diff --git a/lib/sw_services/xilsecure/examples/xilsecure_rsa_example.c b/lib/sw_services/xilsecure/examples/xilsecure_rsa_example.c index 9f151e98..2dfe8ef5 100755 --- a/lib/sw_services/xilsecure/examples/xilsecure_rsa_example.c +++ b/lib/sw_services/xilsecure/examples/xilsecure_rsa_example.c @@ -89,18 +89,18 @@ static u32 HeaderFsblLenOffset = 0x03C; #define XSECURE_AUTH_CERT_USER_DATA (64 - XSECURE_AUTH_HEADER_SIZE) -#define XSECURE_AUTH_CERT_MIN_SIZE (XSECURE_AUTH_HEADER_SIZE \ - + XSECURE_AUTH_CERT_USER_DATA \ - + XSECURE_PPK_SIZE \ - + XSECURE_PPK_SIZE \ - + XSECURE_SPK_SIG_SIZE \ - + XSECURE_BHDR_SIG_SIZE \ - + XSECURE_FSBL_SIG_SIZE) +#define XSECURE_AUTH_CERT_MIN_SIZE (XSECURE_AUTH_HEADER_SIZE \ + + XSECURE_AUTH_CERT_USER_DATA \ + + XSECURE_PPK_SIZE \ + + XSECURE_PPK_SIZE \ + + XSECURE_SPK_SIG_SIZE \ + + XSECURE_BHDR_SIG_SIZE \ + + XSECURE_FSBL_SIG_SIZE) -#define XSECURE_AUTH_CERT_MAX_SIZE (XSECURE_AUTH_CERT_MIN_SIZE + 60) +#define XSECURE_AUTH_CERT_MAX_SIZE (XSECURE_AUTH_CERT_MIN_SIZE + 60) -#define XSECURE_PARTIAL_AC_SIZE (XSECURE_AUTH_CERT_MIN_SIZE - \ - XSECURE_FSBL_SIG_SIZE) +#define XSECURE_PARTIAL_AC_SIZE (XSECURE_AUTH_CERT_MIN_SIZE - \ + XSECURE_FSBL_SIG_SIZE) #define XSECURE_IMAGE_VERIF_ERROR (2) /**************************** Type Definitions *******************************/ @@ -131,7 +131,7 @@ u8 XSecure_RsaSha3Array[XSECURE_FSBL_SIG_SIZE]; * @note None * ******************************************************************************/ -/*int main(void) +int main(void) { u32 Status; @@ -147,7 +147,7 @@ u8 XSecure_RsaSha3Array[XSECURE_FSBL_SIG_SIZE]; xil_printf(" \r\n "); return XST_SUCCESS; -}*/ +} /****************************************************************************/ /** @@ -186,10 +186,10 @@ u32 SecureRsaExample(void) xil_printf(" \r\n "); u32 TotalFsblLength = XSecure_In32((u32 *)(ImageOffset + - HeaderFsblTotalLenOffset)); + HeaderFsblTotalLenOffset)); u32 FsblLength = XSecure_In32((u32 *)(ImageOffset + - HeaderFsblLenOffset)); + HeaderFsblLenOffset)); u32 AcLocation = FsblLocation + TotalFsblLength - XSECURE_AUTH_CERT_MIN_SIZE; @@ -254,7 +254,7 @@ u32 SecureRsaExample(void) * Calculate FSBL Hash */ XSecure_Sha3Update(&Secure_Sha3, (u8 *)FsblLocation, - FsblTotalLen); + FsblTotalLen); XSecure_Sha3Finish(&Secure_Sha3, (u8 *)BIHash); @@ -262,13 +262,14 @@ u32 SecureRsaExample(void) * Initialize the Rsa driver so that it's ready to use * Look up the configuration in the config table and then initialize it. */ - XSecure_RsaInitialize(&Secure_Rsa, AcPtr, SpkModular, SpkModularEx, - (u8 *)&SpkExp); + XSecure_RsaInitialize(&Secure_Rsa, SpkModular, SpkModularEx, + (u8 *)&SpkExp); /* * Decrypt Boot Image Signature. */ - if(XST_SUCCESS != XSecure_RsaDecrypt(&Secure_Rsa, XSecure_RsaSha3Array)) + if(XST_SUCCESS != XSecure_RsaDecrypt(&Secure_Rsa, AcPtr, + XSecure_RsaSha3Array)) { ErrorCode = XSECURE_IMAGE_VERIF_ERROR; goto ENDF; @@ -293,7 +294,7 @@ u32 SecureRsaExample(void) /* * Authenticate FSBL Signature. */ - if(XSecure_RsaCheckPadding(XSecure_RsaSha3Array, BIHash, + if(XSecure_RsaSignVerification(XSecure_RsaSha3Array, BIHash, XSECURE_HASH_TYPE_SHA3) != 0) { ErrorCode = XSECURE_IMAGE_VERIF_ERROR; diff --git