stv0g/embeddedsw
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

sw_apps:zynqmp_fsbl: Added support for image decryption

Browse source 
Support for decryption of images added.
Authentication and decryption now use secure library APIs.
csu dma driver APIs are used now.

Signed-off-by: Sarat Chand Savitala <saratcha@xilinx.com>
Acked-by: Krishna Chaitanya Patakamuri <kpataka@xilinx.com>
This commit is contained in:
Sarat Chand Savitala 2015-04-21 19:28:06 +05:30 committed by Nava kishore Manne
parent 2ffa12ed7c
commit 91f8d3bf88
11 changed files with 245 additions and 916 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

255
lib/sw_apps/zynqmp_fsbl/src/xfsbl_authentication.c
View file

@ -56,6 +56,9 @@ const u8 XFsbl_TPadSha2[] = {0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60,
0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
0x01, 0x05, 0x00, 0x04, 0x20 };
u32 CheckSum = 0U;
static XSecure_Rsa SecureRsa;
/*****************************************************************************/
/**
* Configure the RSA and SHA for the SPK
@ -78,18 +81,19 @@ u32 XFsbl_SpkVer(u64 AcOffset, u32 HashLen)
u8 * AcPtr = (u8*) (PTRSIZE) AcOffset;
u32 Status = XFSBL_SUCCESS;
void * ShaCtx = (void * )NULL;
u8 XFsbl_RsaSha3Array[512];
#ifdef XFSBL_SHA2
sha2_context ShaCtxObj;
ShaCtx = &ShaCtxObj;
#endif
(void)XFsbl_ShaStart( ShaCtx, HashLen);
(void)XFsbl_ShaStart(ShaCtx, HashLen);
/**
* Hash the PPK + SPK choice
*/
XFsbl_ShaUpdate( ShaCtx, AcPtr, 8, HashLen);
/* Hash the PPK + SPK choice */
XFsbl_ShaUpdate(ShaCtx, AcPtr, 8, HashLen);
/**
* Set PPK pointer
*/
/* Set PPK pointer */
AcPtr += XFSBL_RSA_AC_ALIGN;
PpkModular = (u8 *)AcPtr;
AcPtr += XFSBL_SPK_SIG_SIZE;
@ -101,23 +105,21 @@ u32 XFsbl_SpkVer(u64 AcOffset, u32 HashLen)
XFsbl_Printf(DEBUG_DETAILED,
"XFsbl_SpkVer: Ppk Mod %0x, Ppk Mod Ex %0x, Ppk Exp %0x\r\n",
PpkModular, PpkModularEx, PpkExp);
/**
* Calculate SPK + Auth header(PPK and SPK Selectoin both) Hash
*/
XFsbl_ShaUpdate( ShaCtx, (u8 *)AcPtr, XFSBL_PPK_SIZE, HashLen);
XFsbl_ShaFinish( ShaCtx, (u8 *)SpkHash, HashLen);
/**
* Set SPK Signature pointer
*/
/* Calculate SPK + Auth header(PPK and SPK Selectoin both) Hash */
XFsbl_ShaUpdate(ShaCtx, (u8 *)AcPtr, XFSBL_PPK_SIZE, HashLen);
XFsbl_ShaFinish(ShaCtx, (u8 *)SpkHash, HashLen);
/* Set SPK Signature pointer */
AcPtr += XFSBL_SPK_SIZE;
/**
* Decrypt SPK Signature.
*/
XSecure_RsaInitialize(&SecureRsa, AcPtr, PpkModular,
PpkModularEx, (u8 *)&PpkExp);
/* Decrypt SPK Signature */
if(XFSBL_SUCCESS !=
XFsbl_RsaDecrypt(AcPtr, PpkModular,
PpkModularEx, (u8 *)&PpkExp, XFsbl_RsaSha3Array, 0) )
XSecure_RsaDecrypt(&SecureRsa, XFsbl_RsaSha3Array))
{
XFsbl_Printf(DEBUG_GENERAL,
"XFsbl_SpkVer: XFSBL_ERROR_SPK_RSA_DECRYPT\r\n");
@ -125,11 +127,9 @@ u32 XFsbl_SpkVer(u64 AcOffset, u32 HashLen)
goto END;
}
/**
* Authenticate SPK Signature.
*/
if(XFSBL_SUCCESS != XFsbl_CheckPadding(XFsbl_RsaSha3Array,
SpkHash, HashLen))
/* Authenticate SPK Signature */
if(XFSBL_SUCCESS != XSecure_RsaCheckPadding(XFsbl_RsaSha3Array,
SpkHash, HashLen))
{
XFsbl_PrintArray(DEBUG_INFO, SpkHash,
HashLen, "Calculated Partition Hash");
@ -158,7 +158,7 @@ END:
*
******************************************************************************/
u32 XFsbl_PartitionSignVer(u64 PartitionOffset, u32 PartitionLen,
u64 AcOffset, u32 HashLen)
u64 AcOffset, u32 HashLen)
{
u8 PartitionHash[XFSBL_HASH_TYPE_SHA3] __attribute__ ((aligned (4)));
@ -168,18 +168,24 @@ u32 XFsbl_PartitionSignVer(u64 PartitionOffset, u32 PartitionLen,
u8 * AcPtr = (u8*)(PTRSIZE) AcOffset;
u32 Status = XFSBL_SUCCESS;
u32 HashDataLen=0U;
u8 XFsbl_RsaSha3Array[512];
XFsbl_Printf(DEBUG_INFO,"Doing Partition Sign verification\r\n");
/* Reset CSU DMA. This is a workaround and need to be removed */
XCsuDma_Reset();
/**
* hash to be calculated will be total length with AC minus
* signature size
*/
HashDataLen = PartitionLen - XFSBL_FSBL_SIG_SIZE;
/**
* Set SPK pointer
*/
/* Calculate Partition Hash */
XFsbl_ShaDigest((const u8 *)(PTRSIZE)PartitionOffset,
HashDataLen, PartitionHash, HashLen);
/* Set SPK pointer */
AcPtr += (XFSBL_RSA_AC_ALIGN + XFSBL_PPK_SIZE);
SpkModular = (u8 *)AcPtr;
AcPtr += XFSBL_BHDR_SIG_SIZE;
@ -188,31 +194,23 @@ u32 XFsbl_PartitionSignVer(u64 PartitionOffset, u32 PartitionLen,
SpkExp = *((u32 *)AcPtr);
AcPtr += XFSBL_RSA_AC_ALIGN;
/**
* Calculate Partition Hash
*/
XFsbl_ShaDigest((const u8 *)(PTRSIZE)PartitionOffset, HashDataLen,
PartitionHash, HashLen);
/**
* Increment by SPK Signature pointer
*/
/* Increment by SPK Signature pointer */
AcPtr += XFSBL_SPK_SIG_SIZE;
/**
* Increment by BHDR Signature pointer
*/
/* Increment by BHDR Signature pointer */
AcPtr += XFSBL_BHDR_SIG_SIZE;
XFsbl_Printf(DEBUG_DETAILED,
