From: Junyeon Lee Date: Tue, 14 Mar 2017 04:43:52 +0000 (+0900) Subject: s5j/sss: add static library and header files X-Git-Tag: 1.1_Public_Release~614^2~321 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=3d2615cd5b00fd08604115cd23df53da327db751;p=rtos%2Ftinyara.git s5j/sss: add static library and header files This commit adds driver and header files for SSS released at Dec 30, 2016. Change-Id: I69dcc5045528aee1b27069e5250393da703104d8 Signed-off-by: Junyeon Lee --- diff --git a/os/arch/arm/src/s5j/Make.defs b/os/arch/arm/src/s5j/Make.defs index 96b8e6c..e195035 100644 --- a/os/arch/arm/src/s5j/Make.defs +++ b/os/arch/arm/src/s5j/Make.defs @@ -212,6 +212,10 @@ ifeq ($(CONFIG_S5J_DMA),y) CHIP_CSRCS += s5j_dma.c endif +ifeq ($(CONFIG_S5J_SSS),y) +EXTRA_LIBS += chip/soc/sss/libispdriver.a +endif + EXTRA_LIBS += chip/soc/wireless/libwifidriver.a EXTRA_LIBS += chip/soc/wireless/libwifistack.a EXTRA_LIBS += chip/soc/wireless/libwifiapi.a diff --git a/os/arch/arm/src/s5j/soc/sss/isp_define.h b/os/arch/arm/src/s5j/soc/sss/isp_define.h new file mode 100644 index 0000000..3799f2c --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_define.h @@ -0,0 +1,89 @@ +/*! + * @file isp_define.h + * @brief Headerfile : definitions for ISP + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + * @version v0.90 : 2016.9.03 2nd. release version + * + */ + +#ifndef ISP_DEFINE_H +#define ISP_DEFINE_H_ + +//! ********** Constant Variables ********** +#define MAX_KEY_WSIZE 17 +#define MAX_SIGNATURE_WSIZE 17 + +//! ********** Index Variables ********** + +// Hash Function + +#define SHA1 (0x1) +#define SHA2 (0x2) +#define SHA3 (0x3) + +#define HASH160 (0x1) +#define HASH224 (0x2) +#define HASH256 (0x3) +#define HASH384 (0x4) +#define HASH512 (0x5) +#define HMAC (0x1) + +#define SHA1_160 (((SHA1<<4)|(HASH160))<<8) //0x00001100 +#define SHA2_224 (((SHA2<<4)|(HASH224))<<8) //0x00002200 +#define SHA2_256 (((SHA2<<4)|(HASH256))<<8) //0x00002300 +#define SHA2_384 (((SHA2<<4)|(HASH384))<<8) //0x00002400 +#define SHA2_512 (((SHA2<<4)|(HASH512))<<8) //0x00002500 +#define SHA3_224 (((SHA3<<4)|(HASH224))<<8) //0x00003200 +#define SHA3_256 (((SHA3<<4)|(HASH256))<<8) //0x00003300 +#define SHA3_384 (((SHA3<<4)|(HASH384))<<8) //0x00003400 +#define SHA3_512 (((SHA3<<4)|(HASH512))<<8) //0x00003500 + + +#define HMAC_SHA1_160 ((((SHA1<<4)|(HASH160))<<8) | (HMAC)<<16) //0x00011100 +#define HMAC_SHA2_256 ((((SHA2<<4)|(HASH256))<<8) | (HMAC)<<16) //0x00012300 +#define HMAC_SHA2_384 ((((SHA2<<4)|(HASH384))<<8) | (HMAC)<<16) //0x00012400 +#define HMAC_SHA2_512 ((((SHA2<<4)|(HASH512))<<8) | (HMAC)<<16) //0x00012500 + + +// ECC Algorithm ID +#define ECDSA (0x1) +#define ECDH (0x2) +#define PKGEN (0x3) + +// ECC Curve ID +#define ECC192 (0x1) +#define ECC224 (0x2) +#define ECC256 (0x3) +#define ECC384 (0x4) +#define ECC521 (0x5) + +#define ECDSA_192 ((ECDSA<<4)|(ECC192)) //0x11 +#define ECDSA_224 ((ECDSA<<4)|(ECC224)) //0x12 +#define ECDSA_256 ((ECDSA<<4)|(ECC256)) //0x13 +#define ECDSA_384 ((ECDSA<<4)|(ECC384)) //0x14 +#define ECDSA_521 ((ECDSA<<4)|(ECC521)) //0x15 + +#define ECDH_192 ((ECDH<<4)|(ECC192)) //0x21 +#define ECDH_224 ((ECDH<<4)|(ECC224)) //0x22 +#define ECDH_256 ((ECDH<<4)|(ECC256)) //0x23 +#define ECDH_384 ((ECDH<<4)|(ECC384)) //0x24 +#define ECDH_521 ((ECDH<<4)|(ECC521)) //0x25 + + +#define GET_ECC_CURVE(OID) ((OID )&0x07) +#define GET_ECC_ALG(OID) ((OID>> 4)&0x0F) + +#define GET_HASH_SIZE(OID) ((OID>> 8)&0x07) +#define GET_HASH_ALG(OID) ((OID>>12)&0x0F) + +#define Is_HMAC_ALG(OID) ((OID>>16)&0x0F) + +#define Is_ECC_BP(OID) (OID&0x40) + +#define RSP_FAIL (0xF1) +#define RSP_SUCCESS (0xA1) + + +#endif /*ISP_DEFINE_H_*/ + diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_aes_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_aes_securekey.h new file mode 100644 index 0000000..e8854e7 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_aes_securekey.h @@ -0,0 +1,30 @@ +/*! + * @file isp_driver_aes_securekey.h + * @brief Headerfile : isp driver for aes securekey + * @author jinsu.hyun + * @version v0.10 : 2016.7.25 Init + * @version v0.20 : 2016.7.29 support securekey + * @version v0.50 : 2016.8.13 Init. release version + * @version v0.90 : 2016.9.03 2nd. release version + */ + +#ifndef ISP_DRIVER_AES_SECUREKEY_H_ +#define ISP_DRIVER_AES_SECUREKEY_H_ + +#include "mb_cmd_aes_securekey.h" + +// security api + +int isp_aes_generate_key_securekey(unsigned int key_byte_len, unsigned int key_index); + +int isp_aes_encrypt_securekey(struct sAES_PARAM *aes_param, unsigned int index); +int isp_aes_decrypt_securekey(struct sAES_PARAM *aes_param, unsigned int index); + +int isp_aes_ecb_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index); +int isp_aes_cbc_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index); +int isp_aes_ctr_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index); +int isp_aes_xts_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index); +int isp_aes_ccm_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index); +int isp_aes_gcm_securekey(struct sAES_PARAM *aes_param, unsigned int enc, unsigned int key_index); + +#endif /* ISP_DRIVER_AES_SECUREKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_encryptedkey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_encryptedkey.h new file mode 100644 index 0000000..0163190 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_encryptedkey.h @@ -0,0 +1,20 @@ +/*! + * @file isp_driver_dh_encryptedkey.h + * @brief Headerfile : isp driver for dh encryptedkey + * @author jinsu.hyun + * @version v0.00 : 2017.01.19 Init. release version + */ + +#ifndef _ISP_DRIVER_DH_ENCRYPTEDKEY_H_ +#define _ISP_DRIVER_DH_ENCRYPTEDKEY_H_ + +#include "mb_cmd_dh_securekey.h" + +int isp_dh_generate_param_encryptedkey(struct sDH_PARAM *o_dh_param, unsigned char *encryptedkey); +int isp_dh_generate_keypair_userparam_encryptedkey(struct sDH_PARAM *i_dh_param, unsigned char *encryptedkey); +int isp_dh_generate_keypair_encryptedparam(struct sDH_PARAM *o_dh_param, unsigned char *encryptedkey); +int isp_dh_get_pubkey_encryptedparam(struct sDH_PARAM *o_dh_param, unsigned char *encryptedkey); +int isp_dh_compute_shared_secret_encryptedkey(unsigned char *shared_secret, unsigned int* shared_secret_byte_len, struct sDH_PARAM dh_publickey, unsigned char *encryptedkey); + + +#endif /* _ISP_DRIVER_DH_ENCRYPTEDKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_securekey.h new file mode 100644 index 0000000..7f4164f --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_dh_securekey.h @@ -0,0 +1,41 @@ +/*! + * @file isp_driver_dh_securekey.h + * @brief Headerfile : isp driver for dh securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef ISP_DRIVER_DH_SECUREKEY_H_ +#define ISP_DRIVER_DH_SECUREKEY_H_ + +#include "mb_cmd_dh_securekey.h" + + +int isp_dh_generate_param_securekey(struct sDH_PARAM *o_dh_param, unsigned int dh_param_index); +/* + * input fixed dh_param p + * output random generator g & key pair + */ + +int isp_dh_generate_keypair_secureparam(struct sDH_PARAM *o_dh_param, unsigned int key_index); +/* + * output dh_param p, g, pukey + */ + +//added +int isp_dh_generate_keypair_userparam_securestorage(struct sDH_PARAM *i_dh_param, unsigned int dh_param_index); +/* + * input dh_param p, g & output dh_param pukey + */ + + +int isp_dh_get_pubkey_securestorage(struct sDH_PARAM *o_dh_param, unsigned int key_index); +/* + * get public key from existing key pair from secure storage + */ + +int isp_dh_compute_shared_secret_securekey(unsigned char *shared_secret, unsigned int* shared_secret_byte_len, struct sDH_PARAM dh_publickey, unsigned int key_index); + + + +#endif /* ISP_DRIVER_DH_SECUREKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_encryptedkey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_encryptedkey.h new file mode 100644 index 0000000..e7ad72b --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_encryptedkey.h @@ -0,0 +1,17 @@ +/*! + * @file isp_driver_ecdh_encryptedkey.h + * @brief Headerfile : isp driver for ecdh encryptedkey + * @author jinsu.hyun + * @version v0.00 : 2017.01.19 Init. release version + */ + +#ifndef _ISP_DRIVER_ECDH_ENCRYPTEDKEY_H_ +#define _ISP_DRIVER_ECDH_ENCRYPTEDKEY_H_ + +#include "mb_cmd_ecdh_securekey.h" + +// ====================================== +// Function +// ====================================== +int isp_compute_ecdh_encryptedkey(unsigned char* shared_secret, unsigned int *shared_secret_byte_len, struct sECC_KEY ecc_publickey, unsigned char *encryptedkey); +#endif /* _ISP_DRIVER_ECDH_ENCRYPTEDKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_securekey.h new file mode 100644 index 0000000..31ed6ad --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdh_securekey.h @@ -0,0 +1,18 @@ +/*! + * @file isp_driver_ecdh_securekey.h + * @brief Headerfile : isp driver for ecdh securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef ISP_DRIVER_ECDH_SECUREKEY_H_ +#define ISP_DRIVER_ECDH_SECUREKEY_H_ + +#include "mb_cmd_ecdh_securekey.h" + +// ====================================== +// Function +// ====================================== +int isp_compute_ecdh_securekey(unsigned char* shared_secret, unsigned int *shared_secret_byte_len, struct sECC_KEY ecc_publickey, unsigned int key_index); + +#endif /* ISP_DRIVER_ECDH_SECUREKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_encryptedkey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_encryptedkey.h new file mode 100644 index 0000000..af7ef0f --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_encryptedkey.h @@ -0,0 +1,27 @@ +/*! + * @file isp_driver_ecdsa_encryptedkey.h + * @brief Headerfile : isp driver for ecdsa encryptedkey + * @author jinsu.hyun + * @version v0.00 : 2017.01.19 Init. release version + */ + +#ifndef _ISP_DRIVER_ECDSA_ENCRYPTEDKEY_H_ +#define _ISP_DRIVER_ECDSA_ENCRYPTEDKEY_H_ + +#include "mb_cmd_ecdsa_securekey.h" + +// ====================================== +// Function +// ====================================== + + +int isp_ecdsa_sign_encryptedkey(struct sECC_SIGN * signature, unsigned char * msg, unsigned int msg_byte_len, unsigned char *encryptedkey); +int isp_ecdsa_verify_encryptedkey(struct sECC_SIGN * signature, unsigned char * msg, unsigned int msg_byte_len, unsigned char *encryptedkey); + +int isp_ecdsa_sign_md_encryptedkey(struct sECC_SIGN * signature, unsigned char * msg_digest, unsigned int msg_digest_byte_len, unsigned char *encryptedkey); +int isp_ecdsa_verify_md_encryptedkey(struct sECC_SIGN * signature, unsigned char * msg_digest, unsigned int msg_digest_byte_len, unsigned char *encryptedkey); + +int isp_ecdsa_generate_key_encryptedkey(unsigned int object_id, unsigned char *encryptedkey); +int isp_ecdsa_get_publickey_encryptedkey(struct sECC_KEY *ecc_publickey, unsigned int object_id, unsigned char *encryptedkey); + +#endif /* _ISP_DRIVER_ECDSA_ENCRYPTEDKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_securekey.h new file mode 100644 index 0000000..90801a9 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_ecdsa_securekey.h @@ -0,0 +1,26 @@ +/*! + * @file isp_driver_ecdsa_securekey.h + * @brief Headerfile : isp driver for ecdsa securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + * @version v0.60 : 2016.12.23 Support sign/verify with msg_disgest + */ + +#ifndef ISP_DRIVER_ECDSA_SECUREKEY_H_ +#define ISP_DRIVER_ECDSA_SECUREKEY_H_ + +#include "mb_cmd_ecdsa_securekey.h" + +// ====================================== +// Function +// ====================================== +int isp_ecdsa_sign_securekey(struct sECC_SIGN * signature, unsigned char * msg, unsigned int msg_byte_len, unsigned int key_index); +int isp_ecdsa_verify_securekey(struct sECC_SIGN * signature, unsigned char * msg, unsigned int msg_byte_len, unsigned int key_index); + +int isp_ecdsa_sign_md_securekey(struct sECC_SIGN * signature, unsigned char * msg_digest, unsigned int msg_digest_byte_len, unsigned int key_index); +int isp_ecdsa_verify_md_securekey(struct sECC_SIGN * signature, unsigned char * msg_digest, unsigned int msg_digest_byte_len, unsigned int key_index); + +int isp_ecdsa_generate_key_securekey(unsigned int key_index, unsigned int object_id); +int isp_ecdsa_get_publickey_securekey(struct sECC_KEY *ecc_publickey, unsigned int key_index, unsigned int object_id); + +#endif /* ISP_DRIVER_ECDSA_SECUREKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_encryptedkey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_encryptedkey.h new file mode 100644 index 0000000..262e6b1 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_encryptedkey.h @@ -0,0 +1,20 @@ +/*! + * @file isp_driver_encryptedkey.h + * @brief Headerfile : isp driver for setting encryptedkey + * @author jinsu.hyun + * @version v0.00 : 2017.01.19 Init. release version + */ + +#ifndef _ISP_DRIVER_ENCRYPTEDKEY_H_ +#define _ISP_DRIVER_ENCRYPTEDKEY_H_ + + +// ====================================== +// Function +// ====================================== + +int isp_set_encryptedkey(unsigned char *key, unsigned int key_byte_len, unsigned int key_type, unsigned char *encryptedkey); +int isp_get_encryptedkey(unsigned int *object_id, unsigned int key_type, unsigned char *encryptedkey); +int isp_set_genkey_encryptedkey(unsigned int key_type, unsigned char *encryptedkey); + +#endif /* _ISP_DRIVER_ENCRYPTEDKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_error.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_error.h new file mode 100644 index 0000000..b6f6ec3 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_error.h @@ -0,0 +1,160 @@ +/*! + * @file isp_driver_error.h + * @brief Headerfile : isp driver for error messages + * @author jinsu.hyun + * @version v0.01 : 2015.7.7 + * @version v0.10 : 2016.7.15 pre-beta release + * @version v0.50 : 2016.8.13 Init. release version + * @version v1.00 : 2016.9.27 release version v1.0 + */ + + +#ifndef ISP_DRIVER_ERROR_H_ +#define ISP_DRIVER_ERROR_H_ + +// AES +#define ERROR_AES_INVALID_BLOCK_LEN (0x000133D1) +#define ERROR_AES_INVALID_RSP_BLOCK_LEN (0x000233D1) +#define ERROR_AES_INVALID_MSG_LEN (0x000333D1) +#define ERROR_AES_INVALID_MODE (0x000433D1) +#define ERROR_AES_INVALID_KEY_LEN (0x000533D1) +#define ERROR_AES_INVALID_AAD_LEN (0x000633D1) +#define ERROR_AES_INVALID_IV_LEN (0x000733D1) +#define ERROR_AES_INVALID_INDEX (0x000833D1) +#define ERROR_AES_INVALID_TAG_LEN (0x000933D1) + +// Hash +#define ERROR_HASH_INVALID_MODE (0x000131D1) +#define ERROR_HASH_INVALID_BLOCK_LEN (0x000231D1) +#define ERROR_HASH_INVALID_MSG_LEN (0x000331D1) + +// HMAC +#define ERROR_HMAC_INVALID_MODE (0x000132D1) +#define ERROR_HMAC_INVALID_KEY_LEN (0x000232D1) +#define ERROR_HMAC_INVALID_BLOCK_LEN (0x000332D1) +#define ERROR_HMAC_INVALID_INDEX (0x000432D1) +#define ERROR_HMAC_INVALID_RSP_BLOCK_LEN (0x000532D1) + +// DH +#define ERROR_DH_INVALID_PRIME_LEN (0x000125D1) +#define ERROR_DH_INVALID_PUBKEY_LEN (0x000225D1) +#define ERROR_DH_INVALID_GENERATOR_LEN (0x000325D1) +#define ERROR_DH_INVALID_PRIME (0x000425D1) +#define ERROR_DH_INVALID_PUBKEY (0x000525D1) +#define ERROR_DH_INVALID_GENERATOR (0x000625D1) + + +// ECDSA +#define ERROR_ECDSA_INVALID_MSG_LEN (0x000111D1) +#define ERROR_ECDSA_INVALID_SIGNATURE_LEN (0x000311D1) +#define ERROR_ECDH_INVALID_PUBKEY_LEN (0x000411D1) +#define ERROR_ECDH_INVALID_PUBKEY (0x000511D1) + +// RSA +#define ERROR_RSA_INVALID_CIPHER_LEN (0x000151D1) +#define ERROR_RSA_INVALID_MSG_LEN (0x000251D1) +#define ERROR_RSA_INVALID_SIGN_LEN (0x000351D1) +#define ERROR_RSA_INVALID_PUKEY (0x000551D1) +#define ERROR_RSA_INVALID_PAD_SELECTION (0x000451D1) + + +// RNG +#define ERROR_RNG_INVALID_RANDOM_REQUEST (0x000161D1) + +// Common +#define ERROR_SSKeyID_InputID_MISSMATCH (0x000171D1) +#define ERROR_INVALID_OID (0x000271D1) + +// Secure Storage +#define ERROR_SSTORAGE_INVALID_SLOT_INDEX (0x00F1A1D1) +#define ERROR_SSTORAGE_INVALID_DATA_LEN (0x00F2A1D1) +#define ERROR_SSTORAGE_INVALID_TYPE (0x00F3A1D1) +#define ERROR_SSTORAGE_DATA_INVALID_DATA_LEN (0x0002A1D1) +#define ERROR_SSTORAGE_CERT_INVALID_DATA_LEN (0x0003A2D1) +#define ERROR_SSTORAGE_KEY_INVALID_DATA_LEN (0x0004A3D1) +#define ERROR_SSTORAGE_KEY_INVALID_KEY_LEN (0x0005A3D1) +#define ERROR_SSTORAGE_KEY_INVALID_KEY_TYPE (0x0006A3D1) +#define ERROR_SSTORAGE_FACTORYKEY_PBKEY_INVALID_DATA_LEN (0x0007A2D1) +#define ERROR_SSTORAGE_QSPI_WRITE (0x0008A2D1) +#define ERROR_SSTORAGE_SFS_FOPEN (0x0009A2D1) +#define ERROR_SSTORAGE_SFS_FSEEK (0x000AA2D1) +#define ERROR_SSTORAGE_SFS_FREAD (0x000BA2D1) +#define ERROR_SSTORAGE_SFS_FWRITE (0x000CA2D1) +// System Function +#define ERROR_SYSTEM_INVALID_DATA_LEN (0x000201D1) +#define ERROR_SYSTEM_MAILBOX_BUSY (0x000100D1) + + + +// Error from FW +#define FW_ERROR_ISP_INVALID_FUNCID00 (0x801000F1) +#define FW_ERROR_ISP_INVALID_FUNCID01 (0x801100F1) +#define FW_ERROR_ISP_INVALID_FUNCID02 (0x801200F1) +#define FW_ERROR_ISP_INVALID_FUNCID03 (0x801300F1) +#define FW_ERROR_ISP_INVALID_DATASIZE (0x801400F1) +#define FW_ERROR_ISP_FW_BODYSIZE (0x801500F1) +#define FW_ERROR_ISP_FW_ROLLBACK_CNT (0x801600F1) +#define FW_ERROR_ISP_FW_INVALID_PUBLICKEY (0x801700F1) +#define FW_ERROR_ISP_RESTORE_INTEGRITY_FAIL (0x801800F1) +#define FW_ERROR_ISP_IP_BUSY (0x801900F1) +#define FW_ERROR_ISP_SRAM_CMD_NOT_SUPPORTED (0x801A00F1) + +#define FW_ERROR_INVALID_FUNCTION (0x000100f1) +#define FW_ERROR_FW_VERIFY (0x001400f1) +#define FW_ERROR_RESTORE_FAIL (0x001800f1) +#define FW_ERROR_IP_BUSY (0x001900f1) +#define FW_ERROR_INVALID_OID (0x003000f1) +#define FW_ERROR_INVALID_INPUT (0x003400f1) +#define FW_ERROR_INPUT_SETTING (0x004000f1) +#define FW_ERROR_PRNG (0x005000f1) +#define FW_FAIL_INVALID_SIGNATURE (0x006000f1) +#define