diff options
Diffstat (limited to 'include')
26 files changed, 0 insertions, 1664 deletions
diff --git a/include/drivers/arm/cryptocell/712/cc_crypto_boot_defs.h b/include/drivers/arm/cryptocell/712/cc_crypto_boot_defs.h deleted file mode 100644 index 2cb8938d2..000000000 --- a/include/drivers/arm/cryptocell/712/cc_crypto_boot_defs.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _CC_CRYPTO_BOOT_DEFS_H -#define _CC_CRYPTO_BOOT_DEFS_H - -/*! @file -@brief This file contains SBROM definitions -*/ - -/*! Version counters value. */ -typedef enum { - - CC_SW_VERSION_COUNTER1 = 1, /*!< Counter 1 - trusted version. */ - CC_SW_VERSION_COUNTER2, /*!< Counter 2 - non trusted version. */ - - CC_SW_VERSION_MAX = 0x7FFFFFFF - -} CCSbSwVersionId_t; - -/* HASH boot key definition */ -typedef enum { - CC_SB_HASH_BOOT_KEY_0_128B = 0, /*!< 128-bit truncated SHA256 digest of public key 0. */ - CC_SB_HASH_BOOT_KEY_1_128B = 1, /*!< 128-bit truncated SHA256 digest of public key 1. */ - CC_SB_HASH_BOOT_KEY_256B = 2, /*!< 256-bit SHA256 digest of public key. */ - CC_SB_HASH_BOOT_NOT_USED = 0xFF, - CC_SB_HASH_MAX_NUM = 0x7FFFFFFF, /*!\internal use external 128-bit truncated SHA256 digest */ -} CCSbPubKeyIndexType_t; - - -#endif diff --git a/include/drivers/arm/cryptocell/712/cc_pal_sb_plat.h b/include/drivers/arm/cryptocell/712/cc_pal_sb_plat.h deleted file mode 100644 index 212a710be..000000000 --- a/include/drivers/arm/cryptocell/712/cc_pal_sb_plat.h +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -/*! -@file -@brief This file contains the platform-dependent definitions that are used in the SBROM code. -*/ - -#ifndef _CC_PAL_SB_PLAT_H -#define _CC_PAL_SB_PLAT_H - -#include "cc_pal_types.h" - - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! Definition of DMA address type, can be 32 bits or 64 bits according to CryptoCell's HW. */ -typedef uint64_t CCDmaAddr_t; -/*! Definition of CryptoCell address type, can be 32 bits or 64 bits according to platform. */ -typedef uintptr_t CCAddr_t; - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/cc_pal_types.h b/include/drivers/arm/cryptocell/712/cc_pal_types.h deleted file mode 100644 index 8c09b23cc..000000000 --- a/include/drivers/arm/cryptocell/712/cc_pal_types.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef CC_PAL_TYPES_H -#define CC_PAL_TYPES_H - -/*! -@file -@brief This file contains platform-dependent definitions and types. -*/ - -#include "cc_pal_types_plat.h" - -typedef enum { - CC_FALSE = 0, - CC_TRUE = 1 -} CCBool; - -#define CC_SUCCESS 0UL -#define CC_FAIL 1UL - -#define CC_1K_SIZE_IN_BYTES 1024 -#define CC_BITS_IN_BYTE 8 -#define CC_BITS_IN_32BIT_WORD 32 -#define CC_32BIT_WORD_SIZE (sizeof(uint32_t)) - -#define CC_OK CC_SUCCESS - -#define CC_UNUSED_PARAM(prm) ((void)prm) - -#define CC_MAX_UINT32_VAL (0xFFFFFFFF) - -#define CALC_FULL_BYTES(numBits) (((numBits) + (CC_BITS_IN_BYTE - 1))/CC_BITS_IN_BYTE) -#define CALC_FULL_32BIT_WORDS(numBits) (((numBits) + (CC_BITS_IN_32BIT_WORD - 1))/CC_BITS_IN_32BIT_WRD) -#define CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) (((sizeBytes) + CC_32BIT_WORD_SIZE - 1)/CC_32BIT_WORD_SIZE) - -#endif diff --git a/include/drivers/arm/cryptocell/712/cc_pal_types_plat.h b/include/drivers/arm/cryptocell/712/cc_pal_types_plat.h deleted file mode 100644 index f6d41d786..000000000 --- a/include/drivers/arm/cryptocell/712/cc_pal_types_plat.h +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -/*! @file -@brief This file contains basic type definitions that are platform-dependent. -*/ -#ifndef _CC_PAL_TYPES_PLAT_H -#define _CC_PAL_TYPES_PLAT_H -/* Host specific types for standard (ISO-C99) compliant platforms */ - -#include <stddef.h> -#include <stdint.h> - -typedef uint32_t CCStatus; - -#define CCError_t CCStatus -#define CC_INFINITE 0xFFFFFFFF - -#define CEXPORT_C -#define CIMPORT_C - -#endif /*_CC_PAL_TYPES_PLAT_H*/ diff --git a/include/drivers/arm/cryptocell/712/cc_sec_defs.h b/include/drivers/arm/cryptocell/712/cc_sec_defs.h deleted file mode 100644 index d41921855..000000000 --- a/include/drivers/arm/cryptocell/712/cc_sec_defs.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _CC_SEC_DEFS_H -#define _CC_SEC_DEFS_H - -/*! -@file -@brief This file contains general hash definitions and types. -*/ - - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! The hashblock size in words. */ -#define HASH_BLOCK_SIZE_IN_WORDS 16 -/*! The hash - SHA2 results in words. */ -#define HASH_RESULT_SIZE_IN_WORDS 8 -#define HASH_RESULT_SIZE_IN_BYTES 32 - -/*! Definition for hash result array. */ -typedef uint32_t CCHashResult_t[HASH_RESULT_SIZE_IN_WORDS]; - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/crypto_driver.h b/include/drivers/arm/cryptocell/712/crypto_driver.h deleted file mode 100644 index 18104dd7d..000000000 --- a/include/drivers/arm/cryptocell/712/crypto_driver.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _CRYPTO_DRIVER_H -#define _CRYPTO_DRIVER_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "cc_pal_sb_plat.h" -#include "cc_sec_defs.h" - -/*---------------------------- - PUBLIC FUNCTIONS ------------------------------------*/ -/*! - * @brief This function gives the functionality of integrated hash - * - * @param[in] hwBaseAddress - CryptoCell base address - * @param[out] hashResult - the HASH result. - * - */ -CCError_t SBROM_CryptoHash(unsigned long hwBaseAddress, CCDmaAddr_t inputDataAddr, uint32_t BlockSize, - CCHashResult_t hashResult); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/nvm.h b/include/drivers/arm/cryptocell/712/nvm.h deleted file mode 100644 index a70289fb8..000000000 --- a/include/drivers/arm/cryptocell/712/nvm.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _NVM__H -#define _NVM__H - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "cc_crypto_boot_defs.h" -#include "cc_pal_types.h" -#include "cc_sec_defs.h" - -/*------------------------------------ - DEFINES --------------------------------------*/ - -/** - * @brief This function reads the LCS from the SRAM/NVM - * - * @param[in] hwBaseAddress - CryptoCell base address - * - * @param[in/out] lcs_ptr - pointer to memory to store the LCS - * - * @return CCError_t - On success the value CC_OK is returned, and on failure -a value from NVM_error.h - */ -CCError_t NVM_GetLCS(unsigned long hwBaseAddress, uint32_t *lcs_ptr); - -/** - * @brief The NVM_ReadHASHPubKey function is a NVM interface function - - * The function retrieves the HASH of the device Public key from the SRAM/NVM - * - * @param[in] hwBaseAddress - CryptoCell base address - * - * @param[in] pubKeyIndex - Index of HASH in the OTP - * - * @param[out] PubKeyHASH - the public key HASH. - * - * @param[in] hashSizeInWords - hash size (valid values: 4W, 8W) - * - * @return CCError_t - On success the value CC_OK is returned, and on failure -a value from NVM_error.h - */ - -CCError_t NVM_ReadHASHPubKey(unsigned long hwBaseAddress, CCSbPubKeyIndexType_t pubKeyIndex, CCHashResult_t PubKeyHASH, uint32_t hashSizeInWords); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/nvm_otp.h b/include/drivers/arm/cryptocell/712/nvm_otp.h deleted file mode 100644 index 390d62bc1..000000000 --- a/include/drivers/arm/cryptocell/712/nvm_otp.