diff --git a/lib/sw_services/xilsecure/src/xsecure_aes.c b/lib/sw_services/xilsecure/src/xsecure_aes.c index ad133752..46e79506 100755 --- a/lib/sw_services/xilsecure/src/xsecure_aes.c +++ b/lib/sw_services/xilsecure/src/xsecure_aes.c @@ -74,7 +74,7 @@ * Waits for AES completion for keyload. * * @param InstancePtr is a pointer to the XSecure_Aes instance. - * @param @param CsuDmaPtr is the pointer to the XCsuDma instance. + * @param CsuDmaPtr is the pointer to the XCsuDma instance. * @param KeySel is the key source for decryption, can be KUP or device key * @param Iv is pointer to the Initialization Vector for decryption * @param Key is the pointer to Aes decryption key in case KUP key is used @@ -82,13 +82,13 @@ * * @return XST_SUCCESS if initialization was successful. * + * @note None + * ******************************************************************************/ s32 XSecure_AesInitialize(XSecure_Aes *InstancePtr, XCsuDma *CsuDmaPtr, - u32 KeySel, u32* Iv, u32* Key) + u32 KeySel, u32* Iv, u32* Key) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertNonvoid(InstancePtr != NULL); Xil_AssertNonvoid(CsuDmaPtr != NULL); Xil_AssertNonvoid(Iv != NULL); @@ -99,8 +99,8 @@ s32 XSecure_AesInitialize(XSecure_Aes *InstancePtr, XCsuDma *CsuDmaPtr, InstancePtr->Iv = Iv; /* - * Clarify if Aes block expects IV in big or small endian, swap endianness - * of Iv likewise + * Clarify if Aes block expects IV in big or small endian, swap + * endianness of Iv likewise */ InstancePtr->Key = Key; @@ -117,19 +117,19 @@ s32 XSecure_AesInitialize(XSecure_Aes *InstancePtr, XCsuDma *CsuDmaPtr, * * @return None * + * @note None + * ******************************************************************************/ static void XSecure_AesWaitKeyLoad(XSecure_Aes *InstancePtr) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); volatile u32 Status; do { Status = XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_STS_OFFSET); + XSECURE_CSU_AES_STS_OFFSET); } while (!((u32)Status & XSECURE_CSU_AES_STS_KEY_INIT_DONE)); } @@ -138,23 +138,22 @@ static void XSecure_AesWaitKeyLoad(XSecure_Aes *InstancePtr) * * Waits for AES completion. * - * @param InstancePtr is a pointer to the XSecure_Aes instance. + * @param InstancePtr is a pointer to the XSecure_Aes instance. * * @return None * + * @note None ******************************************************************************/ static void XSecure_AesWaitForDone(XSecure_Aes *InstancePtr) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); volatile u32 Status; do { Status = XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_STS_OFFSET); + XSECURE_CSU_AES_STS_OFFSET); } while ((u32)Status & XSECURE_CSU_AES_STS_AES_BUSY); } @@ -167,19 +166,19 @@ static void XSecure_AesWaitForDone(XSecure_Aes *InstancePtr) * * @return None * + * @note None + * ******************************************************************************/ void XSecure_AesReset(XSecure_Aes *InstancePtr) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_RESET_OFFSET, XSECURE_CSU_AES_RESET); + XSECURE_CSU_AES_RESET_OFFSET, XSECURE_CSU_AES_RESET); XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_RESET_OFFSET, 0x0U); + XSECURE_CSU_AES_RESET_OFFSET, 0x0U); //replaced mb here } @@ -192,32 +191,32 @@ void XSecure_AesReset(XSecure_Aes *InstancePtr) * * @return None * + * @note None + * ******************************************************************************/ void XSecure_AesKeyZero(XSecure_Aes *InstancePtr) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); volatile u32 Status; Status = XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KEY_CLR_OFFSET); + XSECURE_CSU_AES_KEY_CLR_OFFSET); Status |= InstancePtr->KeySel; XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KEY_CLR_OFFSET, (u32)Status); + XSECURE_CSU_AES_KEY_CLR_OFFSET, (u32)Status); Status &= ~InstancePtr->KeySel; XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KEY_CLR_OFFSET, (u32)Status); + XSECURE_CSU_AES_KEY_CLR_OFFSET, (u32)Status); do { Status = XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_STS_OFFSET); + XSECURE_CSU_AES_STS_OFFSET); } while ((InstancePtr->KeySel << 8) == ((u32)Status & - (InstancePtr->KeySel << 8))); + (InstancePtr->KeySel << 8))); } /*****************************************************************************/ @@ -229,36 +228,32 @@ void XSecure_AesKeyZero(XSecure_Aes *InstancePtr) * * @return None * + * @note None + * ******************************************************************************/ void XSecure_AesKeySelNLoad(XSecure_Aes *InstancePtr) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); if(InstancePtr->KeySel == XSECURE_CSU_AES_KEY_SRC_DEV) { XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KEY_SRC_OFFSET, XSECURE_CSU_AES_KEY_SRC_DEV); + XSECURE_CSU_AES_KEY_SRC_OFFSET, XSECURE_CSU_AES_KEY_SRC_DEV); } else { XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KEY_SRC_OFFSET, - XSECURE_CSU_AES_KEY_SRC_KUP); + XSECURE_CSU_AES_KEY_SRC_OFFSET, + XSECURE_CSU_AES_KEY_SRC_KUP); } - /** - * Trig loading of key. - */ + /* Trig loading of key. */ XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KEY_LOAD_OFFSET, - XSECURE_CSU_AES_KEY_LOAD); + XSECURE_CSU_AES_KEY_LOAD_OFFSET, + XSECURE_CSU_AES_KEY_LOAD); - /** - * Wait for AES key loading. - */ + /* Wait for AES key loading.*/ XSecure_AesWaitKeyLoad(InstancePtr); } @@ -268,19 +263,20 @@ void XSecure_AesKeySelNLoad(XSecure_Aes *InstancePtr) * Function for doing encryption using h/w AES engine. * * @param InstancePtr is a pointer to the XSecure_Aes instance. - * @param Dst is pointer to location where encrypted output will be written. + * @param Dst is pointer to location where encrypted output will + * be written. * @param Src is pointer to input data for encryption. * @param Len is the size of input data in bytes * * @return None * + * @note None + * ******************************************************************************/ void XSecure_AesEncrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, - u32 Len) + u32 Len) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); Xil_AssertVoid(Dst != NULL); Xil_AssertVoid(Src != NULL); @@ -288,9 +284,7 @@ void XSecure_AesEncrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, u32 SssCfg = 0U; - /** - * Configure the SSS for AES. - */ + /* Configure the SSS for AES.*/ u32 SssDma = XSecure_SssInputDstDma(XSECURE_CSU_SSS_SRC_AES); u32 SssAes = XSecure_SssInputAes(XSECURE_CSU_SSS_SRC_SRC_DMA); @@ -298,35 +292,27 @@ void XSecure_AesEncrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, XSecure_SssSetup(SssCfg); - /** - * Configure the AES for Encryption. - */ + /* Configure the AES for Encryption.*/ XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_AES_CFG_OFFSET, - XSECURE_CSU_AES_CFG_ENC); + XSECURE_CSU_AES_CFG_ENC); - /** - * Start the message. - */ + /* Start the message.