s5j/sss: add static library and header files

This commit adds driver and header files for SSS released at Dec 30,
2016.

Change-Id: I69dcc5045528aee1b27069e5250393da703104d8
Signed-off-by: Junyeon Lee <junyeon2.lee@samsung.com>

diff --git a/os/arch/arm/src/s5j/Make.defs b/os/arch/arm/src/s5j/Make.defs
index 96b8e6c..e195035 100644 (file)
--- a/os/arch/arm/src/s5j/Make.defs
+++ b/os/arch/arm/src/s5j/Make.defs
@@ -212,6 +212,10 @@ ifeq ($(CONFIG_S5J_DMA),y)
 CHIP_CSRCS += s5j_dma.c
 endif
 
+ifeq ($(CONFIG_S5J_SSS),y)
+EXTRA_LIBS += chip/soc/sss/libispdriver.a
+endif
+
 EXTRA_LIBS += chip/soc/wireless/libwifidriver.a
 EXTRA_LIBS += chip/soc/wireless/libwifistack.a
 EXTRA_LIBS += chip/soc/wireless/libwifiapi.a

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_define.h b/os/arch/arm/src/s5j/soc/sss/isp_define.h
new file mode 100644 (file)
index 0000000..3799f2c
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_define.h
@@ -0,0 +1,89 @@
+/*!
+ *  @file       isp_define.h
+ *  @brief      Headerfile : definitions for ISP
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ *  @version    v0.90 : 2016.9.03 2nd.  release version
+ *
+ */
+
+#ifndef ISP_DEFINE_H
+#define ISP_DEFINE_H_
+
+//! ********** Constant Variables **********
+#define MAX_KEY_WSIZE 17
+#define MAX_SIGNATURE_WSIZE 17
+
+//! ********** Index Variables **********
+
+// Hash Function
+
+#define SHA1                           (0x1)
+#define SHA2                           (0x2)
+#define SHA3                           (0x3)
+
+#define HASH160                                (0x1)
+#define HASH224                                (0x2)
+#define HASH256                                (0x3)
+#define HASH384                                (0x4)
+#define HASH512                                (0x5)
+#define HMAC                           (0x1)
+
+#define SHA1_160                       (((SHA1<<4)|(HASH160))<<8)      //0x00001100
+#define SHA2_224                       (((SHA2<<4)|(HASH224))<<8)      //0x00002200
+#define SHA2_256                       (((SHA2<<4)|(HASH256))<<8)      //0x00002300
+#define SHA2_384                       (((SHA2<<4)|(HASH384))<<8)      //0x00002400
+#define SHA2_512                       (((SHA2<<4)|(HASH512))<<8)      //0x00002500
+#define SHA3_224                       (((SHA3<<4)|(HASH224))<<8)      //0x00003200
+#define SHA3_256                       (((SHA3<<4)|(HASH256))<<8)      //0x00003300
+#define SHA3_384                       (((SHA3<<4)|(HASH384))<<8)      //0x00003400
+#define SHA3_512                       (((SHA3<<4)|(HASH512))<<8)      //0x00003500
+
+
+#define HMAC_SHA1_160          ((((SHA1<<4)|(HASH160))<<8) | (HMAC)<<16)       //0x00011100
+#define HMAC_SHA2_256          ((((SHA2<<4)|(HASH256))<<8) | (HMAC)<<16)       //0x00012300
+#define HMAC_SHA2_384          ((((SHA2<<4)|(HASH384))<<8) | (HMAC)<<16)       //0x00012400
+#define HMAC_SHA2_512          ((((SHA2<<4)|(HASH512))<<8) | (HMAC)<<16)       //0x00012500
+
+
+// ECC Algorithm ID
+#define ECDSA                          (0x1)
+#define ECDH                           (0x2)
+#define PKGEN                          (0x3)
+
+// ECC Curve ID
+#define ECC192                         (0x1)
+#define ECC224                         (0x2)
+#define ECC256                         (0x3)
+#define ECC384                         (0x4)
+#define ECC521                         (0x5)
+
+#define ECDSA_192                      ((ECDSA<<4)|(ECC192))   //0x11
+#define ECDSA_224                      ((ECDSA<<4)|(ECC224))   //0x12
+#define ECDSA_256                      ((ECDSA<<4)|(ECC256))   //0x13
+#define ECDSA_384                      ((ECDSA<<4)|(ECC384))   //0x14
+#define ECDSA_521                      ((ECDSA<<4)|(ECC521))   //0x15
+
+#define ECDH_192                       ((ECDH<<4)|(ECC192))    //0x21
+#define ECDH_224                       ((ECDH<<4)|(ECC224))    //0x22
+#define ECDH_256                       ((ECDH<<4)|(ECC256))    //0x23
+#define ECDH_384                       ((ECDH<<4)|(ECC384))    //0x24
+#define ECDH_521                       ((ECDH<<4)|(ECC521))    //0x25
+
+
+#define GET_ECC_CURVE(OID)                     ((OID    )&0x07)
+#define GET_ECC_ALG(OID)                       ((OID>> 4)&0x0F)
+
+#define GET_HASH_SIZE(OID)                     ((OID>> 8)&0x07)
+#define GET_HASH_ALG(OID)                      ((OID>>12)&0x0F)
+
+#define Is_HMAC_ALG(OID)                       ((OID>>16)&0x0F)
+
+#define Is_ECC_BP(OID)                         (OID&0x40)
+
+#define RSP_FAIL                                               (0xF1)
+#define RSP_SUCCESS                                            (0xA1)
+
+
+#endif /*ISP_DEFINE_H_*/
+

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_aes_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_aes_securekey.h
new file mode 100644 (file)
index 0000000..e8854e7
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_aes_securekey.h
@@ -0,0 +1,30 @@
+/*!
+ *  @file       isp_driver_aes_securekey.h
+ *  @brief      Headerfile : isp driver for aes securekey
+ *  @author     jinsu.hyun
+ *  @version    v0.10 : 2016.7.25 Init
+ *  @version    v0.20 : 2016.7.29 support securekey
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ *  @version    v0.90 : 2016.9.03 2nd.  release version
+ */
+
+#ifndef ISP_DRIVER_AES_SECUREKEY_H_
+#define ISP_DRIVER_AES_SECUREKEY_H_
+
+#include "mb_cmd_aes_securekey.h"
+
+// security api
+
+int isp_aes_generate_key_securekey(unsigned int key_byte_len, unsigned int key_index);
+
+int isp_aes_encrypt_securekey(struct sAES_PARAM *aes_param, unsigned int index);
+int isp_aes_decrypt_securekey(struct sAES_PARAM *aes_param, unsigned int index);
+
+int isp_aes_ecb_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index);
+int isp_aes_cbc_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index);
+int isp_aes_ctr_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index);
+int isp_aes_xts_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index);
+int isp_aes_ccm_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index);
+int isp_aes_gcm_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index);
+
+#endif /* ISP_DRIVER_AES_SECUREKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_encryptedkey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_encryptedkey.h
new file mode 100644 (file)
index 0000000..0163190
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_encryptedkey.h
@@ -0,0 +1,20 @@
+/*!
+ *  @file              isp_driver_dh_encryptedkey.h
+ *  @brief             Headerfile : isp driver for dh encryptedkey
+ *  @author            jinsu.hyun
+ *  @version    v0.00 : 2017.01.19 Init. release version
+ */
+
+#ifndef _ISP_DRIVER_DH_ENCRYPTEDKEY_H_
+#define _ISP_DRIVER_DH_ENCRYPTEDKEY_H_
+
+#include "mb_cmd_dh_securekey.h"
+
+int isp_dh_generate_param_encryptedkey(struct sDH_PARAM *o_dh_param, unsigned char *encryptedkey);
+int isp_dh_generate_keypair_userparam_encryptedkey(struct sDH_PARAM *i_dh_param, unsigned char *encryptedkey);
+int isp_dh_generate_keypair_encryptedparam(struct sDH_PARAM *o_dh_param, unsigned char *encryptedkey);
+int isp_dh_get_pubkey_encryptedparam(struct sDH_PARAM *o_dh_param, unsigned char *encryptedkey);
+int isp_dh_compute_shared_secret_encryptedkey(unsigned char *shared_secret, unsigned int* shared_secret_byte_len, struct sDH_PARAM dh_publickey, unsigned char *encryptedkey);
+
+
+#endif /* _ISP_DRIVER_DH_ENCRYPTEDKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_securekey.h
new file mode 100644 (file)
index 0000000..7f4164f
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_securekey.h
@@ -0,0 +1,41 @@
+/*!
+ *  @file              isp_driver_dh_securekey.h
+ *  @brief             Headerfile : isp driver for dh securekey
+ *  @author            jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef ISP_DRIVER_DH_SECUREKEY_H_
+#define ISP_DRIVER_DH_SECUREKEY_H_
+
+#include "mb_cmd_dh_securekey.h"
+
+
+int isp_dh_generate_param_securekey(struct sDH_PARAM *o_dh_param, unsigned int dh_param_index);
+/* 
+ * input fixed dh_param p
+ * output random generator g & key pair
+ */
+
+int isp_dh_generate_keypair_secureparam(struct sDH_PARAM *o_dh_param, unsigned int key_index);
+/* 
+ * output dh_param p, g, pukey
+ */
+
+//added
+int isp_dh_generate_keypair_userparam_securestorage(struct sDH_PARAM *i_dh_param, unsigned int dh_param_index);
+/* 
+ * input dh_param p, g & output dh_param pukey
+ */
+
+
+int isp_dh_get_pubkey_securestorage(struct sDH_PARAM *o_dh_param, unsigned int key_index);
+/*
+ * get public key from existing key pair from secure storage 
+ */
+
+int isp_dh_compute_shared_secret_securekey(unsigned char *shared_secret, unsigned int* shared_secret_byte_len, struct sDH_PARAM dh_publickey, unsigned int key_index);
+
+
+
+#endif /* ISP_DRIVER_DH_SECUREKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_encryptedkey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_encryptedkey.h
new file mode 100644 (file)
index 0000000..e7ad72b
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_encryptedkey.h
@@ -0,0 +1,17 @@
+/*!
+ *  @file              isp_driver_ecdh_encryptedkey.h
+ *  @brief             Headerfile : isp driver for ecdh encryptedkey
+ *  @author            jinsu.hyun
+ *  @version    v0.00 : 2017.01.19 Init. release version
+ */
+
+#ifndef _ISP_DRIVER_ECDH_ENCRYPTEDKEY_H_
+#define _ISP_DRIVER_ECDH_ENCRYPTEDKEY_H_
+
+#include "mb_cmd_ecdh_securekey.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_compute_ecdh_encryptedkey(unsigned char* shared_secret, unsigned int *shared_secret_byte_len, struct sECC_KEY ecc_publickey, unsigned char *encryptedkey);
+#endif /* _ISP_DRIVER_ECDH_ENCRYPTEDKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_securekey.h
new file mode 100644 (file)
index 0000000..31ed6ad
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_securekey.h
@@ -0,0 +1,18 @@
+/*!
