nugget: Add new GSA-GSC pre-shared secret key for factory pairing

1. Since P23 will remove GSA RPK key, we have to generate a new
   pre-shared key (32 bytes) for GSA and GSC pairing in CM factory.
2. GSA will generate a random PSK and send to GSC.
3. GSC will store PSK in persiste storage and load it back for GSA
   checking.
4. GSA will store the PSK in GSA OTP HW register if PSK is match.

Bug: 223285692
Change-Id: Ife4c7554392a2cb67e5b0e55fa94444ab54afb0b
Reviewed-on: https://nugget-os-review.googlesource.com/c/host/generic/+/50565
Tested-by: Joseph Jang <josephjang@google.com>
Reviewed-by: Brian Murray <brianjmurray@google.com>
Reviewed-by: David Lin <dtwlin@google.com>
Presubmit-Verified: TreeHugger Robot <android-build-prod@system.gserviceaccount.com>

1 files changed, 8 insertions, 0 deletions

diff --git a/nugget/include/app_nugget.h b/nugget/include/app_nugget.h
index da6710e..fbf5ddd 100644
--- a/nugget/include/app_nugget.h
+++ b/nugget/include/app_nugget.h
@@ -449,6 +449,14 @@ struct gsa_gsc_pairing_persist_storage {
 	uint8_t gsc_public_key[EC_P256_PUBLIC_KEY_SIZE];
 };
 
+#define GSA_GSC_PSK_VERSION 0
+#define HAS_GSA_GSC_PSK 0xa5
+struct gsa_gsc_psk_persist_storage {
+	uint8_t version;
+	uint8_t has_gsa_gsc_psk_provision;
+	uint8_t gsa_gsc_psk[PSK_KEY_SIZE];
+};
+
 #define NUGGET_PARAM_GSA_KEY_PROVISION 0x0017
 /*
  * GSA key provision command