*/ XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_START_MSG_OFFSET, - XSECURE_CSU_AES_START_MSG); + XSECURE_CSU_AES_START_MSG_OFFSET, + XSECURE_CSU_AES_START_MSG); - /** - * Push IV into the AES engine. - */ + /* Push IV into the AES engine.*/ XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - (u64)InstancePtr->Iv, - XSECURE_SECURE_GCM_TAG_SIZE/4U, 0); + (u64)InstancePtr->Iv, + XSECURE_SECURE_GCM_TAG_SIZE/4U, 0); XCsuDma_WaitForDone(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL); - /** - * Configure the CSU DMA Tx/Rx. - */ + /* Configure the CSU DMA Tx/Rx.*/ XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL, (u64) Dst, - (Len + XSECURE_SECURE_GCM_TAG_SIZE)/4U, 0); + (Len + XSECURE_SECURE_GCM_TAG_SIZE)/4U, 0); XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, (u64) Src, - XSECURE_SECURE_GCM_TAG_SIZE/4U, 1); + XSECURE_SECURE_GCM_TAG_SIZE/4U, 1); /** * Wait for Dst/Src DMA done. @@ -334,9 +320,7 @@ void XSecure_AesEncrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, XCsuDma_WaitForDone(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL); XCsuDma_WaitForDone(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL); - /** - * Wait for AES encryption completion. - */ + /* Wait for AES encryption completion.*/ XSecure_AesWaitForDone(InstancePtr); } @@ -346,22 +330,21 @@ void XSecure_AesEncrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, * Function for doing decryption using h/w AES engine. * * @param InstancePtr is a pointer to the XSecure_Aes instance. - * @param Dst is pointer to location where encrypted output will be written. + * @param Dst is pointer to location where encrypted data will be written * @param Src is pointer to input data for encryption. * @param Tag is pointer to the GCM tag used for authentication * @param Len is the length of the output data expected after decryption. * @param Flag denotes whether the block is Secure header or data block * - * @return - * -returns 1 if GCM tag matching was successful + * @return returns 1 if GCM tag matching was successful + * + * @note None * ******************************************************************************/ -static u32 XSecure_AesDecryptBlk(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, - const u8 *Tag, u32 Len, u32 Flag) +static u32 XSecure_AesDecryptBlk(XSecure_Aes *InstancePtr, u8 *Dst, + const u8 *Src, const u8 *Tag, u32 Len, u32 Flag) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertNonvoid(InstancePtr != NULL); Xil_AssertNonvoid(Dst != NULL); Xil_AssertNonvoid(Src != NULL); @@ -369,143 +352,116 @@ static u32 XSecure_AesDecryptBlk(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Sr volatile u32 Status = 0U; - /* - * Start the message. - */ + /* Start the message. */ XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_START_MSG_OFFSET, - XSECURE_CSU_AES_START_MSG); + XSECURE_CSU_AES_START_MSG_OFFSET, + XSECURE_CSU_AES_START_MSG); - /* - * Push IV into the AES engine. - */ + /* Push IV into the AES engine. */ XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - (u64)InstancePtr->Iv, XSECURE_SECURE_GCM_TAG_SIZE/4U, 0); + (u64)InstancePtr->Iv, XSECURE_SECURE_GCM_TAG_SIZE/4U, 0); + XCsuDma_WaitForDone(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL); - /** - * Enable CSU DMA Src channel for byte swapping. - */ + /* Enable CSU DMA Src channel for byte swapping.*/ XCsuDma_Configure ConfigurValues = {0}; XCsuDma_GetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - &ConfigurValues); + &ConfigurValues); ConfigurValues.EndianType = 1U; XCsuDma_SetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - &ConfigurValues); + &ConfigurValues); if(Flag) { - /** - * This means we are decrypting Block of the boot image. - * Enable CSU DMA Dst channel for byte swapping. - */ + /* + * This means we are decrypting Block of the boot image. + * Enable CSU DMA Dst channel for byte swapping. + */ XCsuDma_GetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL, - &ConfigurValues); + &ConfigurValues); ConfigurValues.EndianType = 1U; XCsuDma_SetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL, - &ConfigurValues); - /* - * Configure the CSU DMA Tx/Rx for the incoming Block. - */ + &ConfigurValues); + /* Configure the CSU DMA Tx/Rx for the incoming Block. */ XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL, - (u64)Dst, Len/4U, 0); + (u64)Dst, Len/4U, 0); XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - (u64)Src, Len/4U, 0); + (u64)Src, Len/4U, 0); - /* - * Wait for the Dst DMA completion. - */ + /* Wait for the Dst DMA completion. */ XCsuDma_WaitForDone(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL); - /* - * Disble CSU DMA Dst channel for byte swapping. - */ + /* Disble CSU DMA Dst channel for byte swapping. */ XCsuDma_GetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL, - &ConfigurValues); + &ConfigurValues); ConfigurValues.EndianType = 0U; XCsuDma_SetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_DST_CHANNEL, - &ConfigurValues); + &ConfigurValues); /* - * Configure AES engine to push decrypted Key and IV in the block, - * to the CSU KEY and IV registers. + * Configure AES engine to push decrypted Key and IV in the + * block to the CSU KEY and IV registers. */ XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KUP_WR_OFFSET, - XSECURE_CSU_AES_IV_WR | XSECURE_CSU_AES_KUP_WR); + XSECURE_CSU_AES_KUP_WR_OFFSET, + XSECURE_CSU_AES_IV_WR | XSECURE_CSU_AES_KUP_WR); } else { /* * This means we are decrypting the Secure header. - * Configure AES engine to push decrypted IV in the Secure header, - * to the CSU IV register. + * Configure AES engine to push decrypted IV in the Secure + * header to the CSU IV register. */ XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KUP_WR_OFFSET, - XSECURE_CSU_AES_IV_WR | XSECURE_CSU_AES_KUP_WR); + XSECURE_CSU_AES_KUP_WR_OFFSET, + XSECURE_CSU_AES_IV_WR | XSECURE_CSU_AES_KUP_WR); } - /* - * Push the Secure header/footer for decrypting next blocks KEY and IV. - */ + /* Push the Secure header/footer for decrypting next blocks KEY and IV. */ XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - (u64)(Src + Len), XSECURE_SECURE_HDR_SIZE/4U, 1); + (u64)(Src + Len), XSECURE_SECURE_HDR_SIZE/4U, 1); - /* - * Wait for the Src DMA completion. - */ + /* Wait for the Src DMA completion. */ XCsuDma_WaitForDone(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL); - /* - * Restore Key write register to 0. - */ + /* Restore Key write register to 0. */ XSecure_WriteReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_KUP_WR_OFFSET, 0x0); + XSECURE_CSU_AES_KUP_WR_OFFSET, 0x0); - /* - * Push the GCM tag. - */ + /* Push the GCM tag. */ XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, (u64)Tag, - XSECURE_SECURE_GCM_TAG_SIZE/4U, 0); + XSECURE_SECURE_GCM_TAG_SIZE/4U, 0); - /* - * Wait for the Src DMA completion. - */ + /* Wait for the Src DMA completion. */ XCsuDma_WaitForDone(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL); - /* - * Disable CSU DMA Src channel for byte swapping. - */ + /* Disable CSU DMA Src channel for byte swapping. */ XCsuDma_GetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - &ConfigurValues); + &ConfigurValues); ConfigurValues.EndianType = 0U; XCsuDma_SetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - &ConfigurValues); + &ConfigurValues); - /* - * Wait for AES Decryption completion. - */ + /* Wait for AES Decryption completion. */ XSecure_AesWaitForDone(InstancePtr); - /* - * Get the AES status to know if GCM check passed. - */ + /* Get the AES status to know if GCM check passed. */ Status = XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_STS_OFFSET) & - XSECURE_CSU_AES_STS_GCM_TAG_OK; + XSECURE_CSU_AES_STS_OFFSET) & + XSECURE_CSU_AES_STS_GCM_TAG_OK; return !!Status; } @@ -514,62 +470,63 @@ static u32 XSecure_AesDecryptBlk(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Sr /** * * This function will handle the AES-GCM Decryption. - * - * The Multiple key(a.k.a Key Rolling) or Single key - * Encrypted images will have the same format, - * such that it will have the following: - * - * Secure header --> Dummy AES Key of 32byte + - * Block 0 IV of 12byte + - * DLC for Block 0 of 4byte + - * GCM tag of 16byte(Un-Enc). - * Block N --> Boot Image Data for Block N of n size + - * Block N+1 AES key of 32byte + - * Block N+1 IV of 12byte + - * GCM tag for Block N of 16byte(Un-Enc). - * - * The Secure header and Block 0 will be decrypted using - * Device key or user provide key. - * If more than 1 blocks are found then the key and IV - * obtained from previous block will be used for decryption - * - * - * 1> Read the 1st 64bytes and decrypt 48 bytes using - * the selected Device key. - * 2> Decrypt the 0th block using the IV + Size from step 2 - * and selected device key. - * 3> After decryption we will get decrypted data+KEY+IV+Blk - * Size so store the KEY/IV into KUP/IV registers. - * 4> Using Blk size, IV and Next Block Key information - * start decrypting the next block. - * 5> if the Current Image size > Total image length, - * go to next step 8. Else go back to step 5 - * 6> If there are failures, return error code - * 7> If we have reached this step means the decryption is SUCCESS. - * + * + * The Multiple key(a.k.a Key Rolling) or Single key + * Encrypted images will have the same format, + * such that it will have the following: + * + * Secure header --> Dummy AES Key of 32byte + + * Block 0 IV of 12byte + + * DLC for Block 0 of 4byte + + * GCM tag of 16byte(Un-Enc). + * Block N --> Boot Image Data for Block N of n size + + * Block N+1 AES key of 32byte + + * Block N+1 IV of 12byte + + * GCM tag for Block N of 16byte(Un-Enc). + * + * The Secure header and Block 0 will be decrypted using + * Device key or user provide key. + * If more than 1 blocks are found then the key and IV + * obtained from previous block will be used for decryption + * + * + * 1> Read the 1st 64bytes and decrypt 48 bytes using + * the selected Device key. + * 2> Decrypt the 0th block using the IV + Size from step 2 + * and selected device key. + * 3> After decryption we will get decrypted data+KEY+IV+Blk + * Size so store the KEY/IV into KUP/IV registers. + * 4> Using Blk size, IV and Next Block Key information + * start decrypting the next block. + * 5> if the Current Image size > Total image length, + * go to next step 8. Else go back to step 5 + * 6> If there are failures, return error code + * 7> If we have reached this step means the decryption is SUCCESS. + * * * * @param InstancePtr is a pointer to the XSecure_Aes instance. * @param Src is the pointer to encrypted data source location - * @param Dst is the pointer to location where decrypted data will be written + * @param Dst is the pointer to location where decrypted data will be + * written. * @param Length is the expected total length of decrypted image expected. * * @return u32 ErrorCode * + * @note None + * ******************************************************************************/ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, - u32 Length) + u32 Length) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertNonvoid(InstancePtr != NULL); Xil_AssertNonvoid(Dst != NULL); Xil_AssertNonvoid(Src != NULL); u32 SssCfg = 0x0U; volatile u32 Status=0x0U; - u32 ErrorCode = XSECURE_CSU_AES_DECRYPTION_DONE ; + u32 ErrorCode = XSECURE_CSU_AES_DECRYPTION_DONE ; u32 CurrentImgLen = 0x0U; u32 NextBlkLen = 0x0U; u32 PrevBlkLen = 0x0U; @@ -579,9 +536,7 @@ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, u32 BlockCnt = 0x0U; u32 ImageLen = 0x0U; - /* - * Configure the SSS for AES. - */ + /* Configure the SSS for AES. */ u32 SssDma = XSecure_SssInputDstDma(XSECURE_CSU_SSS_SRC_AES); u32 SssAes = XSecure_SssInputAes(XSECURE_CSU_SSS_SRC_SRC_DMA); @@ -589,9 +544,7 @@ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, XSecure_SssSetup(SssCfg); - /* - * Configure AES for Decryption - */ + /* Configure AES for Decryption */ XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_AES_CFG_OFFSET, XSECURE_CSU_AES_CFG_DEC); @@ -601,9 +554,7 @@ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, SrcAddr = (u8 *)Src ; GcmTagAddr = SrcAddr + XSECURE_SECURE_HDR_SIZE; - /* - * Clear AES contents by reseting it. - */ + /* Clear AES contents by reseting it. */ XSecure_AesReset(InstancePtr); if(InstancePtr->KeySel == XSECURE_CSU_AES_KEY_SRC_DEV) @@ -616,15 +567,14 @@ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, u32 Addr=0U; for(Count = 0U; Count < 8U; Count++) { - /* - * Helion AES block expects the key in big-endian. - */ + /* Helion AES block expects the key in big-endian. */ Value = Xil_Htonl(InstancePtr->Key[Count]); - Addr = InstancePtr->BaseAddress + XSECURE_CSU_AES_KUP_0_OFFSET - + (Count * 4); - XSecure_Out32(Addr, Value); + Addr = InstancePtr->BaseAddress + + XSECURE_CSU_AES_KUP_0_OFFSET + + (Count * 4); + XSecure_Out32(Addr, Value); } XSecure_AesKeySelNLoad(InstancePtr); } @@ -633,19 +583,14 @@ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, { PrevBlkLen = NextBlkLen; - /* - * Start decryption of Secure-Header/Block/Footer. - */ + /* Start decryption of Secure-Header/Block/Footer. */ Status = XSecure_AesDecryptBlk(InstancePtr, DestAddr, - (const u8 *)SrcAddr, - ((const u8 *)GcmTagAddr), - NextBlkLen, - BlockCnt); + (const u8 *)SrcAddr, + ((const u8 *)GcmTagAddr), + NextBlkLen, BlockCnt); - /* - * If decryption failed then return error. - */ + /* If