void ft_util_get_target_nv_sec_on_flag(FT_UTILITY_COMMAND_CNF *cnf) { kal_uint8 key[256]; // at most 256 bytes kal_int32 real_key_len; real_key_len = custom_nvram_get_database_key(key, sizeof(key)); cnf->result.m_bNVSecOn = (real_key_len>0)? true: false; cnf->status = FT_CNF_OK; }
/******************************************************************************* * FUNCTION * FT_ReadFrom_NVRAM() * * DESCRIPTION * Handle the read request of FT to NVRAM * * CALLS * None * * PARAMETERS * * * RETURNS * None * * GLOBALS AFFECTED * None *******************************************************************************/ void FT_ReadFrom_NVRAM(ft_nvram_read_req_struct_T* req) { ilm_struct ilm_ptr; nvram_read_req_struct *ptrMsg; #ifdef __NVRAM_SECRET_DATA__ kal_uint8 key[256]; // at most 256 bytes kal_int32 real_key_len; kal_uint8 input_data[4]; kal_uint8 output_data[4]; kal_uint8 i; RC4_CNXT cnxt; kal_uint32 err_code = 0xFE; kal_bool bPassCheck = KAL_FALSE; real_key_len = custom_nvram_get_database_key(key, sizeof(key)); kal_mem_set(output_data, 0x0, sizeof(output_data)); // make sure if the authenticaion pass if(req->ciphered_data_valid && real_key_len > 0 ) // the load need to be checked, and user send ciphered data { kal_mem_cpy(input_data, &(req->file_idx), 2); kal_mem_cpy(input_data+2, &(req->para), 2); // deciphered the input data che_rc4_set_key((RC4_CNXT *)&cnxt, (kal_uint32)real_key_len, (kal_uint8 *)key); che_rc4((RC4_CNXT *)&cnxt, input_data , 4, key, real_key_len, CHE_MODE_NULL, output_data); for(i=0; i<4; i++) { if(output_data[i] != req->ciphered_data[i]) { err_code = 0xFD; break; } } if(i == 4) bPassCheck = KAL_TRUE; } else // ciphered data invalid { if(real_key_len == 0 || g_b_ft_nvram_proc_locally == true) // no need to checked bPassCheck = KAL_TRUE; else // need check, but user doesn't send data err_code = 0xFB; } if(!bPassCheck) { // invoke: kal_uint16 pdu_length_new = 0; kal_uint8 *pdu_ptr_new; peer_buff_struct *peer_buff_new; nvram_read_cnf_struct cnf_result; cnf_result.file_idx = req->file_idx; cnf_result.para = req->para; cnf_result.result = err_code; // allocate a peer buffer to stored the output data for debug if( NULL != (peer_buff_new=construct_peer_buff(4, 0, 0, TD_CTRL)) ) { pdu_ptr_new = get_peer_buff_pdu( peer_buff_new, &pdu_length_new ); kal_mem_cpy(pdu_ptr_new, output_data , 4); peer_buff_new->pdu_len = 4; } FT_ReadFrom_NVRAM_CNF(&cnf_result, peer_buff_new); return; } #endif // #ifdef __NVRAM_SECRET_DATA__ FT_ALLOC_OTHER_MSG(&ilm_ptr, sizeof(nvram_read_req_struct)); /* if ptrMsg != NULL*/ ptrMsg = (nvram_read_req_struct *)ilm_ptr.local_para_ptr; ptrMsg->file_idx=req->file_idx; ptrMsg->access_id=0; ptrMsg->para=req->para; /* FT_SEND_MSG(src_mod, dest_mod, sap_id, msg_id, ilm_ptr) */ FT_SEND_MSG(MOD_FT, MOD_NVRAM, PS_NVRAM_SAP, MSG_ID_NVRAM_READ_REQ, &ilm_ptr);// wait READ_CNF }