+ *  @file              isp_driver_ecdh_securekey.h
+ *  @brief             Headerfile : isp driver for ecdh securekey
+ *  @author            jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef ISP_DRIVER_ECDH_SECUREKEY_H_
+#define ISP_DRIVER_ECDH_SECUREKEY_H_
+
+#include "mb_cmd_ecdh_securekey.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_compute_ecdh_securekey(unsigned char* shared_secret, unsigned int *shared_secret_byte_len, struct sECC_KEY ecc_publickey, unsigned int key_index);
+
+#endif /* ISP_DRIVER_ECDH_SECUREKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_encryptedkey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_encryptedkey.h
new file mode 100644 (file)
index 0000000..af7ef0f
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_encryptedkey.h
@@ -0,0 +1,27 @@
+/*!
+ *  @file              isp_driver_ecdsa_encryptedkey.h
+ *  @brief             Headerfile : isp driver for ecdsa encryptedkey
+ *  @author            jinsu.hyun
+ *  @version    v0.00 : 2017.01.19 Init. release version
+ */
+
+#ifndef _ISP_DRIVER_ECDSA_ENCRYPTEDKEY_H_
+#define _ISP_DRIVER_ECDSA_ENCRYPTEDKEY_H_
+
+#include "mb_cmd_ecdsa_securekey.h"
+
+// ======================================
+// Function
+// ======================================
+
+
+int isp_ecdsa_sign_encryptedkey(struct sECC_SIGN * signature, unsigned char * msg, unsigned int msg_byte_len, unsigned char *encryptedkey);
+int isp_ecdsa_verify_encryptedkey(struct sECC_SIGN * signature, unsigned char * msg, unsigned int msg_byte_len, unsigned char *encryptedkey);
+
+int isp_ecdsa_sign_md_encryptedkey(struct sECC_SIGN * signature, unsigned char * msg_digest, unsigned int msg_digest_byte_len, unsigned char *encryptedkey);
+int isp_ecdsa_verify_md_encryptedkey(struct sECC_SIGN * signature, unsigned char * msg_digest, unsigned int msg_digest_byte_len, unsigned char *encryptedkey);
+
+int isp_ecdsa_generate_key_encryptedkey(unsigned int object_id, unsigned char *encryptedkey);
+int isp_ecdsa_get_publickey_encryptedkey(struct sECC_KEY *ecc_publickey, unsigned int object_id, unsigned char *encryptedkey);
+
+#endif /* _ISP_DRIVER_ECDSA_ENCRYPTEDKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_securekey.h
new file mode 100644 (file)
index 0000000..90801a9
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_securekey.h
@@ -0,0 +1,26 @@
+/*!
+ *  @file              isp_driver_ecdsa_securekey.h
+ *  @brief             Headerfile : isp driver for ecdsa securekey
+ *  @author            jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ *  @version    v0.60 : 2016.12.23 Support sign/verify with msg_disgest
+ */
+
+#ifndef ISP_DRIVER_ECDSA_SECUREKEY_H_
+#define ISP_DRIVER_ECDSA_SECUREKEY_H_
+
+#include "mb_cmd_ecdsa_securekey.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_ecdsa_sign_securekey(struct sECC_SIGN * signature, unsigned char * msg, unsigned int msg_byte_len, unsigned int key_index);
+int isp_ecdsa_verify_securekey(struct sECC_SIGN * signature, unsigned char * msg, unsigned int msg_byte_len, unsigned int key_index);
+
+int isp_ecdsa_sign_md_securekey(struct sECC_SIGN * signature, unsigned char * msg_digest, unsigned int msg_digest_byte_len, unsigned int key_index);
+int isp_ecdsa_verify_md_securekey(struct sECC_SIGN * signature, unsigned char * msg_digest, unsigned int msg_digest_byte_len, unsigned int key_index);
+
+int isp_ecdsa_generate_key_securekey(unsigned int key_index, unsigned int object_id);
+int isp_ecdsa_get_publickey_securekey(struct sECC_KEY *ecc_publickey, unsigned int key_index, unsigned int object_id);
+
+#endif /* ISP_DRIVER_ECDSA_SECUREKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_encryptedkey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_encryptedkey.h
new file mode 100644 (file)
index 0000000..262e6b1
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_encryptedkey.h
@@ -0,0 +1,20 @@
+/*!
+ *  @file       isp_driver_encryptedkey.h
+ *  @brief      Headerfile : isp driver for setting encryptedkey
+ *  @author     jinsu.hyun
+ *  @version    v0.00 : 2017.01.19 Init. release version
+ */
+
+#ifndef _ISP_DRIVER_ENCRYPTEDKEY_H_
+#define _ISP_DRIVER_ENCRYPTEDKEY_H_
+
+
+// ======================================
+// Function
+// ======================================
+
+int isp_set_encryptedkey(unsigned char *key, unsigned int key_byte_len, unsigned int key_type, unsigned char *encryptedkey);
+int isp_get_encryptedkey(unsigned int *object_id, unsigned int key_type, unsigned char *encryptedkey);
+int isp_set_genkey_encryptedkey(unsigned int key_type, unsigned char *encryptedkey);
+
+#endif /* _ISP_DRIVER_ENCRYPTEDKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_error.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_error.h
new file mode 100644 (file)
index 0000000..b6f6ec3
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_error.h
@@ -0,0 +1,160 @@
+/*!
+ *  @file       isp_driver_error.h
+ *  @brief      Headerfile : isp driver for error messages
+ *  @author     jinsu.hyun
+ *  @version   v0.01 : 2015.7.7
+ *  @version   v0.10 : 2016.7.15 pre-beta release
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ *  @version    v1.00 : 2016.9.27 release version v1.0
+ */
+ 
+
+#ifndef ISP_DRIVER_ERROR_H_
+#define ISP_DRIVER_ERROR_H_
+
+// AES
+#define ERROR_AES_INVALID_BLOCK_LEN                                            (0x000133D1)
+#define ERROR_AES_INVALID_RSP_BLOCK_LEN                                        (0x000233D1)
+#define ERROR_AES_INVALID_MSG_LEN                                                      (0x000333D1)
+#define ERROR_AES_INVALID_MODE                                                         (0x000433D1)
+#define ERROR_AES_INVALID_KEY_LEN                                                      (0x000533D1)
+#define ERROR_AES_INVALID_AAD_LEN                                                      (0x000633D1)
+#define ERROR_AES_INVALID_IV_LEN                                                       (0x000733D1)
+#define ERROR_AES_INVALID_INDEX                                                        (0x000833D1)
+#define ERROR_AES_INVALID_TAG_LEN                                                      (0x000933D1)
+
+// Hash                                
+#define        ERROR_HASH_INVALID_MODE                                                         (0x000131D1)
+#define ERROR_HASH_INVALID_BLOCK_LEN                                           (0x000231D1)
+#define ERROR_HASH_INVALID_MSG_LEN                                                     (0x000331D1)
+
+// HMAC                                
+#define        ERROR_HMAC_INVALID_MODE                                                         (0x000132D1)
+#define ERROR_HMAC_INVALID_KEY_LEN                                                     (0x000232D1)
+#define ERROR_HMAC_INVALID_BLOCK_LEN                                           (0x000332D1)
+#define ERROR_HMAC_INVALID_INDEX                                                       (0x000432D1)
+#define ERROR_HMAC_INVALID_RSP_BLOCK_LEN                                       (0x000532D1)
+
+// DH                          
+#define ERROR_DH_INVALID_PRIME_LEN                                                     (0x000125D1)
+#define ERROR_DH_INVALID_PUBKEY_LEN                                                    (0x000225D1)
+#define ERROR_DH_INVALID_GENERATOR_LEN                                         (0x000325D1)
+#define ERROR_DH_INVALID_PRIME                                                         (0x000425D1)
+#define ERROR_DH_INVALID_PUBKEY                                                                (0x000525D1)
+#define ERROR_DH_INVALID_GENERATOR                                                     (0x000625D1)
+
+
+// ECDSA
+#define ERROR_ECDSA_INVALID_MSG_LEN                                                    (0x000111D1)
+#define ERROR_ECDSA_INVALID_SIGNATURE_LEN                                      (0x000311D1)
+#define ERROR_ECDH_INVALID_PUBKEY_LEN                                          (0x000411D1)
+#define ERROR_ECDH_INVALID_PUBKEY                                                      (0x000511D1)
+
+// RSA
+#define ERROR_RSA_INVALID_CIPHER_LEN                                           (0x000151D1)
+#define ERROR_RSA_INVALID_MSG_LEN                                                      (0x000251D1)
+#define ERROR_RSA_INVALID_SIGN_LEN                                                     (0x000351D1)
+#define ERROR_RSA_INVALID_PUKEY                                                                (0x000551D1)
+#define ERROR_RSA_INVALID_PAD_SELECTION                                                (0x000451D1)
+
+
+// RNG
+#define ERROR_RNG_INVALID_RANDOM_REQUEST                                       (0x000161D1)
+
+// Common
+#define ERROR_SSKeyID_InputID_MISSMATCH                                                (0x000171D1)
+#define ERROR_INVALID_OID                                                                      (0x000271D1)
+
+// Secure Storage
+#define ERROR_SSTORAGE_INVALID_SLOT_INDEX                                      (0x00F1A1D1)
+#define        ERROR_SSTORAGE_INVALID_DATA_LEN                                         (0x00F2A1D1)
+#define        ERROR_SSTORAGE_INVALID_TYPE                                                     (0x00F3A1D1)
+#define        ERROR_SSTORAGE_DATA_INVALID_DATA_LEN                            (0x0002A1D1)
+#define        ERROR_SSTORAGE_CERT_INVALID_DATA_LEN                            (0x0003A2D1)
+#define ERROR_SSTORAGE_KEY_INVALID_DATA_LEN                            (0x0004A3D1)
+#define ERROR_SSTORAGE_KEY_INVALID_KEY_LEN                                     (0x0005A3D1)
+#define ERROR_SSTORAGE_KEY_INVALID_KEY_TYPE                                    (0x0006A3D1)
+#define ERROR_SSTORAGE_FACTORYKEY_PBKEY_INVALID_DATA_LEN       (0x0007A2D1)
+#define ERROR_SSTORAGE_QSPI_WRITE                                                      (0x0008A2D1)
+#define ERROR_SSTORAGE_SFS_FOPEN                                                       (0x0009A2D1)
+#define ERROR_SSTORAGE_SFS_FSEEK                                                       (0x000AA2D1)
+#define ERROR_SSTORAGE_SFS_FREAD                                                       (0x000BA2D1)
+#define ERROR_SSTORAGE_SFS_FWRITE                                                      (0x000CA2D1)
+// System Function
+#define ERROR_SYSTEM_INVALID_DATA_LEN                                          (0x000201D1)
+#define ERROR_SYSTEM_MAILBOX_BUSY                                                      (0x000100D1)
+
+
+
+// Error from FW
+#define FW_ERROR_ISP_INVALID_FUNCID00                                  (0x801000F1)
+#define FW_ERROR_ISP_INVALID_FUNCID01                                  (0x801100F1)
+#define FW_ERROR_ISP_INVALID_FUNCID02                                  (0x801200F1)
+#define FW_ERROR_ISP_INVALID_FUNCID03                                  (0x801300F1)
+#define FW_ERROR_ISP_INVALID_DATASIZE                                  (0x801400F1)
+#define FW_ERROR_ISP_FW_BODYSIZE                                       (0x801500F1)