FW_FAIL_INFINITY_POINT (0x006100f1) +#define FW_FAIL_NOT_ON_ECC_CURVE (0x006200f1) + +// SRAM error +#define FW_ERROR_INVALID_EXEC_ORDER (0x80AF00F1) +#define FW_ERROR_OVER_VALID_RSA_MSGLEN (0x803500F1) +#define FW_ERROR_INVALID_RSA_MODLEN (0x803600F1) +#define FW_ERROR_Input_Public_is_not_odd (0x803700F1) +#define FW_ERROR_OVER_VALID_RSA_Saltlen (0x803800F1) +#define FW_ERROR_NO_PUKEY (0x803900F1) +#define FW_FAIL_OVER_MR_TRIALS (0x805600F1) +#define FW_FAIL_OVER_DH_RETRIALS (0x805600F1) +#define FW_FAIL_OVER_ECC_RETRIALS (0x805600F1) +#define FW_FAIL_NO_OUTPUT_KEY (0x805700F1) +#define FW_FAIL_OVER_GEN_RETRIALS (0x805800F1) +#define FW_ERROR_INVALID_RSASIGNATURE_0xBC (0x806400F1) +#define FW_ERROR_INVALID_RSASIGNATURE_lsb (0x806500F1) +#define FW_ERROR_INVALID_RSANONZERO_PS (0x806600F1) +#define FW_ERROR_INVALID_RSADB_SPLITTER (0x806700F1) +#define FW_ERROR_INVALID_SIGNATURE_BLEN (0x806800F1) +#define FW_ERROR_INVALID_CIPHER (0x806900F1) +#define FW_ERROR_INVALID_SEQUENCE (0x80ff00F1) +#define FW_ERROR_DER2INT_PARSE (0x80fe00F1) +#define FW_ERROR_AES_INVALID_KEYSEL (0x80D000F1) +#define FW_ERROR_AES_INVALID_KEY_LEN (0x80D100F1) +#define FW_ERROR_AES_INVALID_DIR_MODE (0x80D200F1) +#define FW_ERROR_AES_INVLIAD_SWAP (0x80D300F1) +#define FW_ERROR_AES_INVALID_MODE (0x80D400F1) +#define FW_ERROR_AES_INVALID_TAG (0x80D500F1) +#define FW_ERROR_AES_INVALID_BLOCK_LEN (0x80D600F1) +#define FW_ERROR_AES_KM_BUSY (0x80D700F1) +#define FW_ERROR_AES_KM_INIT (0x80D800F1) +#define FW_ERROR_SSTORAGE_DATA_INVALID_SLOT_INDEX (0x80E100F1) +#define FW_ERROR_SSTORAGE_CERT_INVALID_SLOT_INDEX (0x80E200F1) +#define FW_ERROR_SSTORAGE_KEY_INVALID_KEY_LEN (0x80E300F1) +#define FW_ERROR_SSTORAGE_KEY_INVALID_MODE (0x80E400F1) +#define FW_ERROR_SSTORAGE_INVALID_DATA_TYPE (0x80E500F1) +#define FW_ERROR_SSTORAGE_KEY_INVALID_KEYTYPE (0x80E600F1) +#define FW_ERROR_SSTORAGE_KEY_INVALID_SLOT_INDEX (0x80E700F1) +#define FW_ERROR_SSTORAGE_FACTORYKEY_INVALID_HMAC (0x80E800F1) +#define FW_ERROR_SSTORAGE_FACTORYKEY_INVALID_ENCODING (0x80E900F1) +#define FW_ERROR_SSTORAGE_FACTORYKEY_INVALID_KEYTYPE (0x80EA00F1) +#define FW_ERROR_RNG_INVALID_LEN (0x80f100F1) +#define FW_ERROR_KEYGEN_INVALID_KEYLEN (0x80f200F1) +#define FW_ERROR_PKA_IP_BUSY (0x80B100F1) +#define FW_ERROR_HASH_IP_BUSY (0x80B200F1) +#define FW_ERROR_PRNG_IP_BUSY (0x80B300F1) + + +#endif /* ISP_DRIVER_ERROR_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_flash.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_flash.h new file mode 100644 index 0000000..dde7ed8 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_flash.h @@ -0,0 +1,26 @@ +/*! + * @file isp_driver_flash.h + * @brief Headerfile : isp driver for flash memory + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef DRIVER_FLASH_H_ +#define DRIVER_FLASH_H_ + +#ifndef SSS_POR +#define SSS_POR +#endif + +#if defined(SSS_POR) +int SFS_Secure_Write_POR(const char *file_name, unsigned char *src_addr, unsigned int byte_len); +int SFS_Secure_Read_POR(const char *file_name, unsigned char *dst_addr, unsigned int byte_len); + +#else +int SFS_Secure_Read(const char *file_name, unsigned int dst_addr, unsigned int *byte_len); +int SFS_Secure_Write(const char *file_name, unsigned int dst_addr, unsigned int byte_len); + +#endif /* SSS_POR */ + +#endif /* DRIVER_FLASH_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_hash.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_hash.h new file mode 100644 index 0000000..4400589 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_hash.h @@ -0,0 +1,22 @@ +/*! + * @file isp_driver_hash.h + * @brief Headerfile : isp driver for hash + * @author jinsu.hyun + * @version v0.01 : 2015.7.7 + * @version v0.10 : 2016.7.15 pre-beta release + * @version v0.20 : 2016.7.22 support msg struct + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef ISP_DRIVER_HASH_H_ +#define ISP_DRIVER_HASH_H_ + +#include "mb_cmd_hash.h" + +// ====================================== +// Function +// ====================================== +int isp_hash(unsigned char * hash, struct sHASH_MSG * hash_msg, unsigned int object_id); + +#endif /* ISP_DRIVER_HASH_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_hmac_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_hmac_securekey.h new file mode 100644 index 0000000..9f3299a --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_hmac_securekey.h @@ -0,0 +1,20 @@ +/*! + * @file isp_driver_hmac_securekey.h + * @brief Headerfile : isp driver for hmac securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef ISP_DRIVER_HMAC_SECUREKEY_H_ +#define ISP_DRIVER_HMAC_SECUREKEY_H_ + +#include "mb_cmd_hmac_securekey.h" + +// ====================================== +// Function +// ====================================== +int isp_hmac_generate_key_securekey(unsigned int key_byte_len, unsigned int key_index); + +int isp_hmac_securekey(unsigned char * mac, struct sHMAC_MSG * hmac_msg, unsigned int object_id, unsigned int key_index); + +#endif /* ISP_DRIVER_HMAC_SECUREKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_rng.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_rng.h new file mode 100644 index 0000000..bc21cdd --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_rng.h @@ -0,0 +1,18 @@ +/*! + * @file isp_driver_rng.h + * @brief Headerfile : isp driver for rng + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef ISP_DRIVER_RNG_H_ +#define ISP_DRIVER_RNG_H_ + +#include "mb_cmd_rng.h" + +// ====================================== +// Function +// ====================================== +int isp_generate_random(unsigned int *random, unsigned int word_len); + +#endif /* ISP_DRIVER_RNG_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_rsa_securekey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_rsa_securekey.h new file mode 100644 index 0000000..485a46a --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_rsa_securekey.h @@ -0,0 +1,29 @@ +/*! + * @file isp_driver_rsa_securekey.h + * @brief Headerfile : isp driver for rsa securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + * @version v1.00 : 2016.12.23 Support sign/verify with msg_disgest + */ + +#ifndef ISP_DRIVER_RSA_SECUREKEY_H_ +#define ISP_DRIVER_RSA_SECUREKEY_H_ + +#include "mb_cmd_rsa_securekey.h" + +// ====================================== +// Function +// ====================================== +int isp_rsa_encrypt_securekey(unsigned char *output, unsigned int *output_byte_len, unsigned char *input, unsigned int input_byte_len, unsigned int key_index); +int isp_rsa_decrypt_securekey(unsigned char *output, unsigned int *output_byte_len, unsigned char * input, unsigned int input_byte_len, unsigned int key_index); + +int isp_rsa_sign_securekey(struct sRSA_SIGN *rsa_sign, unsigned char *msg, unsigned int msg_byte_len, unsigned int key_index); +int isp_rsa_verify_securekey(struct sRSA_SIGN *rsa_sign, unsigned char *msg, unsigned int msg_byte_len, unsigned int key_index); + +int isp_rsa_sign_md_securekey(struct sRSA_SIGN *rsa_sign, unsigned char *msg_digest, unsigned int msg_digest_byte_len, unsigned int key_index); +int isp_rsa_verify_md_securekey(struct sRSA_SIGN *rsa_sign, unsigned char *msg_digest, unsigned int msg_digest_byte_len, unsigned int key_index); + +int isp_rsa_generate_key_securekey(unsigned key_index, unsigned object_id, unsigned int pukey_e); +int isp_rsa_get_pukey_securekey(struct sRSA_KEY *rsa_key, unsigned object_id, unsigned key_index); + +#endif /* ISP_DRIVER_RSA_SECUREKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage.h new file mode 100644 index 0000000..47058e0 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage.h @@ -0,0 +1,56 @@ +/*! + * @file isp_driver_secure_storage.h + * @brief Headerfile : isp driver for secure storage + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + * @version v0.60 : 2016.12.13 Add for secure_storage_map function + */ + +#ifndef ISP_DRIVER_SECURE_STORAGE_H_ +#define ISP_DRIVER_SECURE_STORAGE_H_ + +// ====================================== +// Struct +// ====================================== +//! @struct SECURE_STORAGE_MAP +//! @brief struct of secure storage parameter +struct SECURE_STORAGE_MAP { + unsigned int offset; + unsigned int index_max; + unsigned int key_byte_len_max; + unsigned int slot_byte_len; + unsigned int type; +}; + +#define KEY_PATH_BASE "/mnt" +//#define KEY_PATH_BASE "/mnt/sss" + +#define SECURE_STORAGE_TYPE_FACTORYKEY_KEY (0x00) +#define SECURE_STORAGE_TYPE_FACTORYKEY_DATA (0x01) + +#define SECURE_STORAGE_TYPE_KEY_AES (0x0A) +#define SECURE_STORAGE_TYPE_KEY_HMAC (0x0B) +#define SECURE_STORAGE_TYPE_KEY_RSA (0x0C) +#define SECURE_STORAGE_TYPE_KEY_DH (0x0D) +#define SECURE_STORAGE_TYPE_KEY_ECC (0x0E) +#define SECURE_STORAGE_TYPE_DATA (0x10) +#define SECURE_STORAGE_TYPE_CERT (0x11) + +#define FACTORYKEY_ARTIK_PSK (0x80000100) +#define FACTORYKEY_ARTIK_DEVICE (0x00010120) +#define FACTORYKEY_ARTIK_CERT (0x00010122) +#define FACTORYKEY_DA_CA (0x00081110) +#define FACTORYKEY_DA_DEVICE (0x00081210) +#define FACTORYKEY_DA_PBKEY (0x00081211) +#define FACTORYKEY_IOTIVITY_ECC (0x00011120) +#define FACTORYKEY_IOTIVITY_ECC_CERT (0x00011122) +#define FACTORYKEY_IOTIVITY_SUB_CA_CERT (0x00011222) + +// ====================================== +// Function +// ====================================== +int read_secure_storage(unsigned int type, unsigned int index, unsigned int data_offset, unsigned int src_addr, unsigned int byte_len); +int write_secure_storage(unsigned int type, unsigned int index, unsigned int data_offset, unsigned int src_addr, unsigned int byte_len); +int secure_storage_map(unsigned int type, struct SECURE_STORAGE_MAP *map); + +#endif /* ISP_DRIVER_SECURE_STORAGE_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_cert.