a/lib/sw_services/xilsecure/examples/xilsecure_sha_example.c b/lib/sw_services/xilsecure/examples/xilsecure_sha_example.c index 3f10304f..fcc34e53 100755 --- a/lib/sw_services/xilsecure/examples/xilsecure_sha_example.c +++ b/lib/sw_services/xilsecure/examples/xilsecure_sha_example.c @@ -100,14 +100,14 @@ XCsuDma CsuDma; * @note None * ******************************************************************************/ -/*int main(void) +int main(void) { int Status; Status = SecureHelloWorldExample(); return Status; -}*/ +} /****************************************************************************/ /** diff --git a/lib/sw_services/xilsecure/src/xsecure_rsa.c b/lib/sw_services/xilsecure/src/xsecure_rsa.c index 814ca58e..5f455f5e 100755 --- a/lib/sw_services/xilsecure/src/xsecure_rsa.c +++ b/lib/sw_services/xilsecure/src/xsecure_rsa.c @@ -64,19 +64,15 @@ /************************** Constant Definitions *****************************/ -/* - * PKCS padding for SHA-3 - */ +/* PKCS padding for SHA-3 */ static const u8 XSecure_TPadSha3[] = {0x30U, 0x41U, 0x30U, 0x0DU, 0x06U, 0x09U, - 0x60U, 0x86U, 0x48U, 0x01U, 0x65U, 0x03U, 0x04U, 0x02U, - 0x02U, 0x05U, 0x00U, 0x04U, 0x30U }; + 0x60U, 0x86U, 0x48U, 0x01U, 0x65U, 0x03U, 0x04U, 0x02U, + 0x02U, 0x05U, 0x00U, 0x04U, 0x30U }; -/* - * PKCS padding scheme for SHA-2 - */ +/* PKCS padding scheme for SHA-2 */ static const u8 XSecure_TPadSha2[] = {0x30U, 0x31U, 0x30U, 0x0DU, 0x06U, 0x09U, - 0x60U, 0x86U, 0x48U, 0x01U, 0x65U, 0x03U, 0x04U, 0x02U, - 0x01U, 0x05U, 0x00U, 0x04U, 0x20U }; + 0x60U, 0x86U, 0x48U, 0x01U, 0x65U, 0x03U, 0x04U, 0x02U, + 0x01U, 0x05U, 0x00U, 0x04U, 0x20U }; /**************************** Type Definitions *******************************/ @@ -94,7 +90,6 @@ static const u8 XSecure_TPadSha2[] = {0x30U, 0x31U, 0x30U, 0x0DU, 0x06U, 0x09U, * Initializes a specific Xsecure_Rsa instance so that it is ready to be used. * * @param InstancePtr is a pointer to the XSecure_Rsa instance. - * @param EncText is the pointer to text/data to be authenticated using RSA * @param Mod is the pointer to Modulus used for authentication * @param ModExt is the pointer to precalculated R^2 Mod N value used for * authentication @@ -103,26 +98,20 @@ static const u8 XSecure_TPadSha2[] = {0x30U, 0x31U, 0x30U, 0x0DU, 0x06U, 0x09U, * * @return XST_SUCCESS if initialization was successful. * - * @note - * - * Modulus, ModExt and ModExpo are part of signature generated by bootgen - * after authentication + * @note Modulus, ModExt and ModExpo are part of signature generated by + * bootgen after authentication * ******************************************************************************/ -s32 XSecure_RsaInitialize(XSecure_Rsa *InstancePtr, u8 *EncText, u8 *Mod, - u8 *ModExt, u8 *ModExpo) +s32 XSecure_RsaInitialize(XSecure_Rsa *InstancePtr, u8 *Mod, u8 *ModExt, + u8 *ModExpo) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertNonvoid(InstancePtr != NULL); - Xil_AssertNonvoid(EncText != NULL); Xil_AssertNonvoid(Mod != NULL); Xil_AssertNonvoid(ModExt != NULL); Xil_AssertNonvoid(ModExpo != NULL); InstancePtr->BaseAddress = XSECURE_CSU_RSA_BASE; - InstancePtr->EncText = EncText; InstancePtr->Mod = Mod; InstancePtr->ModExt = ModExt; InstancePtr->ModExpo = ModExpo; @@ -141,14 +130,13 @@ s32 XSecure_RsaInitialize(XSecure_Rsa *InstancePtr, u8 *EncText, u8 *Mod, * * @return None * + * @note None + * ******************************************************************************/ static void XSecure_RsaWriteMem(XSecure_Rsa *InstancePtr, u32* WrData, - u8 RamOffset) + u8 RamOffset) { - - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); Xil_AssertVoid(WrData != NULL); @@ -164,7 +152,7 @@ static void XSecure_RsaWriteMem(XSecure_Rsa *InstancePtr, u32* WrData, { TmpIndex = (DataOffset*6) + Index; /** - * Exponent size is only 4 bytes + * Exponent size is only 4 bytes * and rest of the data needs to be 0 */ if(XSECURE_CSU_RSA_RAM_EXPO == RamOffset) @@ -186,22 +174,22 @@ static void XSecure_RsaWriteMem(XSecure_Rsa *InstancePtr, u32* WrData, } else { - /** - * The RSA data in Image is in Big Endian. - * So reverse it before putting in RSA memory, - * becasue RSA h/w expects it in Little endian. - */ + /** + * The RSA data in Image is in Big Endian. + * So reverse it before putting in RSA memory, + * becasue RSA h/w expects it in Little endian. + */ - Data = Xil_Htonl(WrData[127U - TmpIndex]); + Data = Xil_Htonl(WrData[127U - TmpIndex]); } } XSecure_WriteReg(InstancePtr->BaseAddress, - (XSECURE_CSU_RSA_WR_DATA_0_OFFSET + (Index * 4)), - Data); + (XSECURE_CSU_RSA_WR_DATA_0_OFFSET + (Index * 4)), + Data); } XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_RSA_WR_ADDR_OFFSET, - ((RamOffset * 22) + DataOffset)); + XSECURE_CSU_RSA_WR_ADDR_OFFSET, + ((RamOffset * 22) + DataOffset)); } } @@ -211,32 +199,30 @@ static void XSecure_RsaWriteMem(XSecure_Rsa *InstancePtr, u32* WrData, * Read back the resulting data from RSA RAM * * @param InstancePtr is a pointer to the XSecure_Rsa instance. - * @param RdData is the pointer to location where the decrypted data will be - * written + * @param RdData is the pointer to location where the decrypted data will + * be written * * @return None * + * @note None + * ******************************************************************************/ static void XSecure_RsaGetData(XSecure_Rsa *InstancePtr, u32 *RdData) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); Xil_AssertVoid(RdData != NULL); u32 Index = 0U; u32 DataOffset = 0U; - int TmpIndex = 0; + u32 TmpIndex = 0; - /* - * Each of this loop will write 192 bits of data - */ + /* Each of this loop will write 192 bits of data */ for (DataOffset = 0U; DataOffset < 22U; DataOffset++) { XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_RSA_RD_ADDR_OFFSET, - (XSECURE_CSU_RSA_RAM_RES_Y * 22) + DataOffset); + XSECURE_CSU_RSA_RD_ADDR_OFFSET, + (XSECURE_CSU_RSA_RAM_RES_Y * 22) + DataOffset); Index = (DataOffset == 0U) ? 2: 0; for (; Index < 6; Index++) @@ -252,8 +238,8 @@ static void XSecure_RsaGetData(XSecure_Rsa *InstancePtr, u32 *RdData) * reverse it after reading it from RSA memory, */ RdData[TmpIndex] = Xil_Htonl(XSecure_ReadReg( - InstancePtr->BaseAddress, - (XSECURE_CSU_RSA_RD_DATA_0_OFFSET+ (Index * 4)))); + InstancePtr->BaseAddress, + (XSECURE_CSU_RSA_RD_DATA_0_OFFSET+ (Index * 4)))); } } @@ -266,44 +252,38 @@ static void XSecure_RsaGetData(XSecure_Rsa *InstancePtr, u32 *RdData) * * @return None * - * @notes MINV is the 