/* *function name: key_unify_read * keyname : key name is ascii string * keydata : key data buf * datalen : key buf len * reallen : key real len * return : <0 fail, >=0 ok * */ int key_unify_read(char *keyname,unsigned char *keydata,unsigned int datalen,unsigned int *reallen) { int err=0; struct key_item_t *key_manage; enum key_manager_df_e key_df; key_manage = unifykey_find_item_by_name(keyname); if(key_manage == NULL){ printf("%s:%d,%s key name is not exist\n",__func__,__LINE__,keyname); return -EINVAL; } if(unifykey_item_verify_check(key_manage)){ printf("%s:%d,%s key name is invalid\n",__func__,__LINE__,keyname); return -EINVAL; } if(key_manage->permit & KEY_M_PERMIT_READ){ err = -EINVAL; key_df = key_manage->df; switch(key_manage->dev){ case KEY_M_EFUSE_NORMAL: err = key_efuse_read(keyname,keydata,datalen,reallen,key_df); break; case KEY_M_SECURE_STORAGE: err = key_securestorage_read(keyname,keydata,datalen,reallen,key_df); break; case KEY_M_GENERAL_NANDKEY: err = key_general_nand_read(keyname,keydata,datalen,reallen,key_df); break; case KEY_M_UNKNOW_DEV: default: printf("%s:%d,%s key not know device\n",__func__,__LINE__,keyname); break; } } return err; }
/* * key_unify_query - query whether key was burned. * @keyname : key name will be queried. * @keystate: query state value, 0: key was NOT burned; 1: key was burned; others: reserved. * keypermit: read permit: bit0~bit3 * write permit: bit4~bit7 * if it return failed, keypermit is invalid; kerpermit is valid,when it return successful only * return: >=0: successful; others: failed. */ int key_unify_query(char *keyname,unsigned int *keystate,unsigned int *keypermit) { int err=0; struct key_item_t *key_manage; enum key_manager_df_e key_df; key_manage = unifykey_find_item_by_name(keyname); if(key_manage == NULL){ printf("%s:%d,%s key name is not exist\n",__func__,__LINE__,keyname); return -EINVAL; } if(unifykey_item_verify_check(key_manage)){ printf("%s:%d,%s key name is invalid\n",__func__,__LINE__,keyname); return -EINVAL; } if(key_manage->permit & KEY_M_PERMIT_READ){ err = -EINVAL; key_df = key_manage->df; switch(key_manage->dev){ case KEY_M_EFUSE_NORMAL: { if(!strcmp("secure_boot_set", keyname)) { err = _key_query_secure_boot_set(keyname, keystate); *keypermit = KEY_READ_PROHIBIT;//not read! } else { err = key_efuse_query(keyname,keystate); *keypermit = KEY_READ_PERMIT; } if(err >= 0){ if(*keystate == KEY_BURNED){ *keypermit |= KEY_WRITE_PROHIBIT; } else if(*keystate == KEY_NO_EXIST){ *keypermit |= KEY_WRITE_PERMIT; } } } break; case KEY_M_SECURE_STORAGE: err = key_securestorage_query(keyname,keystate); *keypermit = KEY_READ_PROHIBIT; *keypermit |= KEY_WRITE_PERMIT; break; case KEY_M_GENERAL_NANDKEY: err = key_general_nand_query(keyname,keystate); *keypermit = KEY_READ_PERMIT; *keypermit |= KEY_WRITE_PERMIT; break; case KEY_M_UNKNOW_DEV: printf("%s:%d,%s key not know device\n",__func__,__LINE__,keyname); default: break; } } return err; }
//which device does the key stored in enum key_manager_dev_e keymanage_dts_get_key_device(const char *keyname) { struct key_item_t *key_manage; if (!unify_key_info.key_flag) { KM_ERR("/unify not parsed yet!\n"); return KEY_M_MAX_DEV; } key_manage = unifykey_find_item_by_name(keyname); if (key_manage == NULL) { KM_ERR("%s key name is not exist\n",keyname); return KEY_M_MAX_DEV; } if (unifykey_item_verify_check(key_manage)) { KM_ERR("%s key name is invalid\n",keyname); return KEY_M_MAX_DEV; } return key_manage->dev; }