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_cert.h new file mode 100644 index 0000000..782aae7 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_cert.h @@ -0,0 +1,17 @@ +/*! + * @file isp_driver_secure_storage_cert.h + * @brief Headerfile : isp driver for secure storage cert + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef ISP_DRIVER_SECURE_STORAGE_CERT_H_ +#define ISP_DRIVER_SECURE_STORAGE_CERT_H_ + + +#include "mb_cmd_secure_storage_cert.h" + +int isp_read_cert(unsigned char *cert, unsigned int *cert_byte_len, unsigned int index); +int isp_write_cert(unsigned char *cert, unsigned int cert_byte_len, unsigned int index); + +#endif /* ISP_DRIVER_SECURE_STORAGE_CERT_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_data.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_data.h new file mode 100644 index 0000000..f3be842 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_data.h @@ -0,0 +1,19 @@ +/*! + * @file isp_driver_secure_storage_data.h + * @brief Headerfile : isp driver for secure storage data + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef ISP_DRIVER_SECURE_STORAGE_DATA_H_ +#define ISP_DRIVER_SECURE_STORAGE_DATA_H_ + +#include "mb_cmd_secure_storage_data.h" + +// ====================================== +// Function +// ====================================== +int isp_read_storage(unsigned char *data, unsigned int *data_byte_len, unsigned int index); +int isp_write_storage(unsigned char *data, unsigned int data_byte_len, unsigned int index); + +#endif /* ISP_DRIVER_SECURE_STORAGE_DATA_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_factorykey.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_factorykey.h new file mode 100644 index 0000000..2d53741 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_factorykey.h @@ -0,0 +1,23 @@ +/*! + * @file isp_driver_secure_storage_factorykey.h + * @brief Headerfile : isp driver for secure storage factorykey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + * @version v0.60 : 2016.12.29 Merge function to isp_set/get_factorykey_data, Support new Factorykey + */ + +#ifndef ISP_DRIVER_SECURE_STORAGE_FACTORYKEY_H_ +#define ISP_DRIVER_SECURE_STORAGE_FACTORYKEY_H_ + +#include "mb_cmd_hmac_securekey.h" +#include "mb_cmd_secure_storage_factorykey.h" + +// ====================================== +// Function +// ====================================== +int isp_set_factorykey(unsigned char * factorykey); + +int isp_set_factorykey_data(unsigned char *data, unsigned int data_byte_len, unsigned int key_id); +int isp_get_factorykey_data(unsigned char *data, unsigned int *data_byte_len, unsigned int key_id); + +#endif /* ISP_DRIVER_SECURE_STORAGE_FACTORYKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_key.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_key.h new file mode 100644 index 0000000..6848566 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_secure_storage_key.h @@ -0,0 +1,21 @@ +/*! + * @file isp_driver_secure_storage_key.h + * @brief Headerfile : isp driver for secure storage key + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef ISP_DRIVER_SECURE_STORAGE_KEY_H_ +#define ISP_DRIVER_SECURE_STORAGE_KEY_H_ + +#include "mb_cmd_secure_storage_key.h" + +// ====================================== +// Function +// ====================================== +int isp_set_securekey(unsigned char *key, unsigned int key_byte_len, unsigned int key_type, unsigned int index); +int isp_get_securekey(unsigned int *object_id, unsigned int key_type, unsigned int index); +int isp_remove_key(unsigned int key_type, unsigned int key_index); +int isp_set_genkey_securekey(unsigned int key_type, unsigned int index); + +#endif /* ISP_DRIVER_SECURE_STORAGE_KEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_driver_system.h b/os/arch/arm/src/s5j/soc/sss/isp_driver_system.h new file mode 100644 index 0000000..b672a62 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_driver_system.h @@ -0,0 +1,20 @@ +/*! + * @file isp_driver_system.h + * @brief Headerfile : isp driver for system + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef DRIVER_ISP_DRIVER_SYSTEM_H_ +#define DRIVER_ISP_DRIVER_SYSTEM_H_ + +#include "mb_cmd_system.h" + +// ====================================== +// Function +// ====================================== +int isp_get_status(void); +int isp_get_info(unsigned int *version); +int isp_clear(unsigned int type); + +#endif /* DRIVER_ISP_DRIVER_SYSTEM_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_oid.h b/os/arch/arm/src/s5j/soc/sss/isp_oid.h new file mode 100644 index 0000000..acae821 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_oid.h @@ -0,0 +1,75 @@ +/*! + * @file isp_oid.h + * @brief Headerfile : definitions for oid + * @author kiseok.bae + * @version v0.90 : 2016.9.29 initial + * + */ + +#ifndef ISP_OID_H_ +#define ISP_OID_H_ + + +/* + * OID LIST + */ +#define OIDMAX_HMAC (4) +#define OID_HMAC_SHA1_160 (0x00011100) +#define OID_HMAC_SHA2_256 (0x00012300) +#define OID_HMAC_SHA2_384 (0x00012400) +#define OID_HMAC_SHA2_512 (0x00012500) + +#define OIDMAX_HASH (8) +#define OID_SHA1_160 (0x00001100) +#define OID_SHA2_256 (0x00002300) +#define OID_SHA2_384 (0x00002400) +#define OID_SHA2_512 (0x00002500) +#define OID_SHA3_224 (0x00003200) +#define OID_SHA3_256 (0x00003300) +#define OID_SHA3_384 (0x00003400) +#define OID_SHA3_512 (0x00003500) + +#define OIDMAX_DH (2) +#define OID_DH_1024 (0x00001191) +#define OID_DH_2048 (0x00002392) + +#define OIDMAX_ECC (6) +#define OID_ECC_P192 (0x00000011) +#define OID_ECC_P224 (0x00000012) +#define OID_ECC_P256 (0x00000013) +#define OID_ECC_P384 (0x00000014) +#define OID_ECC_P521 (0x00000015) +#define OID_ECC_BP256 (0x00000053) + +#define OIDMAX_RSA (2) +#define OID_RSA_1024 (0x000000B1) +#define OID_RSA_2048 (0x000000B2) + +#define OIDMAX_ECDSA (24) +#define OID_ECDSA_BP256_SHA1_160 ( OID_ECC_BP256|OID_SHA1_160 ) +#define OID_ECDSA_BP256_SHA2_256 ( OID_ECC_BP256|OID_SHA2_256 ) +#define OID_ECDSA_BP256_SHA2_384 ( OID_ECC_BP256|OID_SHA2_384 ) +#define OID_ECDSA_BP256_SHA2_512 ( OID_ECC_BP256|OID_SHA2_512 ) + +#define OID_ECDSA_P192_SHA1_160 ( OID_ECC_P192|OID_SHA1_160 ) +#define OID_ECDSA_P192_SHA2_256 ( OID_ECC_P192|OID_SHA2_256 ) +#define OID_ECDSA_P192_SHA2_384 ( OID_ECC_P192|OID_SHA2_384 ) +#define OID_ECDSA_P192_SHA2_512 ( OID_ECC_P192|OID_SHA2_512 ) +#define OID_ECDSA_P224_SHA1_160 ( OID_ECC_P224|OID_SHA1_160 ) +#define OID_ECDSA_P224_SHA2_256 ( OID_ECC_P224|OID_SHA2_256 ) +#define OID_ECDSA_P224_SHA2_384 ( OID_ECC_P224|OID_SHA2_384 ) +#define OID_ECDSA_P224_SHA2_512 ( OID_ECC_P224|OID_SHA2_512 ) +#define OID_ECDSA_P256_SHA1_160 ( OID_ECC_P256|OID_SHA1_160 ) +#define OID_ECDSA_P256_SHA2_256 ( OID_ECC_P256|OID_SHA2_256 ) +#define OID_ECDSA_P256_SHA2_384 ( OID_ECC_P256|OID_SHA2_384 ) +#define OID_ECDSA_P256_SHA2_512 ( OID_ECC_P256|OID_SHA2_512 ) +#define OID_ECDSA_P384_SHA1_160 ( OID_ECC_P384|OID_SHA1_160 ) +#define OID_ECDSA_P384_SHA2_256 ( OID_ECC_P384|OID_SHA2_256 ) +#define OID_ECDSA_P384_SHA2_384 ( OID_ECC_P384|OID_SHA2_384 ) +#define OID_ECDSA_P384_SHA2_512 ( OID_ECC_P384|OID_SHA2_512 ) +#define OID_ECDSA_P521_SHA1_160 ( OID_ECC_P521|OID_SHA1_160 ) +#define OID_ECDSA_P521_SHA2_256 ( OID_ECC_P521|OID_SHA2_256 ) +#define OID_ECDSA_P521_SHA2_384 ( OID_ECC_P521|OID_SHA2_384 ) +#define OID_ECDSA_P521_SHA2_512 ( OID_ECC_P521|OID_SHA2_512 ) + +#endif /*ISP_OID_H_*/ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_sss_map.h b/os/arch/arm/src/s5j/soc/sss/isp_sss_map.h new file mode 100644 index 0000000..0a87cbd --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_sss_map.h @@ -0,0 +1,39 @@ +/*! + * @file isp_sss_map.h + * @brief Headerfile : sss sfr address map for isp + * @author jinsu.hyun + * @version v0.01 : 2016.7.7 + * @version v0.10 : 2016.7.15 pre-beta release + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef ISP_SSS_MAP_H_ +#define ISP_SSS_MAP_H_ + +#define