+#define FW_ERROR_ISP_FW_ROLLBACK_CNT                                   (0x801600F1)
+#define FW_ERROR_ISP_FW_INVALID_PUBLICKEY                              (0x801700F1)
+#define FW_ERROR_ISP_RESTORE_INTEGRITY_FAIL                            (0x801800F1)
+#define FW_ERROR_ISP_IP_BUSY                                           (0x801900F1)
+#define FW_ERROR_ISP_SRAM_CMD_NOT_SUPPORTED                            (0x801A00F1)
+
+#define FW_ERROR_INVALID_FUNCTION                                                      (0x000100f1)
+#define FW_ERROR_FW_VERIFY                                                                     (0x001400f1)
+#define FW_ERROR_RESTORE_FAIL                                                  (0x001800f1)
+#define FW_ERROR_IP_BUSY                                                                       (0x001900f1)
+#define FW_ERROR_INVALID_OID                                                           (0x003000f1)
+#define FW_ERROR_INVALID_INPUT                                                         (0x003400f1)
+#define FW_ERROR_INPUT_SETTING                                                         (0x004000f1)
+#define FW_ERROR_PRNG                                                                          (0x005000f1)
+#define FW_FAIL_INVALID_SIGNATURE                                                      (0x006000f1)
+#define FW_FAIL_INFINITY_POINT                                                         (0x006100f1)
+#define FW_FAIL_NOT_ON_ECC_CURVE                                                       (0x006200f1)
+
+// SRAM error
+#define FW_ERROR_INVALID_EXEC_ORDER                                                    (0x80AF00F1)
+#define FW_ERROR_OVER_VALID_RSA_MSGLEN                                         (0x803500F1)
+#define FW_ERROR_INVALID_RSA_MODLEN                                                    (0x803600F1)
+#define FW_ERROR_Input_Public_is_not_odd                                       (0x803700F1)
+#define FW_ERROR_OVER_VALID_RSA_Saltlen                                                (0x803800F1)
+#define FW_ERROR_NO_PUKEY                                                                      (0x803900F1)
+#define FW_FAIL_OVER_MR_TRIALS                                                         (0x805600F1)
+#define FW_FAIL_OVER_DH_RETRIALS                                                       (0x805600F1)
+#define FW_FAIL_OVER_ECC_RETRIALS                                                      (0x805600F1)
+#define FW_FAIL_NO_OUTPUT_KEY                                                          (0x805700F1)
+#define FW_FAIL_OVER_GEN_RETRIALS                                                      (0x805800F1)
+#define FW_ERROR_INVALID_RSASIGNATURE_0xBC                                     (0x806400F1)
+#define FW_ERROR_INVALID_RSASIGNATURE_lsb                                      (0x806500F1)
+#define FW_ERROR_INVALID_RSANONZERO_PS                                         (0x806600F1)
+#define FW_ERROR_INVALID_RSADB_SPLITTER                                                (0x806700F1)
+#define FW_ERROR_INVALID_SIGNATURE_BLEN                                                (0x806800F1)
+#define FW_ERROR_INVALID_CIPHER                                                                (0x806900F1)
+#define FW_ERROR_INVALID_SEQUENCE                                                      (0x80ff00F1)
+#define FW_ERROR_DER2INT_PARSE                                                         (0x80fe00F1)
+#define FW_ERROR_AES_INVALID_KEYSEL                                            (0x80D000F1)
+#define FW_ERROR_AES_INVALID_KEY_LEN                                           (0x80D100F1)
+#define FW_ERROR_AES_INVALID_DIR_MODE                                          (0x80D200F1)
+#define FW_ERROR_AES_INVLIAD_SWAP                                                      (0x80D300F1)
+#define FW_ERROR_AES_INVALID_MODE                                                      (0x80D400F1)
+#define FW_ERROR_AES_INVALID_TAG                                                       (0x80D500F1)
+#define FW_ERROR_AES_INVALID_BLOCK_LEN                                                 (0x80D600F1)
+#define FW_ERROR_AES_KM_BUSY                                                           (0x80D700F1)
+#define FW_ERROR_AES_KM_INIT                                                           (0x80D800F1)
+#define FW_ERROR_SSTORAGE_DATA_INVALID_SLOT_INDEX                      (0x80E100F1)
+#define FW_ERROR_SSTORAGE_CERT_INVALID_SLOT_INDEX                      (0x80E200F1)
+#define FW_ERROR_SSTORAGE_KEY_INVALID_KEY_LEN                          (0x80E300F1)
+#define FW_ERROR_SSTORAGE_KEY_INVALID_MODE                                     (0x80E400F1)
+#define FW_ERROR_SSTORAGE_INVALID_DATA_TYPE                                    (0x80E500F1)
+#define FW_ERROR_SSTORAGE_KEY_INVALID_KEYTYPE                          (0x80E600F1)
+#define FW_ERROR_SSTORAGE_KEY_INVALID_SLOT_INDEX                       (0x80E700F1)
+#define FW_ERROR_SSTORAGE_FACTORYKEY_INVALID_HMAC                      (0x80E800F1)
+#define FW_ERROR_SSTORAGE_FACTORYKEY_INVALID_ENCODING          (0x80E900F1)
+#define FW_ERROR_SSTORAGE_FACTORYKEY_INVALID_KEYTYPE           (0x80EA00F1)
+#define FW_ERROR_RNG_INVALID_LEN                                                       (0x80f100F1)
+#define FW_ERROR_KEYGEN_INVALID_KEYLEN                                                 (0x80f200F1)
+#define FW_ERROR_PKA_IP_BUSY                                                           (0x80B100F1)
+#define FW_ERROR_HASH_IP_BUSY                                                          (0x80B200F1)
+#define FW_ERROR_PRNG_IP_BUSY                                                          (0x80B300F1)
+
+
+#endif /* ISP_DRIVER_ERROR_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_flash.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_flash.h
new file mode 100644 (file)
index 0000000..dde7ed8
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_flash.h
@@ -0,0 +1,26 @@
+/*!
+ *  @file       isp_driver_flash.h
+ *  @brief      Headerfile : isp driver for flash memory
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef DRIVER_FLASH_H_
+#define DRIVER_FLASH_H_
+
+#ifndef SSS_POR
+#define SSS_POR
+#endif
+
+#if defined(SSS_POR)
+int SFS_Secure_Write_POR(const char *file_name, unsigned char *src_addr, unsigned int byte_len);
+int SFS_Secure_Read_POR(const char *file_name, unsigned char *dst_addr, unsigned int byte_len);
+
+#else
+int SFS_Secure_Read(const char *file_name, unsigned int dst_addr, unsigned int *byte_len);
+int SFS_Secure_Write(const char *file_name, unsigned int dst_addr, unsigned int byte_len);
+
+#endif /* SSS_POR */
+
+#endif /* DRIVER_FLASH_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_hash.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_hash.h
new file mode 100644 (file)
index 0000000..4400589
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_hash.h
@@ -0,0 +1,22 @@
+/*!
+ *  @file       isp_driver_hash.h
+ *  @brief      Headerfile : isp driver for hash
+ *  @author     jinsu.hyun
+ *  @version    v0.01 : 2015.7.7
+ *  @version    v0.10 : 2016.7.15 pre-beta release
+ *  @version    v0.20 : 2016.7.22 support msg struct
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef ISP_DRIVER_HASH_H_
+#define ISP_DRIVER_HASH_H_
+
+#include "mb_cmd_hash.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_hash(unsigned char * hash, struct sHASH_MSG * hash_msg, unsigned int object_id);
+
+#endif /* ISP_DRIVER_HASH_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_hmac_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_hmac_securekey.h
new file mode 100644 (file)
index 0000000..9f3299a
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_hmac_securekey.h
@@ -0,0 +1,20 @@
+/*!
+ *  @file              isp_driver_hmac_securekey.h
+ *  @brief             Headerfile : isp driver for hmac securekey
+ *  @author            jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef ISP_DRIVER_HMAC_SECUREKEY_H_
+#define ISP_DRIVER_HMAC_SECUREKEY_H_
+
+#include "mb_cmd_hmac_securekey.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_hmac_generate_key_securekey(unsigned int key_byte_len, unsigned int key_index);
+
+int isp_hmac_securekey(unsigned char * mac, struct sHMAC_MSG * hmac_msg, unsigned int object_id, unsigned int key_index);
+
+#endif /* ISP_DRIVER_HMAC_SECUREKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_rng.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_rng.h
new file mode 100644 (file)
index 0000000..bc21cdd
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_rng.h
@@ -0,0 +1,18 @@
+/*!
+ *  @file       isp_driver_rng.h
+ *  @brief      Headerfile : isp driver for rng
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef ISP_DRIVER_RNG_H_
+#define ISP_DRIVER_RNG_H_
+
+#include "mb_cmd_rng.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_generate_random(unsigned int *random, unsigned int word_len);
+
+#endif /* ISP_DRIVER_RNG_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_rsa_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_rsa_securekey.h
new file mode 100644 (file)
index 0000000..485a46a
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_rsa_securekey.h
@@ -0,0 +1,29 @@
+/*!
+ *  @file              isp_driver_rsa_securekey.h
+ *  @brief             Headerfile : isp driver for rsa securekey
+ *  @author            jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ *  @version    v1.00 : 2016.12.23 Support sign/verify with msg_disgest
+ */
+
+#ifndef ISP_DRIVER_RSA_SECUREKEY_H_
+#define ISP_DRIVER_RSA_SECUREKEY_H_
+
+#include "mb_cmd_rsa_securekey.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_rsa_encrypt_securekey(unsigned char *output, unsigned int *output_byte_len, unsigned char *input, unsigned int input_byte_len, unsigned int key_index);
+int isp_rsa_decrypt_securekey(unsigned char *output, unsigned int *output_byte_len, unsigned char * input, unsigned int input_byte_len, unsigned int key_index);
+
+int isp_rsa_sign_securekey(struct sRSA_SIGN *rsa_sign, unsigned char *msg, unsigned int msg_byte_len, unsigned int key_index);
+int isp_rsa_verify_securekey(struct sRSA_SIGN *rsa_sign, unsigned char *msg, unsigned int msg_byte_len, unsigned int key_index);
+
+int isp_rsa_sign_md_securekey(struct sRSA_SIGN *rsa_sign, unsigned char *msg_digest, unsigned int msg_digest_byte_len, unsigned int key_index);
+int isp_rsa_verify_md_securekey(struct sRSA_SIGN *rsa_sign, unsigned char *msg_digest, unsigned int msg_digest_byte_len, unsigned int key_index);
+
+int isp_rsa_generate_key_securekey(unsigned key_index, unsigned object_id, unsigned int pukey_e);
+int isp_rsa_get_pukey_securekey(struct sRSA_KEY *rsa_key, unsigned object_id, unsigned key_index);
+
+#endif /* ISP_DRIVER_RSA_SECUREKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage.h
new file mode 100644 (file)
index 0000000..47058e0
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage.h
@@ -0,0 +1,56 @@
+/*!