void FT_WriteTo_NVRAM(ft_nvram_write_req_struct_T* req, peer_buff_struct* peer_buff, ilm_struct* ptrMsg) { ilm_struct ilm_ptr; nvram_write_req_struct *nvram_ptr_loc_para; kal_uint16 pdu_length; kal_uint8 *pdu_ptr = get_peer_buff_pdu( peer_buff, &pdu_length ); #ifdef __NVRAM_SECRET_DATA__ kal_bool bPassCheck = KAL_FALSE; kal_int32 err_code = 0xFE; kal_uint8 key[256]; // at most 256 bytes kal_int32 real_key_len; real_key_len = custom_nvram_get_database_key(key, sizeof(key)); if(req->msg_num == 2 && real_key_len >0) // we must wait until we collect all { if(req->msg_idx == 0) // allocate a peer buffer to store it. { if(p_g_pbs_ft_nvram != NULL) // free previous buffer { free_peer_buff(p_g_pbs_ft_nvram); p_g_pbs_ft_nvram = NULL; } // allocate a new peer buffer if( NULL != (p_g_pbs_ft_nvram=construct_peer_buff(pdu_length, 0, 0, TD_CTRL)) ) { p_g_u1_ft_nvram_pdu_ptr = get_peer_buff_pdu( p_g_pbs_ft_nvram, &g_u2_ft_nvram_pdu_length ); kal_mem_cpy(p_g_u1_ft_nvram_pdu_ptr, pdu_ptr , pdu_length); p_g_pbs_ft_nvram->pdu_len = pdu_length; } return; // wait for next message } else // the second message with encrpted data { kal_int32 i; RC4_CNXT cnxt; kal_uint8 *output_data = (kal_uint8*) get_ctrl_buffer(g_u2_ft_nvram_pdu_length); // since at most 2k bytes if(p_g_u1_ft_nvram_pdu_ptr!=NULL) { // get the key //real_key_len = custom_nvram_get_database_key(key, sizeof(key)); if(real_key_len >0) // get the key { // deciphered the input data che_rc4_set_key((RC4_CNXT *)&cnxt, (kal_uint32)real_key_len, (kal_uint8 *)key); che_rc4((RC4_CNXT *)&cnxt, p_g_u1_ft_nvram_pdu_ptr , g_u2_ft_nvram_pdu_length, key, real_key_len, CHE_MODE_NULL, output_data); for(i=0; i<g_u2_ft_nvram_pdu_length; i++) { if(output_data[i] != pdu_ptr[i]) { err_code = 0xFD; break; } } if(i == g_u2_ft_nvram_pdu_length) { bPassCheck = true; } } } else { err_code = 0xFC; } free_ctrl_buffer(output_data); } } else { if(real_key_len == 0 || g_b_ft_nvram_proc_locally == true) // sec not ON bPassCheck = true; } if(!bPassCheck) { // invoke: nvram_write_cnf_struct cnf_result; cnf_result.file_idx = req->file_idx; cnf_result.para = req->para; cnf_result.result = err_code; // allocate a peer buffer to stored the output data for debug FT_WriteTo_NVRAM_CNF(&cnf_result); return; } if(real_key_len >0 && req->msg_num == 2 && p_g_pbs_ft_nvram != NULL) // re-assign the pdu_ptr, and free the buffer { kal_mem_cpy(pdu_ptr, p_g_u1_ft_nvram_pdu_ptr,pdu_length); free_peer_buff(p_g_pbs_ft_nvram); p_g_pbs_ft_nvram = NULL; } #endif // #ifdef __NVRAM_SECRET_DATA__ FT_ALLOC_OTHER_MSG(&ilm_ptr ,sizeof(nvram_write_req_struct)); nvram_ptr_loc_para=(nvram_write_req_struct *)(ilm_ptr.local_para_ptr); nvram_ptr_loc_para->file_idx=req->file_idx;/* LID */ nvram_ptr_loc_para->para=req->para; nvram_ptr_loc_para->access_id=0 ; // change it! #ifdef _LOW_COST_SINGLE_BANK_FLASH_ { // stop RF L1TST_Stop(); } #endif // #ifdef _LOW_COST_SINGLE_BANK_FLASH_ // keep a runtime buffer of the written value for updating L1 runtime // FIX: ACCESS OUT-OF BOUND if(pdu_length > sizeof(ft_rf_data_pt)) { kal_mem_cpy(&ft_rf_data_pt, pdu_ptr, sizeof(ft_rf_data_pt)); } else { kal_mem_cpy(&ft_rf_data_pt, pdu_ptr, pdu_length); } ilm_ptr.peer_buff_ptr = peer_buff; /* FT_SEND_MSG(src_mod, dest_mod, sap_id, msg_id, ilm_ptr) */ FT_SEND_MSG(MOD_FT, MOD_NVRAM, PS_NVRAM_SAP, MSG_ID_NVRAM_WRITE_REQ, &ilm_ptr); if(ptrMsg != NULL) ptrMsg->peer_buff_ptr=NULL;/* make sure the NVRAM will release the mem*/ }