Update hal_dice_create_attest_key

yosuke-wolfssl · yosuke-wolfssl · commit e46f0a71e327 · 2026-04-28T13:14:59.000+09:00
diff --git a/arch.mk b/arch.mk
@@ -876,7 +876,8 @@ ifeq ($(TARGET),mcxn)
     OBJS+=\
       $(ELS_PKC)/src/comps/mcuxClEls/src/mcuxClEls_Common.o \
       $(ELS_PKC)/src/comps/mcuxClEls/src/mcuxClEls_Kdf.o \
-      $(ELS_PKC)/src/comps/mcuxClEls/src/mcuxClEls_KeyManagement.o
+      $(ELS_PKC)/src/comps/mcuxClEls/src/mcuxClEls_KeyManagement.o \
+      $(ELS_PKC)/src/comps/mcuxClEls/src/mcuxClEls_Ecc.o
   endif
 endif
 
diff --git a/hal/mcxn.c b/hal/mcxn.c
@@ -59,7 +59,7 @@
 #define MCXN_ELS_DICE_CDI_DERIVED_KEYSLOT   11U
 
 /* wolfBoot stores the per-boot IAK (P-256) here. */
-#define MCXN_ELS_DICE_IAK_KEYSLOT           13U
+#define MCXN_ELS_DICE_IAK_KEYSLOT           9U
 
 #endif
 
@@ -466,8 +466,8 @@ int hal_dice_update_cdi(const uint8_t *measurement, size_t meas_len)
     static int cdi_step = 0;
     uint8_t deriv[MCUXCLELS_HKDF_RFC5869_DERIVATIONDATA_SIZE];
     wc_Sha256 sha;
-    mcuxClEls_HkdfOption_t opts;
-    mcuxClEls_KeyProp_t props;
+    mcuxClEls_HkdfOption_t opts = {0};
+    mcuxClEls_KeyProp_t props = {0};
     int ret = 0;
 
     if (cdi_step == 0) {
@@ -532,9 +532,18 @@ int hal_dice_update_cdi(const uint8_t *measurement, size_t meas_len)
     }
 
     if (ret == 0) {
-        opts.word.value = MCUXCLELS_HKDF_ALGO_RFC5869;
-        /* UPPROT|UKGSRC|UHKDF|FGP|KBASE|KACTV|KSIZE */
-        props.word.value = 0x440200E1U;
+        /* Set HKDF options */
+        opts.bits.hkdf_algo = MCUXCLELS_HKDF_ALGO_RFC5869;
+
+        /* Set key properties */
+        props.bits.upprot_priv = MCUXCLELS_KEYPROPERTY_PRIVILEGED_TRUE;
+        props.bits.upprot_sec = MCUXCLELS_KEYPROPERTY_SECURE_TRUE;
+        props.bits.ukgsrc = MCUXCLELS_KEYPROPERTY_INPUT_FOR_ECC_TRUE;
+        props.bits.uhkdf = MCUXCLELS_KEYPROPERTY_HKDF_TRUE;
+        props.bits.fgp = MCUXCLELS_KEYPROPERTY_GENERAL_PURPOSE_SLOT_TRUE;
+        props.bits.kbase = MCUXCLELS_KEYPROPERTY_BASE_SLOT;
+        props.bits.kactv = MCUXCLELS_KEYPROPERTY_ACTIVE_TRUE;
+        props.bits.ksize = MCUXCLELS_KEYPROPERTY_KEY_SIZE_256;
         
         /* Trigger the HKDF command.
          * We just give the names of token and return value
@@ -568,34 +577,79 @@ int hal_dice_update_cdi(const uint8_t *measurement, size_t meas_len)
     return ret;
 }
 