+ *  @file       isp_driver_secure_storage.h
+ *  @brief      Headerfile : isp driver for secure storage
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ *  @version    v0.60 : 2016.12.13 Add for secure_storage_map function
+ */
+
+#ifndef ISP_DRIVER_SECURE_STORAGE_H_
+#define ISP_DRIVER_SECURE_STORAGE_H_
+
+// ======================================
+// Struct
+// ======================================
+//! @struct SECURE_STORAGE_MAP
+//! @brief struct of secure storage parameter
+struct SECURE_STORAGE_MAP {
+       unsigned int offset;
+       unsigned int index_max;
+       unsigned int key_byte_len_max;
+       unsigned int slot_byte_len;
+       unsigned int type;
+};
+
+#define KEY_PATH_BASE                                                          "/mnt"
+//#define KEY_PATH_BASE                                                                "/mnt/sss"
+
+#define SECURE_STORAGE_TYPE_FACTORYKEY_KEY                     (0x00)
+#define SECURE_STORAGE_TYPE_FACTORYKEY_DATA                    (0x01)
+
+#define SECURE_STORAGE_TYPE_KEY_AES                            (0x0A)
+#define SECURE_STORAGE_TYPE_KEY_HMAC                           (0x0B)
+#define SECURE_STORAGE_TYPE_KEY_RSA                            (0x0C)
+#define SECURE_STORAGE_TYPE_KEY_DH                                     (0x0D)
+#define SECURE_STORAGE_TYPE_KEY_ECC                            (0x0E)
+#define SECURE_STORAGE_TYPE_DATA                                       (0x10)
+#define SECURE_STORAGE_TYPE_CERT                                       (0x11)
+
+#define FACTORYKEY_ARTIK_PSK                                           (0x80000100)
+#define FACTORYKEY_ARTIK_DEVICE                                                (0x00010120)
+#define FACTORYKEY_ARTIK_CERT                                          (0x00010122)
+#define FACTORYKEY_DA_CA                                                       (0x00081110)
+#define FACTORYKEY_DA_DEVICE                                           (0x00081210)
+#define FACTORYKEY_DA_PBKEY                                                    (0x00081211)
+#define FACTORYKEY_IOTIVITY_ECC                                                (0x00011120)
+#define FACTORYKEY_IOTIVITY_ECC_CERT                           (0x00011122)
+#define FACTORYKEY_IOTIVITY_SUB_CA_CERT                                (0x00011222)
+
+// ======================================
+// Function
+// ======================================
+int read_secure_storage(unsigned int type, unsigned int index, unsigned int data_offset, unsigned int src_addr, unsigned int byte_len);
+int write_secure_storage(unsigned int type, unsigned int index, unsigned int data_offset, unsigned int src_addr, unsigned int byte_len);
+int secure_storage_map(unsigned int type, struct SECURE_STORAGE_MAP *map);
+
+#endif /* ISP_DRIVER_SECURE_STORAGE_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_cert.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_cert.h
new file mode 100644 (file)
index 0000000..782aae7
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_cert.h
@@ -0,0 +1,17 @@
+/*!
+ *  @file       isp_driver_secure_storage_cert.h
+ *  @brief      Headerfile : isp driver for secure storage cert
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef ISP_DRIVER_SECURE_STORAGE_CERT_H_
+#define ISP_DRIVER_SECURE_STORAGE_CERT_H_
+
+
+#include "mb_cmd_secure_storage_cert.h"
+
+int isp_read_cert(unsigned char *cert, unsigned int *cert_byte_len, unsigned int index);
+int isp_write_cert(unsigned char *cert, unsigned int cert_byte_len, unsigned int index);
+
+#endif /* ISP_DRIVER_SECURE_STORAGE_CERT_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_data.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_data.h
new file mode 100644 (file)
index 0000000..f3be842
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_data.h
@@ -0,0 +1,19 @@
+/*!
+ *  @file       isp_driver_secure_storage_data.h
+ *  @brief      Headerfile : isp driver for secure storage data
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef ISP_DRIVER_SECURE_STORAGE_DATA_H_
+#define ISP_DRIVER_SECURE_STORAGE_DATA_H_
+
+#include "mb_cmd_secure_storage_data.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_read_storage(unsigned char *data, unsigned int *data_byte_len, unsigned int index);
+int isp_write_storage(unsigned char *data, unsigned int data_byte_len, unsigned int index);
+
+#endif /* ISP_DRIVER_SECURE_STORAGE_DATA_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_factorykey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_factorykey.h
new file mode 100644 (file)
index 0000000..2d53741
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_factorykey.h
@@ -0,0 +1,23 @@
+/*!
+ *  @file       isp_driver_secure_storage_factorykey.h
+ *  @brief      Headerfile : isp driver for secure storage factorykey
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ *  @version    v0.60 : 2016.12.29 Merge function to isp_set/get_factorykey_data, Support new Factorykey
+ */
+
+#ifndef ISP_DRIVER_SECURE_STORAGE_FACTORYKEY_H_
+#define ISP_DRIVER_SECURE_STORAGE_FACTORYKEY_H_
+
+#include "mb_cmd_hmac_securekey.h"
+#include "mb_cmd_secure_storage_factorykey.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_set_factorykey(unsigned char * factorykey);
+
+int isp_set_factorykey_data(unsigned char *data, unsigned int data_byte_len, unsigned int key_id);
+int isp_get_factorykey_data(unsigned char *data, unsigned int *data_byte_len, unsigned int key_id);
+
+#endif /* ISP_DRIVER_SECURE_STORAGE_FACTORYKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_key.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_key.h
new file mode 100644 (file)
index 0000000..6848566
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_key.h
@@ -0,0 +1,21 @@
+/*!
+ *  @file       isp_driver_secure_storage_key.h
+ *  @brief      Headerfile : isp driver for secure storage key
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef ISP_DRIVER_SECURE_STORAGE_KEY_H_
+#define ISP_DRIVER_SECURE_STORAGE_KEY_H_
+
+#include "mb_cmd_secure_storage_key.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_set_securekey(unsigned char *key, unsigned int key_byte_len, unsigned int key_type, unsigned int index);
+int isp_get_securekey(unsigned int *object_id, unsigned int key_type, unsigned int index);
+int isp_remove_key(unsigned int key_type, unsigned int key_index);
+int isp_set_genkey_securekey(unsigned int key_type, unsigned int index);
+
+#endif /* ISP_DRIVER_SECURE_STORAGE_KEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_system.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_system.h
new file mode 100644 (file)
index 0000000..b672a62
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_system.h
@@ -0,0 +1,20 @@
+/*!
+ *  @file       isp_driver_system.h
+ *  @brief      Headerfile : isp driver for system 
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef DRIVER_ISP_DRIVER_SYSTEM_H_
+#define DRIVER_ISP_DRIVER_SYSTEM_H_
+
+#include "mb_cmd_system.h"
+
+// ======================================
+// Function
+// ======================================
+int isp_get_status(void);
+int isp_get_info(unsigned int *version);
+int isp_clear(unsigned int type);
+
+#endif /* DRIVER_ISP_DRIVER_SYSTEM_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_oid.h b/os/arch/arm/src/s5j/soc/sss/isp_oid.h
new file mode 100644 (file)
index 0000000..acae821
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_oid.h
@@ -0,0 +1,75 @@
+/*!
+ *  @file       isp_oid.h
+ *  @brief      Headerfile : definitions for oid
+ *  @author     kiseok.bae
+ *  @version    v0.90 : 2016.9.29 initial
+ *
+ */
+
+#ifndef ISP_OID_H_
+#define ISP_OID_H_
+
+
+/*
+ *             OID LIST 
+ */
+#define OIDMAX_HMAC (4)
+#define        OID_HMAC_SHA1_160               (0x00011100)
+#define        OID_HMAC_SHA2_256               (0x00012300)
+#define        OID_HMAC_SHA2_384               (0x00012400)
+#define        OID_HMAC_SHA2_512               (0x00012500)
+
+#define OIDMAX_HASH (8)
+#define OID_SHA1_160                   (0x00001100)
+#define OID_SHA2_256                   (0x00002300)
+#define OID_SHA2_384                   (0x00002400)
+#define OID_SHA2_512                   (0x00002500)
+#define OID_SHA3_224                   (0x00003200)
+#define OID_SHA3_256                   (0x00003300)
+#define OID_SHA3_384                   (0x00003400)
+#define OID_SHA3_512                   (0x00003500)
+
+#define OIDMAX_DH (2)
+#define OID_DH_1024                            (0x00001191)
+#define OID_DH_2048                            (0x00002392)
+
+#define OIDMAX_ECC (6)
+#define OID_ECC_P192                   (0x00000011)
+#define OID_ECC_P224                   (0x00000012)
+#define OID_ECC_P256                   (0x00000013)
+#define OID_ECC_P384                   (0x00000014)
+#define OID_ECC_P521                   (0x00000015)
+#define OID_ECC_BP256                  (0x00000053)
+
+#define OIDMAX_RSA     (2)
+#define OID_RSA_1024                   (0x000000B1)
+#define OID_RSA_2048                   (0x000000B2)
+
+#define OIDMAX_ECDSA   (24)
+#define OID_ECDSA_BP256_SHA1_160       ( OID_ECC_BP256|OID_SHA1_160 )
+#define OID_ECDSA_BP256_SHA2_256       ( OID_ECC_BP256|OID_SHA2_256 )
+#define OID_ECDSA_BP256_SHA2_384       ( OID_ECC_BP256|OID_SHA2_384 )
+#define OID_ECDSA_BP256_SHA2_512       ( OID_ECC_BP256|OID_SHA2_512 )
+
+#define OID_ECDSA_P192_SHA1_160        ( OID_ECC_P192|OID_SHA1_160 )
+#define OID_ECDSA_P192_SHA2_256        ( OID_ECC_P192|OID_SHA2_256 )
+#define OID_ECDSA_P192_SHA2_384        ( OID_ECC_P192|OID_SHA2_384 )
+#define OID_ECDSA_P192_SHA2_512        ( OID_ECC_P192|OID_SHA2_512 )
+#define OID_ECDSA_P224_SHA1_160        ( OID_ECC_P224|OID_SHA1_160 )
+#define OID_ECDSA_P224_SHA2_256        ( OID_ECC_P224|OID_SHA2_256 )
+#define OID_ECDSA_P224_SHA2_384        ( OID_ECC_P224|OID_SHA2_384 )
+#define OID_ECDSA_P224_SHA2_512        ( OID_ECC_P224|OID_SHA2_512 )
+#define OID_ECDSA_P256_SHA1_160        ( OID_ECC_P256|OID_SHA1_160 )
+#define OID_ECDSA_P256_SHA2_256        ( OID_ECC_P256|OID_SHA2_256 )
+#define OID_ECDSA_P256_SHA2_384        ( OID_ECC_P256|OID_SHA2_384 )
+#define OID_ECDSA_P256_SHA2_512        ( OID_ECC_P256|OID_SHA2_512 )
+#define OID_ECDSA_P384_SHA1_160        ( OID_ECC_P384|OID_SHA1_160 )
+#define OID_ECDSA_P384_SHA2_256        ( OID_ECC_P384|OID_SHA2_256 )
+#define OID_ECDSA_P384_SHA2_384        ( OID_ECC_P384|OID_SHA2_384 )
+#define OID_ECDSA_P384_SHA2_512        ( OID_ECC_P384|OID_SHA2_512 )
+#define OID_ECDSA_P521_SHA1_160        ( OID_ECC_P521|OID_SHA1_160 )
+#define OID_ECDSA_P521_SHA2_256        ( OID_ECC_P521|OID_SHA2_256 )
+#define OID_ECDSA_P521_SHA2_384        ( OID_ECC_P521|OID_SHA2_384 )
+#define OID_ECDSA_P521_SHA2_512        ( OID_ECC_P521|OID_SHA2_512 )
+
+#endif /*ISP_OID_H_*/

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_sss_map.h b/os/arch/arm/src/s5j/soc/sss/isp_sss_map.h
new file mode 100644 (file)
index 0000000..0a87cbd
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_sss_map.h
@@ -0,0 +1,39 @@
+/*!
