int sunxi_secure_object_write(const char *item_name, char *buffer, int length)
{
char secure_object[4096];
int retLen ,ret;
store_object_t *so ;
memset(secure_object, 0, 4096);
ret = wrap_secure_object((void *)buffer, item_name, length,secure_object,&retLen);
if(ret <0 || retLen >4096){
printf("wrap fail before secure storage write\n");
return -1 ;
}
so = (store_object_t *)secure_object;
#ifdef CONFIG_SUNXI_SECURE_SYSTEM
store_object_t *en_so ;
en_so = malloc(sizeof(*en_so));
if(!en_so){
printf("wrap fail out of memory\n");
return -1 ;
}
ret = smc_load_sst_encrypt(
so->name,
(char *)so->data,so->actual_len,
(char *)en_so, (unsigned int *)&retLen);
if(ret <0){
printf("smc load sst encrypt fail\n");
free(en_so);
return -1 ;
}else if(ret >0){
printf("Don't need to encrypt object\n");
}else{
memcpy(so->data, en_so, retLen);
so->actual_len = retLen;
so->id = sst_oem_item_id((char *)item_name);
so->re_encrypt = STORE_REENCRYPT_MAGIC;
so->crc = crc32( 0 , (void *)so, sizeof(*so)-4 );
}
free(en_so);
#endif
return sunxi_secure_storage_write(item_name, (char *)so,sizeof(*so) );
}
static int secure_object_op_test(void)
{
unsigned char * tagt ;
int LEN = 4096 , retLen ;
int ret ;
tagt = (unsigned char *)malloc(LEN);
if(!tagt){
printf("out of memory\n");
return -1 ;
}
ret = wrap_secure_object( hdmi_data, "HDMI",
ARRAY_SIZE(hdmi_data), tagt, &retLen ) ;
if( ret <0){
printf("Error: wrap secure object fail\n");
free(tagt);
return -1 ;
}
ret = sunxi_secure_storage_write( "HDMI" , (void *)tagt, retLen ) ;
if(ret <0){
printf("Error: store HDMI object fail\n");
free(tagt);
return -1 ;
}
ret = sunxi_secure_storage_read( "HDMI" , (void *)sec_buf,
4096 , (int *)&retLen ) ;
if(ret <0){
printf("Error: store HDMI object read fail\n");
free(tagt);
return -1 ;
}
if( memcmp(tagt, sec_buf, retLen ) !=0 ){
printf("Error: HDMI write/read fail\n");
return -1 ;
}
printf("HDMI dump:\n");
print_buffer((u32)sec_buf,
(void*)sec_buf,
1,
retLen,
16);
ret = wrap_secure_object(widevine_data, "Widevine",
ARRAY_SIZE(widevine_data), tagt, &retLen ) ;
if( ret <0){
printf("Error: wrap secure object fail\n");
free(tagt);
return -1 ;
}
ret = sunxi_secure_storage_write( "Widevine" , (void *)tagt, retLen ) ;
if(ret <0){
printf("Error: store Widevine object fail\n");
free(tagt);
return -1 ;
}
ret = sunxi_secure_storage_read( "Widevine" , (void *)sec_buf,
4096 , (int *)&retLen ) ;
if(ret <0){
printf("Error: store Widevine object read fail\n");
free(tagt);
return -1 ;
}
if( memcmp(tagt, sec_buf, retLen ) !=0 ){
printf("Error: Widevine write/read fail\n");
return -1 ;
}
printf("Widevine dump:\n");
print_buffer((u32)sec_buf,
(void*)sec_buf,
1,
retLen,
16);
sunxi_secure_storage_exit();
free(tagt);
return 0 ;
}
/*
************************************************************************************************************
*
* function
*
* name :
*
* parmeters :
*
* return :
*
* note :
*
*
************************************************************************************************************
*/
static int sunxi_pburn_state_loop(void *buffer)
{
static struct umass_bbb_cbw_t *cbw;
static struct umass_bbb_csw_t csw;
static uint pburn_flash_start = 0;
//static uint pburn_flash_sectors = 0;
int ret;
sunxi_ubuf_t *sunxi_ubuf = (sunxi_ubuf_t *)buffer;
switch(sunxi_usb_pburn_status)
{
case SUNXI_USB_PBURN_IDLE:
if(sunxi_ubuf->rx_ready_for_data == 1)
{
sunxi_usb_pburn_status = SUNXI_USB_PBURN_SETUP;
}
break;
case SUNXI_USB_PBURN_SETUP:
sunxi_usb_dbg("SUNXI_USB_PBURN_SETUP\n");
if(sunxi_ubuf->rx_req_length != sizeof(struct umass_bbb_cbw_t))