"XFsbl_PartVer: Spk Mod %0x, Spk Mod Ex %0x, Spk Exp %0x\r\n",
SpkModular, SpkModularEx, SpkExp);
/**
* Decrypt Partition Signature.
*/
XFsbl_Printf(DEBUG_INFO,
"Partition Verification done \r\n");
XSecure_RsaInitialize(&SecureRsa, AcPtr, SpkModular,
SpkModularEx, (u8 *)&SpkExp);
/* Decrypt Partition Signature. */
if(XFSBL_SUCCESS !=
XFsbl_RsaDecrypt(AcPtr, SpkModular,
SpkModularEx, (u8 *)&SpkExp, XFsbl_RsaSha3Array, 0) )
XSecure_RsaDecrypt(&SecureRsa, XFsbl_RsaSha3Array))
{
XFsbl_Printf(DEBUG_GENERAL,
"XFsbl_SpkVer: XFSBL_ERROR_PART_RSA_DECRYPT\r\n");
@ -220,10 +218,8 @@ u32 XFsbl_PartitionSignVer(u64 PartitionOffset, u32 PartitionLen,
goto END;
}
/**
* Authenticate Partition Signature.
*/
if(XFSBL_SUCCESS != XFsbl_CheckPadding(XFsbl_RsaSha3Array,
/* Authenticate Partition Signature */
if(XFSBL_SUCCESS != XSecure_RsaCheckPadding(XFsbl_RsaSha3Array,
PartitionHash, HashLen))
{
XFsbl_PrintArray(DEBUG_INFO, PartitionHash,
@ -231,7 +227,7 @@ u32 XFsbl_PartitionSignVer(u64 PartitionOffset, u32 PartitionLen,
XFsbl_PrintArray(DEBUG_INFO, XFsbl_RsaSha3Array,
512, "RSA decrypted Hash");
XFsbl_Printf(DEBUG_GENERAL,
"XFsbl_SpkVer: XFSBL_ERROR_PART_SIGNATURE\r\n");
"XFsbl_PartVer: XFSBL_ERROR_PART_SIGNATURE\r\n");
Status = XFSBL_ERROR_PART_SIGNATURE;
goto END;
}
@ -240,145 +236,6 @@ END:
return Status;
}
/*****************************************************************************/
/**
* DT 764500(Add feature for basic integrity check of
the FSBL Image by FSBL.)
*
* @param
*
* @return
*
******************************************************************************/
u32 XFsbl_IntegrityCheck(u64 PartitionOffset, u32 PartitionLen,
u64 CheckSumOffset, u32 HashLen)
{
u32 Status = XFSBL_SUCCESS;
u8 PartitionHash[XFSBL_HASH_TYPE_SHA3] __attribute__ ((aligned (4)));
u32 ii=0;
u8 *HashPtr = (u8 *)NULL;
void * ShaCtx = (void * )NULL;
XFsbl_Printf(DEBUG_INFO,"XFsbl_IntegrityCheck: Doing Partition"
" Integrity Check HashLen=%d\r\n",HashLen);
HashPtr = (u8 *)(PTRSIZE)CheckSumOffset;
(void)XFsbl_ShaStart(ShaCtx, HashLen);
/**
* Calculate FSBL Hash
*/
XFsbl_ShaUpdate( ShaCtx, (u8 *)(PTRSIZE)PartitionOffset,
PartitionLen, HashLen);
XFsbl_ShaFinish( ShaCtx, (u8 *)PartitionHash, HashLen);
/**
* Compare the calculated and builtin hash
*/
for (ii = 0; ii < HashLen; ii++)
{
if (HashPtr[ii] != PartitionHash[ii])
{
Status = XFSBL_FAILURE;
XFsbl_Printf(DEBUG_INFO,"Check Failed!!!!!\r\n");
goto END;
}
}
XFsbl_Printf(DEBUG_INFO,"Check Passed!!!!!\r\n");
END:
return Status;
}
/*****************************************************************************/
/**
*
* @param
*
* @return
*
******************************************************************************/
u32 XFsbl_CheckPadding(u8 *Signature, u8 *Hash, u32 HashLen)
{
u8 * Tpadding = (u8 *)NULL;
u32 Pad = XFSBL_FSBL_SIG_SIZE - 3 - 19 - HashLen;
u8 * PadPtr = Signature;
u32 ii;
u32 Status = 0;
if(XFSBL_HASH_TYPE_SHA3 == HashLen)
{
Tpadding = (u8 *)XFsbl_TPadSha3;
}
else
{
Tpadding = (u8 *)XFsbl_TPadSha2;
}
/**
* Re-Create PKCS#1v1.5 Padding
* MSB ----------------------------------------------------------------LSB
* 0x0 || 0x1 || 0xFF(for 202 bytes) || 0x0 || T_padding || SHA256/384 Hash
*/
if (0x00 != *PadPtr)
{
Status = 1;
goto END;
}
PadPtr++;
if (0x01 != *PadPtr)
{
Status = 2;
goto END;
}
PadPtr++;
for (ii = 0; ii < Pad; ii++)
{
if (0xFF != *PadPtr)
{
Status = 3;
goto END;
}
PadPtr++;
}
if (0x00 != *PadPtr)
{
Status = 4;
goto END;
}
PadPtr++;
for (ii = 0; ii < 19; ii++)
{
if (*PadPtr != Tpadding[ii])
{
Status = 5;
goto END;
}
PadPtr++;
}
for (ii = 0; ii < HashLen; ii++)
{
if (*PadPtr != Hash[ii])
{
Status = 6;
goto END;
}
PadPtr++;
}
END:
XFsbl_Printf(DEBUG_INFO,"XFsbl_CheckPadding: Error:0x%x\r\n",Status);
return Status;
}
/*****************************************************************************/
/**
*
@ -387,8 +244,8 @@ END:
* @return None
*
******************************************************************************/
u32 XFsbl_Authentication(u64 PartitionOffset, u32 PartitionLen,
u64 AcOffset, u32 HashLen)
u32 XFsbl_Authentication(XFsblPs * FsblInstancePtr, u64 PartitionOffset,
u32 PartitionLen, u64 AcOffset, u32 HashLen)
{
u32 Status = XFSBL_SUCCESS;
@ -399,20 +256,18 @@ u32 XFsbl_Authentication(u64 PartitionOffset, u32 PartitionLen,
(PTRSIZE )PartitionOffset, PartitionLen,
(PTRSIZE )AcOffset, HashLen);
/**
* Do SPK Signature verification using PPK
*/
/* Do SPK Signature verification using PPK */
Status = XFsbl_SpkVer(AcOffset, HashLen);
if(XFSBL_SUCCESS != Status)
{
goto END;
}
/**
* Do Partition Signature verification using SPK
*/
/* Do Partition Signature verification using SPK */
Status = XFsbl_PartitionSignVer(PartitionOffset, PartitionLen,
AcOffset, HashLen);
AcOffset, HashLen);
if(XFSBL_SUCCESS != Status)
{
goto END;