+ *  @file       isp_sss_map.h
+ *  @brief      Headerfile : sss sfr address map for isp
+ *  @author     jinsu.hyun
+ *  @version   v0.01 : 2016.7.7
+ *  @version   v0.10 : 2016.7.15 pre-beta release
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef ISP_SSS_MAP_H_
+#define ISP_SSS_MAP_H_
+
+#define MB_STATUS                                              (*(volatile u32 *)(MB_REG_BASE + 0x0000))
+
+#ifdef CONFIG_S5J_SILICON
+       #define MB_REG_BASE                                             (0x800E0000)    
+       #define MB_CM0_HRESET                                           (*(volatile u32 *)(MB_REG_BASE + 0x0004))
+       #define MB_CM0_SRAM_ACC_CON                                     (*(volatile u32 *)(MB_REG_BASE + 0x0008))
+       #define MB_CM0_DBGCON                                           (*(volatile u32 *)(MB_REG_BASE + 0x0034))
+#else
+#define MB_REG_BASE                                            (0x70020000)    
+#endif
+
+#define CTRL_FIELD_BASE                                        (MB_REG_BASE + 0x0100)
+#define DATA_FIELD_BASE                                        (MB_REG_BASE + 0x0110)
+
+#define CTRL_FIELD_ADDR(val)                   (CTRL_FIELD_BASE+(val<<2))
+#define DATA_FIELD_ADDR(val)                   (DATA_FIELD_BASE+(val<<2))
+
+#define CTRL_FIELD(val)                                        (*(volatile u32 *)(CTRL_FIELD_ADDR(val)))
+#define DATA_FIELD(val)                                        (*(volatile u32 *)(DATA_FIELD_ADDR(val)))
+
+#define ISP_DATA_FIELD_SET(index, value)       DATA_FIELD(index) = value
+#define ISP_DATA_FIELD_GET(index, value)       value = DATA_FIELD(index)
+#define ISP_CTRL_FIELD_SET(index, value)       CTRL_FIELD(index) = value
+#define ISP_CTRL_FIELD_GET(index, value)       value = CTRL_FIELD(index)
+
+
+#endif /* ISP_SSS_MAP_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_type.h b/os/arch/arm/src/s5j/soc/sss/isp_type.h
new file mode 100644 (file)
index 0000000..f78372f
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_type.h
@@ -0,0 +1,70 @@
+/*!
+ *  @file       isp_type.h
+ *  @brief      Headerfile : types for ISP
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+//! @defgroup SECURITY_ISP api for isp driver
+//! @defgroup SECURITY_ISP_MAILBOX api for mailbox interface to ISP
+
+#ifndef ISP_TYPE_H_
+#define ISP_TYPE_H_
+
+#ifndef CONFIG_S5J_SILICON
+#define CONFIG_S5J_SILICON
+#endif
+
+/********** types **********/
+
+typedef unsigned int   u32;
+typedef signed int             s32;
+typedef unsigned char  u8;
+typedef signed char            s8;
+
+
+/********** Macro Function for SFR access **********/
+#define BIT(nbit)                                      (0x1u << (nbit))
+
+#define SFR_BIT_CLR(val, bit)                  ((val) &= (~(bit)))                     ///<bit clear by bit value
+#define SFR_BIT_SET(val, bit)                  ((val) |= (bit))                        ///<bit set by bit value
+
+#define SFR_SET(sfr, val)                      ((sfr) = (val))
+#define        SFR_GET(sfr, val)                       ((val) = (sfr))
+
+#define WAIT_SFR_BIT_CLR(sfr, bit)     while((sfr) & (bit))    ///<wait until bit is cleared
+#define WAIT_SFR_BIT_SET(sfr, bit)     while(!((sfr) & (bit))) ///<wait until bit is set
+
+#define SET_DWORD_TO_BBUF(buf, dword)                  \
+       ((u8 *)(buf))[3] = ((u8)((dword) >> 0));        \
+       ((u8 *)(buf))[2] = ((u8)((dword) >> 8));        \
+       ((u8 *)(buf))[1] = ((u8)((dword) >> 16));       \
+       ((u8 *)(buf))[0] = ((u8)((dword) >> 24));
+#define GET_DWORD_FROM_BBUF(buf)                       \
+       (u32)(                                                                  \
+               ((((u8 *)(buf))[3]) << 0)       |               \
+               ((((u8 *)(buf))[2]) << 8)       |               \
+               ((((u8 *)(buf))[1]) << 16)      |               \
+               ((((u8 *)(buf))[0]) << 24))
+
+#define SWAP32(val)                                                    \
+       (u32)(                                                                  \
+               (((val) & 0xff) << 24) |                        \
+               (((val) & 0xff00) << 8) |                       \
+               (((val) & 0xff0000) >> 8) |                     \
+               (((val) & 0xff000000) >> 24)            \
+       )
+
+#define CEIL_BY_WORD(val) (val&0x3) ? (1+(val>>2)) : (val>>2)
+#define CEIL_BY_16BYTE(val) (val&0xF) ? ((val&0xFFFFFFF0)+0x10) : (val)
+
+/********** Defines  **********/
+#define SUCCESS                (0x00)
+#define FAIL                   (0x01)
+
+#ifndef NULL
+#define NULL   ((void *) 0)
+#endif
+
+
+#endif /* ISP_TYPE_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/isp_util.h b/os/arch/arm/src/s5j/soc/sss/isp_util.h
new file mode 100644 (file)
index 0000000..654e52c
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/isp_util.h
@@ -0,0 +1,41 @@
+/*!
+ *  @file       isp_util.h
+ *  @brief      Headerfile : util functions to support memset, memcpy, memcmp 
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+#ifndef ISP_UTIL_H_
+#define ISP_UTIL_H_
+
+#include "isp_type.h"
+
+// ======================================
+// Function
+// ======================================
+int _isp_memcpy_u32_4PKA(u32* pu32Dst, u32* pu32Src, u32 u32Size);
+int _isp_memset_u32(u32* pu32Dst, u32 u32Src, u32 u32Size);
+int _isp_memcpy_u32(u32* pu32Dst, u32* pu32Src, u32 u32Size);
+int _isp_memcmp_u32(const u32* pu32Src1, const u32* pu32Src2, u32 u32Size);
+
+int _isp_memxor_u32(u32* pu32Dst, u32* pu32Src1, u32* pu32Src2, u32 u32Size);
+int _isp_memcpy_u32_4PKA_Swap(u32* pu32Dst, u32* pu32Src, u32 u32Size, int u32Swap);
+int _isp_memcpy_swap_u32(u32* pu32Dst, u32* pu32Src, u32 u32Size);
+
+int _isp_memset_u8(u8* pu8Dst, u8 u8Src, u32 u32Size);
+int _isp_memcpy_u8(u8* pu8Dst, u8* pu8Src, u32 u32Size);
+int _isp_memcmp_u8(const u8* pu8Src1, const u8* pu8Src2, u32 u32Size);
+
+int _isp_memcpy_mailbox(u32* pu32Dst, u32* pu32Src, u32 u32Size_byte_len);
+int _isp_memcpy_mailbox_swap(u32* pu32Dst, u32* pu32Src, u32 u32Size_byte_len);
+
+int _isp_check_oid(u32 inputoid, u32 algorithm);
+int _isp_is_zero(const u32* pu32Src, u32 u32Size);
+
+#define ISP_HMAC       (0x001)
+#define ISP_HASH       (0x002)
+#define ISP_DH         (0x003)
+#define ISP_ECDH       (0x004)
+#define ISP_RSA                (0x005)
+#define ISP_ECDSA      (0x006)
+
+#endif /* ISP_UTIL_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/libispdriver.a b/os/arch/arm/src/s5j/soc/sss/libispdriver.a
new file mode 100644 (file)
index 0000000..8544906
Binary files /dev/null and b/os/arch/arm/src/s5j/soc/sss/libispdriver.a differ

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes.h
new file mode 100644 (file)
index 0000000..26723cc
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes.h
@@ -0,0 +1,77 @@
+/*!
+ *  @file       mb_cmd_aes.h
+ *  @brief      Headerfile : mailbox api for aes
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef MB_CMD_AES_H_
+#define MB_CMD_AES_H_
+
+
+#define AES_ENCTYPT            (0x00)
+#define AES_DECRYPT            (0x01)
+
+// Key Size field
+#define AESKEY_128             (0x10)
+#define AESKEY_192             (0x18)
+#define AESKEY_256             (0x20)
+
+// Mode
+#define AES_ECB_MODE           (0x0008)
+#define AES_CBC_MODE           (0x0108)
+#define AES_CTR_MODE           (0x0208)
+#define AES_XTS_MODE           (0x0308)
+#define AES_CCM_MODE           (0x1008)
+#define AES_GCM_MODE           (0x1108)
+#define AES_KW_MODE                    (0x1208)
+
+#define AES_128_ECB    ((AESKEY_128<<16)|(AES_ECB)) // 0x00001008
+#define AES_192_ECB    ((AESKEY_192<<16)|(AES_ECB)) // 0x00001808
+#define AES_256_ECB    ((AESKEY_256<<16)|(AES_ECB)) // 0x00002008
+#define AES_128_CBC    ((AESKEY_128<<16)|(AES_CBC)) // 0x00101008
+#define AES_192_CBC    ((AESKEY_192<<16)|(AES_CBC)) // 0x00101808
+#define AES_256_CBC    ((AESKEY_256<<16)|(AES_CBC)) // 0x00102008
+#define AES_128_CTR    ((AESKEY_128<<16)|(AES_CTR)) // 0x00201008
+#define AES_192_CTR    ((AESKEY_192<<16)|(AES_CTR)) // 0x00201808
+#define AES_256_CTR    ((AESKEY_256<<16)|(AES_CTR)) // 0x00202008
+#define AES_128_XTS    ((AESKEY_128<<16)|(AES_XTS)) // 0x00301008
+// No AES_192_XTS
+#define AES_256_XTS    ((AESKEY_256<<16)|(AES_XTS)) // 0x00302008
+#define AES_128_CCM    ((AESKEY_128<<16)|(AES_CCM)) // 0x01001008
+#define AES_192_CCM    ((AESKEY_192<<16)|(AES_CCM)) // 0x01001808
+#define AES_256_CCM    ((AESKEY_256<<16)|(AES_CCM)) // 0x01002008
+#define AES_128_GCM    ((AESKEY_128<<16)|(AES_GCM)) // 0x01101008
+#define AES_192_GCM    ((AESKEY_192<<16)|(AES_GCM)) // 0x01101808
+#define AES_256_GCM    ((AESKEY_256<<16)|(AES_GCM)) // 0x01102008
+
+#define MAX_MB_AES_BLOCK_BLEN  (240)
+#define MAX_AES_AAD_BLEN               (128)
+
+// ======================================
+// Structure
+// ======================================
+//! @struct sAES_PARAM
+//! @brief struct of AES parameter
+struct sAES_PARAM
+{
+       unsigned char * pu8Plaintext;
+       unsigned int u32Plaintext_byte_len;
+    unsigned char * pu8Ciphertext;
+    unsigned int u32Ciphertext_byte_len;
+
+
+    unsigned char *pu8iv;
+    unsigned int u32iv_byte_len;
+
+    unsigned char *pu8aad;
+    unsigned int u32aad_byte_len;
+
+    unsigned char *pu8Tag;
+    unsigned int u32Tag_byte_len;
+
+    unsigned int u32Mode;
+};
+
+
+#endif /* MB_CMD_AES_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes_securekey.h
new file mode 100644 (file)
index 0000000..a58913f
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes_securekey.h
@@ -0,0 +1,77 @@
+/*!