32-bit value of "-M mod 2**32" + * @note MINV is the 32-bit value of "-M mod 2**32" * where M is LSB 32 bits of the original modulus * ******************************************************************************/ static void XSecure_RsaMod32Inverse(XSecure_Rsa *InstancePtr) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); - /* - * Calculate the MINV - */ - u8 Count = 0U; - u32 *ModPtr = (u32 *)(InstancePtr->Mod); + /* Calculate the MINV */ + u8 Count = 0U; + u32 *ModPtr = (u32 *)(InstancePtr->Mod); u32 ModVal = Xil_Htonl(ModPtr[127]); - u32 Inv = 2U - ModVal; + u32 Inv = 2U - ModVal; - for (Count = 0U; Count < 4U; ++Count) - { + for (Count = 0U; Count < 4U; ++Count) + { Inv = (Inv * (2U - ( ModVal * Inv ) ) ); } - Inv = -Inv; + Inv = -Inv; - /* - * Put the value in MINV registers - */ + /* Put the value in MINV registers */ XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_MINV0_OFFSET, - (Inv & 0xFF )); + (Inv & 0xFF )); XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_MINV1_OFFSET, - ((Inv >> 8) & 0xFF )); + ((Inv >> 8) & 0xFF )); XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_MINV2_OFFSET, - ((Inv >> 16) & 0xFF )); + ((Inv >> 16) & 0xFF )); XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_MINV3_OFFSET, - ((Inv >> 24) & 0xFF )); + ((Inv >> 24) & 0xFF )); } /*****************************************************************************/ @@ -316,37 +296,26 @@ static void XSecure_RsaMod32Inverse(XSecure_Rsa *InstancePtr) * * @return None. * + * @note None + * ******************************************************************************/ static void XSecure_RsaPutData(XSecure_Rsa *InstancePtr) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); - /* - * Initialize Modular exponentiation - */ + /* Initialize Modular exponentiation */ XSecure_RsaWriteMem(InstancePtr, (u32 *)InstancePtr->ModExpo, - XSECURE_CSU_RSA_RAM_EXPO); + XSECURE_CSU_RSA_RAM_EXPO); - /* - * Initialize Modular. - */ + /* Initialize Modular. */ XSecure_RsaWriteMem(InstancePtr, (u32 *)InstancePtr->Mod, - XSECURE_CSU_RSA_RAM_MOD); + XSECURE_CSU_RSA_RAM_MOD); - /* - * Initialize Modular extension (R*R Mod M) - */ + /* Initialize Modular extension (R*R Mod M) */ XSecure_RsaWriteMem(InstancePtr, (u32 *)InstancePtr->ModExt, - XSECURE_CSU_RSA_RAM_RES_Y); + XSECURE_CSU_RSA_RAM_RES_Y); - /* - * Initialize Digest - */ - XSecure_RsaWriteMem(InstancePtr, (u32 *)InstancePtr->EncText, - XSECURE_CSU_RSA_RAM_DIGEST); } /*****************************************************************************/ @@ -356,58 +325,54 @@ static void XSecure_RsaPutData(XSecure_Rsa *InstancePtr) * * @param InstancePtr is a pointer to the XSecure_Rsa instance. * @param Result is the pointer to decrypted data generated by RSA. + * @param EncText is the pointer to the data(hash) to be decrypted * * @return XST_SUCCESS if decryption was successful. * + * @note None + * ******************************************************************************/ -s32 XSecure_RsaDecrypt(XSecure_Rsa *InstancePtr, u8 *Result) +s32 XSecure_RsaDecrypt(XSecure_Rsa *InstancePtr, u8 *EncText, u8 *Result) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertNonvoid(InstancePtr != NULL); Xil_AssertNonvoid(Result != NULL); volatile u32 Status = 0x0U; s32 ErrorCode = XST_SUCCESS; - /* - * Put Modulus, exponent, Mod extension in RSA RAM - */ + /* Put Modulus, exponent, Mod extension in RSA RAM */ XSecure_RsaPutData(InstancePtr); - /* - * Initialize MINV values from Mod. - */ + /* Initialize Digest */ + XSecure_RsaWriteMem(InstancePtr, (u32 *)EncText, + XSECURE_CSU_RSA_RAM_DIGEST); + + /* Initialize MINV values from Mod. */ XSecure_RsaMod32Inverse(InstancePtr); - /* - * Start the RSA operation. - */ - XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_CONTROL_OFFSET, - XSECURE_CSU_RSA_CONTROL_MASK); + /* Start the RSA operation. */ + XSecure_WriteReg(InstancePtr->BaseAddress, + XSECURE_CSU_RSA_CONTROL_OFFSET, + XSECURE_CSU_RSA_CONTROL_MASK); - /* - * Check and wait for status - */ + /* Check and wait for status */ do { Status = XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_RSA_STATUS_OFFSET); + XSECURE_CSU_RSA_STATUS_OFFSET); if(XSECURE_CSU_RSA_STATUS_ERROR == - ((u32)Status & XSECURE_CSU_RSA_STATUS_ERROR)) + ((u32)Status & XSECURE_CSU_RSA_STATUS_ERROR)) { ErrorCode = XST_FAILURE; goto END; } }while(XSECURE_CSU_RSA_STATUS_DONE != - ((u32)Status & XSECURE_CSU_RSA_STATUS_DONE)); + ((u32)Status & XSECURE_CSU_RSA_STATUS_DONE)); - /* - * Copy the result - */ + /* Copy the result */ XSecure_RsaGetData(InstancePtr, (u32 *)Result); END: @@ -422,30 +387,29 @@ END: * @param Signature is the pointer to RSA signature for data to be * authenticated * @param Hash is the pointer to expected hash data - * @param KeySel is the key source for decryption, can be KUP or device key * @param HashLen is the length of Hash used. * * @return 0 if RSA match succeeded - * 1 if character 1 of padding does not match - * 2 if character 2 of padding does not match + * 1 if character 1 of padding does not match + * 2 if character 2 of padding does not match * 3 if FF padding scheme does not match * 4 if character after FF padding does not match * 5 T_padding for given SHA algorithm does not match * 6 if the output hash does not match * + * @note None + * ******************************************************************************/ -u32 XSecure_RsaCheckPadding(u8 *Signature, u8 *Hash, u32 HashLen) +u32 XSecure_RsaSignVerification(u8 *Signature, u8 *Hash, u32 HashLen) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertNonvoid(Signature != NULL); Xil_AssertNonvoid(Hash != NULL); u8 * Tpadding = (u8 *)XNULL; u32 Pad = XSECURE_FSBL_SIG_SIZE - 3U - 19U - HashLen; - u8 * PadPtr = Signature; - u32 ii; + u8 * PadPtr = Signature; + u32 ii; u32 ErrorCode = 0U; if(XSECURE_HASH_TYPE_SHA3 == HashLen) @@ -457,62 +421,62 @@ u32 XSecure_RsaCheckPadding(u8 *Signature, u8 *Hash, u32 HashLen) Tpadding = (u8 *)XSecure_TPadSha2; } - /* + /* * Re-Create PKCS#1v1.5 Padding - * MSB ----------------------------------------------------------------LSB - * 0x0 || 0x1 || 0xFF(for 202 bytes) || 0x0 || T_padding || SHA256/384 Hash - */ + * MSB ------------------------------------------------------------LSB + * 0x0 || 0x1 || 0xFF(for 202 bytes) || 0x0 || T_padding || SHA384 Hash + */ - if (0x00U != *PadPtr) - { - ErrorCode = 1U; + if (0x00U != *PadPtr) + { + ErrorCode = 1U; goto ENDF; - } + } PadPtr++; - if (0x01U != *PadPtr) - { - ErrorCode = 2U; + if (0x01U != *PadPtr) + { + ErrorCode = 2U; goto ENDF; - } + } PadPtr++; - for (ii = 0U; ii < Pad; ii++) - { - if (0xFFU != *PadPtr) - { + for (ii = 0U; ii < Pad; ii++) + { + if (0xFFU != *PadPtr) + { ErrorCode = 3U; goto ENDF; - } - PadPtr++; - } + } + PadPtr++; + } - if (0x00U != *PadPtr) - { - ErrorCode = 4U; + if (0x00U != *PadPtr) + { + ErrorCode = 4U; goto ENDF; - } + } PadPtr++; - for (ii = 0U; ii < 19U; ii++) - { - if (*PadPtr != Tpadding[ii]) - { + for (ii = 0U; ii < 19U; ii++) + { + if (*PadPtr != Tpadding[ii]) + { ErrorCode = 5U; goto ENDF; - } - PadPtr++; - } + } + PadPtr++; + } - for (ii = 0U; ii < HashLen; ii++) - { + for (ii = 0U; ii < HashLen; ii++) + { if (*PadPtr != Hash[ii]) { ErrorCode = 6U; goto ENDF; } PadPtr++; - } + } ENDF: return ErrorCode; diff --git a/lib/sw_services/xilsecure/src/xsecure_rsa.h b/lib/sw_services/xilsecure/src/xsecure_rsa.h index 989ef28a..c8ee319e 100755 --- a/lib/sw_services/xilsecure/src/xsecure_rsa.h +++ b/lib/sw_services/xilsecure/src/xsecure_rsa.h @@ -56,18 +56,18 @@ * in the following way: * * - XSecure_RsaInitialize(XSecure_Rsa *InstancePtr, u8* EncText, -* u8 *Mod, u8 *ModExt, u8 *ModExpo) +* u8 *Mod, u8 *ModExt, u8 *ModExpo) * * The method used for RSA decryption needs precalculated value off R^2 mod N * which is generated by bootgen and is present in the signature along with * modulus and exponent. * * @note -* -The format of the public key( modulus, exponent and precalculated -* R^2 mod N should be same as specified by the bootgen +* -The format of the public key( modulus, exponent and precalculated +* R^2 mod N should be same as specified by the bootgen * -* -For matching, PKCS paddding scheme has to be applied in the manner -* specified by the bootgen. +* -For matching, PKCS paddding scheme has to be applied in the manner +* specified by the bootgen. * * 
 * MODIFICATION HISTORY:
@@ -105,12 +105,12 @@ extern "C" {
  */
 #define XSECURE_CSU_RSA_CONTROL_2048	(0xA0U) /**< RSA 2048 Length Code */
 #define XSECURE_CSU_RSA_CONTROL_4096	(0xC0U) /**< RSA 4096 Length Code */
-#define XSECURE_CSU_RSA_CONTROL_DCA     (0x08U) /**< Abort Operation */
-#define XSECURE_CSU_RSA_CONTROL_NOP     (0x00U) /**< No Operation */
-#define XSECURE_CSU_RSA_CONTROL_EXP     (0x01U) /**< Exponentiation Opcode */
-#define XSECURE_CSU_RSA_CONTROL_EXP_PRE (0x05U) /**< Expo. using R*R mod M */
-#define XSECURE_CSU_RSA_CONTROL_MASK    (XSECURE_CSU_RSA_CONTROL_4096 + \
-                                          XSECURE_CSU_RSA_CONTROL_EXP_PRE)
+#define XSECURE_CSU_RSA_CONTROL_DCA	(0x08U) /**< Abort Operation */
+#define XSECURE_CSU_RSA_CONTROL_NOP	(0x00U) /**< No Operation */
+#define XSECURE_CSU_RSA_CONTROL_EXP	(0x01U) /**< Exponentiation Opcode */
+#define XSECURE_CSU_RSA_CONTROL_EXP_PRE	(0x05U) /**< Expo. using R*R mod M */
+#define XSECURE_CSU_RSA_CONTROL_MASK	(XSECURE_CSU_RSA_CONTROL_4096 + \
+					XSECURE_CSU_RSA_CONTROL_EXP_PRE)
 /* @} */
 
 /** @name RSA status Register
@@ -119,26 +119,26 @@ extern "C" {
  *
  * Status Register Bit Definition
  */
-#define XSECURE_CSU_RSA_STATUS_DONE           (0x1U) /**< Operation Done */
-#define XSECURE_CSU_RSA_STATUS_BUSY           (0x2U) /**< RSA busy */