35
lib/sw_apps/zynqmp_fsbl/src/xfsbl_authentication.h
View file

@ -50,7 +50,19 @@ extern "C" {
/***************************** Include Files *********************************/
#include "xfsbl_hw.h"
#include "xfsbl_main.h"
#ifdef XFSBL_RSA
#include "xsecure_sha.h"
#include "xsecure_rsa.h"
#endif
#ifdef XFSBL_AES
#include "xsecure_aes.h"
#endif
#include "xcsudma.h"
#include "xparameters.h"
#ifdef XFSBL_SHA2
#include "xilrsa.h"
#endif
/***************************** Type defines *********************************/
#define XFSBL_HASH_TYPE_SHA3 (48U)
#define XFSBL_HASH_TYPE_SHA2 (32U)
@ -78,7 +90,7 @@ extern "C" {
#define XFSBL_AUTH_CERT_MAX_SIZE (XFSBL_AUTH_CERT_MIN_SIZE + 60)
#define XFSBL_PARTIAL_AC_SIZE (XFSBL_AUTH_CERT_MIN_SIZE - XFSBL_FSBL_SIG_SIZE)
#define XFSBL_PARTIAL_AC_SIZE (XFSBL_AUTH_CERT_MIN_SIZE - XFSBL_FSBL_SIG_SIZE)
/**
* CSU RSA Register Map
@ -90,7 +102,8 @@ extern "C" {
#define XFSBL_CSU_RSA_CONTROL_NOP (0x00U)
#define XFSBL_CSU_RSA_CONTROL_EXP (0x01U)
#define XFSBL_CSU_RSA_CONTROL_EXP_PRE (0x05U)
#define XFSBL_CSU_RSA_CONTROL_MASK (XFSBL_CSU_RSA_CONTROL_4096 + XFSBL_CSU_RSA_CONTROL_EXP_PRE)
#define XFSBL_CSU_RSA_CONTROL_MASK (XFSBL_CSU_RSA_CONTROL_4096 \
+ XFSBL_CSU_RSA_CONTROL_EXP_PRE)
#define XFSBL_CSU_RSA_RAM_EXPO (0)
#define XFSBL_CSU_RSA_RAM_MOD (1)
@ -109,21 +122,23 @@ extern "C" {
#define XFSBL_SHA3_LAST_PACKET (0x1)
u32 XFsbl_Authentication(u64 PartitionOffset, u32 PartitionLen,
u64 AcOffset, u32 HashLen);
#ifdef XFSBL_RSA
u32 XFsbl_Authentication(XFsblPs * FsblInstancePtr, u64 PartitionOffset,
u32 PartitionLen, u64 AcOffset, u32 HashLen);
u32 XFsbl_PartitionSignVer(u64 PartitionOffset, u32 PartitionLen,
u64 AcOffset, u32 HashLen);
u64 AcOffset, u32 HashLen);
u32 XFsbl_SpkVer(u64 AcOffset, u32 HashLen);
//u32 XFsbl_IntegrityCheck(XCbrBootRom *InstancePtr);
u32 XFsbl_CheckPadding(u8 *Signature, u8 *Hash, u32 HashLen);
u32 XFsbl_RsaDecrypt(u8* EncText, u8* Mod, u8* ModExt, u8* ModExpo, u8* Result, u8 Reuse);
void XFsbl_ShaDigest(const u8 *In, const u32 Size, u8 *Out, u32 HashLen);
void XFsbl_ShaStart( void * Ctx, u32 HashLen);
void XFsbl_ShaStart(void * Ctx, u32 HashLen);
void XFsbl_ShaUpdate(void * Ctx, u8 * Data, u32 Size, u32 HashLen);
void XFsbl_ShaFinish(void * Ctx, u8 * Hash, u32 HashLen);
#endif
extern XCsuDma CsuDma; /* CSU DMA instance */
extern u8 XFsbl_RsaSha3Array[512];
#ifdef __cplusplus
extern "C" }
#endif

9
lib/sw_apps/zynqmp_fsbl/src/xfsbl_config.h
View file

@ -116,12 +116,15 @@ extern "C" {
* - FSBL_NAND_EXCLUDE NAND code will be excluded
* - FSBL_QSPI_EXCLUDE QSPI code will be excluded
* - FSBL_SD_EXCLUDE SD code will be excluded
* - FSBL_RSA_EXCLUDE RSA code will be excluded
* - FSBL_RSA_EXCLUDE RSA (authentication) code will be excluded
* - FSBL_AES_EXCLUDE AES (decryption) code will be excluded
* - FSBL_SHA2_EXCLUDE SHA2 code will be excluded
*/
#define FSBL_NAND_EXCLUDE_VAL (0U)
#define FSBL_QSPI_EXCLUDE_VAL (0U)
#define FSBL_SD_EXCLUDE_VAL (0U)
#define FSBL_RSA_EXCLUDE_VAL (0U)
#define FSBL_AES_EXCLUDE_VAL (0U)
#define FSBL_SHA2_EXCLUDE_VAL (1U)
#if FSBL_NAND_EXCLUDE_VAL
@ -140,6 +143,10 @@ extern "C" {
#define FSBL_RSA_EXCLUDE
#endif
#if FSBL_AES_EXCLUDE_VAL
#define FSBL_AES_EXCLUDE
#endif
#if FSBL_SHA2_EXCLUDE_VAL
#define FSBL_SHA2_EXCLUDE
#endif