MB_STATUS (*(volatile u32 *)(MB_REG_BASE + 0x0000)) + +#ifdef CONFIG_S5J_SILICON + #define MB_REG_BASE (0x800E0000) + #define MB_CM0_HRESET (*(volatile u32 *)(MB_REG_BASE + 0x0004)) + #define MB_CM0_SRAM_ACC_CON (*(volatile u32 *)(MB_REG_BASE + 0x0008)) + #define MB_CM0_DBGCON (*(volatile u32 *)(MB_REG_BASE + 0x0034)) +#else +#define MB_REG_BASE (0x70020000) +#endif + +#define CTRL_FIELD_BASE (MB_REG_BASE + 0x0100) +#define DATA_FIELD_BASE (MB_REG_BASE + 0x0110) + +#define CTRL_FIELD_ADDR(val) (CTRL_FIELD_BASE+(val<<2)) +#define DATA_FIELD_ADDR(val) (DATA_FIELD_BASE+(val<<2)) + +#define CTRL_FIELD(val) (*(volatile u32 *)(CTRL_FIELD_ADDR(val))) +#define DATA_FIELD(val) (*(volatile u32 *)(DATA_FIELD_ADDR(val))) + +#define ISP_DATA_FIELD_SET(index, value) DATA_FIELD(index) = value +#define ISP_DATA_FIELD_GET(index, value) value = DATA_FIELD(index) +#define ISP_CTRL_FIELD_SET(index, value) CTRL_FIELD(index) = value +#define ISP_CTRL_FIELD_GET(index, value) value = CTRL_FIELD(index) + + +#endif /* ISP_SSS_MAP_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_type.h b/os/arch/arm/src/s5j/soc/sss/isp_type.h new file mode 100644 index 0000000..f78372f --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_type.h @@ -0,0 +1,70 @@ +/*! + * @file isp_type.h + * @brief Headerfile : types for ISP + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +//! @defgroup SECURITY_ISP api for isp driver +//! @defgroup SECURITY_ISP_MAILBOX api for mailbox interface to ISP + +#ifndef ISP_TYPE_H_ +#define ISP_TYPE_H_ + +#ifndef CONFIG_S5J_SILICON +#define CONFIG_S5J_SILICON +#endif + +/********** types **********/ + +typedef unsigned int u32; +typedef signed int s32; +typedef unsigned char u8; +typedef signed char s8; + + +/********** Macro Function for SFR access **********/ +#define BIT(nbit) (0x1u << (nbit)) + +#define SFR_BIT_CLR(val, bit) ((val) &= (~(bit))) ///> 0)); \ + ((u8 *)(buf))[2] = ((u8)((dword) >> 8)); \ + ((u8 *)(buf))[1] = ((u8)((dword) >> 16)); \ + ((u8 *)(buf))[0] = ((u8)((dword) >> 24)); +#define GET_DWORD_FROM_BBUF(buf) \ + (u32)( \ + ((((u8 *)(buf))[3]) << 0) | \ + ((((u8 *)(buf))[2]) << 8) | \ + ((((u8 *)(buf))[1]) << 16) | \ + ((((u8 *)(buf))[0]) << 24)) + +#define SWAP32(val) \ + (u32)( \ + (((val) & 0xff) << 24) | \ + (((val) & 0xff00) << 8) | \ + (((val) & 0xff0000) >> 8) | \ + (((val) & 0xff000000) >> 24) \ + ) + +#define CEIL_BY_WORD(val) (val&0x3) ? (1+(val>>2)) : (val>>2) +#define CEIL_BY_16BYTE(val) (val&0xF) ? ((val&0xFFFFFFF0)+0x10) : (val) + +/********** Defines **********/ +#define SUCCESS (0x00) +#define FAIL (0x01) + +#ifndef NULL +#define NULL ((void *) 0) +#endif + + +#endif /* ISP_TYPE_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/isp_util.h b/os/arch/arm/src/s5j/soc/sss/isp_util.h new file mode 100644 index 0000000..654e52c --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/isp_util.h @@ -0,0 +1,41 @@ +/*! + * @file isp_util.h + * @brief Headerfile : util functions to support memset, memcpy, memcmp + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ +#ifndef ISP_UTIL_H_ +#define ISP_UTIL_H_ + +#include "isp_type.h" + +// ====================================== +// Function +// ====================================== +int _isp_memcpy_u32_4PKA(u32* pu32Dst, u32* pu32Src, u32 u32Size); +int _isp_memset_u32(u32* pu32Dst, u32 u32Src, u32 u32Size); +int _isp_memcpy_u32(u32* pu32Dst, u32* pu32Src, u32 u32Size); +int _isp_memcmp_u32(const u32* pu32Src1, const u32* pu32Src2, u32 u32Size); + +int _isp_memxor_u32(u32* pu32Dst, u32* pu32Src1, u32* pu32Src2, u32 u32Size); +int _isp_memcpy_u32_4PKA_Swap(u32* pu32Dst, u32* pu32Src, u32 u32Size, int u32Swap); +int _isp_memcpy_swap_u32(u32* pu32Dst, u32* pu32Src, u32 u32Size); + +int _isp_memset_u8(u8* pu8Dst, u8 u8Src, u32 u32Size); +int _isp_memcpy_u8(u8* pu8Dst, u8* pu8Src, u32 u32Size); +int _isp_memcmp_u8(const u8* pu8Src1, const u8* pu8Src2, u32 u32Size); + +int _isp_memcpy_mailbox(u32* pu32Dst, u32* pu32Src, u32 u32Size_byte_len); +int _isp_memcpy_mailbox_swap(u32* pu32Dst, u32* pu32Src, u32 u32Size_byte_len); + +int _isp_check_oid(u32 inputoid, u32 algorithm); +int _isp_is_zero(const u32* pu32Src, u32 u32Size); + +#define ISP_HMAC (0x001) +#define ISP_HASH (0x002) +#define ISP_DH (0x003) +#define ISP_ECDH (0x004) +#define ISP_RSA (0x005) +#define ISP_ECDSA (0x006) + +#endif /* ISP_UTIL_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/libispdriver.a b/os/arch/arm/src/s5j/soc/sss/libispdriver.a new file mode 100644 index 0000000..8544906 Binary files /dev/null and b/os/arch/arm/src/s5j/soc/sss/libispdriver.a differ diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes.h new file mode 100644 index 0000000..26723cc --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes.h @@ -0,0 +1,77 @@ +/*! + * @file mb_cmd_aes.h + * @brief Headerfile : mailbox api for aes + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef MB_CMD_AES_H_ +#define MB_CMD_AES_H_ + + +#define AES_ENCTYPT (0x00) +#define AES_DECRYPT (0x01) + +// Key Size field +#define AESKEY_128 (0x10) +#define AESKEY_192 (0x18) +#define AESKEY_256 (0x20) + +// Mode +#define AES_ECB_MODE (0x0008) +#define AES_CBC_MODE (0x0108) +#define AES_CTR_MODE (0x0208) +#define AES_XTS_MODE (0x0308) +#define AES_CCM_MODE (0x1008) +#define AES_GCM_MODE (0x1108) +#define AES_KW_MODE (0x1208) + +#define AES_128_ECB ((AESKEY_128<<16)|(AES_ECB)) // 0x00001008 +#define AES_192_ECB ((AESKEY_192<<16)|(AES_ECB)) // 0x00001808 +#define AES_256_ECB ((AESKEY_256<<16)|(AES_ECB)) // 0x00002008 +#define AES_128_CBC ((AESKEY_128<<16)|(AES_CBC)) // 0x00101008 +#define AES_192_CBC ((AESKEY_192<<16)|(AES_CBC)) // 0x00101808 +#define AES_256_CBC ((AESKEY_256<<16)|(AES_CBC)) // 0x00102008 +#define AES_128_CTR ((AESKEY_128<<16)|(AES_CTR)) // 0x00201008 +#define AES_192_CTR ((AESKEY_192<<16)|(AES_CTR)) // 0x00201808 +#define AES_256_CTR ((AESKEY_256<<16)|(AES_CTR)) // 0x00202008 +#define AES_128_XTS ((AESKEY_128<<16)|(AES_XTS)) // 0x00301008 +// No AES_192_XTS +#define AES_256_XTS ((AESKEY_256<<16)|(AES_XTS)) // 0x00302008 +#define AES_128_CCM ((AESKEY_128<<16)|(AES_CCM)) // 0x01001008 +#define AES_192_CCM ((AESKEY_192<<16)|(AES_CCM)) // 0x01001808 +#define AES_256_CCM ((AESKEY_256<<16)|(AES_CCM)) // 0x01002008 +#define AES_128_GCM ((AESKEY_128<<16)|(AES_GCM)) // 0x01101008 +#define AES_192_GCM ((AESKEY_192<<16)|(AES_GCM)) // 0x01101808 +#define AES_256_GCM ((AESKEY_256<<16)|(AES_GCM)) // 0x01102008 + +#define MAX_MB_AES_BLOCK_BLEN (240) +#define MAX_AES_AAD_BLEN (128) + +// ====================================== +// Structure +// ====================================== +//! @struct sAES_PARAM +//! @brief struct of AES parameter +struct sAES_PARAM +{ + unsigned char * pu8Plaintext; + unsigned int u32Plaintext_byte_len; + unsigned char * pu8Ciphertext; + unsigned int u32Ciphertext_byte_len; + + + unsigned char *pu8iv; + unsigned int u32iv_byte_len; + + unsigned char *pu8aad; + unsigned int u32aad_byte_len; + + unsigned char *pu8Tag; + unsigned int u32Tag_byte_len; + + unsigned int u32Mode; +}; + + +#endif /* MB_CMD_AES_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes_securekey.h new file mode 100644 index 0000000..a58913f --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_aes_securekey.h @@ -0,0 +1,77 @@ +/*! + * @file mb_cmd_aes_securekey.h + * @brief Headerfile : mailbox api for aes using securekey + * @author jinsu.hyun + * @version v0.10 : 2016.7.29 Init. + */ + +#ifndef MB_CMD_AES_SECUREKEY_H_ +#define MB_CMD_AES_SECUREKEY_H_ + +#include "mb_cmd_aes.h" + +// ====================================== +// Function +// ====================================== +int mb_aes_ecb_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc); +int mb_aes_ecb_update_securekey(struct sAES_PARAM *aes_param); +int mb_aes_ecb_final_securekey(struct sAES_PARAM *aes_param); + + +int mb_aes_cbc_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc); +int mb_aes_cbc_update_securekey(struct sAES_PARAM *aes_param); +int mb_aes_cbc_final_securekey(struct sAES_PARAM *aes_param); + + +int mb_aes_ctr_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc); +int mb_aes_ctr_update_securekey(struct sAES_PARAM *aes_param); +int mb_aes_ctr_final_securekey(struct sAES_PARAM *aes_param); + + +int mb_aes_xts_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc); +int mb_aes_xts_update_securekey(struct sAES_PARAM *aes_param); +int mb_aes_xts_final_securekey(struct sAES_PARAM *aes_param); + + +int mb_aes_ccm_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc); +int mb_aes_ccm_update_securekey(struct sAES_PARAM *aes_param); +int mb_aes_ccm_final_securekey(struct sAES_PARAM *aes_param, unsigned int enc); + +int mb_aes_gcm_init_securekey(struct sAES_PARAM *aes_param, unsigned int enc); +int mb_aes_gcm_update_securekey(struct sAES_PARAM *aes_param); +int