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _NVM_OTP_H -#define _NVM_OTP_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "cc_crypto_boot_defs.h" -#include "cc_pal_types.h" - -/*------------------------------------ - DEFINES --------------------------------------*/ - - - -/** - * @brief The NVM_GetSwVersion function is a NVM interface function - - * The function retrieves the SW version from the SRAM/NVM. - * In case of OTP, we support up to 16 anti-rollback counters (taken from the certificate) - * - * @param[in] hwBaseAddress - CryptoCell base address - * - * @param[in] counterId - relevant only for OTP (valid values: 1,2) - * - * @param[out] swVersion - the minimum SW version - * - * @return CCError_t - On success the value CC_OK is returned, and on failure -a value from NVM_error.h - */ -CCError_t NVM_GetSwVersion(unsigned long hwBaseAddress, CCSbSwVersionId_t counterId, uint32_t *swVersion); - - -/** - * @brief The NVM_SetSwVersion function is a NVM interface function - - * The function writes the SW version into the SRAM/NVM. - * In case of OTP, we support up to 16 anti-rollback counters (taken from the certificate) - * - * @param[in] hwBaseAddress - CryptoCell base address - * - * @param[in] counterId - relevant only for OTP (valid values: 1,2) - * - * @param[in] swVersion - the minimum SW version - * - * @return CCError_t - On success the value CC_OK is returned, and on failure -a value from NVM_error.h - */ -CCError_t NVM_SetSwVersion(unsigned long hwBaseAddress, CCSbSwVersionId_t counterId, uint32_t swVersion); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/rsa.h b/include/drivers/arm/cryptocell/712/rsa.h deleted file mode 100644 index 825214d20..000000000 --- a/include/drivers/arm/cryptocell/712/rsa.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef RSA_H -#define RSA_H - -/* - * All the includes that are needed for code using this module to - * compile correctly should be #included here. - */ - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "cc_pal_types.h" - -/************************ Defines ******************************/ - -/* the modulus size in bits */ -#if (KEY_SIZE == 2048) -#define RSA_MOD_SIZE_IN_BITS 2048UL -#elif (KEY_SIZE == 3072) -#define RSA_MOD_SIZE_IN_BITS 3072UL -#else -#error Unsupported CryptoCell key size requested -#endif - -#define RSA_MOD_SIZE_IN_BYTES (CALC_FULL_BYTES(RSA_MOD_SIZE_IN_BITS)) -#define RSA_MOD_SIZE_IN_WORDS (CALC_FULL_32BIT_WORDS(RSA_MOD_SIZE_IN_BITS)) -#define RSA_MOD_SIZE_IN_256BITS (RSA_MOD_SIZE_IN_WORDS/8) -#define RSA_EXP_SIZE_IN_BITS 17UL -#define RSA_EXP_SIZE_IN_BYTES (CALC_FULL_BYTES(RSA_EXP_SIZE_IN_BITS)) - -/* - * @brief The RSA_CalcNp calculates Np value and saves it into Np_ptr: - * - * - - * @param[in] hwBaseAddress - HW base address. Relevant for HW - * implementation, for SW it is ignored. - * @N_ptr[in] - The pointer to the modulus buffer. - * @Np_ptr[out] - pointer to Np vector buffer. Its size must be >= 160. - */ -void RSA_CalcNp(unsigned long hwBaseAddress, - uint32_t *N_ptr, - uint32_t *Np_ptr); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/sbrom_bsv_api.h b/include/drivers/arm/cryptocell/712/sbrom_bsv_api.h deleted file mode 100644 index de835461f..000000000 --- a/include/drivers/arm/cryptocell/712/sbrom_bsv_api.h +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _SBROM_BSV_API_H -#define _SBROM_BSV_API_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! @file -@brief This file contains all SBROM library APIs and definitions. -*/ -#include "cc_pal_types.h" - -/* Life cycle state definitions */ -#define CC_BSV_CHIP_MANUFACTURE_LCS 0x0 /*!< CM lifecycle value. */ -#define CC_BSV_DEVICE_MANUFACTURE_LCS 0x1 /*!< DM lifecycle value. */ -#define CC_BSV_SECURITY_DISABLED_LCS 0x3 /*!< SD lifecycle value. */ -#define CC_BSV_SECURE_LCS 0x5 /*!< Secure lifecycle value. */ -#define CC_BSV_RMA_LCS 0x7 /*!< RMA lifecycle value. */ - -/*---------------------------- - PUBLIC FUNCTIONS ------------------------------------*/ - -/*! -@brief This function should be the first ARM TrustZone CryptoCell TEE SBROM library API called. -It verifies the HW product and version numbers. - -@return CC_OK On success. -@return A non-zero value from sbrom_bsv_error.h on failure. -*/ -CCError_t CC_BsvSbromInit( - unsigned long hwBaseAddress /*!< [in] HW registers base address. */ - ); - - -/*! -@brief This function can be used for checking the LCS value, after CC_BsvLcsGetAndInit was called by the Boot ROM. - -@return CC_OK On success. -@return A non-zero value from sbrom_bsv_error.h on failure. -*/ -CCError_t CC_BsvLcsGet( - unsigned long hwBaseAddress, /*!< [in] HW registers base address. */ - uint32_t *pLcs /*!< [out] Returned lifecycle state. */ - ); - -/*! -@brief This function retrieves the HW security lifecycle state, performs validity checks, -and additional initializations in case the LCS is RMA (sets the Kce to fixed value). -\note Invalid LCS results in an error returned. -In this case, the customer's code must completely disable the device. - -@return CC_OK On success. -@return A non-zero value from sbrom_bsv_error.h on failure. -*/ -CCError_t CC_BsvLcsGetAndInit( - unsigned long hwBaseAddress, /*!< [in] HW registers base address. */ - uint32_t *pLcs /*!< [out] Returned lifecycle state. */ - ); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/secureboot_base_func.h b/include/drivers/arm/cryptocell/712/secureboot_base_func.h deleted file mode 100644 index 6db596e0d..000000000 --- a/include/drivers/arm/cryptocell/712/secureboot_base_func.