+ *  @file       mb_cmd_aes_securekey.h
+ *  @brief      Headerfile : mailbox api for aes using securekey
+ *  @author     jinsu.hyun
+ *  @version    v0.10 : 2016.7.29 Init.
+ */
+
+#ifndef MB_CMD_AES_SECUREKEY_H_
+#define MB_CMD_AES_SECUREKEY_H_
+
+#include "mb_cmd_aes.h"
+
+// ======================================
+// Function
+// ======================================
+int mb_aes_ecb_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc);
+int mb_aes_ecb_update_securekey(struct sAES_PARAM *aes_param);
+int mb_aes_ecb_final_securekey(struct sAES_PARAM *aes_param);
+
+
+int mb_aes_cbc_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc);
+int mb_aes_cbc_update_securekey(struct sAES_PARAM *aes_param);
+int mb_aes_cbc_final_securekey(struct sAES_PARAM *aes_param);
+
+
+int mb_aes_ctr_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc);
+int mb_aes_ctr_update_securekey(struct sAES_PARAM *aes_param);
+int mb_aes_ctr_final_securekey(struct sAES_PARAM *aes_param);
+
+
+int mb_aes_xts_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc);
+int mb_aes_xts_update_securekey(struct sAES_PARAM *aes_param);
+int mb_aes_xts_final_securekey(struct sAES_PARAM *aes_param);
+
+
+int mb_aes_ccm_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc);
+int mb_aes_ccm_update_securekey(struct sAES_PARAM *aes_param);
+int mb_aes_ccm_final_securekey(struct sAES_PARAM *aes_param, unsigned int enc);
+
+int mb_aes_gcm_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc);
+int mb_aes_gcm_update_securekey(struct sAES_PARAM *aes_param);
+int mb_aes_gcm_final_securekey(struct sAES_PARAM *aes_param, unsigned int enc);
+
+int mb_aes_generate_key_securekey(unsigned int key_byte_len, unsigned int key_index);
+
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_AES_ECB_INIT_SECUREKEY            (0x00043302)
+#define FUNC_AES_ECB_UPDATE_SECUREKEY  (0x00053302)
+#define FUNC_AES_ECB_FINAL_SECUREKEY   (0x00063302)
+
+#define FUNC_AES_CBC_INIT_SECUREKEY            (0x00143302)
+#define FUNC_AES_CBC_UPDATE_SECUREKEY  (0x00153302)
+#define FUNC_AES_CBC_FINAL_SECUREKEY   (0x00163302)
+
+#define FUNC_AES_CTR_INIT_SECUREKEY            (0x00243302)
+#define FUNC_AES_CTR_UPDATE_SECUREKEY  (0x00253302)
+#define FUNC_AES_CTR_FINAL_SECUREKEY   (0x00263302)
+
+#define FUNC_AES_XTS_INIT_SECUREKEY            (0x00343302)
+#define FUNC_AES_XTS_UPDATE_SECUREKEY  (0x00353302)
+#define FUNC_AES_XTS_FINAL_SECUREKEY   (0x00363302)
+
+#define FUNC_AES_CCM_INIT_SECUREKEY            (0x00443302)
+#define FUNC_AES_CCM_UPDATE_SECUREKEY  (0x00453302)
+#define FUNC_AES_CCM_FINAL_SECUREKEY   (0x00463302)
+
+#define FUNC_AES_GCM_INIT_SECUREKEY            (0x00543302)
+#define FUNC_AES_GCM_UPDATE_SECUREKEY  (0x00553302)
+#define FUNC_AES_GCM_FINAL_SECUREKEY   (0x00563302)
+
+#define FUNC_AES_KEYGEN_SECUREKEY              (0x00A13302)
+
+
+#endif /* MB_CMD_AES_SECUREKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh.h
new file mode 100644 (file)
index 0000000..4e6763d
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh.h
@@ -0,0 +1,32 @@
+/*!
+ *  @file       mb_cmd_dh.h
+ *  @brief      Headerfile : mailox command for dh
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_DH_H_
+#define MB_CMD_DH_H_
+
+
+// ======================================
+// Structure
+// ======================================
+//! @struct sDH_PARAM
+//! @brief struct of DH parameter
+struct sDH_PARAM
+{
+       unsigned int object_id;
+       unsigned int modules_p_byte_len;
+       unsigned char *modules_p;
+       unsigned int generator_g_byte_len;
+       unsigned char *generator_g;
+       unsigned int order_q_byte_len;
+       unsigned char *order_q;
+       unsigned int publickey_byte_len;        
+       unsigned char *publickey;
+};
+
+#endif /* MB_CMD_DH_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh_securekey.h
new file mode 100644 (file)
index 0000000..de80c89
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh_securekey.h
@@ -0,0 +1,79 @@
+/*!
+ *  @file       mb_cmd_dh_securekey.h
+ *  @brief      Headerfile : mailbox command for dh securekey 
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_DH_SECUREKEY_H_
+#define MB_CMD_DH_SECUREKEY_H_
+
+#include "mb_cmd_dh.h"
+
+// ======================================
+// Function
+// ======================================
+//1. int isp_dh_generate_keypair_userparam_securestorage(struct sDH_PARAM *i_dh_param, unsigned int dh_param_index);
+int mb_dh_generate_key_userkey_step1(struct sDH_PARAM *i_dh_param, unsigned int object_id); //p
+int mb_dh_generate_key_userkey_step2(struct sDH_PARAM *i_dh_param, unsigned int object_id); //g
+int mb_dh_generate_key_userkey_step3(struct sDH_PARAM *i_dh_param, unsigned int object_id); //q
+int mb_dh_generate_key_userkey_step4(unsigned int object_id); //execution
+int mb_dh_generate_key_securekey_step5(unsigned int object_id); //before secure storage
+//store secure storage
+int mb_dh_generate_key_userkey_step6(struct sDH_PARAM *o_dh_param, unsigned int object_id);   //pukey
+
+//2. int isp_dh_generate_keypair_secureparam(struct sDH_PARAM *o_dh_param, unsigned int key_index);
+//get key from secure storage
+int mb_dh_generate_key_securekey_step1(unsigned int object_id);
+//set key store secure storage
+int mb_dh_generate_param_userkey_step7(struct sDH_PARAM *o_dh_param, unsigned int object_id); //output p
+int mb_dh_generate_param_userkey_step8(struct sDH_PARAM *o_dh_param, unsigned int object_id); //output g
+
+
+
+//3. int isp_dh_compute_shared_secret_securekey(unsigned char *shared_secret, struct sDH_KEY* dh_publickey, unsigned int key_index);
+int mb_dh_compute_shared_secret_securekey_step1(struct sDH_PARAM i_dh_pukey, unsigned int object_id);  //other pukey
+//get key
+int mb_dh_compute_shared_secret_securekey_step2(unsigned int object_id);       //load param from secure storage
+int mb_dh_compute_shared_secret_securekey_step3(unsigned char *shared_secret, unsigned int* shared_secret_byte_len, unsigned int object_id);
+
+
+//4. int isp_dh_generate_param_securekey(struct sDH_PARAM *o_dh_param, unsigned int dh_param_index);
+int mb_dh_generate_param_securekey_step1(unsigned int object_id);
+
+
+//5. get public key from secure storage
+int mb_dh_get_pubkey_securekey_step1(unsigned int object_id);
+int mb_dh_get_pubkey_securekey_step2(unsigned int object_id); //execution
+
+//6. generate parameter except prime
+int mb_dh_generate_param_generator_step1(unsigned int object_id);
+
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_DH_GEN_KEY_USERKEY1                                               (0x00012402)
+#define FUNC_DH_GEN_KEY_USERKEY2                                               (0x00022402)
+#define FUNC_DH_GEN_KEY_USERKEY3                                               (0x00032402)
+#define FUNC_DH_GEN_KEY_USERKEY4                                               (0x00042402)
+#define FUNC_DH_GEN_KEY_SECUREKEY5                                             (0x01052402)
+#define FUNC_DH_GEN_KEY_USERKEY6                                               (0x00062402)
+
+#define FUNC_DH_GEN_KEY_SECUREKEY1                                             (0x03012402)
+#define FUNC_DH_GEN_PARAM_USERKEY7                                             (0x00022302)
+#define FUNC_DH_GEN_PARAM_USERKEY8                                             (0x00032302)
+
+#define FUNC_DH_GET_PUKEY_SECUREKEY1                                   (0x01012402)
+#define FUNC_DH_GET_PUKEY_SECUREKEY2                                   (0x01042402)
+
+#define FUNC_DH_COMPUTE_SHARED_SECRET_SECUREKEY1               (0x00012502)
+#define FUNC_DH_COMPUTE_SHARED_SECRET_SECUREKEY2               (0x01022502)
+#define FUNC_DH_COMPUTE_SHARED_SECRET_SECUREKEY3               (0x00052502)
+
+#define FUNC_DH_GEN_PARAM_SECUREKEY1                                   (0x00012302)
+#define FUNC_DH_GEN_GENERATOR_SECUREKEY1                               (0x01012302)
+
+#endif /* MB_CMD_DH_SECUREKEY_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdh_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdh_securekey.h
new file mode 100644 (file)
index 0000000..1104c73
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdh_securekey.h
@@ -0,0 +1,26 @@
+/*!
+ *  @file       mb_cmd_ecdh_securekey.h
+ *  @brief      Headerfile : mailbox command for ecdh securekey
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_ECDH_SECUREKEY_H_
+#define MB_CMD_ECDH_SECUREKEY_H_
+
+#include "mb_cmd_ecdsa.h"
+
+// ======================================
+// Function
+// ======================================
+int mb_compute_ecdh_securekey(unsigned char *shared_secret, unsigned int *shared_secret_byte_len, struct sECC_KEY ecc_key, unsigned int object_id);
+
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_ECDH_COMPUTE_SECUREKEY    (0x01012102)
+
+#endif /* MB_CMD_ECDH_SECUREKEY_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa.h
new file mode 100644 (file)
index 0000000..ecd3abd
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa.h
@@ -0,0 +1,43 @@
+/*!