{
printf("sunxi usb error: received bytes 0x%x is not equal cbw struct size 0x%zx\n", sunxi_ubuf->rx_req_length, sizeof(struct umass_bbb_cbw_t));
sunxi_ubuf->rx_ready_for_data = 0;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_IDLE;
break;
}
cbw = (struct umass_bbb_cbw_t *)sunxi_ubuf->rx_req_buffer;
if(CBWSIGNATURE != cbw->dCBWSignature)
{
printf("sunxi usb error: the cbw signature 0x%x is bad, need 0x%x\n", cbw->dCBWSignature, CBWSIGNATURE);
sunxi_ubuf->rx_ready_for_data = 0;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_IDLE;
break;
}
csw.dCSWSignature = CSWSIGNATURE;
csw.dCSWTag = cbw->dCBWTag;
#if defined(SUNXI_USB_30)
sunxi_usb_pburn_status_enable = 1;
#endif
sunxi_usb_dbg("usb cbw command = 0x%x\n", cbw->CBWCDB[0]);
switch(cbw->CBWCDB[0])
{
#ifdef CONFIG_SUNXI_SECURE_STORAGE
case 0xf0: //自定义命令,用于烧录用户数据
sunxi_usb_dbg("usb burn secure storage data\n");
printf("usb command = %d\n", cbw->CBWCDB[1]);
switch(cbw->CBWCDB[1])
{
case 0: //握手
{
__usb_handshake_sec_t *handshake = (__usb_handshake_sec_t *)trans_data.base_send_buffer;
memset(handshake, 0, sizeof(__usb_handshake_sec_t));
strcpy(handshake->magic, "usb_burn_handshake");
sunxi_usb_pburn_status = SUNXI_USB_PBURN_SEND_DATA;
trans_data.act_send_buffer = trans_data.base_send_buffer;
trans_data.send_size = min(cbw->dCBWDataTransferLength, sizeof(__usb_handshake_sec_t));
sunxi_usb_burn_from_boot_setup = 1;
private_data_ext_buff = (u8 *)malloc(4 * 1024 * 1024);
if(private_data_ext_buff == NULL)
{
printf("there is no memorfy to store all user key data\n");
csw.bCSWStatus = -1;
}
else
{
csw.bCSWStatus = 0;
sunxi_usb_burn_from_boot_handshake = 1;
}
private_data_ext_buff_step = private_data_ext_buff;
}
break;
case 1: //小机端接收数据
{
trans_data.recv_size = cbw->dCBWDataTransferLength;
sunxi_usb_pburn_write_enable = 0;
sunxi_udc_start_recv_by_dma(private_data_ext_buff_step, trans_data.recv_size); //start dma to receive data
printf("recv_size=%d\n", trans_data.recv_size);
sunxi_dump(private_data_ext_buff, trans_data.recv_size);
sunxi_usb_pburn_status = SUNXI_USB_PBURN_RECEIVE_NULL;
}
break;
case 2: //工具端声明数据传输已经完毕,要求获取烧录状态
{
__usb_handshake_ext_t *handshake = (__usb_handshake_ext_t *)trans_data.base_send_buffer;
memset(handshake, 0, sizeof(__usb_handshake_ext_t));
//strcpy(handshake->magic, "usb_burn_receive_data_all");
sunxi_usb_pburn_status = SUNXI_USB_PBURN_SEND_DATA;
printf("recv_size=%d\n", trans_data.recv_size);
sunxi_dump(private_data_ext_buff, trans_data.recv_size);
int ret = __sunxi_burn_key(private_data_ext_buff, trans_data.recv_size);
trans_data.act_send_buffer = trans_data.base_send_buffer;
trans_data.send_size = min(cbw->dCBWDataTransferLength, sizeof(__usb_handshake_ext_t));
//开始根据数据类型进行烧录动作
if(!ret) //数据烧写成功
{
strcpy(handshake->magic, "usb_burn_success");
csw.bCSWStatus = 0;
}
else //数据烧写失败
{
strcpy(handshake->magic, "usb_burn_error");
csw.bCSWStatus = -1;
}
if(private_data_ext_buff)
{
free(private_data_ext_buff);
}
}
break;
// case 3: //小机端读取每个key
// {
// uint start, sectors;
// uint offset;
//
// start = *(int *)(cbw->CBWCDB + 4); //读数据的偏移量
// sectors = *(int *)(cbw->CBWCDB + 8); //扇区数;
//
// trans_data.send_size = min(cbw->dCBWDataTransferLength, sectors * 512);
// trans_data.act_send_buffer = (uint)trans_data.base_send_buffer;
//
// offset = burn_private_start;
// ret = sunxi_flash_read(start + offset, sectors, trans_data.base_send_buffer);
// if(!ret)
// {
// printf("sunxi flash read err: start,0x%x sectors 0x%x\n", start, sectors);
//
// csw.bCSWStatus = 1;
// }
// else