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _SECURE_BOOT_BASE_FUNC_H -#define _SECURE_BOOT_BASE_FUNC_H - - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "cc_pal_types.h" -#include "secureboot_gen_defs.h" - - -/*---------------------------- - PUBLIC FUNCTIONS ------------------------------------*/ - -/** - * @brief This function calculates the HASH over the given data and than verify - * RSA signature on that hashed data - * - * @param[in] hwBaseAddr - CryptoCell base address - * @param[in] pData - pointer to the data to be verified - * @param[in] pNParams - a pointer to the public key parameters - * @param[in] pSignature - a pointer to the signature structure - * @param[in] sizeOfData - size of the data to calculate the HASH on (in bytes) - * @param[in] RSAAlg - RSA algorithm to use - * - * @return CCError_t - On success the value CC_OK is returned, - * on failure - a value from BootImagesVerifier_error.h - */ -CCError_t CCSbVerifySignature(unsigned long hwBaseAddress, - uint32_t *pData, - CCSbNParams_t *pNParams, - CCSbSignature_t *pSignature, - uint32_t sizeOfData, - CCSbRsaAlg_t RSAAlg); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/secureboot_gen_defs.h b/include/drivers/arm/cryptocell/712/secureboot_gen_defs.h deleted file mode 100644 index ed1f2835c..000000000 --- a/include/drivers/arm/cryptocell/712/secureboot_gen_defs.h +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _SECURE_BOOT_GEN_DEFS_H -#define _SECURE_BOOT_GEN_DEFS_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! @file -@brief This file contains all of the definitions and structures that are used for the secure boot. -*/ - -#include "cc_pal_sb_plat.h" -#include "cc_sec_defs.h" - - -/* General definitions */ -/***********************/ - -/*RSA definitions*/ -#if (KEY_SIZE == 2048) -#define SB_RSA_MOD_SIZE_IN_WORDS 64 -#elif (KEY_SIZE == 3072) -#define SB_RSA_MOD_SIZE_IN_WORDS 96 -#else -#error Unsupported CryptoCell key size requested -#endif - -#define SB_RSA_HW_PKI_PKA_BARRETT_MOD_TAG_SIZE_IN_WORDS 5 - - -/*! Public key data structure. */ -typedef struct { - uint32_t N[SB_RSA_MOD_SIZE_IN_WORDS]; /*!< N public key, big endian representation. */ - uint32_t Np[SB_RSA_HW_PKI_PKA_BARRETT_MOD_TAG_SIZE_IN_WORDS]; /*!< Np (Barrett n' value). */ -} CCSbNParams_t; - -/*! Signature structure. */ -typedef struct { - uint32_t sig[SB_RSA_MOD_SIZE_IN_WORDS]; /*!< RSA PSS signature. */ -} CCSbSignature_t; - - -/********* Supported algorithms definitions ***********/ - -/*! RSA supported algorithms */ -/* Note: this applies to either 2k or 3k based on CryptoCell SBROM library - * version - it means 2k in version 1 and 3k in version 2 (yes, really). - */ -typedef enum { - RSA_PSS = 0x01, /*!< RSA PSS after hash SHA 256 */ - RSA_PKCS15 = 0x02, /*!< RSA PKX15 */ - RSA_Last = 0x7FFFFFFF -} CCSbRsaAlg_t; - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/712/util.h b/include/drivers/arm/cryptocell/712/util.h deleted file mode 100644 index 18fb5999d..000000000 --- a/include/drivers/arm/cryptocell/712/util.h +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef UTIL_H -#define UTIL_H - -/* - * All the includes that are needed for code using this module to - * compile correctly should be #included here. - */ - -#ifdef __cplusplus -extern "C" -{ -#endif - -/************************ Defines ******************************/ - -/* invers the bytes on a word- used for output from HASH */ -#ifdef BIG__ENDIAN -#define UTIL_INVERSE_UINT32_BYTES(val) (val) -#else -#define UTIL_INVERSE_UINT32_BYTES(val) \ - (((val) >> 24) | (((val) & 0x00FF0000) >> 8) | (((val) & 0x0000FF00) << 8) | (((val) & 0x000000FF) << 24)) -#endif - -/* invers the bytes on a word - used for input data for HASH */ -#ifdef BIG__ENDIAN -#define UTIL_REVERT_UINT32_BYTES(val) \ - (((val) >> 24) | (((val) & 0x00FF0000) >> 8) | (((val) & 0x0000FF00) << 8) | (((val) & 0x000000FF) << 24)) -#else -#define UTIL_REVERT_UINT32_BYTES(val) (val) -#endif - - /* ------------------------------------------------------------ - ** - * @brief This function executes a reverse bytes copying from one buffer to another buffer. - * - * @param[in] dst_ptr - The pointer to destination buffer. - * @param[in] src_ptr - The pointer to source buffer. - * @param[in] size - The size in bytes. - * - */ - -void UTIL_ReverseMemCopy(uint8_t *dst_ptr, uint8_t *src_ptr, uint32_t size); - - - /* ------------------------------------------------------------ - ** - * @brief This function executes a reversed byte copy on a specified buffer. - * - * on a 6 byte byffer: - * - * buff[5] <---> buff[0] - * buff[4] <---> buff[1] - * buff[3] <---> buff[2] - * - * @param[in] dst_ptr - The counter buffer. - * @param[in] src_ptr - The counter size in bytes. - * - */ -void UTIL_ReverseBuff(uint8_t *buff_ptr, uint32_t size); - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/include/drivers/arm/cryptocell/713/bsv_api.h b/include/drivers/arm/cryptocell/713/bsv_api.h deleted file mode 100644 index dc494735c..000000000 --- a/include/drivers/arm/cryptocell/713/bsv_api.h +++ /dev/null @@ -1,221 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _BSV_API_H -#define _BSV_API_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! -@file -@brief This file contains the Boot Services APIs and definitions. - -@defgroup cc_bsv_api CryptoCell Boot Services APIs and definitions -@{ -@ingroup cc_bsv -*/ - -#include "cc_pal_types.h" -#include "cc_sec_defs.h" -#include "cc_boot_defs.h" - -/* Life cycle state definitions. */ -#define CC_BSV_CHIP_MANUFACTURE_LCS 0x0 /*!< The CM life-cycle state (LCS) value. */ -#define CC_BSV_DEVICE_MANUFACTURE_LCS 0x1 /*!< The DM life-cycle state (LCS) value. */ -#define CC_BSV_SECURE_LCS 0x5 /*!< The Secure life-cycle state (LCS) value. */ -#define CC_BSV_RMA_LCS 0x7 /*!< The RMA life-cycle state (LCS) value. */ -#define CC_BSV_INVALID_LCS 0xff /*!< The invalid life-cycle state (LCS) value. */ - -/*---------------------------- - TYPES ------------------------------------*/ - -/*---------------------------- - PUBLIC FUNCTIONS ------------------------------------*/ - - -/*! -@brief This function verifies the product and version numbers of the HW, and initializes it. - -\warning This function must be the first CryptoCell-7xx SBROM library API called. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvInit( - unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */ - ); - -/*! -@brief This function retrieves the HW LCS and performs validity checks. - -If the LCS is RMA, it also sets the OTP secret keys to a fixed value. - -@note An error is returned if there is an invalid LCS. If this happens, your code must -completely disable the device. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvGetAndInitLcs( - unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ - uint32_t *pLcs /*!< [out] The value of the current LCS. */ - ); - -/*! -@brief This function retrieves the LCS from the NVM manager. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvLcsGet( - unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ - uint32_t *pLcs /*!< [out] The value of the current LCS. */ - ); - -/*! -@brief This function reads software revocation counter from OTP memory, according to the provided sw version index. -SW version is stored in NVM counter and represented by ones. Meaning seVersion=5 would be stored as binary 0b11111; -hence: - the maximal of trusted is 32 - the maximal of non-trusted is 224 - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvSwVersionGet( - unsigned long hwBaseAddress, /*!