/**
*
* Write Data to RSA RAM at a given offset
*
* @param InstancePtr is a pointer to the XSecure_Aes instance.
* @param WrData is pointer to the data to be written to RSA RAM
* @param RamOffset is the offset for the data to be written in RSA RAM
*
* @return None
*
* @note None
*
******************************************************************************/
static void XSecure_RsaWriteMem(XSecure_Rsa *InstancePtr, u32* WrData,
u8 RamOffset)
{
/* Assert validates the input arguments */
Xil_AssertVoid(InstancePtr != NULL);
u32 Index = 0U;
u32 DataOffset = 0U;
u32 TmpIndex = 0U;
u32 Data = 0U;
/** Each of this loop will write 192 bits of data*/
for (DataOffset = 0U; DataOffset < 22U; DataOffset++)
{
for (Index = 0U; Index < 6U; Index++)
{
TmpIndex = (DataOffset*6) + Index;
/**
* Exponent size is only 4 bytes
* and rest of the data needs to be 0
*/
if(XSECURE_CSU_RSA_RAM_EXPO == RamOffset)
{
if(0U == TmpIndex )
{
Data = Xil_Htonl(*WrData);
}
else
{
Data = 0x0U;
}
}
else
{
if(TmpIndex >=128U)
{
Data = 0x0U;
}
else
{
/**
* The RSA data in Image is in Big Endian.
* So reverse it before putting in RSA memory,
* becasue RSA h/w expects it in Little endian.
*/
Data = Xil_Htonl(WrData[127U - TmpIndex]);
}
}
XSecure_WriteReg(InstancePtr->BaseAddress,
(XSECURE_CSU_RSA_WR_DATA_0_OFFSET + (Index * 4)),
Data);
}
XSecure_WriteReg(InstancePtr->BaseAddress,
XSECURE_CSU_RSA_WR_ADDR_OFFSET,
((RamOffset * 22) + DataOffset));
}
}
/******************************************************************************
*
* This function decrypts the secure header when key rolling is enabled
*
* @param InstancePtr is an instance AES engine.
* @param SrcAddr holds the address of secure header
* @param Size holds size
*
* @return
* Error code on failure
* XFSBL_SUCESS on success
*
* @note None
*
******************************************************************************/
static u32 XFsbl_DecrypSecureHdr(XSecure_Aes *InstancePtr, u64 SrcAddr,
u32 Size)
{
XCsuDma_Configure ConfigurValues = {0};
u32 GcmStatus;
XCsuDma_GetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL,
&ConfigurValues);
ConfigurValues.EndianType = 1U;
XCsuDma_SetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL,
&ConfigurValues);
/*
* Push secure header before that configure to
* push IV and key to csu engine
*/
XSecure_WriteReg(InstancePtr->BaseAddress,
XSECURE_CSU_AES_KUP_WR_OFFSET,
XSECURE_CSU_AES_IV_WR | XSECURE_CSU_AES_KUP_WR);
XCsuDma_IntrClear(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL,
XCSUDMA_IXR_DONE_MASK);
/* PUSH Secure hdr */
XFsbl_DmaPlCopy(InstancePtr->CsuDmaPtr, SrcAddr,
XSECURE_SECURE_HDR_SIZE/4, 1);
/* Restore Key write register to 0. */
XSecure_WriteReg(InstancePtr->BaseAddress,
XSECURE_CSU_AES_KUP_WR_OFFSET, 0x0);
/* Push the GCM tag. */
XFsbl_DmaPlCopy(InstancePtr->CsuDmaPtr,
SrcAddr + XSECURE_SECURE_HDR_SIZE,
XSECURE_SECURE_GCM_TAG_SIZE/4, 1);
/* Disable CSU DMA Src channel for byte swapping. */
XCsuDma_GetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL,
&ConfigurValues);
ConfigurValues.EndianType = 0U;
XCsuDma_SetConfig(InstancePtr->CsuDmaPtr, XCSUDMA_SRC_CHANNEL,
&ConfigurValues);
XSecure_PcapWaitForDone();
XSecure_AesWaitForDone(InstancePtr);
/* Get the AES status to know if GCM check passed. */
GcmStatus = XSecure_ReadReg(InstancePtr->BaseAddress,
XSECURE_CSU_AES_STS_OFFSET) &
XSECURE_CSU_AES_STS_GCM_TAG_OK;
if (GcmStatus == 0) {
XFsbl_Printf(DEBUG_GENERAL,
"XFSBL_DECRYPT:"
"XFSBL_ERROR_BITSTREAM_GCM_TAG_MISMATCH\r\n");
return XFSBL_ERROR_BITSTREAM_GCM_TAG_MISMATCH;
}
return XFSBL_SUCCESS;
}
static void XSecure_RsaMod32Inverse(XSecure_Rsa *InstancePtr)
{
/* Assert validates the input arguments */
Xil_AssertVoid(InstancePtr != NULL);
/* Calculate the MINV */
u8 Count = 0U;
u32 *ModPtr = (u32 *)(InstancePtr->Mod);
u32 ModVal = Xil_Htonl(ModPtr[127]);
u32 Inv = 2U - ModVal;
for (Count = 0U; Count < 4U; ++Count)
{
Inv = (Inv * (2U - ( ModVal * Inv ) ) );
}
Inv = -Inv;
/* Put the value in MINV registers */
XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_MINV0_OFFSET,
(Inv & 0xFF ));
XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_MINV1_OFFSET,
((Inv >> 8) & 0xFF ));
XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_MINV2_OFFSET,
((Inv >> 16) & 0xFF ));
XSecure_WriteReg(InstancePtr->BaseAddress, XSECURE_CSU_RSA_MINV3_OFFSET,
((Inv >> 24) & 0xFF ));
}
/******************************************************************************
*
* This function calculates the next block size and updates the required
* parameters.