// {
// csw.bCSWStatus = 0;
// }
//
// sunxi_usb_pburn_status = SUNXI_USB_PBURN_SEND_DATA;
// }
// break;
case 4: //关闭usb
{
__usb_handshake_ext_t *handshake = (__usb_handshake_ext_t *)trans_data.base_send_buffer;
memset(handshake, 0, sizeof(__usb_handshake_ext_t));
strcpy(handshake->magic, "usb_burn_finish");
trans_data.act_send_buffer = trans_data.base_send_buffer;
trans_data.send_size = min(cbw->dCBWDataTransferLength, sizeof(__usb_handshake_ext_t));
sunxi_udc_send_data((void *)trans_data.act_send_buffer, trans_data.send_size);
csw.bCSWStatus = 0;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_EXIT;
}
break;
case 5:
{
__usb_handshake_ext_t *handshake = (__usb_handshake_ext_t *)trans_data.base_send_buffer;
memset(handshake, 0, sizeof(__usb_handshake_ext_t));
strcpy(handshake->magic, "usb_burn_saved");
trans_data.act_send_buffer = trans_data.base_send_buffer;
trans_data.send_size = min(cbw->dCBWDataTransferLength, sizeof(__usb_handshake_ext_t));
csw.bCSWStatus = 0;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_SEND_DATA;
if(sunxi_secure_storage_write("key_burned_flag", "key_burned", strlen("key_burned")))
{
printf("save burned flag err\n");
csw.bCSWStatus = -1;
}
sunxi_secure_storage_exit();
}
break;
default:
break;
}
break;
#endif
case 0xf3: //自定义命令,用于烧录用户数据
sunxi_usb_dbg("usb burn private\n");
printf("usb command = %d\n", cbw->CBWCDB[1]);
switch(cbw->CBWCDB[1])
{
case 0: //握手
{
__usb_handshake_t *handshake = (__usb_handshake_t *)trans_data.base_send_buffer;
burn_private_start = sunxi_partition_get_offset_byname("private");
burn_private_len = sunxi_partition_get_size_byname("private");
if(!burn_private_start)
{
printf("private partition is not exist\n");
csw.bCSWStatus = -1;
}
else
{
csw.bCSWStatus = 0;
}
memset(handshake, 0, sizeof(__usb_handshake_t));
strcpy(handshake->magic, "usb_burn_handshake");
handshake->sizelo = burn_private_len;
handshake->sizehi = 0;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_SEND_DATA;
sunxi_usb_burn_from_boot_setup = 1;
sunxi_usb_burn_from_boot_handshake = 1;
trans_data.act_send_buffer = trans_data.base_send_buffer;
trans_data.send_size = min(cbw->dCBWDataTransferLength, sizeof(__usb_handshake_t));
}
break;
case 1: //小机端接收数据
{
//pburn_flash_sectors = *(int *)(cbw->CBWCDB + 8);
//pburn_flash_start = *(int *)(cbw->CBWCDB + 4);
memcpy(&pburn_flash_start,(cbw->CBWCDB + 4),4);
trans_data.recv_size = cbw->dCBWDataTransferLength;
trans_data.act_recv_buffer = trans_data.base_recv_buffer;
pburn_flash_start += burn_private_start;
sunxi_usb_pburn_write_enable = 0;
sunxi_udc_start_recv_by_dma(trans_data.act_recv_buffer, trans_data.recv_size); //start dma to receive data
sunxi_usb_pburn_status = SUNXI_USB_PBURN_RECEIVE_DATA;
}
break;
case 3: //小机端发送数据
{
uint start, sectors;
//start = *(int *)(cbw->CBWCDB + 4); //读数据的偏移量
//sectors = *(int *)(cbw->CBWCDB + 8); //扇区数;
memcpy(&start,(cbw->CBWCDB + 4),4);
memcpy(§ors,(cbw->CBWCDB + 8),4);
printf("start=%d, sectors=%d\n", start, sectors);
trans_data.send_size = min(cbw->dCBWDataTransferLength, sectors * 512);
trans_data.act_send_buffer = trans_data.base_send_buffer;
printf("send size=%d\n", trans_data.send_size);
ret = sunxi_flash_read(start + burn_private_start, sectors, trans_data.base_send_buffer);
if(!ret)
{
printf("sunxi flash read err: start,0x%x sectors 0x%x\n", start, sectors);
csw.bCSWStatus = 1;
}
else
{
csw.bCSWStatus = 0;
}
sunxi_usb_pburn_status = SUNXI_USB_PBURN_SEND_DATA;
}
break;
case 4: //关闭usb
{