131
lib/sw_apps/zynqmp_fsbl/src/xfsbl_csu_dma.c
View file

@ -34,7 +34,7 @@
*
* @file xfsbl_csu_dma.c
*
* This contains code for the CSU DMA driver.
* Contains code for the CSU DMA intialization
*
* <pre>
* MODIFICATION HISTORY:
@ -50,6 +50,7 @@
******************************************************************************/
/***************************** Include Files *********************************/
#include "xcsudma.h"
#include "xfsbl_csu_dma.h"
/************************** Constant Definitions *****************************/
@ -60,123 +61,37 @@
/************************** Function Prototypes ******************************/
/************************** Variable Definitions *****************************/
XCsuDma CsuDma;
/*****************************************************************************/
/**
*
* This function will configure dst/src DMA address
* and size and also start the CSU DMA.
* This function is used to initialize the DMA driver
*
* @param None
*
* @return None
* @return returns the error codes described in xfsbl_error.h on any error
* returns XFSBL_SUCCESS on success
*
******************************************************************************/
void XFsbl_CsuDmaStart(XFSBL_CSU_DMA_CHANNEL Channel, u32 Addr, u32 Size)
*****************************************************************************/
u32 XFsbl_CsuDmaInit()
{
XASSERT_VOID((Addr & 3) == 0);
u32 Status = XFSBL_SUCCESS;
XCsuDma_Config * CsuDmaConfig;
if(XFSBL_CSU_DMA_SRC == Channel)
{
XASSERT_VOID((Size & 2) == 0);
}
else
{
XASSERT_VOID((Size & 3) == 0);
CsuDmaConfig = XCsuDma_LookupConfig(0);
if (NULL == CsuDmaConfig) {
XFsbl_Printf(DEBUG_GENERAL, "XFSBL_ERROR_CSUDMA_INIT_FAIL \n\r");
Status = XFSBL_ERROR_CSUDMA_INIT_FAIL;
goto END;
}
XFsbl_Out32(CSUDMA_BASEADDR + Channel + XFSBL_CSU_DMA_ADDR_REG, Addr);
/**
* Writes to SIZE to start the channel, this starts
* the DMA.
*/
/** ASM Code */
mb();
XFsbl_Out32(CSUDMA_BASEADDR + Channel + XFSBL_CSU_DMA_SIZE_REG, Size);
}
/*****************************************************************************/
/**
*
* This function will stop/pause the CSU DMA.
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_CsuDmaStop(u32 Flags)
{
/**
* This function is TBD.
*/
}
/*****************************************************************************/
/**
*
* This function will wait for CSU DMA done.
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_CsuDmaWaitForDone(XFSBL_CSU_DMA_CHANNEL Channel)
{
volatile u32 Status = 0;
/** ASM Code */
mb();
/* Busy wait for the DMA. */
/**
* TBD: May need to have some timeout for this loop.
*/
do
{
Status = XFsbl_In32(CSUDMA_BASEADDR + Channel +
XFSBL_CSU_DMA_STATUS_REG);
} while (Status & XFSBL_CSU_DMA_STATUS_BUSY);
}
/*****************************************************************************/
/**
*
* This function will start the dma transfer
* and wait for DST DMA done.
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_CsuDmaXfer(u32 SrcAddr, u32 DestAddr, u32 ImgLen)
{
XFsbl_Printf(DEBUG_INFO,"In XCbr_CsuDmaXfer: SrcAddr:0x%x "
"DestAddr:0x%x ImgLen:0x%x\r\n",SrcAddr,DestAddr,ImgLen);
XFsbl_CsuDmaStart(XFSBL_CSU_DMA_DST, DestAddr, ((ImgLen/4) << 2) );
/**
* In case of PSTP, the Src DMA channel is not used.
* For this function SrcAddr == 0 means we are calling
* this function for PS_TEST boot mode
*/
if(0 != SrcAddr)
{
XFsbl_CsuDmaStart(XFSBL_CSU_DMA_SRC, SrcAddr, (ImgLen/4) << 2);
XFsbl_CsuDmaWaitForDone(XFSBL_CSU_DMA_SRC);
Status = XCsuDma_CfgInitialize(&CsuDma, CsuDmaConfig,
CsuDmaConfig->BaseAddress);
if (Status != XFSBL_SUCCESS) {
XFsbl_Printf(DEBUG_GENERAL, "XFSBL_ERROR_CSUDMA_INIT_FAIL \n\r");
Status = XFSBL_ERROR_CSUDMA_INIT_FAIL;
goto END;
}
/**
* TBD: Need to enhance this to return
* timeout error
*/
XFsbl_CsuDmaWaitForDone(XFSBL_CSU_DMA_DST);
END:
return Status;
}