*
* @param PartitionParams is a pointer to XFsblPs_PlPartition
* @param ChunkAdrs is a pointer to the data location
* @param ChunkSize is the remaining chunk size
*
* @return
* Error code on failure
* XFSBL_SUCESS on success
*
* @note None
*
******************************************************************************/
static u32 XFsbl_DecrptSetUpNextBlk(XFsblPs_PlPartition *PartitionParams,
UINTPTR ChunkAdrs, u32 ChunkSize)
{
u32 Status = XFSBL_SUCCESS;
u32 SssAes;
u32 SssCfg;
/* Length of next block */
PartitionParams->PlEncrypt.NextBlkLen =
Xil_Htonl(XSecure_ReadReg(
PartitionParams->PlEncrypt.SecureAes->BaseAddress,
XSECURE_CSU_AES_IV_3_OFFSET)) * 4;
PartitionParams->PlEncrypt.SecureAes->Iv =
(u32 *)(PartitionParams->PlEncrypt.SecureAes->BaseAddress +
(UINTPTR)XSECURE_CSU_AES_IV_0_OFFSET);
/* Configure the SSS for AES. */
SssAes = XSecure_SssInputAes(XSECURE_CSU_SSS_SRC_SRC_DMA);
SssCfg = SssAes | XSecure_SssInputPcap(XSECURE_CSU_SSS_SRC_AES);
XSecure_SssSetup(SssCfg);
/* Start the message. */
XSecure_WriteReg(PartitionParams->PlEncrypt.SecureAes->BaseAddress,
XSECURE_CSU_AES_START_MSG_OFFSET,
XSECURE_CSU_AES_START_MSG);
/* Transfer IV of the next block */
XFsbl_DmaPlCopy(PartitionParams->PlEncrypt.SecureAes->CsuDmaPtr,
(UINTPTR)PartitionParams->PlEncrypt.SecureAes->Iv,
XSECURE_SECURE_GCM_TAG_SIZE/4, 0);
PartitionParams->PlEncrypt.SecureAes->SizeofData =
PartitionParams->PlEncrypt.NextBlkLen;
XSecure_WriteReg(PartitionParams->PlEncrypt.SecureAes->BaseAddress,
XSECURE_CSU_AES_KUP_WR_OFFSET, 0x0);
return Status;
}
/**
*
* Configure SSS and start the SHA-3 engine
*
* @param InstancePtr is a pointer to the XSecure_Sha3 instance.
*
* @return None
*
* @note None
*
******************************************************************************/
void XSecure_Sha3Start(XSecure_Sha3 *InstancePtr)
{
/* Asserts validate the input arguments */
Xil_AssertVoid(InstancePtr != NULL);
InstancePtr->Sha3Len = 0U;
/* Reset SHA3 engine. */
XSecure_WriteReg(InstancePtr->BaseAddress,
XSECURE_CSU_SHA3_RESET_OFFSET,
XSECURE_CSU_SHA3_RESET_RESET);
XSecure_WriteReg(InstancePtr->BaseAddress,
XSECURE_CSU_SHA3_RESET_OFFSET, 0U);
/* Configure the SSS for SHA3 hashing. */
XSecure_SssSetup(XSecure_SssInputSha3(XSECURE_CSU_SSS_SRC_SRC_DMA));
/* Start SHA3 engine. */
XSecure_WriteReg(InstancePtr->BaseAddress,
XSECURE_CSU_SHA3_START_OFFSET,
XSECURE_CSU_SHA3_START_START);
}
/**
*
* This function handles the RSA decryption from end to end
*
* @param InstancePtr is a pointer to the XSecure_Rsa instance.