< [in] HW registers base address. */ - CCSbSwVersionId_t id, /*!< [in] Enumeration defining the trusted/non-trusted counter to read. */ - uint32_t *swVersion /*!< [out] The value of the requested counter as read from OTP memory. */ - ); - -/*! -@brief This function sets the NVM counter according to swVersionID (trusted/non-trusted). - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvSwVersionSet( - unsigned long hwBaseAddress, /*!< [in] HW registers base address. */ - CCSbSwVersionId_t id, /*!< [in] Enumeration defining the trusted/non-trusted counter to read. */ - uint32_t swVersion /*!< [in] New value of the counter to be programmed in OTP memory. */ - ); - -/*! -@brief This function sets the "fatal error" flag in the NVM manager, to disable the use of -any HW keys or security services. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvFatalErrorSet( - unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */ - ); - -/*! -@brief This function retrieves the public key hash from OTP memory, according to the provided index. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvPubKeyHashGet( - unsigned long hwBaseAddress, /*!< [in] HW registers base address. */ - CCSbPubKeyIndexType_t keyIndex, /*!< [in] Enumeration defining the key hash to retrieve: 128-bit HBK0, 128-bit HBK1, or 256-bit HBK. */ - uint32_t *hashedPubKey, /*!< [out] A buffer to contain the public key HASH. */ - uint32_t hashResultSizeWords /*!< [in] The size of the hash in 32-bit words: - - Must be 4 for 128-bit hash. - - Must be 8 for 256bit hash. */ - ); - -/*! -@brief This function permanently sets the RMA LCS for the ICV and the OEM. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvRMAModeEnable( - unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */ - ); - -/*! -@brief This function is called by the ICV code, to disable the OEM code from changing the ICV RMA bit flag. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvICVRMAFlagBitLock( - unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */ - ); - -/*! -@brief This function locks the defined ICV class keys from further usage. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvICVKeyLock( - unsigned long hwBaseAddress, /*!< [in] HW registers base address. */ - CCBool_t isICVProvisioningKeyLock, /*!< [in] Should the provisioning key be locked. */ - CCBool_t isICVCodeEncKeyLock /*!< [in] Should the encryption key be locked. */ - ); - - -/*! -@brief This function retrieves the value of "secure disable" bit. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvSecureDisableGet( - unsigned long hwBaseAddress, /*!< [in] HW registers base address. */ - CCBool_t *isSDEnabled /*!< [out] The value of the SD Enable bit. */ - ); - - -/*! -@brief This function derives the platform key (Kplt) from the Kpicv, and then decrypts the customer key (Kcst) -from the EKcst (burned in the OTP). The decryption is done only in Secure and RMA LCS mode using AES-ECB. -The customer ROM should invoke this function during early boot, prior to running any non-ROM code, only if Kcst exists. -The resulting Kcst is saved in a HW register. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvCustomerKeyDecrypt( - unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */ - ); -#ifdef __cplusplus -} -#endif - -/*! -@brief This function derives the unique SoC_ID for the device, as hashed (Hbk || AES_CMAC (HUK)). - -@note SoC_ID is required to create debug certificates. - -The OEM or ICV must provide a method for a developer to discover the SoC_ID of a target -device without having to first enable debugging. -One suggested implementation is to have the device ROM code compute the SoC_ID and place -it in a specific location in the flash memory, from where it can be accessed by the developer. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvSocIDCompute( - unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ - CCHashResult_t hashResult /*!< [out] The derived SoC_ID. */ - ); - -#endif /* _BSV_API_H */ - -/** -@} - */ - diff --git a/include/drivers/arm/cryptocell/713/bsv_crypto_api.h b/include/drivers/arm/cryptocell/713/bsv_crypto_api.h deleted file mode 100644 index 1e6057931..000000000 --- a/include/drivers/arm/cryptocell/713/bsv_crypto_api.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _BSV_CRYPTO_API_H -#define _BSV_CRYPTO_API_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! -@file -@brief This file contains the cryptographic ROM APIs of the Boot Services. - -@defgroup cc_bsv_crypto_api CryptoCell Boot Services cryptographic ROM APIs -@{ -@ingroup cc_bsv -*/ - -#include "cc_pal_types.h" -#include "cc_sec_defs.h" -#include "cc_address_defs.h" -#include "bsv_crypto_defs.h" - -/*---------------------------- - PUBLIC FUNCTIONS ------------------------------------*/ - -/*! -@brief This function calculates the SHA-256 digest over contiguous memory -in an integrated operation. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvSha256( - unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ - uint8_t *pDataIn, /*!< [in] A pointer to the input buffer to be hashed. The buffer must be contiguous. */ - size_t dataSize, /*!< [in] The size of the data to be hashed, in bytes. */ - CCHashResult_t hashBuff /*!< [out] A pointer to a word-aligned 32-byte buffer. */ - ); - - -/*! -@brief This function allows you to calculate SHA256 digest of an image with decryption base on AES-CTR, -with HW or user key. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. (in this case, hashBuff will be returned clean, while the output data should be cleaned by the user). -*/ -CCError_t CC_BsvCryptoImageDecrypt( unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ - CCBsvflowMode_t flow, /*!< [in] The supported operations are: HASH, AES to HASH, AES and HASH. */ - CCBsvKeyType_t keyType, /*!< [in] The key type to use: Kce, Kceicv, or user key. */ - uint8_t *pUserKey, /*!< [in] A pointer to the user key buffer in case keyType is CC_BSV_USER_KEY. */ - size_t userKeySize, /*!< [in] The user key size in bytes (128bits) in case keyType is CC_BSV_USER_KEY. */ - uint8_t *pIvBuf, /*!< [in] A pointer to the IV / counter buffer. */ - uint8_t *pInputData, /*!< [in] A pointer to the input data. */ - uint8_t *pOutputData, /*!< [out] A pointer to the output buffer. (optional – should be null in case of hash only). */ - size_t dataSize, /*!< [in] The size of the input data in bytes. MUST be multiple of AES block size. */ - CCHashResult_t hashBuff /*!