECB加密，最后通过与AE同事交流，知道原因是eFuse中的SEC_CONFIG未使能HAB Closed mode (如图3所示).

在得知原因后，小编使用dcp例程在曾经做过HAB Signed Image boot启动测试的MIMXRT1050开发板上进行测试，具体代码如下，工程会打印出Key分别为OTMPK和全为0进行ECB加密后的密文，比较后会发现使用OTMPK加密的密文明显有别于Key全为0的密文。

测试代码

1. /*
   
2. * Copyright 2017 NXP
   
3. * All rights reserved.
   
4. *
   
5. *
   
6. * SPDX-License-Identifier: BSD-3-Clause
   
7. */
   
8. 
   
9. /*******************************************************************************
   
10. * Includes
    
11. ******************************************************************************/
    
12. #include "fsl_device_registers.h"
    
13. #include "fsl_debug_console.h"
    
14. #include "board.h"
    
15. 
    
16. #include "fsl_dcp.h"
    
17. 
    
18. #include "pin_mux.h"
    
19. #include "clock_config.h"
    
20. /*******************************************************************************
    
21. * Definitions
    
22. ******************************************************************************/
    
23. 
    
24. 
    
25. #define DCP_TEST_USE_OTP_KEY 1 /* Set to 1 to select OTP key for AES encryption/decryption. */
    
26. 
    
27. #define TEST_ASSERT(a)       \
    
28.     if (!(a))                \
    
29.     {                        \
    
30.         PRINTF("error\r\n"); \
    
31.         do                   \
    
32.         {                    \
    
33.         } while (1);         \
    
34.     }
    
35. 
    
36. #if DCP_TEST_USE_OTP_KEY
    
37. typedef enum _dcp_otp_key_select
    
38. {
    
39.     kDCP_OTPMKKeyLow  = 1U, /* Use [127:0] from snvs key as dcp key */
    
40.     kDCP_OTPMKKeyHigh = 2U, /* Use [255:128] from snvs key as dcp key */
    
41.     kDCP_OCOTPKeyLow  = 3U, /* Use [127:0] from ocotp key as dcp key */
    
42.     kDCP_OCOTPKeyHigh = 4U  /* Use [255:128] from ocotp key as dcp key */
    
43. } dcp_otp_key_select;
    
44. #endif
    
45. 
    
46. /*******************************************************************************
    
47. * Prototypes
    
48. ******************************************************************************/
    
49. 
    
50. /*******************************************************************************
    
51. * Code
    
52. ******************************************************************************/
    
53. #if DCP_TEST_USE_OTP_KEY
    
54. status_t DCP_OTPKeySelect(dcp_otp_key_select keySelect)
    
55. {
    
56.     if (keySelect == kDCP_OTPMKKeyLow)
    
57.     {
    
58.         IOMUXC_GPR->GPR3 &= ~(1 << IOMUXC_GPR_GPR3_DCP_KEY_SEL_SHIFT);
    
59.         IOMUXC_GPR->GPR10 &= ~(1 << IOMUXC_GPR_GPR10_DCPKEY_OCOTP_OR_KEYMUX_SHIFT);
    
60.     }
    
61. 
    
62.     else if (keySelect == kDCP_OTPMKKeyHigh)
    
63.     {
    
64.         IOMUXC_GPR->GPR3 |= (1 << IOMUXC_GPR_GPR3_DCP_KEY_SEL_SHIFT);
    
65.         IOMUXC_GPR->GPR10 &= ~(1 << IOMUXC_GPR_GPR10_DCPKEY_OCOTP_OR_KEYMUX_SHIFT);
    
66.     }
    
67. 
    
68.     else if (keySelect == kDCP_OCOTPKeyLow)
    
69.     {
    
70.         IOMUXC_GPR->GPR3 &= ~(1 << IOMUXC_GPR_GPR3_DCP_KEY_SEL_SHIFT);
    
71.         IOMUXC_GPR->GPR10 |= (1 << IOMUXC_GPR_GPR10_DCPKEY_OCOTP_OR_KEYMUX_SHIFT);
    
72.     }
    
73. 
    
74.     else if (keySelect == kDCP_OCOTPKeyHigh)
    
75.     {
    
76.         IOMUXC_GPR->GPR3 |= (1 << IOMUXC_GPR_GPR3_DCP_KEY_SEL_SHIFT);
    
77.         IOMUXC_GPR->GPR10 |= (1 << IOMUXC_GPR_GPR10_DCPKEY_OCOTP_OR_KEYMUX_SHIFT);
    
78.     }
    
79. 
    
80.     else
    
81.     {
    
82.         return kStatus_InvalidArgument;
    
83.     }
    
84. 
    
85.     return kStatus_Success;
    
86. }
    
87. #endif
    
88. 
    
89. void TestAesEcb(void)
    
90. {
    
91.     static const uint8_t keyAes128[] __attribute__((aligned)) = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
    
92.                                                                  0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
    
93.     static const uint8_t plainAes128[]                        = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
    
94.                                           0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a};
    
95. //    static const uint8_t cipherAes128[]                       = {0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60,
    
96. //                                           0xa8, 0x9e, 0xca, 0xf3, 0x24, 0x66, 0xef, 0x97};
    
97. #if DCP_TEST_USE_OTP_KEY
    
98. #warning Please update cipherAes128 variables to match expected AES ciphertext for your OTP key.
    
99. #endif
    
100. 
     