decryption failed then return error. */ if(0U == (u32)Status) { ErrorCode= XSECURE_CSU_AES_GCM_TAG_MISMATCH; @@ -657,11 +602,9 @@ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, * Size is in 32-bit words so mul it with 4 */ NextBlkLen = Xil_Htonl(XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_AES_IV_3_OFFSET)) * 4; + XSECURE_CSU_AES_IV_3_OFFSET)) * 4; - /* - * Update the current image size. - */ + /* Update the current image size. */ CurrentImgLen += NextBlkLen; if(0U == NextBlkLen) @@ -697,9 +640,7 @@ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, if(BlockCnt > 0U) { - /* - * Update DestAddr and SrcAddr for next Block decryption. - */ + /* Update DestAddr and SrcAddr for next Block decryption. */ DestAddr += PrevBlkLen; SrcAddr = (GcmTagAddr + XSECURE_SECURE_GCM_TAG_SIZE); /* @@ -711,26 +652,18 @@ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, } else { - /* - * Update SrcAddr for Block-0 - */ + /* Update SrcAddr for Block-0 */ SrcAddr = (SrcAddr + XSECURE_SECURE_HDR_SIZE + - XSECURE_SECURE_GCM_TAG_SIZE); - /* - * Point IV to the CSU IV register. - */ + XSECURE_SECURE_GCM_TAG_SIZE); + /* Point IV to the CSU IV register. */ InstancePtr->Iv = (u32 *)(InstancePtr->BaseAddress + - XSECURE_CSU_AES_IV_0_OFFSET); + XSECURE_CSU_AES_IV_0_OFFSET); } - /* - * Update the GcmTagAddr to get GCM-TAG for next block. - */ + /* Update the GcmTagAddr to get GCM-TAG for next block. */ GcmTagAddr = SrcAddr + NextBlkLen + XSECURE_SECURE_HDR_SIZE; - /* - * Update block count. - */ + /* Update block count. */ BlockCnt++; }while(1); diff --git a/lib/sw_services/xilsecure/src/xsecure_aes.h b/lib/sw_services/xilsecure/src/xsecure_aes.h index fa47b735..1ddd8100 100755 --- a/lib/sw_services/xilsecure/src/xsecure_aes.h +++ b/lib/sw_services/xilsecure/src/xsecure_aes.h @@ -57,7 +57,7 @@ * in the following way: * * - XSecure_AesInitialize(XSecure_Aes *InstancePtr, XCsuDma *CsuDmaPtr, -* u32 KeySel, u32* Iv, u32* Key) +* u32 KeySel, u32* Iv, u32* Key) * * The key for decryption can be the device key or user provided key. * KeySel variable denotes the key to be used. In case the key is user @@ -69,9 +69,9 @@ * * * @note -* -The format of encrypted data(boot image) has to be exactly as -* specified by the bootgen. Any encrypted data has to start with a -* secure header first and then the data blocks. +* -The format of encrypted data(boot image) has to be exactly as +* specified by the bootgen. Any encrypted data has to start with a +* secure header first and then the data blocks. * *
* MODIFICATION HISTORY: @@ -91,56 +91,68 @@ /************************** Include Files ***********************************/ #include "xsecure_hw.h" -#include "../../../include/xcsudma.h" +#include "xcsudma.h" #include "xstatus.h" #include "xil_io.h" /************************** Constant Definitions ****************************/ -#define XSECURE_CSU_AES_STS_AES_BUSY (1U << 0) /**< AES busy */ -#define XSECURE_CSU_AES_STS_AES_READY (1U << 1) /**< Ready to Receive Data */ -#define XSECURE_CSU_AES_STS_AES_DONE (1U << 2) /**< Operation Complete */ -#define XSECURE_CSU_AES_STS_GCM_TAG_OK (1U << 3) /**< GCM Tag Passed */ -#define XSECURE_CSU_AES_STS_KEY_INIT_DONE (1U << 4) /**< Key Initialized */ -#define XSECURE_CSU_AES_STS_AES_KEY_ZERO (1U << 8) /**< AES key zeroed */ -#define XSECURE_CSU_AES_STS_KUP_ZEROED (1U << 9) /**< KUP key Zeroed */ -#define XSECURE_CSU_AES_STS_BOOT_KEY_ZERO (1U << 10) /**< Boot Key zeroed */ -#define XSECURE_CSU_AES_STS_OKR_ZERO (1U << 11) /**< Operational Key zeroed */ +#define XSECURE_CSU_AES_STS_AES_BUSY (1U << 0) /**< AES busy */ +#define XSECURE_CSU_AES_STS_AES_READY (1U << 1) + /**< Ready to Receive Data */ +#define XSECURE_CSU_AES_STS_AES_DONE (1U << 2) + /**< Operation Complete */ +#define XSECURE_CSU_AES_STS_GCM_TAG_OK (1U << 3) /**< GCM Tag Passed */ +#define XSECURE_CSU_AES_STS_KEY_INIT_DONE (1U << 4) + /**< Key Initialize */ +#define XSECURE_CSU_AES_STS_AES_KEY_ZERO (1U << 8) + /**< AES key zeroed */ +#define XSECURE_CSU_AES_STS_KUP_ZEROED (1U << 9) /**< KUP key Zeroed */ +#define XSECURE_CSU_AES_STS_BOOT_KEY_ZERO (1U << 10) + /**< Boot Key zeroed */ +#define XSECURE_CSU_AES_STS_OKR_ZERO (1U << 11) + /**< Operational Key zeroed */ -#define XSECURE_CSU_AES_KEY_SRC_KUP (0x0U) /**< KUP key source */ -#define XSECURE_CSU_AES_KEY_SRC_DEV (0x1U) /**< Device Key source */ +#define XSECURE_CSU_AES_KEY_SRC_KUP (0x0U) /**< KUP key source */ +#define XSECURE_CSU_AES_KEY_SRC_DEV (0x1U) /**< Device Key source */ -#define XSECURE_CSU_AES_KEY_LOAD (1U << 0) /**< Load AES key from Source */ +#define XSECURE_CSU_AES_KEY_LOAD (1U << 0) + /**< Load AES key from Source */ -#define XSECURE_CSU_AES_START_MSG (1U << 0) /**< AES Start message */ +#define XSECURE_CSU_AES_START_MSG (1U << 0) /**< AES Start message */ -#define XSECURE_CSU_AES_KUP_WR (1U << 0) /**< Direct AES Output to KUP */ -#define XSECURE_CSU_AES_IV_WR (1U << 1) - /**< Direct AES Output to IV Reg */ +#define XSECURE_CSU_AES_KUP_WR (1U << 0) + /**< Direct AES Output to KUP */ +#define XSECURE_CSU_AES_IV_WR (1U << 1) + /**< Direct AES Output to IV Reg */ -#define XSECURE_CSU_AES_RESET (1U << 0) /**< Reset Value */ +#define XSECURE_CSU_AES_RESET (1U << 0) /**< Reset Value */ -#define XSECURE_CSU_AES_KEY_ZERO (1U << 0) /**< set AES key to zero */ -#define XSECURE_CSU_AES_KUP_ZERO (1U << 1) /**< Set KUP Reg. to zero */ +#define XSECURE_CSU_AES_KEY_ZERO (1U << 0) + /**< set AES key to zero */ +#define XSECURE_CSU_AES_KUP_ZERO (1U << 1) + /**< Set KUP Reg. to zero */ -#define XSECURE_CSU_AES_CFG_DEC (0x0U) /**< AES mode Decrypt */ -#define XSECURE_CSU_AES_CFG_ENC (0x1U) /**< AES Mode Encrypt */ +#define XSECURE_CSU_AES_CFG_DEC (0x0U) /**< AES mode Decrypt */ +#define XSECURE_CSU_AES_CFG_ENC (0x1U) /**< AES Mode Encrypt */ -#define XSECURE_CSU_KUP_WR (1U << 0) /**< Direct output to KUP */ -#define XSECURE_CSU_IV_WR (1U << 4) /**< image length mismatch */ +#define XSECURE_CSU_KUP_WR (1U << 0) + /**< Direct output to KUP */ +#define XSECURE_CSU_IV_WR (1U << 4) + /**< image length mismatch */ -/* - * Error Codes and Statuses - */ -#define XSECURE_CSU_AES_DECRYPTION_DONE 0U - /**< AES Decryption successful */ -#define XSECURE_CSU_AES_GCM_TAG_MISMATCH 1U /**< user provided GCM tag does - not match calculated tag */ -#define XSECURE_CSU_AES_IMAGE_LEN_MISMATCH 2U /**< image length mismatch */ +/* Error Codes and Statuses */ +#define XSECURE_CSU_AES_DECRYPTION_DONE (0U) + /**< AES Decryption successful */ +#define XSECURE_CSU_AES_GCM_TAG_MISMATCH (1U) + /**< user provided GCM tag does + not match calculated tag */ +#define XSECURE_CSU_AES_IMAGE_LEN_MISMATCH (2U) + /**< image length mismatch */ -#define XSECURE_SECURE_HDR_SIZE (48U) - /**< Secure Header Size in Bytes*/ -#define