< [out] A pointer to a word-aligned 32-byte digest output buffer. */ - ); - -#ifdef __cplusplus -} -#endif - -#endif - -/** -@} - */ - diff --git a/include/drivers/arm/cryptocell/713/bsv_crypto_asym_api.h b/include/drivers/arm/cryptocell/713/bsv_crypto_asym_api.h deleted file mode 100644 index 406e1effb..000000000 --- a/include/drivers/arm/cryptocell/713/bsv_crypto_asym_api.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _BSV_CRYPTO_ASYM_API_H -#define _BSV_CRYPTO_ASYM_API_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! -@file -@brief This file contains the cryptographic Asymmetric ROM APIs of the Boot Services. - -@defgroup cc_bsv_crypto_asym_api CryptoCell Boot Services cryptographic Asymmetric ROM APIs -@{ -@ingroup cc_bsv -*/ - -#include "cc_pal_types.h" -#include "cc_pka_hw_plat_defs.h" -#include "cc_sec_defs.h" -#include "bsv_crypto_api.h" - -/*! Defines the workspace size in bytes needed for internal Asymmetric operations. */ -#define BSV_RSA_WORKSPACE_MIN_SIZE (4*BSV_CERT_RSA_KEY_SIZE_IN_BYTES +\ - 2*RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_BYTES) - -/*! Definition for the RSA public modulus array. */ -typedef uint32_t CCBsvNBuff_t[BSV_CERT_RSA_KEY_SIZE_IN_WORDS]; - -/*! Definition for the RSA Barrett mod tag array. */ -typedef uint32_t CCBsvNpBuff_t[RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_BYTES]; - -/*! Definition for the RSA signature array. */ -typedef uint32_t CCBsvSignature_t[BSV_CERT_RSA_KEY_SIZE_IN_WORDS]; - - -/*---------------------------- - PUBLIC FUNCTIONS ------------------------------------*/ - -/*! -@brief This function performs the primitive operation of RSA, meaning exponent and modulus. - outBuff = (pInBuff ^ Exp) mod NBuff. ( Exp = 0x10001 ) - - The function supports 2k and 3K bit size of modulus, based on compile time define. - There are no restriction on pInBuff location, however its size must be equal to BSV_RSA_KEY_SIZE_IN_BYTES and its - value must be smaller than the modulus. - - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvRsaPrimVerify (unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ - CCBsvNBuff_t NBuff, /*!< [in] The modulus buffer big endian format. */ - CCBsvNpBuff_t NpBuff, /*!< [in] The barret tag buffer big endian format - optional. */ - uint32_t *pInBuff, /*!< [in] The DataIn buffer to be encrypted. */ - size_t inBuffSize, /*!< [in] The DataIn buffer size in bytes, must be BSV_RSA_KEY_SIZE_IN_BYTES. */ - CCBsvSignature_t pOutBuff, /*!< [out] The encrypted buffer in big endian format. */ - uint32_t *pWorkSpace, /*!< [in] The pointer to user allocated buffer for internal use. */ - size_t workBufferSize /*!< [in] The size in bytes of pWorkSpace, must be at-least BSV_RSA_WORKSPACE_MIN_SIZE. */ -); - - -/*! -@brief This function performs RSA PSS verify. - - The function should support 2k and 3K bit size of modulus, based on compile time define. - -@return \c CC_OK on success. -@return A non-zero value from bsv_error.h on failure. -*/ -CCError_t CC_BsvRsaPssVerify (unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */ - CCBsvNBuff_t NBuff, /*!< [in] The modulus buffer big endian format. */ - CCBsvNpBuff_t NpBuff, /*!< [in] The barret tag buffer big endian format - optional. */ - CCBsvSignature_t signature, /*!< [in] The signature buffer to verify - big endian format. */ - CCHashResult_t hashedData, /*!< [in] The data-in buffer to be verified as sha256 digest. */ - uint32_t *pWorkSpace, /*!< [in] The pointer to user allocated buffer for internal use. */ - size_t workBufferSize, /*!< [in] The size in bytes of pWorkSpace, must be at-least BSV_RSA_WORKSPACE_MIN_SIZE. */ - CCBool_t *pIsVerified /*!< [out] The flag indicates whether the signature is verified or not. - If verified value will be CC_TRUE, otherwise CC_FALSE */ -); - - - -#ifdef __cplusplus -} -#endif - -#endif - -/** -@} - */ - diff --git a/include/drivers/arm/cryptocell/713/bsv_crypto_defs.h b/include/drivers/arm/cryptocell/713/bsv_crypto_defs.h deleted file mode 100644 index 9ea354deb..000000000 --- a/include/drivers/arm/cryptocell/713/bsv_crypto_defs.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _BSV_CRYPTO_DEFS_H -#define _BSV_CRYPTO_DEFS_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! -@file -@brief This file contains the definitions of the cryptographic ROM APIs. - -@defgroup cc_bsv_crypto_defs CryptoCell Boot Services cryptographic ROM API definitions -@{ -@ingroup cc_bsv -*/ - -/*! AES supported HW key code table. */ -typedef enum { - - CC_BSV_USER_KEY = 0, /*!< Definition for a user key. */ - CC_BSV_HUK_KEY = 1, /*!< Definition for the HW unique key. */ - CC_BSV_RTL_KEY = 2, /*!< Definition for the RTL key. */ - CC_BSV_SESSION_KEY = 3, /*!< Definition for the Session key. */ - CC_BSV_CE_KEY = 4, /*!< Definition for the Kce. */ - CC_BSV_PLT_KEY = 5, /*!< Definition for the Platform key. */ - CC_BSV_KCST_KEY = 6, /*!< Definition for Kcst. */ - CC_BSV_ICV_PROV_KEY = 0xd, /*!< Definition for the Kpicv. */ - CC_BSV_ICV_CE_KEY = 0xe, /*!< Definition for the Kceicv. */ - CC_BSV_PROV_KEY = 0xf, /*!< Definition for the Kcp. */ - CC_BSV_END_OF_KEY_TYPE = INT32_MAX, /*!< Reserved. */ -}CCBsvKeyType_t; - -/*! AES directions. */ -typedef enum bsvAesDirection { - BSV_AES_DIRECTION_ENCRYPT = 0, /*!< Encrypt.*/ - BSV_AES_DIRECTION_DECRYPT = 1, /*!< Decrypt.*/ - BSV_AES_NUM_OF_ENCRYPT_MODES, /*!< The maximal number of operations. */ - BSV_AES_DIRECTION_RESERVE32B = INT32_MAX /*!< Reserved.*/ -}bsvAesDirection_t; - -/*! Definitions of the cryptographic flow supported as part of the Secure Boot. */ -typedef enum { - CC_BSV_CRYPTO_HASH_MODE = 0, /*!< Hash mode only. */ - CC_BSV_CRYPTO_AES_CTR_AND_HASH_MODE = 1, /*!< Data goes into the AES and Hash engines. */ - CC_BSV_CRYPTO_AES_CTR_TO_HASH_MODE = 2 /*!< Data goes into the AES and from the AES to the Hash engine. */ -}CCBsvflowMode_t; - -/*! CryptoImage HW completion sequence mode */ -typedef enum -{ - BSV_CRYPTO_COMPLETION_NO_WAIT = 0, /*!< The driver waits only before reading the output. */ - BSV_CRYPTO_COMPLETION_WAIT_UPON_END = 1 /*!< The driver waits after each chunk of data. */ -}bsvCryptoCompletionMode_t; - - -/*! AES-CMAC result size, in words. */ -#define CC_BSV_CMAC_RESULT_SIZE_IN_WORDS 4 /* 128b */ -/*! AES-CMAC result size, in bytes. */ -#define CC_BSV_CMAC_RESULT_SIZE_IN_BYTES 16 /* 128b */ -/*! AES-CCM 128bit key size, in bytes. */ -#define CC_BSV_CCM_KEY_SIZE_BYTES 16 -/*! AES-CCM 128bit key size, in words. */ -#define CC_BSV_CCM_KEY_SIZE_WORDS 4 -/*! AES-CCM NONCE size, in bytes. */ -#define CC_BSV_CCM_NONCE_SIZE_BYTES 12 - - -/*! AES-CMAC result buffer. */ -typedef uint32_t CCBsvCmacResult_t[CC_BSV_CMAC_RESULT_SIZE_IN_WORDS]; -/*! AES-CCM key buffer.*/ -typedef uint32_t CCBsvCcmKey_t[CC_BSV_CCM_KEY_SIZE_WORDS]; -/*! AES-CCM nonce buffer.