mb_aes_gcm_final_securekey(struct sAES_PARAM *aes_param, unsigned int enc); + +int mb_aes_generate_key_securekey(unsigned int key_byte_len, unsigned int key_index); + + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_AES_ECB_INIT_SECUREKEY (0x00043302) +#define FUNC_AES_ECB_UPDATE_SECUREKEY (0x00053302) +#define FUNC_AES_ECB_FINAL_SECUREKEY (0x00063302) + +#define FUNC_AES_CBC_INIT_SECUREKEY (0x00143302) +#define FUNC_AES_CBC_UPDATE_SECUREKEY (0x00153302) +#define FUNC_AES_CBC_FINAL_SECUREKEY (0x00163302) + +#define FUNC_AES_CTR_INIT_SECUREKEY (0x00243302) +#define FUNC_AES_CTR_UPDATE_SECUREKEY (0x00253302) +#define FUNC_AES_CTR_FINAL_SECUREKEY (0x00263302) + +#define FUNC_AES_XTS_INIT_SECUREKEY (0x00343302) +#define FUNC_AES_XTS_UPDATE_SECUREKEY (0x00353302) +#define FUNC_AES_XTS_FINAL_SECUREKEY (0x00363302) + +#define FUNC_AES_CCM_INIT_SECUREKEY (0x00443302) +#define FUNC_AES_CCM_UPDATE_SECUREKEY (0x00453302) +#define FUNC_AES_CCM_FINAL_SECUREKEY (0x00463302) + +#define FUNC_AES_GCM_INIT_SECUREKEY (0x00543302) +#define FUNC_AES_GCM_UPDATE_SECUREKEY (0x00553302) +#define FUNC_AES_GCM_FINAL_SECUREKEY (0x00563302) + +#define FUNC_AES_KEYGEN_SECUREKEY (0x00A13302) + + +#endif /* MB_CMD_AES_SECUREKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh.h new file mode 100644 index 0000000..4e6763d --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh.h @@ -0,0 +1,32 @@ +/*! + * @file mb_cmd_dh.h + * @brief Headerfile : mailox command for dh + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_DH_H_ +#define MB_CMD_DH_H_ + + +// ====================================== +// Structure +// ====================================== +//! @struct sDH_PARAM +//! @brief struct of DH parameter +struct sDH_PARAM +{ + unsigned int object_id; + unsigned int modules_p_byte_len; + unsigned char *modules_p; + unsigned int generator_g_byte_len; + unsigned char *generator_g; + unsigned int order_q_byte_len; + unsigned char *order_q; + unsigned int publickey_byte_len; + unsigned char *publickey; +}; + +#endif /* MB_CMD_DH_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh_securekey.h new file mode 100644 index 0000000..de80c89 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_dh_securekey.h @@ -0,0 +1,79 @@ +/*! + * @file mb_cmd_dh_securekey.h + * @brief Headerfile : mailbox command for dh securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_DH_SECUREKEY_H_ +#define MB_CMD_DH_SECUREKEY_H_ + +#include "mb_cmd_dh.h" + +// ====================================== +// Function +// ====================================== +//1. int isp_dh_generate_keypair_userparam_securestorage(struct sDH_PARAM *i_dh_param, unsigned int dh_param_index); +int mb_dh_generate_key_userkey_step1(struct sDH_PARAM *i_dh_param, unsigned int object_id); //p +int mb_dh_generate_key_userkey_step2(struct sDH_PARAM *i_dh_param, unsigned int object_id); //g +int mb_dh_generate_key_userkey_step3(struct sDH_PARAM *i_dh_param, unsigned int object_id); //q +int mb_dh_generate_key_userkey_step4(unsigned int object_id); //execution +int mb_dh_generate_key_securekey_step5(unsigned int object_id); //before secure storage +//store secure storage +int mb_dh_generate_key_userkey_step6(struct sDH_PARAM *o_dh_param, unsigned int object_id); //pukey + +//2. int isp_dh_generate_keypair_secureparam(struct sDH_PARAM *o_dh_param, unsigned int key_index); +//get key from secure storage +int mb_dh_generate_key_securekey_step1(unsigned int object_id); +//set key store secure storage +int mb_dh_generate_param_userkey_step7(struct sDH_PARAM *o_dh_param, unsigned int object_id); //output p +int mb_dh_generate_param_userkey_step8(struct sDH_PARAM *o_dh_param, unsigned int object_id); //output g + + + +//3. int isp_dh_compute_shared_secret_securekey(unsigned char *shared_secret, struct sDH_KEY* dh_publickey, unsigned int key_index); +int mb_dh_compute_shared_secret_securekey_step1(struct sDH_PARAM i_dh_pukey, unsigned int object_id); //other pukey +//get key +int mb_dh_compute_shared_secret_securekey_step2(unsigned int object_id); //load param from secure storage +int mb_dh_compute_shared_secret_securekey_step3(unsigned char *shared_secret, unsigned int* shared_secret_byte_len, unsigned int object_id); + + +//4. int isp_dh_generate_param_securekey(struct sDH_PARAM *o_dh_param, unsigned int dh_param_index); +int mb_dh_generate_param_securekey_step1(unsigned int object_id); + + +//5. get public key from secure storage +int mb_dh_get_pubkey_securekey_step1(unsigned int object_id); +int mb_dh_get_pubkey_securekey_step2(unsigned int object_id); //execution + +//6. generate parameter except prime +int mb_dh_generate_param_generator_step1(unsigned int object_id); + + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_DH_GEN_KEY_USERKEY1 (0x00012402) +#define FUNC_DH_GEN_KEY_USERKEY2 (0x00022402) +#define FUNC_DH_GEN_KEY_USERKEY3 (0x00032402) +#define FUNC_DH_GEN_KEY_USERKEY4 (0x00042402) +#define FUNC_DH_GEN_KEY_SECUREKEY5 (0x01052402) +#define FUNC_DH_GEN_KEY_USERKEY6 (0x00062402) + +#define FUNC_DH_GEN_KEY_SECUREKEY1 (0x03012402) +#define FUNC_DH_GEN_PARAM_USERKEY7 (0x00022302) +#define FUNC_DH_GEN_PARAM_USERKEY8 (0x00032302) + +#define FUNC_DH_GET_PUKEY_SECUREKEY1 (0x01012402) +#define FUNC_DH_GET_PUKEY_SECUREKEY2 (0x01042402) + +#define FUNC_DH_COMPUTE_SHARED_SECRET_SECUREKEY1 (0x00012502) +#define FUNC_DH_COMPUTE_SHARED_SECRET_SECUREKEY2 (0x01022502) +#define FUNC_DH_COMPUTE_SHARED_SECRET_SECUREKEY3 (0x00052502) + +#define FUNC_DH_GEN_PARAM_SECUREKEY1 (0x00012302) +#define FUNC_DH_GEN_GENERATOR_SECUREKEY1 (0x01012302) + +#endif /* MB_CMD_DH_SECUREKEY_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdh_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdh_securekey.h new file mode 100644 index 0000000..1104c73 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdh_securekey.h @@ -0,0 +1,26 @@ +/*! + * @file mb_cmd_ecdh_securekey.h + * @brief Headerfile : mailbox command for ecdh securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_ECDH_SECUREKEY_H_ +#define MB_CMD_ECDH_SECUREKEY_H_ + +#include "mb_cmd_ecdsa.h" + +// ====================================== +// Function +// ====================================== +int mb_compute_ecdh_securekey(unsigned char *shared_secret, unsigned int *shared_secret_byte_len, struct sECC_KEY ecc_key, unsigned int object_id); + + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_ECDH_COMPUTE_SECUREKEY (0x01012102) + +#endif /* MB_CMD_ECDH_SECUREKEY_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa.h new file mode 100644 index 0000000..ecd3abd --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa.h @@ -0,0 +1,43 @@ +/*! + * @file mb_cmd_ecdsa.h + * @brief Headerfile : mailbox command for ecdsa + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_ECDSA_H_ +#define MB_CMD_ECDSA_H_ + +#define MAX_ECDSA_BLOCK_BLEN (128) +#define MAX_ECDSA_KEY_BLEN (244) + +// ====================================== +// Structure +// ====================================== +//! @struct sECC_KEY +//! @brief struct of ECDSA Key parameter +struct sECC_KEY +{ + unsigned int curve; + unsigned char * privatekey; + unsigned char * publickey_x; + unsigned char x_byte_len; + unsigned char * publickey_y; + unsigned char y_byte_len; +}; + +//! @struct sECC_SIGN +//! @brief struct of ECDSA Signature +struct sECC_SIGN +{ + unsigned int sign_type; + unsigned char * r; + unsigned char r_byte_len; + unsigned char * s; + unsigned char s_byte_len; +}; + + +#endif /* MB_CMD_ECDSA_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa_securekey.h new file mode 100644 index 0000000..010d3b5 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_ecdsa_securekey.h @@ -0,0 +1,43 @@ +/*! + * @file mb_cmd_ecdsa_securekey.h + * @brief Headerfile : mailbox command for ecdsa securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef MB_CMD_ECDSA_SECUREKEY_H_ +#define MB_CMD_ECDSA_SECUREKEY_H_ + +#include "mb_cmd_ecdsa.h" + +// ====================================== +// Function +// ====================================== +int mb_ecdsa_sign_securekey_step1(unsigned int object_id, unsigned char* hash); +int mb_ecdsa_sign_securekey_step2(struct sECC_SIGN *signature, unsigned int object_id); + +int mb_ecdsa_verify_securekey_step1(unsigned int object_id, unsigned char* hash); +int mb_ecdsa_verify_securekey_step2(unsigned int object_id, struct sECC_SIGN *signature); +int mb_ecdsa_verify_securekey_step3(unsigned int object_id); + +int mb_ecdsa_generate_key_securekey_step1(unsigned int object_id); +int mb_ecdsa_generate_publickey_securekey_step1(unsigned int object_id); +int mb_ecdsa_generate_publickey_securekey_step2(struct sECC_KEY *ecc_publickey, unsigned int object_id); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_ECDSA_SIGN_SECUREKEY1 (0x01011102) +#define FUNC_ECDSA_SIGN_SECUREKEY2 (0x01021102) + +#define FUNC_ECDSA_VERIFY_SECUREKEY1 (0x01011202) +#define FUNC_ECDSA_VERIFY_SECUREKEY2 (0x01021202) +#define FUNC_ECDSA_VERIFY_SECUREKEY3 (0x01031202) + +#define FUNC_ECDSA_GEN_KEY_SECUREKEY1 (0x03011302) +#define FUNC_ECDSA_GEN_PUBLICKEY_SECUREKEY1 (0x01011302) +#define FUNC_ECDSA_GEN_PUBLICKEY_SECUREKEY2 (0x01021302) + + +#endif /* MB_CMD_ECDSA_SECUREKEY_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_hash.