101.     uint8_t cipher[16];
     
102.     uint8_t output[16];
     
103.     status_t status;
     
104. 
     
105.     uint8_t i;
     
106. 
     
107.     dcp_handle_t m_handle;
     
108. 
     
109.     m_handle.channel    = kDCP_Channel0;
     
110.     m_handle.swapConfig = kDCP_NoSwap;
     
111. 
     
112. #if DCP_TEST_USE_OTP_KEY
     
113.     m_handle.keySlot = kDCP_OtpUniqueKey;
     
114. #else
     
115.     m_handle.keySlot = kDCP_KeySlot0;
     
116. #endif
     
117. 
     
118.     status = DCP_AES_SetKey(DCP, &m_handle, keyAes128, 16);
     
119.     TEST_ASSERT(kStatus_Success == status);
     
120. 
     
121.     DCP_AES_EncryptEcb(DCP, &m_handle, plainAes128, cipher, 16);
     
122. 
     
123.     for(i=0; i < 16 ; i++ )
     
124.             PRINTF("ciphertext %d value is %x \r\n", i, cipher[i]);
     
125. 
     
126. //    TEST_ASSERT(memcmp(cipher, cipherAes128, 16) == 0);
     
127. //
     
128. 
     
129. 
     
130.     DCP_AES_DecryptEcb(DCP, &m_handle, cipher, output, 16);
     
131.     TEST_ASSERT(memcmp(output, plainAes128, 16) == 0);
     
132. 
     
133.     PRINTF("AES ECB Unique KeyTest pass\r\n\r\n");
     
134. 
     
135. 
     
136.     m_handle.keySlot = kDCP_KeySlot0;
     
137. 
     
138.     status = DCP_AES_SetKey(DCP, &m_handle, keyAes128, 16);
     
139.         TEST_ASSERT(kStatus_Success == status);
     
140. 
     
141.     DCP_AES_EncryptEcb(DCP, &m_handle, plainAes128, cipher, 16);
     
142. 
     
143.     for(i=0; i < 16 ; i++ )
     
144.             PRINTF("ciphertext %d value is %x \r\n", i, cipher[i]);
     
145. 
     
146.     PRINTF("AES ECB Key All 0 pass\r\n");
     
147. 
     
148. 
     
149. }
     
150. 
     
151. 
     
152. 
     
153. /*!
     
154. * @brief Main function
     
155. */
     
156. int main(void)
     
157. {
     
158.     dcp_config_t dcpConfig;
     
159. 
     
160.     /* Init hardware*/
     
161.     BOARD_ConfigMPU();
     
162.     BOARD_InitPins();
     
163.     BOARD_BootClockRUN();
     
164.     BOARD_InitDebugConsole();
     
165. 
     
166.     /* Data cache must be temporarily disabled to be able to use sdram */
     
167.     SCB_DisableDCache();
     
168. 
     
169.     PRINTF("DCP Driver Example\r\n\r\n");
     
170. 
     
171.     /* Initialize DCP */
     
172.     DCP_GetDefaultConfig(&dcpConfig);
     
173. 
     
174. #if DCP_TEST_USE_OTP_KEY
     
175.     /* Set OTP key type in IOMUX registers before initializing DCP. */
     
176.     /* Software reset of DCP must be issued after changing the OTP key type. */
     
177.     DCP_OTPKeySelect(kDCP_OTPMKKeyLow);
     
178. #endif
     
179. 
     
180.     /* Reset and initialize DCP */
     
181.     DCP_Init(DCP, &dcpConfig);
     
182. 
     
183.     /* Call DCP APIs */
     
184.     TestAesEcb();
     
185. 
     
186. 
     
187.     /* Deinitialize DCP */
     
188.     DCP_Deinit(DCP);
     
189. 
     
190.     while (1)
     
191.     {
     
192.     }
     
193. }

复制代码

运行结果

1. DCP Driver Example
   
2. ciphertext 0 value is 38
   
3. ciphertext 1 value is ee
   
4. ciphertext 2 value is 85
   
5. ciphertext 3 value is 6a
   
6. ciphertext 4 value is 5e
   
7. ciphertext 5 value is 51
   
8. ciphertext 6 value is bd
   
9. ciphertext 7 value is cb
   
10. ciphertext 8 value is 3c
    
11. ciphertext 9 value is 93
    
12. ciphertext 10 value is f9
    
13. ciphertext 11 value is 3a
    
14. ciphertext 12 value is 1
    
15. ciphertext 13 value is b0
    
16. ciphertext 14 value is fe
    
17. ciphertext 15 value is 92
    
18. AES ECB Unique KeyTest pass
    
19. 
    
20. ciphertext 0 value is cf
    
21. ciphertext 1 value is 2e
    
22. ciphertext 2 value is a3
    
23. ciphertext 3 value is 8a
    
24. ciphertext 4 value is 12
    
25. ciphertext 5 value is 3b
    
26. ciphertext 6 value is e2
    
27. ciphertext 7 value is 7
    
28. ciphertext 8 value is 65
    
29. ciphertext 9 value is eb
    
30. ciphertext 10 value is 8c
    
31. ciphertext 11 value is 5c
    
32. ciphertext 12 value is 56
    
33. ciphertext 13 value is ca
    
34. ciphertext 14 value is f2
    
35. ciphertext 15 value is 24
    
36. AES ECB Key All 0 pass

复制代码

阅读全文