*/ -typedef uint8_t CCBsvCcmNonce_t[CC_BSV_CCM_NONCE_SIZE_BYTES]; -/*! AES-CCM MAC buffer.*/ -typedef uint8_t CCBsvCcmMacRes_t[CC_BSV_CMAC_RESULT_SIZE_IN_BYTES]; - - -#ifdef __cplusplus -} -#endif - -#endif - -/** -@} - */ - diff --git a/include/drivers/arm/cryptocell/713/bsv_error.h b/include/drivers/arm/cryptocell/713/bsv_error.h deleted file mode 100644 index 4d72e60aa..000000000 --- a/include/drivers/arm/cryptocell/713/bsv_error.h +++ /dev/null @@ -1,161 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _BSV_ERROR_H -#define _BSV_ERROR_H - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! -@file -@brief This file defines the error code types that are returned from the Boot Services APIs. - -@defgroup cc_bsv_error CryptoCell Boot Services error codes -@{ -@ingroup cc_bsv -*/ - -/*! Defines the base address for Boot Services errors. */ -#define CC_BSV_BASE_ERROR 0x0B000000 -/*! Defines the base address for Boot Services cryptographic errors. */ -#define CC_BSV_CRYPTO_ERROR 0x0C000000 - -/*! Illegal input parameter. */ -#define CC_BSV_ILLEGAL_INPUT_PARAM_ERR (CC_BSV_BASE_ERROR + 0x00000001) -/*! Illegal HUK value. */ -#define CC_BSV_ILLEGAL_HUK_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000002) -/*! Illegal Kcp value. */ -#define CC_BSV_ILLEGAL_KCP_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000003) -/*! Illegal Kce value. */ -#define CC_BSV_ILLEGAL_KCE_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000004) -/*! Illegal Kpicv value. */ -#define CC_BSV_ILLEGAL_KPICV_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000005) -/*! Illegal Kceicv value. */ -#define CC_BSV_ILLEGAL_KCEICV_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000006) -/*! Illegal EKcst value. */ -#define CC_BSV_ILLEGAL_EKCST_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000007) -/*! Hash boot key not programmed in the OTP. */ -#define CC_BSV_HASH_NOT_PROGRAMMED_ERR (CC_BSV_BASE_ERROR + 0x00000008) -/*! Illegal Hash boot key zero count in the OTP. */ -#define CC_BSV_HBK_ZERO_COUNT_ERR (CC_BSV_BASE_ERROR + 0x00000009) -/*! Illegal LCS. */ -#define CC_BSV_ILLEGAL_LCS_ERR (CC_BSV_BASE_ERROR + 0x0000000A) -/*! OTP write compare failure. */ -#define CC_BSV_OTP_WRITE_CMP_FAIL_ERR (CC_BSV_BASE_ERROR + 0x0000000B) -/*! OTP access error */ -#define CC_BSV_OTP_ACCESS_ERR (CC_BSV_BASE_ERROR + 0x0000000C) -/*! Erase key in OTP failed. */ -#define CC_BSV_ERASE_KEY_FAILED_ERR (CC_BSV_BASE_ERROR + 0x0000000D) -/*! Illegal PIDR. */ -#define CC_BSV_ILLEGAL_PIDR_ERR (CC_BSV_BASE_ERROR + 0x0000000E) -/*! Illegal CIDR. */ -#define CC_BSV_ILLEGAL_CIDR_ERR (CC_BSV_BASE_ERROR + 0x0000000F) -/*! Device failed to move to fatal error state. */ -#define CC_BSV_FAILED_TO_SET_FATAL_ERR (CC_BSV_BASE_ERROR + 0x00000010) -/*! Failed to set RMA LCS. */ -#define CC_BSV_FAILED_TO_SET_RMA_ERR (CC_BSV_BASE_ERROR + 0x00000011) -/*! Illegal RMA indication. */ -#define CC_BSV_ILLEGAL_RMA_INDICATION_ERR (CC_BSV_BASE_ERROR + 0x00000012) -/*! Boot Services version is not initialized. */ -#define CC_BSV_VER_IS_NOT_INITIALIZED_ERR (CC_BSV_BASE_ERROR + 0x00000013) -/*! APB secure mode is locked. */ -#define CC_BSV_APB_SECURE_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000014) -/*! APB privilege mode is locked. */ -#define CC_BSV_APB_PRIVILEG_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000015) -/*! Illegal operation. */ -#define CC_BSV_ILLEGAL_OPERATION_ERR (CC_BSV_BASE_ERROR + 0x00000016) -/*! Illegal asset size. */ -#define CC_BSV_ILLEGAL_ASSET_SIZE_ERR (CC_BSV_BASE_ERROR + 0x00000017) -/*! Illegal asset value. */ -#define CC_BSV_ILLEGAL_ASSET_VAL_ERR (CC_BSV_BASE_ERROR + 0x00000018) -/*! Kpicv is locked. */ -#define CC_BSV_KPICV_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000019) -/*! Illegal SW version. */ -#define CC_BSV_ILLEGAL_SW_VERSION_ERR (CC_BSV_BASE_ERROR + 0x0000001A) -/*! AO write operation. */ -#define CC_BSV_AO_WRITE_FAILED_ERR (CC_BSV_BASE_ERROR + 0x0000001B) -/*! Chip state is already initialized. */ -#define CC_BSV_CHIP_INITIALIZED_ERR (CC_BSV_BASE_ERROR + 0x0000001C) -/*! SP is not enabled. */ -#define CC_BSV_SP_NOT_ENABLED_ERR (CC_BSV_BASE_ERROR + 0x0000001D) -/*! Production secure provisioning - header fields. */ -#define CC_BSV_PROD_PKG_HEADER_ERR (CC_BSV_BASE_ERROR + 0x0000001E) -/*! Production secure provisioning - header MAC. */ -#define CC_BSV_PROD_PKG_HEADER_MAC_ERR (CC_BSV_BASE_ERROR + 0x0000001F) -/*! Overrun buffer or size. */ -#define CC_BSV_OVERRUN_ERR (CC_BSV_BASE_ERROR + 0x00000020) -/*! Kceicv is locked. */ -#define CC_BSV_KCEICV_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000021) -/*! Chip indication is CHIP_STATE_ERROR. */ -#define CC_BSV_CHIP_INDICATION_ERR (CC_BSV_BASE_ERROR + 0x00000022) -/*! Device is locked in fatal error state. */ -#define CC_BSV_FATAL_ERR_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000023) -/*! Device has security disable feature enabled. */ -#define CC_BSV_SECURE_DISABLE_ERROR (CC_BSV_BASE_ERROR + 0x00000024) -/*! Device has Kcst in disabled state */ -#define CC_BSV_KCST_DISABLE_ERROR (CC_BSV_BASE_ERROR + 0x00000025) - - -/*! Illegal data-in pointer. */ -#define CC_BSV_CRYPTO_INVALID_DATA_IN_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000001) -/*! Illegal data-out pointer. */ -#define CC_BSV_CRYPTO_INVALID_DATA_OUT_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000002) -/*! Illegal data size. */ -#define CC_BSV_CRYPTO_INVALID_DATA_SIZE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000003) -/*! Illegal key type. */ -#define CC_BSV_CRYPTO_INVALID_KEY_TYPE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000004) -/*! Illegal key size. */ -#define CC_BSV_CRYPTO_INVALID_KEY_SIZE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000005) -/*! Invalid key pointer. */ -#define CC_BSV_CRYPTO_INVALID_KEY_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000006) -/*! Illegal key DMA type. */ -#define CC_BSV_CRYPTO_INVALID_KEY_DMA_TYPE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000007) -/*! Illegal IV pointer. */ -#define CC_BSV_CRYPTO_INVALID_IV_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000008) -/*! Illegal cipher mode. */ -#define CC_BSV_CRYPTO_INVALID_CIPHER_MODE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000009) -/*! Illegal result buffer pointer. */ -#define CC_BSV_CRYPTO_INVALID_RESULT_BUFFER_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000A) -/*! Invalid DMA type. */ -#define CC_BSV_CRYPTO_INVALID_DMA_TYPE_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000B) -/*! Invalid in/out buffers overlapping. */ -#define CC_BSV_CRYPTO_DATA_OUT_DATA_IN_OVERLAP_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000C) -/*! Invalid KDF label size. */ -#define