/*
*function name: key_unify_read
* keyname : key name is ascii string
* keydata : key data buf
* datalen : key buf len
* reallen : key real len
* return : <0 fail, >=0 ok
* */
int key_unify_read(char *keyname,unsigned char *keydata,unsigned int datalen,unsigned int *reallen)
{
int err=0;
struct key_item_t *key_manage;
enum key_manager_df_e key_df;
key_manage = unifykey_find_item_by_name(keyname);
if(key_manage == NULL){
printf("%s:%d,%s key name is not exist\n",__func__,__LINE__,keyname);
return -EINVAL;
}
if(unifykey_item_verify_check(key_manage)){
printf("%s:%d,%s key name is invalid\n",__func__,__LINE__,keyname);
return -EINVAL;
}
if(key_manage->permit & KEY_M_PERMIT_READ){
err = -EINVAL;
key_df = key_manage->df;
switch(key_manage->dev){
case KEY_M_EFUSE_NORMAL:
err = key_efuse_read(keyname,keydata,datalen,reallen,key_df);
break;
case KEY_M_SECURE_STORAGE:
err = key_securestorage_read(keyname,keydata,datalen,reallen,key_df);
break;
case KEY_M_GENERAL_NANDKEY:
err = key_general_nand_read(keyname,keydata,datalen,reallen,key_df);
break;
case KEY_M_UNKNOW_DEV:
default:
printf("%s:%d,%s key not know device\n",__func__,__LINE__,keyname);
break;
}
}
return err;
}
/*
* key_unify_query - query whether key was burned.
* @keyname : key name will be queried.
* @keystate: query state value, 0: key was NOT burned; 1: key was burned; others: reserved.
* keypermit: read permit: bit0~bit3
* write permit: bit4~bit7
* if it return failed, keypermit is invalid; kerpermit is valid,when it return successful only
* return: >=0: successful; others: failed.
*/
int key_unify_query(char *keyname,unsigned int *keystate,unsigned int *keypermit)
{
int err=0;
struct key_item_t *key_manage;
enum key_manager_df_e key_df;
key_manage = unifykey_find_item_by_name(keyname);
if(key_manage == NULL){
printf("%s:%d,%s key name is not exist\n",__func__,__LINE__,keyname);
return -EINVAL;
}
if(unifykey_item_verify_check(key_manage)){
printf("%s:%d,%s key name is invalid\n",__func__,__LINE__,keyname);
return -EINVAL;
}
if(key_manage->permit & KEY_M_PERMIT_READ){
err = -EINVAL;
key_df = key_manage->df;
switch(key_manage->dev){
case KEY_M_EFUSE_NORMAL:
{
if(!strcmp("secure_boot_set", keyname)) {
err = _key_query_secure_boot_set(keyname, keystate);
*keypermit = KEY_READ_PROHIBIT;//not read!
}
else {
err = key_efuse_query(keyname,keystate);
*keypermit = KEY_READ_PERMIT;
}
if(err >= 0){
if(*keystate == KEY_BURNED){
*keypermit |= KEY_WRITE_PROHIBIT;
}
else if(*keystate == KEY_NO_EXIST){
*keypermit |= KEY_WRITE_PERMIT;
}
}
}
break;
case KEY_M_SECURE_STORAGE:
err = key_securestorage_query(keyname,keystate);
*keypermit = KEY_READ_PROHIBIT;
*keypermit |= KEY_WRITE_PERMIT;
break;
case KEY_M_GENERAL_NANDKEY:
err = key_general_nand_query(keyname,keystate);
*keypermit = KEY_READ_PERMIT;
*keypermit |= KEY_WRITE_PERMIT;
break;
case KEY_M_UNKNOW_DEV:
printf("%s:%d,%s key not know device\n",__func__,__LINE__,keyname);
default:
break;
}
}
return err;
}
//which device does the key stored in
enum key_manager_dev_e keymanage_dts_get_key_device(const char *keyname)
{
struct key_item_t *key_manage;
if (!unify_key_info.key_flag) {
KM_ERR("/unify not parsed yet!\n");
return KEY_M_MAX_DEV;
}
key_manage = unifykey_find_item_by_name(keyname);
if (key_manage == NULL) {
KM_ERR("%s key name is not exist\n",keyname);
return KEY_M_MAX_DEV;
}
if (unifykey_item_verify_check(key_manage)) {
KM_ERR("%s key name is invalid\n",keyname);
return KEY_M_MAX_DEV;
}
return key_manage->dev;
}