+/* Generate P-256 IAK from derived CDI using ELS KEYGEN.
+ * Private key stays in ELS keystore. Public key written to system memory. */    
 int hal_dice_create_attest_key(void)
 {
-    /*
-     * Generate P-256 IAK from derived CDI using ELS KEYGEN.
-     * Private key stays in ELS keystore. Public key written to system memory.
-     *
-     * TODO: Implement using mcuxClEls_KeyDelete_Async + mcuxClEls_EccKeyGen_Async:
-     *
-     *   // Step 1: Free target slot (KDELETE, cmd 0xB)
-     *   MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(...,
-     *       mcuxClEls_KeyDelete_Async(MCXN_ELS_DICE_IAK_KEYSLOT));
-     *   mcuxClEls_WaitForOperation(MCUXCLELS_ERROR_FLAGS_CLEAR);
-     *
-     *   // Step 2: Generate IAK into freed slot from derived CDI
-     *   static uint8_t pub_key[64] __attribute__((aligned(4)));
-     *   mcuxClEls_EccKeyGenOption_t opts = {0};
-     *   opts.bits.kgsrc    = 0; // deterministic from CDI key material
-     *   opts.bits.kgtypedh = 0; // signing key (not DH)
-     *   mcuxClEls_KeyProp_t props = {.word.value =
-     *       MCUXCLELS_KEYPROPERTY_VALUE_ECSGN | MCUXCLELS_KEYPROPERTY_VALUE_ACTIVE};
-     *   MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(...,
-     *       mcuxClEls_EccKeyGen_Async(opts,
-     *           MCXN_ELS_DICE_CDI_DERIVED_KEYSLOT,
-     *           MCXN_ELS_DICE_IAK_KEYSLOT,
-     *           props, NULL, pub_key));
-     *   mcuxClEls_WaitForOperation(MCUXCLELS_ERROR_FLAGS_CLEAR);
-     */
-    return -1; /* placeholder */
+    static uint8_t pub_key[64] __attribute__((aligned(4)));
+    mcuxClEls_EccKeyGenOption_t opts = {0};
+    mcuxClEls_KeyProp_t props = {0};
+    int ret = 0;
+
+    /* Trigger the KDELETE command to free the key slot.
+     * We just give the names of token and return value
+     * since it's declared within the macro */
+    MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(res_kdel, tok_kdel,
+        mcuxClEls_KeyDelete_Async(MCXN_ELS_DICE_IAK_KEYSLOT));
+
+    if ((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClEls_KeyDelete_Async) != tok_kdel) ||
+        (MCUXCLELS_STATUS_OK_WAIT != res_kdel))
+        ret = -1;
+
+    MCUX_CSSL_FP_FUNCTION_CALL_END();
+
+    /* Wait for hardware to finish */
+    MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(res_w, tok_w,
+        mcuxClEls_WaitForOperation(MCUXCLELS_ERROR_FLAGS_CLEAR));
+
+    if ((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClEls_WaitForOperation) != tok_w) ||
+        (MCUXCLELS_STATUS_OK != res_w))
+        ret = -1;
+
+    MCUX_CSSL_FP_FUNCTION_CALL_END();
+
+    if (ret == 0) {
+        /* Set KeyGen options */
+        opts.bits.kgsrc    = MCUXCLELS_ECC_OUTPUTKEY_DETERMINISTIC;
+        opts.bits.kgtypedh = MCUXCLELS_ECC_OUTPUTKEY_SIGN;
+
+        /* Set key properties */
+        props.bits.upprot_priv = MCUXCLELS_KEYPROPERTY_PRIVILEGED_TRUE;
+        props.bits.upprot_sec = MCUXCLELS_KEYPROPERTY_SECURE_TRUE;
+        props.bits.uecsg = MCUXCLELS_KEYPROPERTY_ECC_TRUE;
+        props.bits.uksk = MCUXCLELS_KEYPROPERTY_KSK_TRUE;
+        props.bits.fgp = MCUXCLELS_KEYPROPERTY_GENERAL_PURPOSE_SLOT_TRUE;
+        props.bits.kbase = MCUXCLELS_KEYPROPERTY_BASE_SLOT;
+        props.bits.kactv = MCUXCLELS_KEYPROPERTY_ACTIVE_TRUE;
+        props.bits.ksize = MCUXCLELS_KEYPROPERTY_KEY_SIZE_256;
+
+        /* Trigger the ECC KeyGen command.
+         * We just give the names of token and return value
+         * since it's declared within the macro */
+        MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(res_kg, tok_kg,
+            mcuxClEls_EccKeyGen_Async(opts,
+                MCXN_ELS_DICE_CDI_DERIVED_KEYSLOT,
+                MCXN_ELS_DICE_IAK_KEYSLOT,
+                props, NULL, pub_key));
+
+        if ((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClEls_EccKeyGen_Async) != tok_kg) ||
+            (MCUXCLELS_STATUS_OK_WAIT != res_kg))
+            ret = -1;
+
+        MCUX_CSSL_FP_FUNCTION_CALL_END();
+
+        /* Wait for hardware to finish */
+        MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(res_w, tok_w,
+            mcuxClEls_WaitForOperation(MCUXCLELS_ERROR_FLAGS_CLEAR));
+
+        if ((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClEls_WaitForOperation) != tok_w) ||
+            (MCUXCLELS_STATUS_OK != res_w))
+            ret = -1;
+
+        MCUX_CSSL_FP_FUNCTION_CALL_END();
+    }
+
+    return ret;
 }
 
 int hal_dice_sign_hash(const uint8_t *hash, size_t hash_len,