CC_BSV_CRYPTO_ILLEGAL_KDF_LABEL_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000D) -/*! Invalid KDF Context size. */ -#define CC_BSV_CRYPTO_ILLEGAL_KDF_CONTEXT_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000E) -/*! Invalid CCM key. */ -#define CC_BSV_CCM_INVALID_KEY_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000f) -/*! Invalid CCM Nonce. */ -#define CC_BSV_CCM_INVALID_NONCE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000010) -/*! Invalid CCM associated data. */ -#define CC_BSV_CCM_INVALID_ASSOC_DATA_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000011) -/*! Invalid CCM text data. */ -#define CC_BSV_CCM_INVALID_TEXT_DATA_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000012) -/*! Invalid CCM-MAC buffer. */ -#define CC_BSV_CCM_INVALID_MAC_BUF_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000013) -/*! CCM-MAC comparison failed. */ -#define CC_BSV_CCM_TAG_LENGTH_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000014) -/*! CCM-MAC comparison failed. */ -#define CC_BSV_CCM_MAC_INVALID_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000015) -/*! Illegal flow mode. */ -#define CC_BSV_CRYPTO_INVALID_FLOW_MODE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000016) - -#ifdef __cplusplus -} -#endif - -#endif - -/** -@} - */ - - - diff --git a/include/drivers/arm/cryptocell/713/cc_address_defs.h b/include/drivers/arm/cryptocell/713/cc_address_defs.h deleted file mode 100644 index 0abc15c70..000000000 --- a/include/drivers/arm/cryptocell/713/cc_address_defs.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _CC_ADDRESS_DEFS_H -#define _CC_ADDRESS_DEFS_H - -/*! -@file -@brief This file contains general definitions. -*/ - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "cc_pal_types.h" - -/************************ Defines ******************************/ - -/** - * Address types within CC - */ -/*! Definition of DMA address type, can be 32 bits or 64 bits according to CryptoCell's HW. */ -typedef uint64_t CCDmaAddr_t; -/*! Definition of CryptoCell address type, can be 32 bits or 64 bits according to platform. */ -typedef uint64_t CCAddr_t; -/*! Definition of CC SRAM address type, can be 32 bits according to CryptoCell's HW. */ -typedef uint32_t CCSramAddr_t; - -/* - * CCSramAddr_t is being cast into pointer type which can be 64 bit. - */ -/*! Definition of MACRO that casts SRAM addresses to pointer types. */ -#define CCSramAddr2Ptr(sramAddr) ((uintptr_t)sramAddr) - -#ifdef __cplusplus -} -#endif - -#endif - -/** - @} - */ - - diff --git a/include/drivers/arm/cryptocell/713/cc_boot_defs.h b/include/drivers/arm/cryptocell/713/cc_boot_defs.h deleted file mode 100644 index 4d29a6d00..000000000 --- a/include/drivers/arm/cryptocell/713/cc_boot_defs.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _CC_BOOT_DEFS_H -#define _CC_BOOT_DEFS_H - -/*! - @file - @brief This file contains general definitions of types and enums of Boot APIs. - */ - -#ifdef __cplusplus -extern "C" -{ -#endif - -/*! Version counters value. */ -typedef enum { - - CC_SW_VERSION_TRUSTED = 0, /*!< Trusted counter. */ - CC_SW_VERSION_NON_TRUSTED, /*!< Non trusted counter. */ - CC_SW_VERSION_MAX = 0x7FFFFFFF /*!< Reserved */ -} CCSbSwVersionId_t; - -/*! The hash boot key definition. */ -typedef enum { - CC_SB_HASH_BOOT_KEY_0_128B = 0, /*!< Hbk0: 128-bit truncated SHA-256 digest of PubKB0. Used by ICV */ - CC_SB_HASH_BOOT_KEY_1_128B = 1, /*!< Hbk1: 128-bit truncated SHA-256 digest of PubKB1. Used by OEM */ - CC_SB_HASH_BOOT_KEY_256B = 2, /*!< Hbk: 256-bit SHA-256 digest of public key. */ - CC_SB_HASH_BOOT_NOT_USED = 0xF, /*!< Hbk is not used. */ - CC_SB_HASH_MAX_NUM = 0x7FFFFFFF, /*!< Reserved. */ -} CCSbPubKeyIndexType_t; - -/*! Chip state. */ -typedef enum { - CHIP_STATE_NOT_INITIALIZED = 0, /*! Chip is not initialized. */ - CHIP_STATE_TEST = 1, /*! Chip is in Production state. */ - CHIP_STATE_PRODUCTION = 2, /*! Chip is in Production state. */ - CHIP_STATE_ERROR = 3, /*! Chip is in Error state. */ -} CCBsvChipState_t; -#ifdef __cplusplus -} -#endif - -#endif /*_CC_BOOT_DEFS_H */ - -/** -@} - */ diff --git a/include/drivers/arm/cryptocell/713/cc_pal_types.h b/include/drivers/arm/cryptocell/713/cc_pal_types.h deleted file mode 100644 index 4ab3960d3..000000000 --- a/include/drivers/arm/cryptocell/713/cc_pal_types.h +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef CC_PAL_TYPES_H -#define CC_PAL_TYPES_H - -/*! -@file -@brief This file contains platform-dependent definitions and types of the PAL layer. - -@defgroup cc_pal_types CryptoCell platform-dependent PAL layer definitions and types -@{ -@ingroup cc_pal - - @{ - @ingroup cc_pal - @} -*/ - -#include "cc_pal_types_plat.h" - -/*! Definition of Boolean type.*/ -typedef enum { - /*! Boolean false.*/ - CC_FALSE = 0, - /*! Boolean true.*/ - CC_TRUE = 1 -} CCBool_t; - -/*! Success. */ -#define CC_SUCCESS 0UL -/*! Failure. */ -#define CC_FAIL 1UL - -/*! Success (OK). */ -#define CC_OK 0 - -/*! This macro handles unused parameters in the code, to avoid compilation warnings. */ -#define CC_UNUSED_PARAM(prm) ((void)prm) - -/*! The maximal uint32 value.*/ -#define CC_MAX_UINT32_VAL (0xFFFFFFFF) - - -/* Minimal and Maximal macros */ -#ifdef min -/*! Definition for minimal calculation. */ -#define CC_MIN(a,b) min( a , b ) -#else -/*! Definition for minimal calculation. */ -#define CC_MIN( a , b ) ( ( (a) < (b) ) ? (a) : (b) ) -#endif - -#ifdef max -/*! Definition for maximal calculation. */ -#define CC_MAX(a,b) max( a , b ) -#else -/*! Definition for maximal calculation.. */ -#define CC_MAX( a , b ) ( ( (a) > (b) ) ? (a) : (b) ) -#endif - -/*! This macro calculates the number of full Bytes from bits, where seven bits are one Byte. */ -#define CALC_FULL_BYTES(numBits) ((numBits)/CC_BITS_IN_BYTE + (((numBits) & (CC_BITS_IN_BYTE-1)) > 0)) -/*! This macro calculates the number of full 32-bit words from bits where 31 bits are one word. */ -#define CALC_FULL_32BIT_WORDS(numBits) ((numBits)/CC_BITS_IN_32BIT_WORD + (((numBits) & (CC_BITS_IN_32BIT_WORD-1)) > 0)) -/*! This macro calculates the number of full 32-bit words from Bytes where three Bytes are one word. */ -#define CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) ((sizeBytes)/CC_32BIT_WORD_SIZE + (((sizeBytes) & (CC_32BIT_WORD_SIZE-1)) > 0)) -/*! This macro calculates the number of full 32-bit words from 64-bits dwords. */ -#define CALC_32BIT_WORDS_FROM_64BIT_DWORD(sizeWords) (sizeWords * CC_32BIT_WORD_IN_64BIT_DWORD) -/*! This macro rounds up bits to 32-bit words. */ -#define ROUNDUP_BITS_TO_32BIT_WORD(numBits) (CALC_FULL_32BIT_WORDS(numBits) * CC_BITS_IN_32BIT_WORD) -/*! This macro rounds up bits to Bytes. */ -#define ROUNDUP_BITS_TO_BYTES(numBits) (CALC_FULL_BYTES(numBits) * CC_BITS_IN_BYTE) -/*! This