210
lib/sw_apps/zynqmp_fsbl/src/xfsbl_csu_dma.h
View file

@ -35,7 +35,7 @@
*
* @file xcbr_csu_dma.h
*
* Contains enums/typedefs and macros for CSU DMA driver.
* Contains declarations for CSU DMA initialization
*
* <pre>
* MODIFICATION HISTORY:
@ -59,217 +59,13 @@ extern "C" {
/***************************** Include Files *********************************/
#include "xfsbl_hw.h"
/**************************** Macros Definitions *****************************/
#define XASSERT_VOID(expression)
#define mb() asm("dsb sy")
u8 XFsbl_RsaSha3Array[512];
/**************************** Type Definitions *******************************/
/**
* Definition for DMA channels.
*/
typedef enum
{
XFSBL_CSU_DMA_SRC = 0x000U,
XFSBL_CSU_DMA_DST = 0x800U
}XFSBL_CSU_DMA_CHANNEL;
/**
* Definition for DMA registers.
*/
typedef enum
{
XFSBL_CSU_DMA_ADDR_REG = 0x00U,
XFSBL_CSU_DMA_SIZE_REG = 0x04U,
XFSBL_CSU_DMA_STATUS_REG = 0x08U,
XFSBL_CSU_DMA_CTRL_REG = 0x0CU,
XFSBL_CSU_DMA_CRC_REG = 0x10U,
XFSBL_CSU_DMA_INT_STATUS_REG = 0x14U,
XFSBL_CSU_DMA_INT_ENABLE_REG = 0x18U,
XFSBL_CSU_DMA_INT_DISABLE_REG = 0x1CU,
XFSBL_CSU_DMA_INT_MASK_REG = 0x20U,
}XFSBL_CSU_DMA_REG_OFFSET;
/**
* Definition for DMA EOP.
*/
enum
{
XFSBL_CSU_DMA_SIZE_EOP = 0x1U
};
/**
* Definition for DMA Status reg bits.
*/
typedef enum
{
XFSBL_CSU_DMA_STATUS_BUSY = (0x1U << 0x0U),
XFSBL_CSU_DMA_STATUS_DONE_CNT_SHIFT = (13U),
XFSBL_CSU_DMA_STATUS_DONE_CNT_MASK = (0x7U << XFSBL_CSU_DMA_STATUS_DONE_CNT_SHIFT)
}XFSBL_CSU_DMA_STATUS;
/**
* Definition for DMA Control reg bits.
*/
typedef enum
{
XFSBL_CSU_DMA_CTRL_PAUSE_MEM = (0x1U << 0x0U),
XFSBL_CSU_DMA_CTRL_PAUSE_STREAM = (0x1U << 0x1U),
XFSBL_CSU_DMA_CTRL_FIFO_THRESH_SHIFT = 0x2U,
XFSBL_CSU_DMA_CTRL_TIMEOUT_SHIFT = 10U,
XFSBL_CSU_DMA_CTRL_AXI_BURST_INCR = (0x0U << 22U),
XFSBL_CSU_DMA_CTRL_AXI_BURST_FIXED = (0x1U << 22U),
XFSBL_CSU_DMA_CTRL_ENDIANNESS = (0x1U << 23U),
XFSBL_CSU_DMA_CTRL_ERR_RESPONSE = (0x1U << 24U),
XFSBL_CSU_DMA_CTRL_IF_FIFO_THRESH_SHIFT = 25U
}XFSBL_CSU_DMA_CTRL;
/**
* Definition for DMA Interrupt reg bits.
*/
typedef enum
{
XFSBL_CSU_DMA_INT_INVALID_APB_ACCESS = (0x1U << 0x5U),
XFSBL_CSU_DMA_INT_FIFO_THRESH_HIT = (0x1U << 0x4U),
XFSBL_CSU_DMA_INT_DMA_TIMEOUT = (0x1U << 0x3U),
XFSBL_CSU_DMA_INT_AXI_RD__ERR = (0x1U << 0x2U),
XFSBL_CSU_DMA_INT_DMA_DONE = (0x1U << 0x1U),
XFSBL_CSU_DMA_INT_DMA_MEM_DONE = (0x1U << 0x0U)
}XFSBL_CSU_DMA_INT;
/*
* Definition for SSS reg Source bits.
*/
typedef enum
{
XFSBL_CSU_SSS_SRC_PCAP = 0x3U,
XFSBL_CSU_SSS_SRC_SRC_DMA = 0x5U,
XFSBL_CSU_SSS_SRC_AES = 0xAU,
XFSBL_CSU_SSS_SRC_PSTP = 0xCU,
XFSBL_CSU_SSS_SRC_NONE = 0x0U,
XFSBL_CSU_SSS_SRC_MASK = 0xFU
}XFSBL_CSU_SSS_SRC;
/**
* Definition for SSS reg Destination bits.
*/
typedef enum
{
XFSBL_CSU_SSS_PCAP_SHIFT = 0U,
XFSBL_CSU_SSS_DMA_SHIFT = 4U,
XFSBL_CSU_SSS_AES_SHIFT = 8U,
XFSBL_CSU_SSS_SHA_SHIFT = 12U,
XFSBL_CSU_SSS_PSTP_SHIFT = 16U
}XFSBL_CSU_SSS_DEST_SHIFT;
/**************************** Macros Definitions *****************************/
/**
* Definition for DMA inline functions
*/
static inline void XFsbl_DmaControl(XFSBL_CSU_DMA_CHANNEL Channel, u32 Val)
{
XFsbl_Out32((CSUDMA_BASEADDR + Channel + XFSBL_CSU_DMA_CTRL_REG), Val);
}
static inline void XFsbl_DmaEndian(XFSBL_CSU_DMA_CHANNEL Channel, u32 Enable)
{
u32 Value = XFsbl_In32(CSUDMA_BASEADDR + Channel + XFSBL_CSU_DMA_CTRL_REG);
if(Enable)
{
Value |= XFSBL_CSU_DMA_CTRL_ENDIANNESS;
}
else
{
Value &= ~XFSBL_CSU_DMA_CTRL_ENDIANNESS;
}
XFsbl_Out32((CSUDMA_BASEADDR + Channel + XFSBL_CSU_DMA_CTRL_REG), Value);
}
static inline int XFsbl_DmaIsBusy(XFSBL_CSU_DMA_CHANNEL Channel)
{
return (XFsbl_In32(CSUDMA_BASEADDR + Channel + XFSBL_CSU_DMA_STATUS_REG) &
XFSBL_CSU_DMA_STATUS_BUSY);
}
static inline unsigned int XFsbl_DmaDoneCount(XFSBL_CSU_DMA_CHANNEL Channel)
{
u32 Count;
Count = XFsbl_In32(CSUDMA_BASEADDR + Channel + XFSBL_CSU_DMA_STATUS_REG);
Count &= XFSBL_CSU_DMA_STATUS_DONE_CNT_MASK;
Count >>= XFSBL_CSU_DMA_STATUS_DONE_CNT_SHIFT;
return Count;
}
static inline void XFsbl_DmaZeroDoneCount(XFSBL_CSU_DMA_CHANNEL Channel)
{
XFsbl_Out32(CSUDMA_BASEADDR + Channel + XFSBL_CSU_DMA_STATUS_REG,
XFSBL_CSU_DMA_STATUS_DONE_CNT_MASK);
/** ASM Code */
mb();
}
/* The CRC function is only available on SRC channels. */
static inline u32 XFsbl_DmaSrcGetCrc(void)
{
return (XFsbl_In32(CSUDMA_BASEADDR + XFSBL_CSU_DMA_SRC +
XFSBL_CSU_DMA_CRC_REG));
}
static inline void XFsbl_DmaSrcSetCrc(u32 Crc)
{
XFsbl_Out32(CSUDMA_BASEADDR + XFSBL_CSU_DMA_SRC +
XFSBL_CSU_DMA_CRC_REG, Crc);
/** ASM Code */
mb();
}
void XFsbl_CsuDmaWaitForDone(XFSBL_CSU_DMA_CHANNEL Channel);
void XFsbl_CsuDmaStart(XFSBL_CSU_DMA_CHANNEL Channel, u32 Addr, u32 Size);
void XFsbl_CsuDmaXfer(u32 SrcAddr, u32 DestAddr, u32 ImgLen);
/**
* Definition for SSS inline functions
*/
static inline u32 XFsbl_SssInputPcap(XFSBL_CSU_SSS_SRC Src)
{
Src &= XFSBL_CSU_SSS_SRC_MASK;
return (Src << XFSBL_CSU_SSS_PCAP_SHIFT);
}
static inline u32 XFsbl_SssInputDstDma(XFSBL_CSU_SSS_SRC Src)
{
Src &= XFSBL_CSU_SSS_SRC_MASK;
return (Src << XFSBL_CSU_SSS_DMA_SHIFT);
}
static inline u32 XFsbl_SssInputAes(XFSBL_CSU_SSS_SRC Src)
{
Src &= XFSBL_CSU_SSS_SRC_MASK;
return (Src << XFSBL_CSU_SSS_AES_SHIFT);
}
static inline u32 XFsbl_SssInputSha3(XFSBL_CSU_SSS_SRC Src)
{
Src &= XFSBL_CSU_SSS_SRC_MASK;
return (Src << XFSBL_CSU_SSS_SHA_SHIFT);
}
static inline u32 XFsbl_SssInputPstp(XFSBL_CSU_SSS_SRC Src)
{
Src &= XFSBL_CSU_SSS_SRC_MASK;
return (Src << XFSBL_CSU_SSS_PSTP_SHIFT);
}
static inline void XFsbl_SssSetup(u32 Cfg)
{
XFsbl_Out32(CSU_CSU_SSS_CFG, Cfg);
}
/************************** Function Prototypes ******************************/
u32 XFsbl_CsuDmaInit();
#endif /* XFSBL_CSU_DMA_H*/