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hash.h new file mode 100644 index 0000000..dcd8fc7 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hash.h @@ -0,0 +1,52 @@ +/*! + * @file mb_cmd_hash.h + * @brief Headerfile : mailbox command for hash + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_HASH_H_ +#define MB_CMD_HASH_H_ + +// ====================================== +// Structure +// ====================================== +//! @struct sHASH_MSG +//! @brief struct of message for Hash +struct sHASH_MSG +{ + unsigned int addr_low; + unsigned int addr_high; + unsigned int descriptor_byte_len; + unsigned int msg_byte_len; + unsigned int msg_type; +}; + +#define MAX_HASH_BLOCK_BLEN (144) +#define GET_HASH_SIZE(OID) ((OID>> 8)&0x07) + +// ====================================== +// Function +// ====================================== +int mb_hash_init(unsigned int object_id, unsigned int msg_byte_len); +int mb_hash_update(unsigned int block_byte_len, unsigned char * msg_block); +int mb_hash_final(unsigned char *hash, unsigned int block_byte_len, unsigned char * msg_block); + +int mb_hash_dma(unsigned char *hash, unsigned int object_id, unsigned int msg_byte_len, unsigned int msg_addr_low, unsigned int msg_addr_high); +int mb_hash_descriptor(unsigned char *hash, unsigned int object_id, unsigned int msg_byte_len, unsigned int descriptor_byte_len, unsigned int descriptor_addr_low, unsigned int descriptor_addr_high); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_HASH_INIT (0x00103102) +#define FUNC_HASH_UPDATE (0x00203102) +#define FUNC_HASH_FINAL (0x00303102) +#define FUNC_HASH_DMA (0x01013102) +#define FUNC_HASH_DESCRIPTOR (0x02013102) + + + + +#endif /* MB_CMD_HASH_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac.h new file mode 100644 index 0000000..dd8d61c --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac.h @@ -0,0 +1,27 @@ +/*! + * @file mb_cmd_hmac.h + * @brief Headerfile : mailbox command for hmac + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_HMAC_H_ +#define MB_CMD_HMAC_H_ + +#define MAX_HMAC_BLOCK_BLEN (128) + +//! @struct sHMAC_MSG +//! @brief struct of message for HMAC +struct sHMAC_MSG +{ + unsigned int addr_low; + unsigned int addr_high; + unsigned int descriptor_byte_len; + unsigned int msg_byte_len; + unsigned int msg_type; +}; + + +#endif /* MB_CMD_HMAC_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac_securekey.h new file mode 100644 index 0000000..087d4a0 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_hmac_securekey.h @@ -0,0 +1,32 @@ +/*! + * @file mb_cmd_hmac_securekey.h + * @brief Headerfile : mailbox command for hmac securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef MB_CMD_HMAC_SECUREKEY_H_ +#define MB_CMD_HMAC_SECUREKEY_H_ + +#include "mb_cmd_hmac.h" + +// ====================================== +// Function +// ====================================== +int mb_hmac_generate_key_securekey(unsigned int key_byte_len, unsigned int key_index); + +int mb_hmac_init_securekey(unsigned int object_id, unsigned int msg_byte_len); +int mb_hmac_update_securekey(unsigned int block_byte_len, unsigned char * msg_block); +int mb_hmac_final_securekey(unsigned char *mac, unsigned int block_byte_len, unsigned char * msg_block); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_HMAC_KEYGEN_SECUREKEY (0x00013202) + +#define FUNC_HMAC_INIT_SECUREKEY (0x00113202) +#define FUNC_HMAC_UPDATE_SECUREKEY (0x00213202) +#define FUNC_HMAC_FINAL_SECUREKEY (0x00313202) + +#endif /* MB_CMD_HMAC_SECUREKEY_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_rng.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rng.h new file mode 100644 index 0000000..1445346 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rng.h @@ -0,0 +1,24 @@ +/*! + * @file mb_cmd_rng.h + * @brief Headerfile : mailbox command for rng + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_RNG_H_ +#define MB_CMD_RNG_H_ + + +// ====================================== +// Function +// ====================================== +int mb_generate_random_number(unsigned int *random_number, unsigned int random_wlen); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_RNG (0x00016102) + +#endif /* MB_CMD_RNG_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa.h new file mode 100644 index 0000000..c774b95 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa.h @@ -0,0 +1,38 @@ +/*! + * @file mb_cmd_rsa.h + * @brief Headerfile : mailbox command for rsa + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_RSA_H_ +#define MB_CMD_RSA_H_ + +// ====================================== +// Structure +// ====================================== +//! @struct sRSA_KEY +//! @brief struct of RSA Key parameter +struct sRSA_KEY{ + unsigned int object_id; + unsigned char *modules; + unsigned int modules_byte_len; + unsigned char *publickey; + unsigned int publickey_byte_len; + unsigned char *privatekey; +}; + + +//! @struct sRSA_SIGN +//! @brief struct of RSA Signature +struct sRSA_SIGN{ + unsigned int signature_byte_len; + unsigned char *signature; + unsigned int salt_byte_len; + unsigned int alg_type; +}; + + +#endif /* MB_CMD_RSA_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa_securekey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa_securekey.h new file mode 100644 index 0000000..7a6e057 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_rsa_securekey.h @@ -0,0 +1,72 @@ +/*! + * @file mb_cmd_rsa_securekey.h + * @brief Headerfile : mailbox command for rsa securekey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_RSA_SECUREKEY_H_ +#define MB_CMD_RSA_SECUREKEY_H_ + +#include "mb_cmd_rsa.h" + +// ====================================== +// Functions +// ====================================== +int mb_rsa_encrypt_securekey_step1(unsigned int object_id, unsigned char *input, unsigned int input_byte_len); +int mb_rsa_encrypt_securekey_step2(unsigned int object_id); +int mb_rsa_encrypt_securekey_step3(unsigned int object_id, unsigned char *output, unsigned int *output_byte_len); + +int mb_rsa_decrypt_securekey_step1(unsigned int object_id, unsigned char *input, unsigned int input_byte_len); +int mb_rsa_decrypt_securekey_step2(unsigned int object_id); +int mb_rsa_decrypt_securekey_step3(unsigned int object_id, unsigned char *output, unsigned int *output_byte_len); + +int mb_rsa_sign_securekey_step1(unsigned int object_id, unsigned char *hash); +int mb_rsa_sign_securekey_step2(unsigned int object_id); +int mb_rsa_sign_securekey_step3(unsigned int object_id, struct sRSA_SIGN *rsa_sign); + +int mb_rsa_verify_securekey_step1(unsigned int object_id, unsigned char *hash); +int mb_rsa_verify_securekey_step2(unsigned int object_id); +int mb_rsa_verify_securekey_step3(unsigned int object_id, struct sRSA_SIGN *rsa_sign); +int mb_rsa_verify_securekey_step4(unsigned int object_id, struct sRSA_SIGN *rsa_sign); + +int mb_rsa_generate_key_secretkey_step1(unsigned int object_id, unsigned int pukey); + +int mb_rsa_get_pubkey_secretkey_step1(unsigned int object_id, struct sRSA_KEY *rsa_key); +int mb_rsa_get_pubkey_secretkey_step2(unsigned int object_id, struct sRSA_KEY *rsa_key); + +int mb_load_prime(void); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_RSA_ENCRYPT_SECUREKEY1 (0x00015102) +#define FUNC_RSA_ENCRYPT_SECUREKEY2 (0x01025102) +#define FUNC_RSA_ENCRYPT_SECUREKEY3 (0x00035102) + +#define FUNC_RSA_DECRYPT_SECUREKEY1 (0x00015202) +#define FUNC_RSA_DECRYPT_SECUREKEY2 (0x01025202) +//skip 03rd when securekey +#define FUNC_RSA_DECRYPT_SECUREKEY3 (0x00045202) + +#define FUNC_RSA_SIGN_SECUREKEY1 (0x00011502) +#define FUNC_RSA_SIGN_SECUREKEY2 (0x01021502) +//skip 03rd when secure key +#define FUNC_RSA_SIGN_SECUREKEY3 (0x00041502) +#define FUNC_RSA_SIGN_SECUREKEY3_PKCS (0x01041502) +#define FUNC_RSA_SIGN_SECUREKEY3_PSS (0x00041502) + +#define FUNC_RSA_VERIFY_SECUREKEY1 (0x00011602) +#define FUNC_RSA_VERIFY_SECUREKEY2 (0x01021602) +#define FUNC_RSA_VERIFY_SECUREKEY3 (0x00031602) +#define FUNC_RSA_VERIFY_SECUREKEY4 (0x00041602) + +#define FUNC_RSA_GENKEY_SECUREKEY1_RNDPK (0x01011702) +#define FUNC_RSA_GENKEY_SECUREKEY1_USERPK (0x03011702) + +#define FUNC_RSA_GET_PUBKEY_SECUREKEY1 (0x01021702) +#define FUNC_RSA_GET_PUBKEY_SECUREKEY2 (0x01031702) + +#endif /* MB_CMD_RSA_SECUREKEY_H_ */ + diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_cert.