DeviceKey Root of Trust generation refactored.

It's no longer automatically and silently created.

Author: tymoteuszblochmobica

features/device_key/source/DeviceKey.cpp

@@ -94,23 +94,10 @@ int DeviceKey::generate_derived_key(const unsigned char *salt, size_t isalt_size
 
     //First try to read the key from KVStore
     int ret = read_key_from_kvstore(key_buff, actual_size);
-    if (DEVICEKEY_SUCCESS != ret && DEVICEKEY_NOT_FOUND != ret) {
+    if (DEVICEKEY_SUCCESS != ret) {
         return ret;
     }
 
-    //If the key was not found in KVStore we will create it by using random generation and then save it to KVStore
-    if (DEVICEKEY_NOT_FOUND == ret) {
-        ret = generate_key_by_random(key_buff, actual_size);
-        if (DEVICEKEY_SUCCESS != ret) {
-            return ret;
-        }
-
-        ret = device_inject_root_of_trust(key_buff, actual_size);
-        if (DEVICEKEY_SUCCESS != ret) {
-            return ret;
-        }
-    }
-
     ret = get_derived_key(key_buff, actual_size, salt, isalt_size, output, ikey_type);
     return ret;
 }
@@ -259,22 +246,22 @@ int DeviceKey::get_derived_key(uint32_t *ikey_buff, size_t ikey_size, const unsi
     return DEVICEKEY_SUCCESS;
 }
 
-int DeviceKey::generate_key_by_random(uint32_t *output, size_t size)
+int DeviceKey::generate_root_of_trust()
 {
     int ret = DEVICEKEY_GENERATE_RANDOM_ERROR;
+    uint32_t key_buff[DEVICE_KEY_32BYTE / sizeof(uint32_t)];
+    size_t actual_size = DEVICE_KEY_32BYTE;
 
-    if (DEVICE_KEY_16BYTE > size) {
-        return DEVICEKEY_BUFFER_TOO_SMALL;
-    } else if (DEVICE_KEY_16BYTE != size && DEVICE_KEY_32BYTE != size) {
-        return DEVICEKEY_INVALID_PARAM;
+    if (read_key_from_kvstore(key_buff, actual_size) == DEVICEKEY_SUCCESS) {
+        return DEVICEKEY_ALREADY_EXIST;
     }
 
 #if defined(DEVICE_TRNG) || defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
     mbedtls_entropy_context *entropy = new mbedtls_entropy_context;
     mbedtls_entropy_init(entropy);
-    memset(output, 0, size);
+    memset(key_buff, 0, actual_size);
 
-    ret = mbedtls_entropy_func(entropy, (unsigned char *)output, size);
+    ret = mbedtls_entropy_func(entropy, (unsigned char *)key_buff, actual_size);
     if (ret != MBED_SUCCESS) {
         ret = DEVICEKEY_GENERATE_RANDOM_ERROR;
     } else {
@@ -283,7 +270,7 @@ int DeviceKey::generate_key_by_random(uint32_t *output, size_t size)
 
     mbedtls_entropy_free(entropy);
     delete entropy;
-
+    ret = device_inject_root_of_trust(key_buff, actual_size);
 #endif
 
     return ret;

features/device_key/source/DeviceKey.h

@@ -139,16 +139,16 @@ class DeviceKey : private mbed::NonCopyable<DeviceKey> {
     int get_derived_key(uint32_t *ikey_buff, size_t ikey_size, const unsigned char *isalt, size_t isalt_size,
                         unsigned char *output, uint32_t ikey_type);
 
-    /** Generate a random ROT key by using entropy
-     * @param output Output buffer for the generated key.
-     * @param size Input: The size of the buffer. If size is less
-     *                    than 16 bytes, the method generates an
-     *                    error. 16-31 bytes creates a 16-byte key.
-     *                    32 or higher generates a 32-byte key
-     *             Output: The actual written size to the buffer
-     * @return 0 on success, negative error code on failure
+    /** Generate Root of Trust from random sources.
+     * Uses TRNG or various other entropy sources to generate random device key and
+     * inject that into device's KVStore. Device Key can only be generated once.
+     *
+     * \return DEVICEKEY_SUCCESS, when device key succesfully generated and injected.
+     * \return DEVICEKEY_ALREADY_EXIST, if the key has already been written.
+     * \return DEVICEKEY_GENERATE_RANDOM_ERROR if this device does not contain entropy sources and cannot generate a key.
+     * \return error codes on other failures.
      */
-    int generate_key_by_random(uint32_t *output, size_t size);
+    int generate_root_of_trust();
 
 };