macro rounds up bytes to 32-bit words. */ -#define ROUNDUP_BYTES_TO_32BIT_WORD(sizeBytes) (CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) * CC_32BIT_WORD_SIZE) -/*! This macro calculates the number Bytes from words. */ -#define CALC_WORDS_TO_BYTES(numwords) ((numwords)*CC_32BIT_WORD_SIZE) -/*! Definition of 1 KB in Bytes. */ -#define CC_1K_SIZE_IN_BYTES 1024 -/*! Definition of number of bits in a Byte. */ -#define CC_BITS_IN_BYTE 8 -/*! Definition of number of bits in a 32-bits word. */ -#define CC_BITS_IN_32BIT_WORD 32 -/*! Definition of number of Bytes in a 32-bits word. */ -#define CC_32BIT_WORD_SIZE 4 -/*! Definition of number of 32-bits words in a 64-bits dword. */ -#define CC_32BIT_WORD_IN_64BIT_DWORD 2 - - -#endif - -/** -@} - */ - - - diff --git a/include/drivers/arm/cryptocell/713/cc_pal_types_plat.h b/include/drivers/arm/cryptocell/713/cc_pal_types_plat.h deleted file mode 100644 index 0c102a092..000000000 --- a/include/drivers/arm/cryptocell/713/cc_pal_types_plat.h +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -/*! @file -@brief This file contains basic type definitions that are platform-dependent. -*/ -#ifndef _CC_PAL_TYPES_PLAT_H -#define _CC_PAL_TYPES_PLAT_H -/* Host specific types for standard (ISO-C99) compliant platforms */ - -#include <stddef.h> -#include <stdint.h> - -typedef uint32_t CCStatus; - -#define CCError_t CCStatus -#define CC_INFINITE 0xFFFFFFFF - -#define CEXPORT_C -#define CIMPORT_C - -#endif /*_CC_PAL_TYPES_PLAT_H*/ diff --git a/include/drivers/arm/cryptocell/713/cc_pka_hw_plat_defs.h b/include/drivers/arm/cryptocell/713/cc_pka_hw_plat_defs.h deleted file mode 100644 index 1a1bce0ab..000000000 --- a/include/drivers/arm/cryptocell/713/cc_pka_hw_plat_defs.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _CC_PKA_HW_PLAT_DEFS_H -#define _CC_PKA_HW_PLAT_DEFS_H - -#ifdef __cplusplus -extern "C" -{ -#endif - - -#include "cc_pal_types.h" -/*! -@file -@brief Contains the enums and definitions that are used in the PKA code (definitions that are platform dependent). -*/ - -/*! The size of the PKA engine word. */ -#define CC_PKA_WORD_SIZE_IN_BITS 128 - -/*! The maximal supported size of modulus in RSA in bits. */ -#define CC_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 4096 -/*! The maximal supported size of key-generation in RSA in bits. */ -#define CC_RSA_MAX_KEY_GENERATION_HW_SIZE_BITS 4096 - -/*! Secure boot/debug certificate RSA public modulus key size in bits. */ -#if (KEY_SIZE == 3072) - #define BSV_CERT_RSA_KEY_SIZE_IN_BITS 3072 -#else - #define BSV_CERT_RSA_KEY_SIZE_IN_BITS 2048 -#endif -/*! Secure boot/debug certificate RSA public modulus key size in bytes. */ -#define BSV_CERT_RSA_KEY_SIZE_IN_BYTES (BSV_CERT_RSA_KEY_SIZE_IN_BITS/CC_BITS_IN_BYTE) -/*! Secure boot/debug certificate RSA public modulus key size in words. */ -#define BSV_CERT_RSA_KEY_SIZE_IN_WORDS (BSV_CERT_RSA_KEY_SIZE_IN_BITS/CC_BITS_IN_32BIT_WORD) - -/*! The maximal count of extra bits in PKA operations. */ -#define PKA_EXTRA_BITS 8 -/*! The number of memory registers in PKA operations. */ -#define PKA_MAX_COUNT_OF_PHYS_MEM_REGS 32 - -/*! Size of buffer for Barrett modulus tag in words. */ -#define RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS 5 -/*! Size of buffer for Barrett modulus tag in bytes. */ -#define RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_BYTES (RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS*CC_32BIT_WORD_SIZE) - - - -#ifdef __cplusplus -} -#endif - -#endif //_CC_PKA_HW_PLAT_DEFS_H - -/** - @} - */ - diff --git a/include/drivers/arm/cryptocell/713/cc_sec_defs.h b/include/drivers/arm/cryptocell/713/cc_sec_defs.h deleted file mode 100644 index 8fb698ff5..000000000 --- a/include/drivers/arm/cryptocell/713/cc_sec_defs.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _CC_SEC_DEFS_H -#define _CC_SEC_DEFS_H - -/*! -@file -@brief This file contains general definitions and types. -*/ - - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "cc_pal_types.h" - -/*! Hashblock size in words. */ -#define HASH_BLOCK_SIZE_IN_WORDS 16 -/*! Hash - SHA2 results in words. */ -#define HASH_RESULT_SIZE_IN_WORDS 8 -/*! Hash - SHA2 results in bytes. */ -#define HASH_RESULT_SIZE_IN_BYTES 32 - -/*! Definition for hash result array. */ -typedef uint32_t CCHashResult_t[HASH_RESULT_SIZE_IN_WORDS]; - -/*! Definition for converting pointer to Host address. */ -#define CONVERT_TO_ADDR(ptr) (unsigned long)ptr - -/*! Definition for converting pointer to SRAM address. */ -#define CONVERT_TO_SRAM_ADDR(ptr) (0xFFFFFFFF & ptr) - -/*! The data size of the signed SW image, in bytes. */ -/*!\internal ContentCertImageRecord_t includes: HS(8W) + 64-b dstAddr(2W) + imgSize(1W) + isCodeEncUsed(1W) */ -#define SW_REC_SIGNED_DATA_SIZE_IN_BYTES 48 - -/*! The data size of the unsigned SW image, in bytes. */ -/*!\internal CCSbSwImgAddData_t includes: 64-b srcAddr(2W)*/ -#define SW_REC_NONE_SIGNED_DATA_SIZE_IN_BYTES 8 - -/*! The additional data size - storage address and length of the unsigned SW image, in words. */ -#define SW_REC_NONE_SIGNED_DATA_SIZE_IN_WORDS SW_REC_NONE_SIGNED_DATA_SIZE_IN_BYTES/CC_32BIT_WORD_SIZE - -/*! The additional data section size, in bytes. */ -#define CC_SB_MAX_SIZE_ADDITIONAL_DATA_BYTES 128 - -/*! Indication of whether or not to load the SW image to memory. */ -#define CC_SW_COMP_NO_MEM_LOAD_INDICATION 0xFFFFFFFFFFFFFFFFUL - -/*! Indication of product version, stored in certificate version field. */ -#define CC_SB_CERT_VERSION_PROJ_PRD 0x713 - -#ifdef __cplusplus -} -#endif - -#endif - -/** -@} - */ - - - diff --git a/include/drivers/arm/cryptocell/cc_rotpk.h b/include/drivers/arm/cryptocell/cc_rotpk.h deleted file mode 100644 index 93984960e..000000000 --- a/include/drivers/arm/cryptocell/cc_rotpk.h +++ /dev/null @@ -1,13 +0,0 @@ -/* - * Copyright (c) 2019, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef _CC_ROTPK_H -#define _CC_ROTPK_H - -int cc_get_rotpk_hash(unsigned char *dst, unsigned int len, - unsigned int *flags); - -#endif diff --git a/include/plat/arm/common/arm_def.h b/include/plat/arm/common/arm_def.h index 9176e8887..e098c10b4 100644 --- a/include/plat/arm/common/arm_def.h +++ b/include/plat/arm/common/arm_def.h @@ -196,16 +196,7 @@ MEASURED_BOOT ARM_AP_TZC_DRAM1_SIZE - 1U) /* Define the Access permissions for Secure peripherals to NS_DRAM */ -#if ARM_CRYPTOCELL_INTEG -/* - * Allow Secure peripheral to read NS DRAM when integrated with CryptoCell. - * This is required by CryptoCell to authenticate BL33 which is loaded - * into the Non Secure DDR. - */ -#define ARM_TZC_NS_DRAM_S_ACCESS TZC_REGION_S_RD -#else #define ARM_TZC_NS_DRAM_S_ACCESS TZC_REGION_S_NONE -#endif #ifdef SPD_opteed /* |