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_cert.h new file mode 100644 index 0000000..ec4d6da --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_cert.h @@ -0,0 +1,40 @@ +/*! + * @file mb_cmd_secure_storage_cert.h + * @brief Headerfile : mailbox command for secure storage cert + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef MB_CMD_SECURE_STORAGE_CERT_H_ +#define MB_CMD_SECURE_STORAGE_CERT_H_ + + +#define SSTORAGE_CERT_SLOT_INDEX_MAX (8) +#define SSTORAGE_CERT_DATA_MAX (0x1000) // 4096 +#define SSTORAGE_CERT_SLOT_MAX (0x1100) // 4096+256 + +// ====================================== +// Function +// ====================================== +// Secure Storage for Cert +int mb_storage_set_cert_init(unsigned char * iv, unsigned int msg_byte_len, unsigned int index); +int mb_storage_set_cert_update(unsigned char *out_block, unsigned char *in_block); +int mb_storage_set_cert_final(unsigned char *out_block, unsigned char *in_block, unsigned int in_block_byte_len); + +int mb_storage_get_cert_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int index); +int mb_storage_get_cert_update(unsigned char *out_block, unsigned char *in_block); +int mb_storage_get_cert_final(unsigned char *out_block, unsigned char *in_block, unsigned int block_byte_len); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_SSTORAGE_CERT_ENC_INIT (0x0001A102) +#define FUNC_SSTORAGE_CERT_ENC_UPDATE (0x0002A102) +#define FUNC_SSTORAGE_CERT_ENC_FINAL (0x0003A102) + +#define FUNC_SSTORAGE_CERT_DEC_INIT (0x0011A102) +#define FUNC_SSTORAGE_CERT_DEC_UPDATE (0x0012A102) +#define FUNC_SSTORAGE_CERT_DEC_FINAL (0x0013A102) + + +#endif /* MB_CMD_SECURE_STORAGE_CERT_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_data.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_data.h new file mode 100644 index 0000000..6c25383 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_data.h @@ -0,0 +1,41 @@ +/*! + * @file mb_cmd_secure_storage_data.h + * @brief Headerfile : mailbox command for secure storage data + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef MB_CMD_SECURE_STORAGE_DATA_H_ +#define MB_CMD_SECURE_STORAGE_DATA_H_ + + +#define SSTORAGE_DATA_SLOT_INDEX_MAX (32) +#define SSTORAGE_DATA_DATA_MAX (208) +#define SSTORAGE_DATA_SLOT_MAX (256) + + +// ====================================== +// Function +// ====================================== +// Secure Storage for Data +int mb_storage_set_data_init(unsigned char * iv, unsigned int msg_byte_len, unsigned int index); +int mb_storage_set_data_update(unsigned char * out_block, unsigned char *in_block); +int mb_storage_set_data_final(unsigned char * out_block, unsigned char *in_block, unsigned int in_block_byte_len); + +int mb_storage_get_data_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int index); +int mb_storage_get_data_update(unsigned char * out_block, unsigned char *in_block); +int mb_storage_get_data_final(unsigned char * out_block, unsigned char *in_block, unsigned int block_byte_len); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_SSTORAGE_DATA_ENC_INIT (0x0001A202) +#define FUNC_SSTORAGE_DATA_ENC_UPDATE (0x0002A202) +#define FUNC_SSTORAGE_DATA_ENC_FINAL (0x0003A202) + +#define FUNC_SSTORAGE_DATA_DEC_INIT (0x0011A202) +#define FUNC_SSTORAGE_DATA_DEC_UPDATE (0x0012A202) +#define FUNC_SSTORAGE_DATA_DEC_FINAL (0x0013A202) + + +#endif /* MB_CMD_SECURE_STORAGE_DATA_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_factorykey.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_factorykey.h new file mode 100644 index 0000000..c488739 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_factorykey.h @@ -0,0 +1,46 @@ +/*! + * @file mb_cmd_secure_storage_factorykey.h + * @brief Headerfile : mailbox command for secure storage for factorykey + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef MB_CMD_SECURE_STORAGE_FACTORYKEY_H_ +#define MB_CMD_SECURE_STORAGE_FACTORYKEY_H_ + +// ====================================== +// Function +// ====================================== +int mb_storage_set_factorykey_init(unsigned int key_byte_len); +int mb_storage_set_factorykey_update(unsigned char *in_block); +int mb_storage_set_factorykey_final(unsigned char *in_block, unsigned int block_byte_len); + +int mb_storage_get_factorykey_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int type); +int mb_storage_get_factorykey_update(unsigned char *in_block); +int mb_storage_get_factorykey_final(unsigned char *in_block, unsigned int block_byte_len); + +int mb_storage_set_factorykey_data_init(unsigned char * iv, unsigned int msg_byte_len, unsigned int key_id); +int mb_storage_set_factorykey_data_update(unsigned char *out_block, unsigned char *in_block); +int mb_storage_set_factorykey_data_final(unsigned char *out_block, unsigned char *in_block, unsigned int in_block_byte_len); + +int mb_storage_get_factorykey_data_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int key_id); +int mb_storage_get_factorykey_data_update(unsigned char *out_block, unsigned char *in_block); +int mb_storage_get_factorykey_data_final(unsigned char *out_block, unsigned char *in_block, unsigned int block_byte_len); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_SSTORAGE_FACTORYKEY_ENC_INIT (0x0001A402) +#define FUNC_SSTORAGE_FACTORYKEY_ENC_UPDATE (0x0002A402) +#define FUNC_SSTORAGE_FACTORYKEY_ENC_FINAL (0x0003A402) + +#define FUNC_SSTORAGE_FACTORYKEY_DATA_ENC_INIT (0x0021A402) +#define FUNC_SSTORAGE_FACTORYKEY_DATA_ENC_UPDATE (0x0022A402) +#define FUNC_SSTORAGE_FACTORYKEY_DATA_ENC_FINAL (0x0023A402) + +#define FUNC_SSTORAGE_FACTORYKEY_DATA_DEC_INIT (0x0031A402) +#define FUNC_SSTORAGE_FACTORYKEY_DATA_DEC_UPDATE (0x0032A402) +#define FUNC_SSTORAGE_FACTORYKEY_DATA_DEC_FINAL (0x0033A402) + + +#endif /* MB_CMD_SECURE_STORAGE_FACTORYKEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_key.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_key.h new file mode 100644 index 0000000..aa24868 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_secure_storage_key.h @@ -0,0 +1,46 @@ +/*! + * @file mb_cmd_secure_storage_key.h + * @brief Headerfile : mailbox command for secure storage key + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + +#ifndef MB_CMD_SECURE_STORAGE_KEY_H_ +#define MB_CMD_SECURE_STORAGE_KEY_H_ + + +// Storage Map +#define MB_SSTORAGE_BLOCK_BYTELEN_MAX (240) + +// ====================================== +// Function +// ====================================== +// Secure Storage for Key +int mb_storage_set_securekey_init(unsigned char * iv, unsigned int msg_byte_len, unsigned int type, unsigned int index); +int mb_storage_set_securekey_update(unsigned char * out_block, unsigned char *in_block, unsigned int type); +int mb_storage_set_securekey_final(unsigned char *out_block, unsigned char *in_block, unsigned int block_byte_len, unsigned int type); + +int mb_storage_get_securekey_init(unsigned char *iv, unsigned int msg_byte_len, unsigned int type, unsigned int index); +int mb_storage_get_securekey_update(unsigned char *in_block); +int mb_storage_get_securekey_final(unsigned int *object_id, unsigned char *in_block, unsigned int block_byte_len); + +int mb_storage_set_genkey_securekey_init(unsigned char * iv, unsigned int *msg_byte_len, unsigned int type, unsigned int index); +int mb_storage_set_genkey_securekey_update(unsigned char * out_block, unsigned int type); +int mb_storage_set_genkey_securekey_final(unsigned char *out_block, unsigned int type); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_SSTORAGE_KEY_ENC_INIT (0x0001A302) +#define FUNC_SSTORAGE_KEY_ENC_UPDATE (0x0002A302) +#define FUNC_SSTORAGE_KEY_ENC_FINAL (0x0003A302) + +#define FUNC_SSTORAGE_KEY_DEC_INIT (0x0011A302) +#define FUNC_SSTORAGE_KEY_DEC_UPDATE (0x0012A302) +#define FUNC_SSTORAGE_KEY_DEC_FINAL (0x0013A302) + +#define FUNC_SSTORAGE_KEY_ENC_KEYGEN_INIT (0x0021A302) +#define FUNC_SSTORAGE_KEY_ENC_KEYGEN_UPDATE (0x0022A302) +#define FUNC_SSTORAGE_KEY_ENC_KEYGEN_FINAL (0x0023A302) + +#endif /* MB_CMD_SECURE_STORAGE_KEY_H_ */ diff --git a/os/arch/arm/src/s5j/soc/sss/mb_cmd_system.h b/os/arch/arm/src/s5j/soc/sss/mb_cmd_system.h new file mode 100644 index 0000000..b9dffb4 --- /dev/null +++ b/os/arch/arm/src/s5j/soc/sss/mb_cmd_system.h @@ -0,0 +1,25 @@ +/*! + * @file mb_cmd_system.h + * @brief Headerfile : mailbox command for system function + * @author jinsu.hyun + * @version v0.50 : 2016.8.13 Init. release version + */ + + +#ifndef MB_CMD_SYSTEM_H_ +#define MB_CMD_SYSTEM_H_ + +// ====================================== +// Function +// ====================================== +int mb_system_clear(unsigned int type); +int mb_system_get_info(unsigned int *version); + +// ====================================== +// Mailbox Command +// ====================================== +#define FUNC_SYSTEM_GET_INFO (0x00000102) +#define FUNC_SYSTEM_CLEAR (0x00000202) + +#endif /* MB_CMD_SYSTEM_H_ */ +