-#define XSECURE_CSU_RSA_STATUS_ERROR          (0x4U) /**< Error */
-#define XSECURE_CSU_RSA_STATUS_PROG_CNT       (0xF8U)  /**< Progress Counter */
+#define XSECURE_CSU_RSA_STATUS_DONE		(0x1U) /**< Operation Done */
+#define XSECURE_CSU_RSA_STATUS_BUSY		(0x2U) /**< RSA busy */
+#define XSECURE_CSU_RSA_STATUS_ERROR	(0x4U) /**< Error */
+#define XSECURE_CSU_RSA_STATUS_PROG_CNT	(0xF8U)  /**< Progress Counter */
 /* @}*/
 
-#define XSECURE_CSU_RSA_RAM_EXPO		 (0U) /**< bit for RSA RAM Exponent */
-#define XSECURE_CSU_RSA_RAM_MOD			 (1U) /**< bit for RSA RAM modulus */
-#define XSECURE_CSU_RSA_RAM_DIGEST		 (2U) /**< bit for RSA RAM Digest */
-#define XSECURE_CSU_RSA_RAM_SPAD		 (3U) /**< bit for RSA RAM SPAD */
-#define XSECURE_CSU_RSA_RAM_RES_Y		 (4U) /**< bit for RSA RAM Result(Y) */
-#define XSECURE_CSU_RSA_RAM_RES_Q		 (5U) /**< bit for RSA RAM Result(Q) */
+#define XSECURE_CSU_RSA_RAM_EXPO	(0U) /**< bit for RSA RAM Exponent */
+#define XSECURE_CSU_RSA_RAM_MOD		(1U) /**< bit for RSA RAM modulus */
+#define XSECURE_CSU_RSA_RAM_DIGEST	(2U) /**< bit for RSA RAM Digest */
+#define XSECURE_CSU_RSA_RAM_SPAD	(3U) /**< bit for RSA RAM SPAD */
+#define XSECURE_CSU_RSA_RAM_RES_Y	(4U) /**< bit for RSA RAM Result(Y) */
+#define XSECURE_CSU_RSA_RAM_RES_Q	(5U) /**< bit for RSA RAM Result(Q) */
 
-#define XSECURE_CSU_RSA_RAM_WORDS		 (6U) /**< Total Locations in RSA RAM */
+#define XSECURE_CSU_RSA_RAM_WORDS	(6U) /**< Total Locations in RSA RAM */
 
-#define XSECURE_RSA_FAILED                0x1U /**< RSA Failed Error Code */
+#define XSECURE_RSA_FAILED		0x1U /**< RSA Failed Error Code */
 
-#define XSECURE_HASH_TYPE_SHA3				 (48U) /**< SHA-3 hash size */
-#define XSECURE_HASH_TYPE_SHA2				 (32U)/**< SHA-2 hash size */
-#define XSECURE_FSBL_SIG_SIZE				 (512U) /**< FSBL signature size */
+#define XSECURE_HASH_TYPE_SHA3		(48U) /**< SHA-3 hash size */
+#define XSECURE_HASH_TYPE_SHA2		(32U)/**< SHA-2 hash size */
+#define XSECURE_FSBL_SIG_SIZE		(512U) /**< FSBL signature size */
 
 /***************************** Type Definitions ******************************/
 /**
@@ -148,7 +148,6 @@ extern "C" {
  */
 typedef struct {
 	u32 BaseAddress; /**< Device Base Address */
-	u8* EncText; /**< Data to be Encrypted */
 	u8* Mod; /**< Modulus */
 	u8* ModExt; /**< Precalc. R sq. mod N */
 	u8* ModExpo; /**< Exponent */
@@ -156,21 +155,15 @@ typedef struct {
 
 /***************************** Function Prototypes ***************************/
 
-/*
- *  Initialization
- */
-s32  XSecure_RsaInitialize(XSecure_Rsa *InstancePtr, u8* EncText,
-									u8 *Mod, u8 *ModExt, u8 *ModExpo);
+/* Initialization */
+s32  XSecure_RsaInitialize(XSecure_Rsa *InstancePtr, u8 *Mod, u8 *ModExt,
+				u8 *ModExpo);
 
-/*
- * RSA Decryption
- */
-s32 XSecure_RsaDecrypt(XSecure_Rsa *InstancePtr, u8* Result);
+/* RSA Decryption */
+s32 XSecure_RsaDecrypt(XSecure_Rsa *InstancePtr, u8* EncText, u8* Result);
 
-/*
- * RSA Signature Validation, assuming PKCS padding
- */
-u32 XSecure_RsaCheckPadding(u8 *Signature, u8 *Hash, u32 HashLen);
+/* RSA Signature Validation, assuming PKCS padding */
+u32 XSecure_RsaSignVerification(u8 *Signature, u8 *Hash, u32 HashLen);
 
 #ifdef __cplusplus
 extern "C" }