XSECURE_SECURE_GCM_TAG_SIZE (16U) /**< GCM Tag Size in Bytes */ +#define XSECURE_SECURE_HDR_SIZE (48U) + /**< Secure Header Size in Bytes*/ +#define XSECURE_SECURE_GCM_TAG_SIZE (16U) /**< GCM Tag Size in Bytes */ /************************** Type Definitions ********************************/ @@ -159,35 +171,20 @@ typedef struct { /************************** Function Prototypes ******************************/ -/* - * Initialization Functions - */ +/* Initialization Functions */ s32 XSecure_AesInitialize(XSecure_Aes *InstancePtr, XCsuDma *CsuDmaPtr, - u32 KeySel, u32* Iv, u32* Key); + u32 KeySel, u32* Iv, u32* Key); -void XSecure_AesKeySelNLoad(XSecure_Aes *InstancePtr); - -/* - * Decryption - */ +/* Decryption */ u32 XSecure_AesDecrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, - u32 Length); + u32 Length); -/* - * Encryption - */ +/* Encryption */ void XSecure_AesEncrypt(XSecure_Aes *InstancePtr, u8 *Dst, const u8 *Src, - u32 Len); + u32 Len); -/* - * Reset - */ +/* Reset */ void XSecure_AesReset(XSecure_Aes *InstancePtr); -/* - * Additional configuration - */ -void XSecure_AesKeyZero(XSecure_Aes *InstancePtr) ; - #endif /* XSECURE_AES_H_ */ diff --git a/lib/sw_services/xilsecure/src/xsecure_hw.h b/lib/sw_services/xilsecure/src/xsecure_hw.h index 6dc1fba6..f8ff4c8b 100755 --- a/lib/sw_services/xilsecure/src/xsecure_hw.h +++ b/lib/sw_services/xilsecure/src/xsecure_hw.h @@ -77,19 +77,21 @@ extern "C" { /************************** Constant Definitions *****************************/ -#define XSECURE_CSU_REG_BASE_ADDR (0xFFCA0000U) /**< CSU base address */ -#define XSECURE_CSU_DMA_BASE (0xFFC80000U) /**< CSUDMA base address */ +#define XSECURE_CSU_REG_BASE_ADDR (0xFFCA0000U) + /**< CSU base address */ +#define XSECURE_CSU_DMA_BASE (0xFFC80000U) + /**< CSUDMA base address */ -#define XSECURE_CSU_SHA3_BASE (XSECURE_CSU_REG_BASE_ADDR + 0x2000U) - /**< SHA3 base address */ - -#define XSECURE_CSU_CTRL_REG (XSECURE_CSU_REG_BASE_ADDR + 0x4U) /**< CSU control reg. */ -#define XSECURE_CSU_SSS_BASE (XSECURE_CSU_REG_BASE_ADDR + 0x8U) /**< CSU SSS base address */ -#define XSECURE_CSU_AES_BASE (XSECURE_CSU_REG_BASE_ADDR + 0x1000U) - /**< CSU AES base address */ - -#define XSECURE_CSU_RSA_BASE (0xFFCE0000U) - /**< RSA reg. base address */ +#define XSECURE_CSU_SHA3_BASE (XSECURE_CSU_REG_BASE_ADDR + 0x2000U) + /**< SHA3 base address */ +#define XSECURE_CSU_CTRL_REG (XSECURE_CSU_REG_BASE_ADDR + 0x4U) + /**< CSU control reg. */ +#define XSECURE_CSU_SSS_BASE (XSECURE_CSU_REG_BASE_ADDR + 0x8U) + /**< CSU SSS base address */ +#define XSECURE_CSU_AES_BASE (XSECURE_CSU_REG_BASE_ADDR + 0x1000U) + /**< CSU AES base address */ +#define XSECURE_CSU_RSA_BASE (0xFFCE0000U) + /**< RSA reg. base address */ /** @name Register Map @@ -97,13 +99,14 @@ extern "C" { * Register offsets for the SHA module. * @{ */ -#define XSECURE_CSU_SHA3_START_OFFSET (0x00U) /**< SHA start message */ -#define XSECURE_CSU_SHA3_RESET_OFFSET (0x04U) /**< Reset Register */ -#define XSECURE_CSU_SHA3_DONE_OFFSET (0x08U) /**< SHA Done Register */ +#define XSECURE_CSU_SHA3_START_OFFSET (0x00U) /**< SHA start message */ +#define XSECURE_CSU_SHA3_RESET_OFFSET (0x04U) /**< Reset Register */ +#define XSECURE_CSU_SHA3_DONE_OFFSET (0x08U) /**< SHA Done Register */ -#define XSECURE_CSU_SHA3_DIGEST_0_OFFSET (0x10U) /**< SHA3 Digest: Reg 0 */ -#define XSECURE_CSU_SHA3_DIGEST_11_OFFSET (0x34U) - /**< SHA3 Digest: Last Register */ +#define XSECURE_CSU_SHA3_DIGEST_0_OFFSET (0x10U) + /**< SHA3 Digest: Reg 0 */ +#define XSECURE_CSU_SHA3_DIGEST_11_OFFSET (0x34U) + /**< SHA3 Digest: Last Register */ /* @} */ /** @name Register Map @@ -111,34 +114,30 @@ extern "C" { * Register offsets for the AES module. * @{ */ -#define XSECURE_CSU_AES_STS_OFFSET (0x00U) /**< AES Status */ - -#define XSECURE_CSU_AES_KEY_SRC_OFFSET (0x04U) /**< AES Key Source */ - -#define XSECURE_CSU_AES_KEY_LOAD_OFFSET (0x08U) /**< AES Key Load Reg */ - +#define XSECURE_CSU_AES_STS_OFFSET (0x00U) /**< AES Status */ +#define XSECURE_CSU_AES_KEY_SRC_OFFSET (0x04U) /**< AES Key Source */ +#define XSECURE_CSU_AES_KEY_LOAD_OFFSET (0x08U) /**< AES Key Load Reg */ #define XSECURE_CSU_AES_START_MSG_OFFSET (0x0CU) /**< AES Start Message */ +#define XSECURE_CSU_AES_RESET_OFFSET (0x10U) /**< AES Reset Register */ +#define XSECURE_CSU_AES_KEY_CLR_OFFSET (0x14U) /**< AES Key Clear */ +#define XSECURE_CSU_AES_CFG_OFFSET (0x18U)/**< AES Operational Mode */ +#define XSECURE_CSU_AES_KUP_WR_OFFSET (0x1CU) + /**< AES KUP Write Control */ -#define XSECURE_CSU_AES_RESET_OFFSET (0x10U) /**< AES Reset Register */ -#define XSECURE_CSU_AES_KEY_CLR_OFFSET (0x14U) /**< AES Key Clear */ -#define XSECURE_CSU_AES_CFG_OFFSET (0x18U) - /**< AES Operational Mode */ -#define XSECURE_CSU_AES_KUP_WR_OFFSET (0x1CU) - /**< AES KUP Write Control */ +#define XSECURE_CSU_AES_KUP_0_OFFSET (0x20U) + /**< AES Key Update 0 */ +#define XSECURE_CSU_AES_KUP_1_OFFSET (0x24U) /**< AES Key Update 1 */ +#define XSECURE_CSU_AES_KUP_2_OFFSET (0x28U) /**< AES Key Update 2 */ +#define XSECURE_CSU_AES_KUP_3_OFFSET (0x2CU) /**< AES Key Update 3 */ +#define XSECURE_CSU_AES_KUP_4_OFFSET (0x30U) /**< AES Key Update 4 */ +#define XSECURE_CSU_AES_KUP_5_OFFSET (0x34U) /**< AES Key Update 5 */ +#define XSECURE_CSU_AES_KUP_6_OFFSET (0x38U) /**< AES Key Update 6 */ +#define XSECURE_CSU_AES_KUP_7_OFFSET (0x3CU) /**< AES Key Update 7 */ -#define XSECURE_CSU_AES_KUP_0_OFFSET (0x20U) /**< AES Key Update 0 */ -#define XSECURE_CSU_AES_KUP_1_OFFSET (0x24U) /**< AES Key Update 1 */ -#define XSECURE_CSU_AES_KUP_2_OFFSET (0x28U) /**< AES Key Update 2 */ -#define XSECURE_CSU_AES_KUP_3_OFFSET (0x2CU) /**< AES Key Update 3 */ -#define XSECURE_CSU_AES_KUP_4_OFFSET (0x30U) /**< AES Key Update 4 */ -#define XSECURE_CSU_AES_KUP_5_OFFSET (0x34U) /**< AES Key Update 5 */ -#define XSECURE_CSU_AES_KUP_6_OFFSET (0x38U) /**< AES Key Update 6 */ -#define XSECURE_CSU_AES_KUP_7_OFFSET (0x3CU) /**< AES Key Update 7 */ - -#define XSECURE_CSU_AES_IV_0_OFFSET (0x40U) /**< AES IV 0 */ -#define XSECURE_CSU_AES_IV_1_OFFSET (0x44U) /**< AES IV 1 */ -#define XSECURE_CSU_AES_IV_2_OFFSET (0x48U) /**< AES IV 2 */ -#define XSECURE_CSU_AES_IV_3_OFFSET (0x4CU) /**< AES IV 3 */ +#define XSECURE_CSU_AES_IV_0_OFFSET (0x40U) /**< AES IV 0 */ +#define XSECURE_CSU_AES_IV_1_OFFSET (0x44U) /**< AES IV 1 */ +#define XSECURE_CSU_AES_IV_2_OFFSET (0x48U) /**< AES IV 2 */ +#define XSECURE_CSU_AES_IV_3_OFFSET (0x4CU) /**< AES IV 3 */ /* @} */ @@ -147,83 +146,81 @@ extern "C" { * Register offsets for the RSA module. * @{ */ -#define XSECURE_CSU_RSA_WRITE_DATA_OFFSET (0x00U) - /**< RAM write data offset */ -#define XSECURE_CSU_RSA_WRITE_ADDR_OFFSET (0x04U) - /**< RAM write address offset */ -#define XSECURE_CSU_RSA_READ_DATA_OFFSET (0x08U) - /**< RAM