Implementation of COMPONENT_SECUREF with JEDEC TG424_3 for secure flash block device driver

cmsis/device/rtos/mbed_lib.json

@@ -4,7 +4,7 @@
         "present": 1,
          "main-thread-stack-size": {
             "help": "The size of the main thread's stack",
-            "value": 4096
+            "value": 16384
          },
          "timer-thread-stack-size": {
             "help": "The size of the timer thread's stack",

storage/blockdevice/CMakeLists.txt

@@ -38,6 +38,9 @@ if("SPIF" IN_LIST MBED_TARGET_LABELS)
     add_subdirectory(COMPONENT_SPIF)
 endif()
 
+if("SECUREF" IN_LIST MBED_TARGET_LABELS)
+    add_subdirectory(COMPONENT_SECUREF)
+endif()
 
 target_include_directories(mbed-storage-blockdevice
     INTERFACE

storage/blockdevice/COMPONENT_SECUREF/CMakeLists.txt

@@ -0,0 +1,20 @@
+# Copyright (c) 2020 ARM Limited. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+target_sources(mbed-storage-securef
+    INTERFACE
+        source/SecureFBlockDevice.cpp
+    PRIVATE
+        platform/plat_secure_flash.cpp
+        spi_nor_flash/spi_nor.c
+)
+
+target_include_directories(mbed-storage-securef
+    INTERFACE
+        include
+        include/SECUREF
+    PRIVATE
+        platform/include/
+        spi_nor_flash/
+)
+add_subdirectory(JEDEC_security_HAL)

storage/blockdevice/COMPONENT_SECUREF/TG424_3/CMakeLists.txt

@@ -0,0 +1,27 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2020-2023 Macronix International Co. LTD. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+#-------------------------------------------------------------------------------
+
+cmake_minimum_required(VERSION 3.15)
+
+cmake_policy(SET CMP0079 NEW)
+
+add_library(jedec_security_hal STATIC)
+
+target_sources(jedec_security_hal
+    PRIVATE
+        JEDEC_security_HAL/jedec_security_hal.c
+        JEDEC_security_HAL/queue.c
+)
+
+target_include_directories(jedec_security_hal
+    PUBLIC
+        ${CMAKE_CURRENT_SOURCE_DIR}/JEDEC_security_HAL
+        ${CMAKE_CURRENT_SOURCE_DIR}/JEDEC_security_HAL/include
+        ${CMAKE_CURRENT_SOURCE_DIR}/vendor_impl
+)
+
+add_subdirectory(vendor_impl)

storage/blockdevice/COMPONENT_SECUREF/TG424_3/JEDEC_security_HAL/CMakeLists.txt

@@ -0,0 +1,24 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2020-2023 Macronix International Co. LTD. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+#-------------------------------------------------------------------------------
+
+cmake_minimum_required(VERSION 3.15)
+
+cmake_policy(SET CMP0079 NEW)
+
+add_library(jedec_security_hal STATIC)
+
+target_sources(jedec_security_hal
+    PRIVATE
+        jedec_security_hal.c
+        queue.c
+)
+
+target_include_directories(jedec_security_hal
+    PUBLIC
+        ${CMAKE_CURRENT_SOURCE_DIR}
+        ${CMAKE_CURRENT_SOURCE_DIR}/include
+)

storage/blockdevice/COMPONENT_SECUREF/TG424_3/JEDEC_security_HAL/crypto_wrapper.h

@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2022-2023 Macronix International Co. LTD. All rights reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef _CRYPTO_WRAPPER_H_
+#define _CRYPTO_WRAPPER_H_
+
+#include <stdint.h>
+#include "include/crypto_defs.h"
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+typedef int (*init_t)(void);
+typedef int (*deinit_t)(void);
+typedef int (*algorithm_support_t)(int alg);
+typedef int (*crypto_func_t)(crypto_indicator_t *indicator);
+typedef int (*key_derive_t)(crypto_indicator_t *indicator, uint32_t *output_key_id);
+typedef int (*generate_random_t)(uint8_t *odata, uint32_t odata_len);
+typedef int (*ecdh_gen_key_pair_t)(crypto_indicator_t *indicator);
+typedef int (*ecdh_gen_shared_secret_t)(crypto_indicator_t *indicator);
+
+typedef int (*open_key_t)(uint32_t key_id);
+typedef int (*close_key_t)(uint32_t key_id);
+typedef int (*destroy_key_t)(uint32_t key_id);
+typedef int (*export_public_key_t)(uint32_t key_id, uint8_t *key_buf, uint32_t buf_size, uint32_t *actual_size);
+typedef int (*export_key_t)(uint32_t key_id, uint8_t *key_buf, uint32_t buf_size, uint32_t *actual_size);
+typedef int (*import_key_t)(uint32_t *key_id, uint8_t *key_buf, uint32_t buf_size, KeyLifeTime lifetime);
+
+
+typedef struct {
+    init_t init;
+    deinit_t deinit;
+    algorithm_support_t algorithm_support;
+    crypto_func_t crypto_func;
+    key_derive_t key_derive;
+    generate_random_t generate_random;
+    ecdh_gen_key_pair_t ecdh_gen_key_pair;
+    ecdh_gen_shared_secret_t ecdh_gen_shared_secret;
+
+    open_key_t open_key;
+    close_key_t close_key;
+    destroy_key_t destroy_key;
+    export_public_key_t export_public_key;
+    export_key_t export_key;
+    import_key_t import_key;
+
+} crypto_wrapper_t;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _CRYPTO_WRAPPER_H_ */