12
lib/sw_apps/zynqmp_fsbl/src/xfsbl_error.h
View file

@ -139,13 +139,23 @@ extern "C" {
#define XFSBL_ERROR_NAND_INIT (0x2CU)
#define XFSBL_ERROR_NAND_READ (0x2DU)
#define XFSBL_ERROR_ADDRESS (0x2EU)
#define XFSBL_ERROR_RSA_NOT_ENABLED (0x2DU)
#define XFSBL_ERROR_SPK_RSA_DECRYPT (0x2FU)
#define XFSBL_ERROR_SPK_SIGNATURE (0x30U)
#define XFSBL_ERROR_PART_RSA_DECRYPT (0x31U)
#define XFSBL_ERROR_PART_SIGNATURE (0x32U)
#define XFSBL_ERROR_DDR_INIT_FAIL (0x33U)
#define XFSBL_ERROR_CSUDMA_INIT_FAIL (0x34U)
#define XFSBL_ERROR_DECRYPTION_IV_COPY_FAIL (0x35U)
#define XFSBL_ERROR_DECRYPTION_FAIL (0x36U)
#define XFSBL_ERROR_BITSTREAM_LOAD_FAIL (0x37U)
#define XFSBL_ERROR_BITSTREAM_GCM_TAG_MISMATCH (0x38U)
#define XFSBL_ERROR_DECRYPTION_IMAGE_LENGTH_MISMATCH (0x39U)
#define XFSBL_ERROR_BITSTREAM_DECRYPTION_FAIL (0x40U)
#define XFSBL_ERROR_DECRYPTION_FAILED (0x41U)
#define XFSBL_ERROR_RSA_NOT_ENABLED (0x42U)
#define XFSBL_ERROR_AES_NOT_ENABLED (0x43U)
#define XFSBL_FAILURE (0x3FFU)
/**************************** Type Definitions *******************************/

13
lib/sw_apps/zynqmp_fsbl/src/xfsbl_hw.h
View file

@ -474,6 +474,19 @@ extern "C" {
#define XFSBL_RSA
#endif
/**
* Definition for AES to be included
*/
#if !defined(FSBL_AES_EXCLUDE)
#define XFSBL_AES
#endif
/**
* Definition for SHA2 to be included
*/
#if !defined(FSBL_SHA2_EXCLUDE)
#define XFSBL_SHA2
#endif
#define XFSBL_QSPI_LINEAR_BASE_ADDRESS_START (0xC0000000U)
#define XFSBL_QSPI_LINEAR_BASE_ADDRESS_END (0xDFFFFFFFU)

2
lib/sw_apps/zynqmp_fsbl/src/xfsbl_image_header.h
View file

@ -78,6 +78,8 @@ extern "C" {
#define XIH_BH_IMAGE_ATTRB_RSA_MASK (0xC000U)
#define XIH_BH_IMAGE_ATTRB_SHA2_MASK (0x3000U)
#define XIH_BH_IV_OFFSET (0xA0U)
#define XIH_BH_IV_LENGTH (0x10U)
/**
* Defines for length of the headers

9
lib/sw_apps/zynqmp_fsbl/src/xfsbl_initialization.c
View file

@ -56,8 +56,8 @@
#include "xfsbl_main.h"
#include "xfsbl_misc_drivers.h"
#include "psu_init.h"
#include "xfsbl_qspi.h"
#include "xfsbl_csu_dma.h"
/************************** Constant Definitions *****************************/
#define XFSBL_R5_VECTOR_VALUE 0xEAFEFFFEU
@ -87,6 +87,7 @@ void XFsbl_RegisterHandlers(void);
/************************** Variable Definitions *****************************/
/****************************************************************************/
/**
* This function is used to initialize the FsblInstance with the
@ -442,6 +443,12 @@ static u32 XFsbl_PrimaryBootDeviceInit(XFsblPs * FsblInstancePtr)
goto END;
}
#endif
/* Initialize CSUDMA driver */
Status = XFsbl_CsuDmaInit();
if (XFSBL_SUCCESS != Status) {
goto END;
}
}
switch(BootMode)

71
lib/sw_apps/zynqmp_fsbl/src/xfsbl_partition_load.c
View file

@ -92,6 +92,9 @@ static int IsR5LTcmEccInitialized = FALSE;
u8 TcmVectorArray[32];
u32 TcmSkipLength=0U;
PTRSIZE TcmSkipAddress=0U;
#ifdef XFSBL_AES
static XSecure_Aes SecureAes;
#endif
/*****************************************************************************/
/**
* This function loads the partition
@ -882,12 +885,16 @@ static u32 XFsbl_PartitionValidation(XFsblPs * FsblInstancePtr,
u32 DestinationCpu=0U;
u32 ExecState=0U;
u32 CpuNo=0U;
u32 ImageOffset = 0U;
#ifdef XFSBL_RSA
u32 Length=0U;
u32 HashLen=0U;
u64 LoadAddress=0U;
#endif
u64 LoadAddress=0U;
XFsblPs_PartitionHeader * PartitionHeader;
u32 FsblIv[XIH_BH_IV_LENGTH / 4U];
u32 UnencryptedLength;
u32 IvLocation;
/**
* Update the variables
@ -903,6 +910,25 @@ static u32 XFsbl_PartitionValidation(XFsblPs * FsblInstancePtr,
XIH_PH_ATTRB_ENCRYPTION )
{
IsEncryptionEnabled = TRUE;
#ifdef XFSBL_AES
/* Copy the Iv from Flash into local memory */
IvLocation = ImageOffset + XIH_BH_IV_OFFSET;
Status = FsblInstancePtr->DeviceOps.DeviceCopy(IvLocation,
(PTRSIZE) FsblIv, XIH_BH_IV_LENGTH);
if (Status != XFSBL_SUCCESS) {
XFsbl_Printf(DEBUG_GENERAL,
"XFSBL_ERROR_DECRYPTION_IV_COPY_FAIL \r\n");
Status = XFSBL_ERROR_DECRYPTION_IV_COPY_FAIL;
goto END;
}
#else
XFsbl_Printf(DEBUG_GENERAL,"XFSBL_ERROR_AES_NOT_ENABLED \r\n");
Status = XFSBL_ERROR_AES_NOT_ENABLED;
goto END;
#endif
}
/**
@ -979,19 +1005,16 @@ static u32 XFsbl_PartitionValidation(XFsblPs * FsblInstancePtr,
/**
* Do the authentication validation
*/
Status = XFsbl_Authentication( LoadAddress, Length,
Status = XFsbl_Authentication(FsblInstancePtr, LoadAddress, Length,
(LoadAddress + Length) - XFSBL_AUTH_CERT_MIN_SIZE,
HashLen);
/* cache enable can be removed */
Xil_DCacheEnable();
if (Status != XFSBL_SUCCESS)
{
goto END;
}
#else
XFsbl_Printf(DEBUG_GENERAL,"Rsa code not Enabled\r\n");
XFsbl_Printf(DEBUG_GENERAL,"XFSBL_ERROR_RSA_NOT_ENABLED \r\n");
Status = XFSBL_ERROR_RSA_NOT_ENABLED;
goto END;
#endif
@ -1004,13 +1027,37 @@ static u32 XFsbl_PartitionValidation(XFsblPs * FsblInstancePtr,
(DestinationDevice == XIH_PH_ATTRB_DEST_DEVICE_PMU)) &&
(IsEncryptionEnabled == TRUE))
{
/**
* configure SSS
*/
XFsbl_Printf(DEBUG_INFO, "Decryption Enabled\r\n");
#ifdef XFSBL_AES
/**
* Use CSU DMA and decrypt the image
*/
/* AES expects IV in big endian form */
FsblIv[0] = Xil_Htonl(FsblIv[0]);
FsblIv[1] = Xil_Htonl(FsblIv[1]);
FsblIv[2] = Xil_Htonl(FsblIv[2]);
/* Initialize the Aes Instance so that it's ready to use */
XSecure_AesInitialize(&SecureAes, &CsuDma,
XSECURE_CSU_AES_KEY_SRC_DEV, FsblIv, NULL);
XFsbl_Printf(DEBUG_INFO, " Aes initialized \r\n");
UnencryptedLength = PartitionHeader->UnEncryptedDataWordLength * 4U;
Status = XSecure_AesDecrypt(&SecureAes, (u8 *) LoadAddress,
(u8 *) LoadAddress, UnencryptedLength);
if (Status != XFSBL_SUCCESS) {
Status = XFSBL_ERROR_DECRYPTION_FAILED;
XFsbl_Printf(DEBUG_GENERAL, "XFSBL_ERROR_DECRYPTION_FAILED\r\n");
goto END;
} else {
XFsbl_Printf(DEBUG_GENERAL, "Decryption Successful\r\n");
}
#else
XFsbl_Printf(DEBUG_GENERAL,"XFSBL_ERROR_AES_NOT_ENABLED \r\n");
Status = XFSBL_ERROR_AES_NOT_ENABLED;
goto END;
#endif
}
/**