data read offset */ -#define XSECURE_CSU_RSA_READ_ADDR_OFFSET (0x0CU) - /**< RAM read offset */ -#define XSECURE_CSU_RSA_CONTROL_OFFSET (0x10U) - /**< RSA Control Reg */ +#define XSECURE_CSU_RSA_WRITE_DATA_OFFSET (0x00U) + /**< RAM write data offset */ +#define XSECURE_CSU_RSA_WRITE_ADDR_OFFSET (0x04U) + /**< RAM write address offset */ +#define XSECURE_CSU_RSA_READ_DATA_OFFSET (0x08U) + /**< RAM data read offset */ +#define XSECURE_CSU_RSA_READ_ADDR_OFFSET (0x0CU) + /**< RAM read offset */ +#define XSECURE_CSU_RSA_CONTROL_OFFSET (0x10U) + /**< RSA Control Reg */ -#define XSECURE_CSU_RSA_STATUS_OFFSET (0x14U) - /**< Status Register */ +#define XSECURE_CSU_RSA_STATUS_OFFSET (0x14U) + /**< Status Register */ -#define XSECURE_CSU_RSA_MINV0_OFFSET (0x18U) - /**< RSA MINV(Mod 32 Inverse) 0 */ -#define XSECURE_CSU_RSA_MINV1_OFFSET (0x1CU) - /**< RSA MINV 1 */ -#define XSECURE_CSU_RSA_MINV2_OFFSET (0x20U) /**< RSA MINV 2 */ -#define XSECURE_CSU_RSA_MINV3_OFFSET (0x24U) /**< RSA MINV 3 */ -#define XSECURE_CSU_RSA_ZERO_OFFSET (0x28U) /**< RSA Zero offset */ +#define XSECURE_CSU_RSA_MINV0_OFFSET (0x18U) + /**< RSA MINV(Mod 32 Inverse) 0 */ +#define XSECURE_CSU_RSA_MINV1_OFFSET (0x1CU) + /**< RSA MINV 1 */ +#define XSECURE_CSU_RSA_MINV2_OFFSET (0x20U) /**< RSA MINV 2 */ +#define XSECURE_CSU_RSA_MINV3_OFFSET (0x24U) /**< RSA MINV 3 */ +#define XSECURE_CSU_RSA_ZERO_OFFSET (0x28U) /**< RSA Zero offset */ -#define XSECURE_CSU_RSA_WR_DATA_0_OFFSET (0x2cU) /**< Write Data 0 */ -#define XSECURE_CSU_RSA_WR_DATA_1_OFFSET (0x30U) /**< Write Data 1 */ -#define XSECURE_CSU_RSA_WR_DATA_2_OFFSET (0x34U) /**< Write Data 2 */ -#define XSECURE_CSU_RSA_WR_DATA_3_OFFSET (0x38U) /**< Write Data 3 */ -#define XSECURE_CSU_RSA_WR_DATA_4_OFFSET (0x3cU) /**< Write Data 4 */ -#define XSECURE_CSU_RSA_WR_DATA_5_OFFSET (0x40U) /**< Write Data 5 */ -#define XSECURE_CSU_RSA_WR_ADDR_OFFSET (0x44U) - /**< Write address in RSA RAM */ +#define XSECURE_CSU_RSA_WR_DATA_0_OFFSET (0x2cU) /**< Write Data 0 */ +#define XSECURE_CSU_RSA_WR_DATA_1_OFFSET (0x30U) /**< Write Data 1 */ +#define XSECURE_CSU_RSA_WR_DATA_2_OFFSET (0x34U) /**< Write Data 2 */ +#define XSECURE_CSU_RSA_WR_DATA_3_OFFSET (0x38U) /**< Write Data 3 */ +#define XSECURE_CSU_RSA_WR_DATA_4_OFFSET (0x3cU) /**< Write Data 4 */ +#define XSECURE_CSU_RSA_WR_DATA_5_OFFSET (0x40U) /**< Write Data 5 */ +#define XSECURE_CSU_RSA_WR_ADDR_OFFSET (0x44U) + /**< Write address in RSA RAM */ -#define XSECURE_CSU_RSA_RD_DATA_0_OFFSET (0x48U) /**< Read Data 0 */ -#define XSECURE_CSU_RSA_RD_DATA_1_OFFSET (0x4cU) /**< Read Data 1 */ -#define XSECURE_CSU_RSA_RD_DATA_2_OFFSET (0x50U) /**< Read Data 2 */ -#define XSECURE_CSU_RSA_RD_DATA_3_OFFSET (0x54U) /**< Read Data 3 */ -#define XSECURE_CSU_RSA_RD_DATA_4_OFFSET (0x58U) /**< Read Data 4 */ -#define XSECURE_CSU_RSA_RD_DATA_5_OFFSET (0x5cU) /**< Read Data 5 */ -#define XSECURE_CSU_RSA_RD_ADDR_OFFSET (0x60U) - /**< Read address in RSA RAM */ +#define XSECURE_CSU_RSA_RD_DATA_0_OFFSET (0x48U) /**< Read Data 0 */ +#define XSECURE_CSU_RSA_RD_DATA_1_OFFSET (0x4cU) /**< Read Data 1 */ +#define XSECURE_CSU_RSA_RD_DATA_2_OFFSET (0x50U) /**< Read Data 2 */ +#define XSECURE_CSU_RSA_RD_DATA_3_OFFSET (0x54U) /**< Read Data 3 */ +#define XSECURE_CSU_RSA_RD_DATA_4_OFFSET (0x58U) /**< Read Data 4 */ +#define XSECURE_CSU_RSA_RD_DATA_5_OFFSET (0x5cU) /**< Read Data 5 */ +#define XSECURE_CSU_RSA_RD_ADDR_OFFSET (0x60U) + /**< Read address in RSA RAM */ /* @} */ /**************************** Type Definitions *******************************/ -/* - * Definition for SSS reg Source bits. - */ +/* Definition for SSS reg Source bits. */ typedef enum { - XSECURE_CSU_SSS_SRC_PCAP = 0x3U, - XSECURE_CSU_SSS_SRC_SRC_DMA = 0x5U, - XSECURE_CSU_SSS_SRC_AES = 0xAU, - XSECURE_CSU_SSS_SRC_PSTP = 0xCU, - XSECURE_CSU_SSS_SRC_NONE = 0x0U, - XSECURE_CSU_SSS_SRC_MASK = 0xFU -}XSECURE_CSU_SSS_SRC; + XSECURE_CSU_SSS_SRC_PCAP = 0x3U, /**< SSS source is PCAP */ + XSECURE_CSU_SSS_SRC_SRC_DMA = 0x5U, /**< SSS source is DMA */ + XSECURE_CSU_SSS_SRC_AES = 0xAU, /**< SSS source is AES */ + XSECURE_CSU_SSS_SRC_PSTP = 0xCU, /**< SSS source is PSTP */ + XSECURE_CSU_SSS_SRC_NONE = 0x0U, /**< NO Source */ + XSECURE_CSU_SSS_SRC_MASK = 0xFU /**< Mask for SSS source */ +}XSECURE_CSU_SSS_SRC; /**< SSS source values */ /** * Definition for SSS reg Destination bits. */ typedef enum { - XSECURE_CSU_SSS_PCAP_SHIFT = 0U, - XSECURE_CSU_SSS_DMA_SHIFT = 4U, - XSECURE_CSU_SSS_AES_SHIFT = 8U, - XSECURE_CSU_SSS_SHA_SHIFT = 12U, - XSECURE_CSU_SSS_PSTP_SHIFT = 16U -}XSECURE_CSU_SSS_DEST_SHIFT; + XSECURE_CSU_SSS_PCAP_SHIFT = 0U,/**< Offset for destination PCAP */ + XSECURE_CSU_SSS_DMA_SHIFT = 4U, /**< Offset for destination DMA */ + XSECURE_CSU_SSS_AES_SHIFT = 8U, /**< Offset for destination AES */ + XSECURE_CSU_SSS_SHA_SHIFT = 12U,/**< Offset for destination SHA */ + XSECURE_CSU_SSS_PSTP_SHIFT = 16U/**< Offset for destination PSTP */ +}XSECURE_CSU_SSS_DEST_SHIFT; /**<.Offset for SSS destination.*/ /***************** Macros (Inline Functions) Definitions *********************/ -/****************************************************************************/ +/*****************************************************************************/ /** * Read a CSU register. * * @param BaseAddress contains the base address of the device. -* @param RegOffset contains the offset from the base address of the -* device. +* @param RegOffset contains the offset from the base address of +* the device. * * @return The value read from the register. * @@ -232,30 +229,30 @@ typedef enum * ******************************************************************************/ #define XSecure_ReadReg(BaseAddress, RegOffset) \ - Xil_In32((BaseAddress) + (RegOffset)) + Xil_In32((BaseAddress) + (RegOffset)) /***************************************************************************/ /** * Write a CSU register. * * @param BaseAddress contains the base address of the device. -* @param RegOffset contains the offset from the base address of the -* device. -* @param RegisterValue is the value to be written to the register. +* @param RegOffset contains the offset from the base address of +* the device. +* @param RegisterValue is the value to be written to the register * * @return None. * * @note C-Style signature: -* void XSecure_WriteReg(u32 BaseAddress, int RegOffset, -* u16 RegisterValue) +* void XSecure_WriteReg(u32 BaseAddress, int RegOffset, +* u16 RegisterValue) * ******************************************************************************/ #define XSecure_WriteReg(BaseAddress, RegOffset, RegisterValue) \ - Xil_Out32((BaseAddress) + (RegOffset), (RegisterValue)) + Xil_Out32((BaseAddress) + (RegOffset), (RegisterValue)) -#define XSecure_In32(Addr) Xil_In32(Addr) +#define