+ *  @file       mb_cmd_ecdsa.h
+ *  @brief      Headerfile : mailbox command for ecdsa
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_ECDSA_H_
+#define MB_CMD_ECDSA_H_
+
+#define MAX_ECDSA_BLOCK_BLEN   (128)
+#define MAX_ECDSA_KEY_BLEN             (244)
+
+// ======================================
+// Structure
+// ======================================
+//! @struct sECC_KEY
+//! @brief struct of ECDSA Key parameter
+struct sECC_KEY
+{
+       unsigned int curve;
+       unsigned char * privatekey;
+       unsigned char * publickey_x;
+       unsigned char x_byte_len;
+       unsigned char * publickey_y;
+       unsigned char y_byte_len;
+};
+
+//! @struct sECC_SIGN
+//! @brief struct of ECDSA Signature
+struct sECC_SIGN
+{
+       unsigned int sign_type;
+       unsigned char * r;
+       unsigned char r_byte_len;
+       unsigned char * s;
+       unsigned char s_byte_len;
+};
+
+
+#endif /* MB_CMD_ECDSA_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa_securekey.h
new file mode 100644 (file)
index 0000000..010d3b5
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa_securekey.h
@@ -0,0 +1,43 @@
+/*!
+ *  @file       mb_cmd_ecdsa_securekey.h
+ *  @brief      Headerfile : mailbox command for ecdsa securekey
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef MB_CMD_ECDSA_SECUREKEY_H_
+#define MB_CMD_ECDSA_SECUREKEY_H_
+
+#include "mb_cmd_ecdsa.h"
+
+// ======================================
+// Function
+// ======================================
+int mb_ecdsa_sign_securekey_step1(unsigned int object_id, unsigned char* hash);
+int mb_ecdsa_sign_securekey_step2(struct sECC_SIGN *signature, unsigned int object_id);
+
+int mb_ecdsa_verify_securekey_step1(unsigned int object_id, unsigned char* hash);
+int mb_ecdsa_verify_securekey_step2(unsigned int object_id, struct sECC_SIGN *signature);
+int mb_ecdsa_verify_securekey_step3(unsigned int object_id);
+
+int mb_ecdsa_generate_key_securekey_step1(unsigned int object_id);
+int mb_ecdsa_generate_publickey_securekey_step1(unsigned int object_id);
+int mb_ecdsa_generate_publickey_securekey_step2(struct sECC_KEY *ecc_publickey, unsigned int object_id);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_ECDSA_SIGN_SECUREKEY1                             (0x01011102)
+#define FUNC_ECDSA_SIGN_SECUREKEY2                             (0x01021102)
+
+#define FUNC_ECDSA_VERIFY_SECUREKEY1                   (0x01011202)
+#define FUNC_ECDSA_VERIFY_SECUREKEY2                   (0x01021202)
+#define FUNC_ECDSA_VERIFY_SECUREKEY3                   (0x01031202)
+
+#define FUNC_ECDSA_GEN_KEY_SECUREKEY1                  (0x03011302)
+#define FUNC_ECDSA_GEN_PUBLICKEY_SECUREKEY1            (0x01011302)
+#define FUNC_ECDSA_GEN_PUBLICKEY_SECUREKEY2            (0x01021302)
+
+
+#endif /* MB_CMD_ECDSA_SECUREKEY_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_hash.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hash.h
new file mode 100644 (file)
index 0000000..dcd8fc7
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hash.h
@@ -0,0 +1,52 @@
+/*!
+ *  @file              mb_cmd_hash.h
+ *  @brief             Headerfile : mailbox command for hash
+ *  @author            jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_HASH_H_
+#define MB_CMD_HASH_H_
+
+// ======================================
+// Structure
+// ======================================
+//! @struct sHASH_MSG
+//! @brief struct of message for Hash
+struct sHASH_MSG
+{
+       unsigned int addr_low;
+       unsigned int addr_high;
+       unsigned int descriptor_byte_len;
+       unsigned int msg_byte_len;
+       unsigned int msg_type;
+};
+
+#define MAX_HASH_BLOCK_BLEN            (144)
+#define GET_HASH_SIZE(OID)                     ((OID>> 8)&0x07)
+
+// ======================================
+// Function
+// ======================================
+int mb_hash_init(unsigned int object_id, unsigned int msg_byte_len);
+int mb_hash_update(unsigned int block_byte_len, unsigned char * msg_block);
+int mb_hash_final(unsigned char *hash, unsigned int block_byte_len, unsigned char * msg_block);
+
+int mb_hash_dma(unsigned char *hash, unsigned int object_id, unsigned int msg_byte_len, unsigned int msg_addr_low, unsigned int msg_addr_high);
+int mb_hash_descriptor(unsigned char *hash, unsigned int object_id, unsigned int msg_byte_len, unsigned int descriptor_byte_len, unsigned int descriptor_addr_low, unsigned int descriptor_addr_high);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_HASH_INIT                                 (0x00103102)
+#define FUNC_HASH_UPDATE                               (0x00203102)
+#define FUNC_HASH_FINAL                                        (0x00303102)
+#define FUNC_HASH_DMA                                  (0x01013102)
+#define FUNC_HASH_DESCRIPTOR                   (0x02013102)
+
+
+
+
+#endif /* MB_CMD_HASH_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac.h
new file mode 100644 (file)
index 0000000..dd8d61c
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac.h
@@ -0,0 +1,27 @@
+/*!
+ *  @file       mb_cmd_hmac.h
+ *  @brief      Headerfile : mailbox command for hmac
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_HMAC_H_
+#define MB_CMD_HMAC_H_
+
+#define MAX_HMAC_BLOCK_BLEN    (128)
+
+//! @struct sHMAC_MSG
+//! @brief struct of message for HMAC
+struct sHMAC_MSG
+{
+       unsigned int addr_low;
+       unsigned int addr_high;
+       unsigned int descriptor_byte_len;
+       unsigned int msg_byte_len;
+       unsigned int msg_type;
+};
+
+
+#endif /* MB_CMD_HMAC_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac_securekey.h
new file mode 100644 (file)
index 0000000..087d4a0
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac_securekey.h
@@ -0,0 +1,32 @@
+/*!
+ *  @file       mb_cmd_hmac_securekey.h
+ *  @brief      Headerfile : mailbox command for hmac securekey
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef MB_CMD_HMAC_SECUREKEY_H_
+#define MB_CMD_HMAC_SECUREKEY_H_
+
+#include "mb_cmd_hmac.h"
+
+// ======================================
+// Function
+// ======================================
+int mb_hmac_generate_key_securekey(unsigned int key_byte_len, unsigned int key_index);
+
+int mb_hmac_init_securekey(unsigned int object_id, unsigned int msg_byte_len);
+int mb_hmac_update_securekey(unsigned int block_byte_len, unsigned char * msg_block);
+int mb_hmac_final_securekey(unsigned char *mac, unsigned int block_byte_len, unsigned char * msg_block);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_HMAC_KEYGEN_SECUREKEY             (0x00013202)
+
+#define FUNC_HMAC_INIT_SECUREKEY               (0x00113202)
+#define FUNC_HMAC_UPDATE_SECUREKEY             (0x00213202)
+#define FUNC_HMAC_FINAL_SECUREKEY              (0x00313202)
+
+#endif /* MB_CMD_HMAC_SECUREKEY_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_rng.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rng.h
new file mode 100644 (file)
index 0000000..1445346
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rng.h
@@ -0,0 +1,24 @@
+/*!
+ *  @file              mb_cmd_rng.h
+ *  @brief             Headerfile : mailbox command for rng
+ *  @author            jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_RNG_H_
+#define MB_CMD_RNG_H_
+
+
+// ======================================
+// Function
+// ======================================
+int mb_generate_random_number(unsigned int *random_number, unsigned int random_wlen);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_RNG  (0x00016102)
+
+#endif /* MB_CMD_RNG_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa.h
new file mode 100644 (file)
index 0000000..c774b95
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa.h
@@ -0,0 +1,38 @@
+/*!
+ *  @file       mb_cmd_rsa.h
+ *  @brief      Headerfile : mailbox command for rsa
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_RSA_H_
+#define MB_CMD_RSA_H_
+
+// ======================================
+// Structure
+// ======================================
+//! @struct sRSA_KEY
+//! @brief struct of RSA Key parameter
+struct sRSA_KEY{
+       unsigned int object_id;
+       unsigned char *modules;
+       unsigned int modules_byte_len;
+       unsigned char *publickey;
+       unsigned int publickey_byte_len;
+       unsigned char *privatekey;
+};
+
+
+//! @struct sRSA_SIGN
+//! @brief struct of RSA Signature
+struct sRSA_SIGN{
+       unsigned int signature_byte_len;
+       unsigned char *signature;
+       unsigned int salt_byte_len;
+       unsigned int alg_type;
+};
+
+
+#endif /* MB_CMD_RSA_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa_securekey.h
new file mode 100644 (file)
index 0000000..7a6e057
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa_securekey.h
@@ -0,0 +1,72 @@
+/*!
+ *  @file       mb_cmd_rsa_securekey.h
+ *  @brief      Headerfile : mailbox command for rsa securekey
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_RSA_SECUREKEY_H_
+#define MB_CMD_RSA_SECUREKEY_H_
+
+#include "mb_cmd_rsa.h"
+
+// ======================================
+// Functions
+// ======================================
+int mb_rsa_encrypt_securekey_step1(unsigned int object_id, unsigned char *input, unsigned int input_byte_len);
+int mb_rsa_encrypt_securekey_step2(unsigned int object_id);
+int mb_rsa_encrypt_securekey_step3(unsigned int object_id, unsigned char *output, unsigned int *output_byte_len);
+
+int mb_rsa_decrypt_securekey_step1(unsigned int object_id, unsigned char *input, unsigned int input_byte_len);
+int mb_rsa_decrypt_securekey_step2(unsigned int object_id);
+int mb_rsa_decrypt_securekey_step3(unsigned int object_id, unsigned char *output, unsigned int *output_byte_len);
+
+int mb_rsa_sign_securekey_step1(unsigned int object_id, unsigned char *hash);
+int mb_rsa_sign_securekey_step2(unsigned int object_id);
+int mb_rsa_sign_securekey_step3(unsigned int object_id, struct sRSA_SIGN *rsa_sign);
+
+int mb_rsa_verify_securekey_step1(unsigned int object_id, unsigned char *hash);
+int mb_rsa_verify_securekey_step2(unsigned int object_id);
+int mb_rsa_verify_securekey_step3(unsigned int object_id, struct sRSA_SIGN *rsa_sign);
+int mb_rsa_verify_securekey_step4(unsigned int object_id, struct sRSA_SIGN *rsa_sign);
+
+int mb_rsa_generate_key_secretkey_step1(unsigned int object_id, unsigned int pukey);
+
+int mb_rsa_get_pubkey_secretkey_step1(unsigned int object_id, struct sRSA_KEY *rsa_key);
+int mb_rsa_get_pubkey_secretkey_step2(unsigned int object_id, struct sRSA_KEY *rsa_key);
+
+int mb_load_prime(void);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_RSA_ENCRYPT_SECUREKEY1    (0x00015102)
+#define FUNC_RSA_ENCRYPT_SECUREKEY2    (0x01025102)
+#define FUNC_RSA_ENCRYPT_SECUREKEY3    (0x00035102)
+
+#define FUNC_RSA_DECRYPT_SECUREKEY1    (0x00015202)
+#define FUNC_RSA_DECRYPT_SECUREKEY2    (0x01025202)
+//skip 03rd when securekey
+#define FUNC_RSA_DECRYPT_SECUREKEY3    (0x00045202)
+
+#define FUNC_RSA_SIGN_SECUREKEY1               (0x00011502)
+#define FUNC_RSA_SIGN_SECUREKEY2               (0x01021502)
+//skip 03rd when secure key
+#define FUNC_RSA_SIGN_SECUREKEY3               (0x00041502)
+#define FUNC_RSA_SIGN_SECUREKEY3_PKCS  (0x01041502)
+#define FUNC_RSA_SIGN_SECUREKEY3_PSS   (0x00041502)
+
+#define FUNC_RSA_VERIFY_SECUREKEY1             (0x00011602)
+#define FUNC_RSA_VERIFY_SECUREKEY2             (0x01021602)
+#define FUNC_RSA_VERIFY_SECUREKEY3             (0x00031602)
+#define FUNC_RSA_VERIFY_SECUREKEY4             (0x00041602)
+
+#define FUNC_RSA_GENKEY_SECUREKEY1_RNDPK  (0x01011702)
+#define FUNC_RSA_GENKEY_SECUREKEY1_USERPK (0x03011702)
+
+#define FUNC_RSA_GET_PUBKEY_SECUREKEY1  (0x01021702)
+#define FUNC_RSA_GET_PUBKEY_SECUREKEY2  (0x01031702)
+
+#endif /* MB_CMD_RSA_SECUREKEY_H_ */
+

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_cert.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_cert.h
new file mode 100644 (file)
index 0000000..ec4d6da
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_cert.h
@@ -0,0 +1,40 @@
+/*!