__usb_handshake_ext_t *handshake = (__usb_handshake_ext_t *)trans_data.base_send_buffer;
memset(handshake, 0, sizeof(__usb_handshake_ext_t));
strcpy(handshake->magic, "usb_burn_finish");
trans_data.act_send_buffer = trans_data.base_send_buffer;
trans_data.send_size = min(cbw->dCBWDataTransferLength, sizeof(__usb_handshake_ext_t));
sunxi_udc_send_data((void *)trans_data.act_send_buffer, trans_data.send_size);
csw.bCSWStatus = 0;
sunxi_flash_flush();
sunxi_usb_pburn_status = SUNXI_USB_PBURN_EXIT;
}
break;
case 5:
{
__usb_handshake_ext_t *handshake = (__usb_handshake_ext_t *)trans_data.base_send_buffer;
char buffer[512];
memset(handshake, 0, sizeof(__usb_handshake_ext_t));
strcpy(handshake->magic, "usb_burn_saved");
trans_data.act_send_buffer = trans_data.base_send_buffer;
trans_data.send_size = min(cbw->dCBWDataTransferLength, sizeof(__usb_handshake_ext_t));
csw.bCSWStatus = 0;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_SEND_DATA;
memset(buffer, 0, 512);
strcpy(buffer, "key_burned");
if(!sunxi_flash_write(burn_private_start + burn_private_len - (8192+512)/512, 1, buffer))
{
printf("save burned flag err\n");
csw.bCSWStatus = -1;
}
sunxi_flash_flush();
#ifdef CONFIG_SUNXI_SECURE_STORAGE
if(sunxi_secure_storage_init())
{
printf("init secure storage failed\n");
csw.bCSWStatus = -1;
}
else
{
if(sunxi_secure_storage_write("key_burned_flag", "key_burned", strlen("key_burned")))
{
printf("save burned flag err\n");
csw.bCSWStatus = -1;
}
}
sunxi_secure_storage_exit();
#endif
}
break;
default:
break;
}
break;
default:
sunxi_usb_dbg("not supported command 0x%x now\n", cbw->CBWCDB[0]);
sunxi_usb_dbg("asked size 0x%x\n", cbw->dCBWDataTransferLength);
csw.bCSWStatus = 1;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_STATUS;
break;
}
break;
case SUNXI_USB_PBURN_SEND_DATA:
sunxi_usb_dbg("SUNXI_USB_SEND_DATA\n");
sunxi_usb_pburn_status = SUNXI_USB_PBURN_STATUS;
printf("SUNXI_USB_SEND_DATA=%d\n", trans_data.send_size);
sunxi_udc_send_data((void *)trans_data.act_send_buffer, trans_data.send_size);
#if defined(SUNXI_USB_30)
sunxi_usb_pburn_status_enable = 0;
#endif
break;
case SUNXI_USB_PBURN_RECEIVE_DATA:
sunxi_usb_dbg("SUNXI_USB_RECEIVE_DATA\n");
if(sunxi_usb_pburn_write_enable == 1)
{
sunxi_usb_dbg("write flash, start 0x%x, sectors 0x%x\n", pburn_flash_start, trans_data.recv_size/512);
ret = sunxi_flash_write(pburn_flash_start, (trans_data.recv_size+511)/512, (void *)trans_data.act_recv_buffer);
if(!ret)
{
printf("sunxi flash write err: start,0x%x sectors 0x%x\n", pburn_flash_start, (trans_data.recv_size+511)/512);
csw.bCSWStatus = 1;
}
else
{
csw.bCSWStatus = 0;
}
sunxi_usb_pburn_write_enable = 0;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_STATUS;
}
break;
case SUNXI_USB_PBURN_STATUS:
sunxi_usb_dbg("SUNXI_USB_PBURN_STATUS\n");
#if defined(SUNXI_USB_30)
if(sunxi_usb_pburn_status_enable)
#endif
{
sunxi_usb_pburn_status = SUNXI_USB_PBURN_IDLE;
sunxi_ubuf->rx_ready_for_data = 0;
__sunxi_pburn_send_status(&csw, sizeof(struct umass_bbb_csw_t));
}
break;
case SUNXI_USB_PBURN_EXIT:
printf("SUNXI_USB_PBURN_EXIT\n");
sunxi_usb_pburn_status = SUNXI_USB_PBURN_IDLE;
sunxi_ubuf->rx_ready_for_data = 0;
__sunxi_pburn_send_status(&csw, sizeof(struct umass_bbb_csw_t));
printf("Device will shutdown in 3 Secends...\n");
__msdelay(3000);
return SUNXI_UPDATE_NEXT_ACTION_SHUTDOWN;
case SUNXI_USB_PBURN_RECEIVE_NULL:
sunxi_usb_dbg("SUNXI_USB_PBURN_RECEIVE_NULL\n");
if(sunxi_usb_pburn_write_enable == 1)
{
csw.bCSWStatus = 0;
sunxi_usb_pburn_write_enable = 0;
sunxi_usb_pburn_status = SUNXI_USB_PBURN_STATUS;
}
break;
default:
break;
}
return 0;
}