XSecure_In32(Addr) Xil_In32(Addr) -#define XSecure_In64(Addr) Xil_In64(Addr) +#define XSecure_In64(Addr) Xil_In64(Addr) #define XSecure_Out32(Addr, Data) Xil_Out32(Addr, Data) @@ -274,13 +271,13 @@ typedef enum * @return None. * * @note C-Style signature: -* void XSecure_SssInputDstDma(XSECURE_CSU_SSS_SRC Src) +* void XSecure_SssInputDstDma(XSECURE_CSU_SSS_SRC Src) * ******************************************************************************/ static inline u32 XSecure_SssInputDstDma(XSECURE_CSU_SSS_SRC Src) { - Src &= XSECURE_CSU_SSS_SRC_MASK; - return (Src << XSECURE_CSU_SSS_DMA_SHIFT); + Src &= XSECURE_CSU_SSS_SRC_MASK; + return (Src << XSECURE_CSU_SSS_DMA_SHIFT); } /***************************************************************************/ @@ -292,13 +289,13 @@ static inline u32 XSecure_SssInputDstDma(XSECURE_CSU_SSS_SRC Src) * @return None. * * @note C-Style signature: -* void XSecure_SssInputAes(XSECURE_CSU_SSS_SRC Src) +* void XSecure_SssInputAes(XSECURE_CSU_SSS_SRC Src) * ******************************************************************************/ static inline u32 XSecure_SssInputAes(XSECURE_CSU_SSS_SRC Src) { - Src &= XSECURE_CSU_SSS_SRC_MASK; - return (Src << XSECURE_CSU_SSS_AES_SHIFT); + Src &= XSECURE_CSU_SSS_SRC_MASK; + return (Src << XSECURE_CSU_SSS_AES_SHIFT); } /***************************************************************************/ @@ -310,13 +307,13 @@ static inline u32 XSecure_SssInputAes(XSECURE_CSU_SSS_SRC Src) * @return None. * * @note C-Style signature: -* void XSecure_SssInputSha3(XSECURE_CSU_SSS_SRC Src) +* void XSecure_SssInputSha3(XSECURE_CSU_SSS_SRC Src) * ******************************************************************************/ static inline u32 XSecure_SssInputSha3(XSECURE_CSU_SSS_SRC Src) { - Src &= XSECURE_CSU_SSS_SRC_MASK; - return (Src << XSECURE_CSU_SSS_SHA_SHIFT); + Src &= XSECURE_CSU_SSS_SRC_MASK; + return (Src << XSECURE_CSU_SSS_SHA_SHIFT); } /***************************************************************************/ @@ -324,21 +321,17 @@ static inline u32 XSecure_SssInputSha3(XSECURE_CSU_SSS_SRC Src) * Set up the CSU Secure Stream Switch configuration * * @param Cfg contains the 32 bit value to be written into SSS config -* register +* register * * @return None. * * @note C-Style signature: -* void XSecure_SssSetup(u32 Cfg) +* void XSecure_SssSetup(u32 Cfg) * ******************************************************************************/ static inline void XSecure_SssSetup(u32 Cfg) { - //XSecure_Out32(XSECURE_CSU_SSS_BASE, - // (XSecure_In32(XSECURE_CSU_SSS_BASE) | Cfg)); - XSecure_Out32(XSECURE_CSU_SSS_BASE, Cfg); - } /************************** Function Prototypes ******************************/ diff --git a/lib/sw_services/xilsecure/src/xsecure_sha.c b/lib/sw_services/xilsecure/src/xsecure_sha.c index 25e0626b..554c5c4e 100755 --- a/lib/sw_services/xilsecure/src/xsecure_sha.c +++ b/lib/sw_services/xilsecure/src/xsecure_sha.c @@ -80,21 +80,16 @@ * @param InstancePtr is a pointer to the XSecure_Sha3 instance. * @param CsuDmaPtr is the pointer to the XCsuDma instance. * -* @return +* @return XST_SUCCESS if initialization was successful * -* - XST_SUCCESS if initialization was successful -* -* @note -* -* The base address is initialized directly with value from xsecure_hw.h +* @note The base address is initialized directly with value from +* xsecure_hw.h * *****************************************************************************/ s32 XSecure_Sha3Initialize(XSecure_Sha3 *InstancePtr, XCsuDma* CsuDmaPtr) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertNonvoid(InstancePtr != NULL); Xil_AssertNonvoid(CsuDmaPtr != NULL); @@ -104,7 +99,9 @@ s32 XSecure_Sha3Initialize(XSecure_Sha3 *InstancePtr, XCsuDma* CsuDmaPtr) return XST_SUCCESS; } -/***************************************************************************** +/*****************************************************************************/ +/** + * Generate padding for the SHA-3 engine * * @param InstancePtr is a pointer to the XSecure_Sha3 instance. * @param Dst is the pointer to location where padding is to be applied @@ -112,12 +109,12 @@ s32 XSecure_Sha3Initialize(XSecure_Sha3 *InstancePtr, XCsuDma* CsuDmaPtr) * * @return None * + * @note None + * ******************************************************************************/ void XSecure_Sha3Padd(XSecure_Sha3 *InstancePtr, u8 *Dst, u32 MsgLen) { - /* - * Assert validates the input arguments - */ + /* Assert validates the input arguments */ Xil_AssertVoid(InstancePtr != NULL); Xil_AssertVoid(Dst != NULL); @@ -125,57 +122,60 @@ void XSecure_Sha3Padd(XSecure_Sha3 *InstancePtr, u8 *Dst, u32 MsgLen) Dst[0] = 0x1U; Dst[MsgLen -1U] |= 0x80U; } -/***************************************************************************** +/*****************************************************************************/ +/** + * + * Configure SSS and start the SHA-3 engine * * @param InstancePtr is a pointer to the XSecure_Sha3 instance. * * @return None * + * @note None + * ******************************************************************************/ void XSecure_Sha3Start(XSecure_Sha3 *InstancePtr) { - /* - * Asserts validate the input arguments - */ + /* Asserts validate the input arguments */ Xil_AssertVoid(InstancePtr != NULL); InstancePtr->Sha3Len = 0U; - /* - * Reset SHA3 engine. - */ - XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_SHA3_RESET_OFFSET, - XSECURE_CSU_SHA3_RESET_RESET); + /* Reset SHA3 engine. */ + XSecure_WriteReg(InstancePtr->BaseAddress, + XSECURE_CSU_SHA3_RESET_OFFSET, + XSECURE_CSU_SHA3_RESET_RESET); - XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_SHA3_RESET_OFFSET, 0U); + XSecure_WriteReg(InstancePtr->BaseAddress, + XSECURE_CSU_SHA3_RESET_OFFSET, 0U); - /* - * Configure the SSS for SHA3 hashing. - */ + /* Configure the SSS for SHA3 hashing. */ XSecure_SssSetup(XSecure_SssInputSha3(XSECURE_CSU_SSS_SRC_SRC_DMA)); - /* - * Start SHA3 engine. - */ - XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_SHA3_START_OFFSET, - XSECURE_CSU_SHA3_START_START); + /* Start SHA3 engine. */ + XSecure_WriteReg(InstancePtr->BaseAddress, + XSECURE_CSU_SHA3_START_OFFSET, + XSECURE_CSU_SHA3_START_START); } -/***************************************************************************** +/*****************************************************************************/ +/** + * + * Update hash for new input data block * * @param InstancePtr is a pointer to the XSecure_Sha3 instance. - * @param Data is the pointer to the input data for hashing - * @param The Size of the input data in bytes + * @param Data is the pointer to the input data for hashing + * @param Size of the input data in bytes * * @return None * + * @note None + * ******************************************************************************/ void XSecure_Sha3Update(XSecure_Sha3 *InstancePtr, const u8 *Data, - const u32 Size) + const u32 Size) { - /* - * Asserts validate the input arguments - */ + /* Asserts validate the input arguments */ Xil_AssertVoid(InstancePtr != NULL); Xil_AssertVoid(Data != NULL); Xil_AssertVoid(Size != (u32)0x00U); @@ -183,27 +183,25 @@ void XSecure_Sha3Update(XSecure_Sha3 *InstancePtr, const u8 *Data, InstancePtr->Sha3Len += Size; XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - (u64)Data, (u32)Size/4, 0); + (u64)Data, (u32)Size/4, 0); - /* - * Checking the CSU DMA done bit should be enough. - */ + /* Checking the CSU DMA done bit should be enough. */ XCsuDma_WaitForDone(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL); } /***************************************************************************** * - * @param InstancePtr is a pointer to the XSecure_Sha3 instance. + * @param InstancePtr is a pointer to the XSecure_Sha3 instance. * * @return None * + * @note None + * ******************************************************************************/ void XSecure_Sha3WaitForDone(XSecure_Sha3 *InstancePtr) { - /* - * Asserts validate the input arguments - */ + /* Asserts validate the input arguments */ Xil_AssertVoid(InstancePtr != NULL); volatile u32 Status; @@ -211,26 +209,30 @@ void XSecure_Sha3WaitForDone(XSecure_Sha3 *InstancePtr) do { Status = XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_SHA3_DONE_OFFSET); + XSECURE_CSU_SHA3_DONE_OFFSET); } while (XSECURE_CSU_SHA3_DONE_DONE != ((u32)Status & XSECURE_CSU_SHA3_DONE_DONE)); } -/***************************************************************************** +/*****************************************************************************/ +/** + * + * Sending the last data and padding when blocksize is not multiple of 104 + * bytes * * @param InstancePtr is a pointer to the XSecure_Sha3 instance. - * @param Hash is the pointer to location where resulting hash will be - * written + * @param Hash is the pointer to location where resulting hash will be + * written * * @return None * + * @note None + * *****************************************************************************/ void XSecure_Sha3Finish(XSecure_Sha3 *InstancePtr, u8 *Hash) { - /* - * Asserts validate the input arguments - */ + /* Asserts validate the input arguments */ Xil_AssertVoid(InstancePtr != NULL); Xil_AssertVoid(Hash != NULL); @@ -244,9 +246,9 @@ void XSecure_Sha3Finish(XSecure_Sha3 *InstancePtr, u8 *Hash) XSecure_Sha3Padd(InstancePtr, XSecure_RsaSha3Array, PartialLen); XCsuDma_Transfer(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL, - (u64)XSecure_RsaSha3Array, PartialLen/4, 1); + (u64)XSecure_RsaSha3Array, PartialLen/4, 1); - /* Check the SHA3 DONE bit. */ + /* Check the SHA3 DONE bit. */ XSecure_Sha3WaitForDone(InstancePtr); /* If requested, read out the Hash in reverse order. */ @@ -257,29 +259,33 @@ void XSecure_Sha3Finish(XSecure_Sha3 *InstancePtr, u8 *Hash) for (Index=0U; Index < 12U; Index++) { Val = XSecure_ReadReg(InstancePtr->BaseAddress, - XSECURE_CSU_SHA3_DIGEST_0_OFFSET + (Index * 4)); + XSECURE_CSU_SHA3_DIGEST_0_OFFSET + (Index * 4)); HashPtr[11U - Index] = Val; } } } -/***************************************************************************** +/*****************************************************************************/ +/** + * + * Calculate SHA-3 Digest on the given input data * * @param InstancePtr is a pointer to the XSecure_Sha3 instance. * @param In is the pointer to the input data for hashing * @param Size of the input data - * @param Out is the pointer to location where resulting hash will be written + * @param Out is the pointer to location where resulting hash will be + * written. * * @return None * + * @note None + * ******************************************************************************/ void XSecure_Sha3Digest(XSecure_Sha3 *InstancePtr, const u8 *In, const u32 Size, - u8 *Out) + u8 *Out) { - /* - * Asserts validate the input arguments - */ + /* Asserts validate the input arguments */ Xil_AssertVoid(InstancePtr != NULL); Xil_AssertVoid(In != NULL); Xil_AssertVoid(Size != (u32)0x00U); diff --git a/lib/sw_services/xilsecure/src/xsecure_sha.h b/lib/sw_services/xilsecure/src/xsecure_sha.h index d2662a29..aa1b5eca 100755 --- a/lib/sw_services/xilsecure/src/xsecure_sha.h +++ b/lib/sw_services/xilsecure/src/xsecure_sha.h @@ -84,22 +84,22 @@ extern "C" { /***************************** Include Files *********************************/ #include "xsecure_hw.h" -#include "../../../include/xcsudma.h" +#include "xcsudma.h" #include "xil_assert.h" /************************** Constant Definitions ****************************/ /** * CSU SHA3 Memory Map */ -#define XSECURE_CSU_SHA3_START_START (1U << 0) /**< SHA Start Message */ +#define XSECURE_CSU_SHA3_START_START (1U << 0) /**< SHA Start Message */ -#define XSECURE_CSU_SHA3_RESET_RESET (1U << 0) /**< SHA Reset Value */ +#define XSECURE_CSU_SHA3_RESET_RESET (1U << 0) /**< SHA Reset Value */ -#define XSECURE_CSU_SHA3_DONE_DONE (1U << 0) /**< SHA Done */ +#define XSECURE_CSU_SHA3_DONE_DONE (1U << 0) /**< SHA Done */ -#define XSECURE_SHA3_BLOCK_LEN (104U) /**< SHA min block length */ +#define XSECURE_SHA3_BLOCK_LEN (104U) /**< SHA min block length */ -#define XSECURE_SHA3_LAST_PACKET (0x1U) /**< Last Data Packet */ +#define XSECURE_SHA3_LAST_PACKET (0x1U) /**< Last Data Packet */ /***************************** Type Definitions******************************/ @@ -109,37 +109,25 @@ extern "C" { * instance. */ typedef struct { - u32 BaseAddress; /**< Device Base Address */ + u32 BaseAddress; /**< Device Base Address */ XCsuDma *CsuDmaPtr; /**< Pointer to CSU DMA Instance */ u32 Sha3Len; /**< SHA3 Input Length */ } XSecure_Sha3; /***************************** Function Prototypes ***************************/ -/* - * Initialization - */ -s32 XSecure_Sha3Initialize(XSecure_Sha3 *InstancePtr, XCsuDma *CsuDmaPtr); +/* Initialization */ +s32 XSecure_Sha3Initialize(XSecure_Sha3 *InstancePtr, XCsuDma *CsuDmaPtr); void XSecure_Sha3Start(XSecure_Sha3 *InstancePtr); -/* - * Data Transfer - */ +/* Data Transfer */ void XSecure_Sha3Update(XSecure_Sha3 *InstancePtr, const u8 *Data, - const u32 Size); + const u32 Size); void XSecure_Sha3Finish(XSecure_Sha3 *InstancePtr, u8 *Hash); -/* - * Complete SHA digest calculation - */ +/* Complete SHA digest calculation */ void XSecure_Sha3Digest(XSecure_Sha3 *InstancePtr, const u8 *In, - const u32 Size, u8 *Out); - -/* - * Utility Functions - */ -void XSecure_Sha3Padd(XSecure_Sha3 *InstancePtr, u8 *Dst, u32 MsgLen); -void XSecure_Sha3WaitForDone(XSecure_Sha3 *InstancePtr); + const u32 Size, u8 *Out); #ifdef __cplusplus extern "C" }