+ *  @file       mb_cmd_secure_storage_cert.h
+ *  @brief      Headerfile : mailbox command for secure storage cert
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef MB_CMD_SECURE_STORAGE_CERT_H_
+#define MB_CMD_SECURE_STORAGE_CERT_H_
+
+
+#define SSTORAGE_CERT_SLOT_INDEX_MAX           (8)
+#define SSTORAGE_CERT_DATA_MAX                         (0x1000) // 4096
+#define SSTORAGE_CERT_SLOT_MAX                         (0x1100) // 4096+256
+
+// ======================================
+// Function
+// ======================================
+// Secure Storage for Cert
+int mb_storage_set_cert_init(unsigned char * iv, unsigned int msg_byte_len, unsigned int index);
+int mb_storage_set_cert_update(unsigned char *out_block, unsigned char *in_block);
+int mb_storage_set_cert_final(unsigned char *out_block, unsigned char *in_block, unsigned int in_block_byte_len);
+
+int mb_storage_get_cert_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int index);
+int mb_storage_get_cert_update(unsigned char *out_block, unsigned char *in_block);
+int mb_storage_get_cert_final(unsigned char *out_block, unsigned char *in_block, unsigned int block_byte_len);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_SSTORAGE_CERT_ENC_INIT                    (0x0001A102)
+#define FUNC_SSTORAGE_CERT_ENC_UPDATE          (0x0002A102)
+#define FUNC_SSTORAGE_CERT_ENC_FINAL           (0x0003A102)
+
+#define FUNC_SSTORAGE_CERT_DEC_INIT                    (0x0011A102)
+#define FUNC_SSTORAGE_CERT_DEC_UPDATE          (0x0012A102)
+#define FUNC_SSTORAGE_CERT_DEC_FINAL           (0x0013A102)
+
+
+#endif /* MB_CMD_SECURE_STORAGE_CERT_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_data.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_data.h
new file mode 100644 (file)
index 0000000..6c25383
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_data.h
@@ -0,0 +1,41 @@
+/*!
+ *  @file       mb_cmd_secure_storage_data.h
+ *  @brief      Headerfile : mailbox command for secure storage data
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef MB_CMD_SECURE_STORAGE_DATA_H_
+#define MB_CMD_SECURE_STORAGE_DATA_H_
+
+
+#define SSTORAGE_DATA_SLOT_INDEX_MAX           (32)
+#define SSTORAGE_DATA_DATA_MAX                         (208)
+#define SSTORAGE_DATA_SLOT_MAX                         (256)
+
+
+// ======================================
+// Function
+// ======================================
+// Secure Storage for Data
+int mb_storage_set_data_init(unsigned char * iv, unsigned int msg_byte_len, unsigned int index);
+int mb_storage_set_data_update(unsigned char * out_block, unsigned char *in_block);
+int mb_storage_set_data_final(unsigned char * out_block, unsigned char *in_block, unsigned int in_block_byte_len);
+
+int mb_storage_get_data_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int index);
+int mb_storage_get_data_update(unsigned char * out_block, unsigned char *in_block);
+int mb_storage_get_data_final(unsigned char * out_block, unsigned char *in_block, unsigned int block_byte_len);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_SSTORAGE_DATA_ENC_INIT                    (0x0001A202)
+#define FUNC_SSTORAGE_DATA_ENC_UPDATE          (0x0002A202)
+#define FUNC_SSTORAGE_DATA_ENC_FINAL           (0x0003A202)
+
+#define FUNC_SSTORAGE_DATA_DEC_INIT                    (0x0011A202)
+#define FUNC_SSTORAGE_DATA_DEC_UPDATE          (0x0012A202)
+#define FUNC_SSTORAGE_DATA_DEC_FINAL           (0x0013A202)
+
+
+#endif /* MB_CMD_SECURE_STORAGE_DATA_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_factorykey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_factorykey.h
new file mode 100644 (file)
index 0000000..c488739
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_factorykey.h
@@ -0,0 +1,46 @@
+/*!
+ *  @file       mb_cmd_secure_storage_factorykey.h
+ *  @brief      Headerfile : mailbox command for secure storage for factorykey
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef MB_CMD_SECURE_STORAGE_FACTORYKEY_H_
+#define MB_CMD_SECURE_STORAGE_FACTORYKEY_H_
+
+// ======================================
+// Function
+// ======================================
+int mb_storage_set_factorykey_init(unsigned int key_byte_len);
+int mb_storage_set_factorykey_update(unsigned char *in_block);
+int mb_storage_set_factorykey_final(unsigned char *in_block, unsigned int block_byte_len);
+
+int mb_storage_get_factorykey_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int type);
+int mb_storage_get_factorykey_update(unsigned char *in_block);
+int mb_storage_get_factorykey_final(unsigned char *in_block, unsigned int block_byte_len);
+
+int mb_storage_set_factorykey_data_init(unsigned char * iv, unsigned int msg_byte_len, unsigned int key_id);
+int mb_storage_set_factorykey_data_update(unsigned char *out_block, unsigned char *in_block);
+int mb_storage_set_factorykey_data_final(unsigned char *out_block, unsigned char *in_block, unsigned int in_block_byte_len);
+
+int mb_storage_get_factorykey_data_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int key_id);
+int mb_storage_get_factorykey_data_update(unsigned char *out_block, unsigned char *in_block);
+int mb_storage_get_factorykey_data_final(unsigned char *out_block, unsigned char *in_block, unsigned int block_byte_len);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_SSTORAGE_FACTORYKEY_ENC_INIT                              (0x0001A402)
+#define FUNC_SSTORAGE_FACTORYKEY_ENC_UPDATE                            (0x0002A402)
+#define FUNC_SSTORAGE_FACTORYKEY_ENC_FINAL                             (0x0003A402)
+
+#define FUNC_SSTORAGE_FACTORYKEY_DATA_ENC_INIT                 (0x0021A402)
+#define FUNC_SSTORAGE_FACTORYKEY_DATA_ENC_UPDATE               (0x0022A402)
+#define FUNC_SSTORAGE_FACTORYKEY_DATA_ENC_FINAL                        (0x0023A402)
+
+#define FUNC_SSTORAGE_FACTORYKEY_DATA_DEC_INIT                 (0x0031A402)
+#define FUNC_SSTORAGE_FACTORYKEY_DATA_DEC_UPDATE               (0x0032A402)
+#define FUNC_SSTORAGE_FACTORYKEY_DATA_DEC_FINAL                        (0x0033A402)
+
+
+#endif /* MB_CMD_SECURE_STORAGE_FACTORYKEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_key.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_key.h
new file mode 100644 (file)
index 0000000..aa24868
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_key.h
@@ -0,0 +1,46 @@
+/*!
+ *  @file       mb_cmd_secure_storage_key.h
+ *  @brief      Headerfile : mailbox command for secure storage key
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+#ifndef MB_CMD_SECURE_STORAGE_KEY_H_
+#define MB_CMD_SECURE_STORAGE_KEY_H_
+
+
+// Storage Map
+#define MB_SSTORAGE_BLOCK_BYTELEN_MAX (240)
+
+// ======================================
+// Function
+// ======================================
+// Secure Storage for Key
+int mb_storage_set_securekey_init(unsigned char * iv, unsigned int msg_byte_len, unsigned int type, unsigned int index);
+int mb_storage_set_securekey_update(unsigned char * out_block, unsigned char *in_block, unsigned int type);
+int mb_storage_set_securekey_final(unsigned char *out_block, unsigned char *in_block, unsigned int block_byte_len, unsigned int type);
+
+int mb_storage_get_securekey_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int type, unsigned int index);
+int mb_storage_get_securekey_update(unsigned char *in_block);
+int mb_storage_get_securekey_final(unsigned int *object_id, unsigned char *in_block, unsigned int block_byte_len);
+
+int mb_storage_set_genkey_securekey_init(unsigned char * iv, unsigned int *msg_byte_len, unsigned int type, unsigned int index);
+int mb_storage_set_genkey_securekey_update(unsigned char * out_block, unsigned int type);
+int mb_storage_set_genkey_securekey_final(unsigned char *out_block, unsigned int type);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_SSTORAGE_KEY_ENC_INIT                             (0x0001A302)
+#define FUNC_SSTORAGE_KEY_ENC_UPDATE                   (0x0002A302)
+#define FUNC_SSTORAGE_KEY_ENC_FINAL                            (0x0003A302)
+
+#define FUNC_SSTORAGE_KEY_DEC_INIT                             (0x0011A302)
+#define FUNC_SSTORAGE_KEY_DEC_UPDATE                   (0x0012A302)
+#define FUNC_SSTORAGE_KEY_DEC_FINAL                            (0x0013A302)
+
+#define FUNC_SSTORAGE_KEY_ENC_KEYGEN_INIT              (0x0021A302)
+#define FUNC_SSTORAGE_KEY_ENC_KEYGEN_UPDATE            (0x0022A302)
+#define FUNC_SSTORAGE_KEY_ENC_KEYGEN_FINAL             (0x0023A302)
+
+#endif /* MB_CMD_SECURE_STORAGE_KEY_H_ */

diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_system.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_system.h
new file mode 100644 (file)
index 0000000..b9dffb4
--- /dev/null
+++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_system.h
@@ -0,0 +1,25 @@
+/*!
+ *  @file       mb_cmd_system.h
+ *  @brief      Headerfile : mailbox command for system function
+ *  @author     jinsu.hyun
+ *  @version    v0.50 : 2016.8.13 Init. release version
+ */
+
+
+#ifndef MB_CMD_SYSTEM_H_
+#define MB_CMD_SYSTEM_H_
+
+// ======================================
+// Function
+// ======================================
+int mb_system_clear(unsigned int type);
+int mb_system_get_info(unsigned int *version);
+
+// ======================================
+// Mailbox Command
+// ======================================
+#define FUNC_SYSTEM_GET_INFO   (0x00000102)
+#define FUNC_SYSTEM_CLEAR              (0x00000202)
+
+#endif /* MB_CMD_SYSTEM_H_ */
+