* @param Result is the pointer to decrypted data generated by RSA.
* @param EncText is the pointer to the data(hash) to be decrypted
*
* @return XST_SUCCESS if decryption was successful.
*
* @note None
*
******************************************************************************/
s32 XSecure_RsaDecrypt(XSecure_Rsa *InstancePtr, u8 *EncText, u8 *Result)
{
/* Assert validates the input arguments */
Xil_AssertNonvoid(InstancePtr != NULL);
Xil_AssertNonvoid(Result != NULL);
volatile u32 Status = 0x0U;
s32 ErrorCode = XST_SUCCESS;
/* Put Modulus, exponent, Mod extension in RSA RAM */
XSecure_RsaPutData(InstancePtr);
/* Initialize Digest */
XSecure_RsaWriteMem(InstancePtr, (u32 *)EncText,
XSECURE_CSU_RSA_RAM_DIGEST);
/* Initialize MINV values from Mod. */
XSecure_RsaMod32Inverse(InstancePtr);
/* Start the RSA operation. */
XSecure_WriteReg(InstancePtr->BaseAddress,
XSECURE_CSU_RSA_CONTROL_OFFSET,
XSECURE_CSU_RSA_CONTROL_MASK);
/* Check and wait for status */
do
{
Status = XSecure_ReadReg(InstancePtr->BaseAddress,
XSECURE_CSU_RSA_STATUS_OFFSET);
if(XSECURE_CSU_RSA_STATUS_ERROR ==
((u32)Status & XSECURE_CSU_RSA_STATUS_ERROR))
{
ErrorCode = XST_FAILURE;
goto END;
}
}while(XSECURE_CSU_RSA_STATUS_DONE !=
((u32)Status & XSECURE_CSU_RSA_STATUS_DONE));
/* Copy the result */
XSecure_RsaGetData(InstancePtr, (u32 *)Result);
END:
return ErrorCode;
}
/**
*
* Read back the resulting data from RSA RAM
*
* @param InstancePtr is a pointer to the XSecure_Rsa instance.
* @param RdData is the pointer to location where the decrypted data will
* be written
*
* @return None
*
* @note None
*
******************************************************************************/
static void XSecure_RsaGetData(XSecure_Rsa *InstancePtr, u32 *RdData)
{
/* Assert validates the input arguments */
Xil_AssertVoid(InstancePtr != NULL);
u32 Index = 0U;
u32 DataOffset = 0U;
s32 TmpIndex = 0;
/* Each of this loop will write 192 bits of data */
for (DataOffset = 0U; DataOffset < 22U; DataOffset++)
{
XSecure_WriteReg(InstancePtr->BaseAddress,
XSECURE_CSU_RSA_RD_ADDR_OFFSET,
(XSECURE_CSU_RSA_RAM_RES_Y * 22) + DataOffset);
Index = (DataOffset == 0U) ? 2: 0;
for (; Index < 6; Index++)
{
TmpIndex = 129 - ((DataOffset*6) + Index);
if(TmpIndex < 0)
{
break;
}
/*
* The Signature digest is compared in Big endian.
* So because RSA h/w results in Little endian,
* reverse it after reading it from RSA memory,
*/
RdData[TmpIndex] = Xil_Htonl(XSecure_ReadReg(
InstancePtr->BaseAddress,
(XSECURE_CSU_RSA_RD_DATA_0_OFFSET+ (Index * 4))));
}
}
}
/******************************************************************************
*
* This API decrypts the chunks of data
*
* @param PartitionParams is a pointer to XFsblPs_PlPartition
* @param ChunkAdrs holds the address of chunk address
* @param ChunkSize holds the size of chunk
*
* @return
* Error code on failure
* XFSBL_SUCESS on success
*
* @note None.
*
******************************************************************************/
static u32 XFsbl_DecrptPlChunks(XFsblPs_PlPartition *PartitionParams,
u64 ChunkAdrs, u32 ChunkSize)
{
u32 Status = XFSBL_SUCCESS;
UINTPTR SrcAddr = (u64)ChunkAdrs;
u32 Size = ChunkSize;
u64 NextBlkAddr = 0;
u32 SssAes;
u32 SssCfg;
/* If this is the first block to be decrypted it is the secure header */
if (PartitionParams->PlEncrypt.NextBlkLen == 0x00) {
XSecure_AesDecryptInit(PartitionParams->PlEncrypt.SecureAes,
(u8 *)XSECURE_DESTINATION_PCAP_ADDR, XSECURE_SECURE_HDR_SIZE,
(u8 *)(SrcAddr + XSECURE_SECURE_HDR_SIZE));
/*
* Configure AES engine to push decrypted Key and IV in the
* block to the CSU KEY and IV registers.