414
lib/sw_apps/zynqmp_fsbl/src/xfsbl_rsa_sha.c
View file

@ -53,7 +53,8 @@
/***************************** Include Files *********************************/
#include "xfsbl_authentication.h"
#include "xfsbl_csu_dma.h"
#ifdef XFSBL_RSA
/************************** Constant Definitions *****************************/
/**************************** Type Definitions *******************************/
@ -63,374 +64,7 @@
/************************** Function Prototypes ******************************/
/************************** Variable Definitions *****************************/
static u32 XFsbl_Sha3Len;
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_Sha3Padd(u8 *Dst, u32 MsgLen)
{
/**
* SHA3 HASH value is not generated correctly
* when used 2nd time on REMUS 1.9
*/
XFsbl_MemSet(Dst, 0, MsgLen);
Dst[0] = 0x1;
Dst[MsgLen -1] |= 0x80;
}
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_Sha3Start(void)
{
XFsbl_Sha3Len = 0;
/**
* Reset SHA3 engine.
*/
XFsbl_Out32(CSU_SHA_RESET, CSU_SHA_RESET_RESET_MASK);
XFsbl_Out32(CSU_SHA_RESET, 0);
/**
* Configure the SSS for SHA3 hashing.
*/
XFsbl_SssSetup(XFsbl_SssInputSha3(XFSBL_CSU_SSS_SRC_SRC_DMA));
/**
* Start SHA3 engine.
*/
XFsbl_Out32(CSU_SHA_START, CSU_SHA_START_START_MSG_MASK);
}
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_Sha3Update(u8 * Data, u32 Size)
{
XFsbl_Sha3Len += Size;
XASSERT_VOID((Size & 3) == 0);
XFsbl_CsuDmaStart(XFSBL_CSU_DMA_SRC, (u32 )(PTRSIZE)Data, Size);
/* Checking the SHA3 done bit should be enough. */
XFsbl_CsuDmaWaitForDone(XFSBL_CSU_DMA_SRC);
}
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_Sha3WaitForDone(void)
{
volatile u32 Status;
do
{
Status = XFsbl_In32(CSU_SHA_DONE);
} while (CSU_SHA_DONE_SHA_DONE_MASK !=
(Status & CSU_SHA_DONE_SHA_DONE_MASK));
}
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_Sha3Finish(u8 *Hash)
{
u32 *HashPtr = (u32 *)Hash;
u32 PartialLen = XFsbl_Sha3Len % XFSBL_SHA3_BLOCK_LEN;
/**
* DT 780552 (SHA3 HASH value is not generated correctly
* when used 2nd time on REMUS 1.9)
*/
PartialLen = (PartialLen == 0)?(XFSBL_SHA3_BLOCK_LEN) :
(XFSBL_SHA3_BLOCK_LEN - PartialLen);
XFsbl_Sha3Padd(XFsbl_RsaSha3Array, PartialLen);
XFsbl_CsuDmaStart(XFSBL_CSU_DMA_SRC, (u32 )(PTRSIZE)XFsbl_RsaSha3Array,
PartialLen | XFSBL_CSU_DMA_SIZE_EOP);
/* Check the SHA3 DONE bit. */
XFsbl_Sha3WaitForDone();
/* If requested, read out the Hash in reverse order. */
if (Hash)
{
u32 Index = 0;
u32 Val = 0;
for (Index=0; Index < 12; Index++)
{
Val = XFsbl_In32(CSU_SHA_DIGEST_0 + (Index * 4));
HashPtr[11 - Index] = Val;
}
}
}
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
void XFsbl_Sha3Digest(const u8 *In, const u32 Size, u8 *Out)
{
XFsbl_Sha3Start();
XFsbl_Sha3Update((u8 *)In, Size);
XFsbl_Sha3Finish(Out);
}
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
static void XFsbl_RsaPutData(u32 * WrData, u8 RamOffset)
{
u32 Index = 0;
u32 DataOffset = 0;
u32 TmpIndex = 0;
u32 Data = 0;
/** Each of this loop will write 192 bits of data*/
for (DataOffset = 0; DataOffset < 22; DataOffset++)
{
for (Index = 0; Index < 6; Index++)
{
TmpIndex = (DataOffset*6) + Index;
/**
* DT 776670: CSU Boot ROM fails with error code 0x30E
* (RSA status register give done with error 0x5)
* Added this condition as we need only 4 bytes
* and rest of the data needs to be 0
*/
if(XFSBL_CSU_RSA_RAM_EXPO == RamOffset)
{
if(0 == TmpIndex )
{
Data = XFsbl_Htonl(*WrData);
}
else
{
Data = 0x0;
}
}
else
{
if(TmpIndex >=128)
{
Data = 0x0;
}
else
{
/**
* The RSA data in Image is in Big Endian.
* So reverse it before putting in RSA memory,
* becasue RSA h/w expects it in Little endian.
*/
Data = XFsbl_Htonl(WrData[127-TmpIndex]);
}
}
XFsbl_Out32((RSA_WR_DATA_0 + Index * 4), Data);
}
XFsbl_Out32(RSA_WR_ADDR, ((RamOffset * 22) + DataOffset));
}
}
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
static void XFsbl_RsaGetData(u32 * RdData)
{
u32 Index = 0;
u32 DataOffset = 0;
int TmpIndex = 0;
/** Each of this loop will write 192 bits of data*/
for (DataOffset = 0; DataOffset < 22; DataOffset++)
{
XFsbl_Out32(RSA_RD_ADDR,
(XFSBL_CSU_RSA_RAM_RES_Y * 22) + DataOffset);
Index = (DataOffset == 0) ? 2: 0;
for (; Index < 6; Index++)
{
TmpIndex = 129 - ((DataOffset*6) + Index);
if(TmpIndex < 0)
{
break;
}
/**
* The Signature digest is compared in Big endian.
* So becasue RSA h/w results in Little endian,
* reverse it after reading it from RSA memory,
*/
RdData[TmpIndex] = XFsbl_Htonl(