*/
XSecure_WriteReg(
PartitionParams->PlEncrypt.SecureAes->BaseAddress,
XSECURE_CSU_AES_KUP_WR_OFFSET,
XSECURE_CSU_AES_IV_WR | XSECURE_CSU_AES_KUP_WR);
/* Decrypting the Secure header */
Status = XSecure_AesDecryptUpdate(
PartitionParams->PlEncrypt.SecureAes,
(u8 *)(SrcAddr), XSECURE_SECURE_HDR_SIZE);
if (Status != XFSBL_SUCCESS) {
XFsbl_Printf(DEBUG_GENERAL,
"XFSBL_DECRYPT_SECURE_HEADER:"
"XFSBL_ERROR_BITSTREAM_GCM_TAG_MISMATCH\r\n");
Status = XFSBL_ERROR_BITSTREAM_GCM_TAG_MISMATCH;
goto END;
}
PartitionParams->PlEncrypt.SecureAes->KeySel =
XSECURE_CSU_AES_KEY_SRC_KUP;
XSecure_AesKeySelNLoad(PartitionParams->PlEncrypt.SecureAes);
/* Point IV to the CSU IV register. */
PartitionParams->PlEncrypt.SecureAes->Iv =
(u32 *)(PartitionParams->PlEncrypt.SecureAes->BaseAddress +
(UINTPTR)XSECURE_CSU_AES_IV_0_OFFSET);
/*
* Remaining size and source address
* of the data to be processed
*/
Size = ChunkSize -
XSECURE_SECURE_HDR_SIZE - XSECURE_SECURE_GCM_TAG_SIZE;
SrcAddr = ChunkAdrs +
XSECURE_SECURE_HDR_SIZE+XSECURE_SECURE_GCM_TAG_SIZE;
/*
* Decrypt next block after Secure header and
* update the required fields
*/
Status = XFsbl_DecrptSetUpNextBlk(PartitionParams,
SrcAddr, Size);
if (Status != XFSBL_SUCCESS) {
goto END;
}
Status = XFsbl_DecrptPl(PartitionParams,
(UINTPTR)SrcAddr, Size);
if (Status != XFSBL_SUCCESS) {
goto END;
}
/*
* If status is true or false also goto END
* As remaining data also processed in above API
*/
goto END;
}
/*
* If previous chunk has portion of left header,
* which needs to be processed along with this chunk
*/
else if (PartitionParams->Hdr != 0x00) {
/* Configure AES engine */
SssAes = XSecure_SssInputAes(XSECURE_CSU_SSS_SRC_SRC_DMA);
SssCfg = SssAes | XSecure_SssInputPcap(XSECURE_CSU_SSS_SRC_AES);
XSecure_SssSetup(SssCfg);
XFsbl_CopyData(PartitionParams,
(u8 *)(PartitionParams->SecureHdr + PartitionParams->Hdr),
(u8 *)(UINTPTR)SrcAddr, XFSBL_AES_TAG_SIZE - PartitionParams->Hdr);
Status = XFsbl_DecrypSecureHdr(
PartitionParams->PlEncrypt.SecureAes,
(u64)(UINTPTR)PartitionParams->SecureHdr, 0);
if (Status != XFSBL_SUCCESS) {
return Status;
}
Size = Size - (XFSBL_AES_TAG_SIZE - PartitionParams->Hdr);
if (Size != 0x00) {
NextBlkAddr = SrcAddr +
(XFSBL_AES_TAG_SIZE - PartitionParams->Hdr);
}
PartitionParams->Hdr = 0;
memset(PartitionParams->SecureHdr, 0, XFSBL_AES_TAG_SIZE);
/*
* This means we are done with Secure header and Block 0
* And now we can change the AES key source to KUP.
*/
PartitionParams->PlEncrypt.SecureAes->KeySel =
XSECURE_CSU_AES_KEY_SRC_KUP;
XSecure_AesKeySelNLoad(PartitionParams->PlEncrypt.SecureAes);
Status = XFsbl_DecrptSetUpNextBlk(PartitionParams,
NextBlkAddr, Size);
if (Status != XFSBL_SUCCESS) {
return Status;
}
if ((NextBlkAddr != 0x00U) &&
(PartitionParams->PlEncrypt.SecureAes->SizeofData != 0)) {
Status = XFsbl_DecrptPl(PartitionParams,
(UINTPTR)NextBlkAddr, Size);
if (Status != XFSBL_SUCCESS) {
return Status;
}
}
}
else {
Status = XFsbl_DecrptPl(PartitionParams, SrcAddr, Size);
goto END;
}
END:
return Status;
}