XFsbl_In32(RSA_RD_DATA_0
+ (Index * 4)));
}
}
}
/*****************************************************************************
*
* @param u32 *Mod
*
* @return None
*
* @notes MINV is the 32-bit value of "-M mod 2**32"
* where M is LSB 32 bits of the original modulus
* DT 776670: CSU Boot ROM fails with error code 0x30E
* (RSA status register give done with error 0x5)
*
******************************************************************************/
static void XFsbl_Mod32Inverse(u32 *Mod)
{
/** Calculate the MINV*/
u8 Count = 0;
u32 ModVal = XFsbl_Htonl(Mod[127]);
u32 Inv = 2 - ModVal;
for (Count = 0; Count < 4; ++Count)
{
Inv = (Inv * (2- ( ModVal * Inv ) ) );
}
Inv = -Inv;
/** Put the value in MINV registers*/
XFsbl_Out32(RSA_CORE_MINV0, (Inv & 0xFF ));
XFsbl_Out32(RSA_CORE_MINV1, ((Inv >> 8) & 0xFF ));
XFsbl_Out32(RSA_CORE_MINV2, ((Inv >> 16) & 0xFF ));
XFsbl_Out32(RSA_CORE_MINV3, ((Inv >> 24) & 0xFF ));
}
/*****************************************************************************
*
* @param None
*
* @return None
*
******************************************************************************/
u32 XFsbl_RsaDecrypt(u8* EncText, u8* Mod, u8* ModExt, u8* ModExpo, u8* Result, u8 Reuse)
{
volatile u32 Status = XFSBL_SUCCESS;
u32 ErrorCode = XFSBL_SUCCESS;
/**
* Populate the RSA parameters in h/w.
*/
/**
* We will reuse the RSA config values,
* incase of FSBL Signature Authentication,
* because Boot header Signautre Authentication,
* also uses the same SPK Key.
*/
if(0 == Reuse)
{
/**
* DT 776670: CSU Boot ROM fails with error code 0x30E
* (RSA status register give done with error 0x5)
* Initialize Modular exponentiation
*/
XFsbl_RsaPutData((u32 *)ModExpo, XFSBL_CSU_RSA_RAM_EXPO);
/**
* Initialize Modular.
*/
XFsbl_RsaPutData((u32 *)Mod, XFSBL_CSU_RSA_RAM_MOD);
/**
* DT 776670: CSU Boot ROM fails with error code 0x30E
* (RSA status register give done with error 0x5)
* Initialize MINV values from Mod.
*/
XFsbl_Mod32Inverse((u32 *)Mod);
}
/**
* Initialize Modular extension (R*R Mod M)
*/
XFsbl_RsaPutData((u32 *)ModExt, XFSBL_CSU_RSA_RAM_RES_Y);
/**
* Initialize Digest
*/
XFsbl_RsaPutData((u32 *)EncText, XFSBL_CSU_RSA_RAM_DIGEST);
/**
* Start the RSA operation.
*/
XFsbl_Out32(RSA_CORE_CTRL, XFSBL_CSU_RSA_CONTROL_MASK);
/**
* Check and wait for status
*/
do
{
Status = XFsbl_In32(RSA_CORE_STATUS);
if(RSA_CORE_STATUS_ERROR_MASK ==
(Status & RSA_CORE_STATUS_ERROR_MASK))
{
ErrorCode = XFSBL_FAILURE;
goto END;
}
}while (RSA_CORE_STATUS_DONE_MASK !=
(Status & RSA_CORE_STATUS_DONE_MASK));
/**
* Copy the result
*/
XFsbl_RsaGetData((u32 *)Result);
END:
return ErrorCode;
}
static XSecure_Sha3 SecureSha3;
/*****************************************************************************
*
@ -444,7 +78,13 @@ void XFsbl_ShaDigest(const u8 *In, const u32 Size, u8 *Out, u32 HashLen)
if(XFSBL_HASH_TYPE_SHA3 == HashLen)
{
XFsbl_Sha3Digest(In, Size, Out);
XSecure_Sha3Digest(&SecureSha3, In, Size, Out);
}
else
{
#ifdef XFSBL_SHA2
sha_256(In, Size, Out);
#endif
}
}
@ -456,11 +96,19 @@ void XFsbl_ShaDigest(const u8 *In, const u32 Size, u8 *Out, u32 HashLen)
* @return None
*
******************************************************************************/
void XFsbl_ShaStart( void * Ctx, u32 HashLen)
void XFsbl_ShaStart(void * Ctx, u32 HashLen)
{
if(XFSBL_HASH_TYPE_SHA3 == HashLen)
{
XFsbl_Sha3Start();
XSecure_Sha3Initialize(&SecureSha3, &CsuDma);
XSecure_Sha3Start(&SecureSha3);
}
else
{
#ifdef XFSBL_SHA2
sha2_starts(Ctx);
#endif
}
}
@ -472,11 +120,17 @@ void XFsbl_ShaStart( void * Ctx, u32 HashLen)
* @return None
*
******************************************************************************/
void XFsbl_ShaUpdate( void * Ctx, u8 * Data, u32 Size, u32 HashLen)
void XFsbl_ShaUpdate(void * Ctx, u8 * Data, u32 Size, u32 HashLen)
{
if(XFSBL_HASH_TYPE_SHA3 == HashLen)
{
XFsbl_Sha3Update(Data, Size);
XSecure_Sha3Update(&SecureSha3, Data, Size);
}
else
{
#ifdef XFSBL_SHA2
sha2_update(Ctx, Data, Size);
#endif
}
}
@ -487,11 +141,19 @@ void XFsbl_ShaUpdate( void * Ctx, u8 * Data, u32 Size, u32 HashLen)
* @return None
*
******************************************************************************/
void XFsbl_ShaFinish( void * Ctx, u8 * Hash, u32 HashLen)
void XFsbl_ShaFinish(void * Ctx, u8 * Hash, u32 HashLen)
{
if(XFSBL_HASH_TYPE_SHA3 == HashLen)
{
XFsbl_Sha3Finish(Hash);
XSecure_Sha3Finish(&SecureSha3, Hash);
}
else
{
#ifdef XFSBL_SHA2
sha2_finish(Ctx, Hash);
#endif
}
}
#endif