void ft_util_get_target_nv_sec_on_flag(FT_UTILITY_COMMAND_CNF *cnf)
{
kal_uint8 key[256]; // at most 256 bytes
kal_int32 real_key_len;
real_key_len = custom_nvram_get_database_key(key, sizeof(key));
cnf->result.m_bNVSecOn = (real_key_len>0)? true: false;
cnf->status = FT_CNF_OK;
}
/*******************************************************************************
* FUNCTION
* FT_ReadFrom_NVRAM()
*
* DESCRIPTION
* Handle the read request of FT to NVRAM
*
* CALLS
* None
*
* PARAMETERS
*
*
* RETURNS
* None
*
* GLOBALS AFFECTED
* None
*******************************************************************************/
void FT_ReadFrom_NVRAM(ft_nvram_read_req_struct_T* req)
{
ilm_struct ilm_ptr;
nvram_read_req_struct *ptrMsg;
#ifdef __NVRAM_SECRET_DATA__
kal_uint8 key[256]; // at most 256 bytes
kal_int32 real_key_len;
kal_uint8 input_data[4];
kal_uint8 output_data[4];
kal_uint8 i;
RC4_CNXT cnxt;
kal_uint32 err_code = 0xFE;
kal_bool bPassCheck = KAL_FALSE;
real_key_len = custom_nvram_get_database_key(key, sizeof(key));
kal_mem_set(output_data, 0x0, sizeof(output_data));
// make sure if the authenticaion pass
if(req->ciphered_data_valid && real_key_len > 0 ) // the load need to be checked, and user send ciphered data
{
kal_mem_cpy(input_data, &(req->file_idx), 2);
kal_mem_cpy(input_data+2, &(req->para), 2);
// deciphered the input data
che_rc4_set_key((RC4_CNXT *)&cnxt, (kal_uint32)real_key_len, (kal_uint8 *)key);
che_rc4((RC4_CNXT *)&cnxt, input_data , 4, key, real_key_len, CHE_MODE_NULL, output_data);
for(i=0; i<4; i++)
{
if(output_data[i] != req->ciphered_data[i])
{
err_code = 0xFD;
break;
}
}
if(i == 4)
bPassCheck = KAL_TRUE;
}
else // ciphered data invalid
{
if(real_key_len == 0 || g_b_ft_nvram_proc_locally == true) // no need to checked
bPassCheck = KAL_TRUE;
else // need check, but user doesn't send data
err_code = 0xFB;
}
if(!bPassCheck)
{
// invoke:
kal_uint16 pdu_length_new = 0;
kal_uint8 *pdu_ptr_new;
peer_buff_struct *peer_buff_new;
nvram_read_cnf_struct cnf_result;
cnf_result.file_idx = req->file_idx;
cnf_result.para = req->para;
cnf_result.result = err_code;
// allocate a peer buffer to stored the output data for debug
if( NULL != (peer_buff_new=construct_peer_buff(4, 0, 0, TD_CTRL)) )
{
pdu_ptr_new = get_peer_buff_pdu( peer_buff_new, &pdu_length_new );
kal_mem_cpy(pdu_ptr_new, output_data , 4);
peer_buff_new->pdu_len = 4;
}
FT_ReadFrom_NVRAM_CNF(&cnf_result, peer_buff_new);
return;
}
#endif // #ifdef __NVRAM_SECRET_DATA__
FT_ALLOC_OTHER_MSG(&ilm_ptr, sizeof(nvram_read_req_struct));
/* if ptrMsg != NULL*/
ptrMsg = (nvram_read_req_struct *)ilm_ptr.local_para_ptr;
ptrMsg->file_idx=req->file_idx;
ptrMsg->access_id=0;
ptrMsg->para=req->para;
/* FT_SEND_MSG(src_mod, dest_mod, sap_id, msg_id, ilm_ptr) */
FT_SEND_MSG(MOD_FT, MOD_NVRAM, PS_NVRAM_SAP, MSG_ID_NVRAM_READ_REQ, &ilm_ptr);// wait READ_CNF
}
void FT_WriteTo_NVRAM(ft_nvram_write_req_struct_T* req, peer_buff_struct* peer_buff, ilm_struct* ptrMsg)
{
ilm_struct ilm_ptr;
nvram_write_req_struct *nvram_ptr_loc_para;
kal_uint16 pdu_length;
kal_uint8 *pdu_ptr = get_peer_buff_pdu( peer_buff, &pdu_length );
#ifdef __NVRAM_SECRET_DATA__
kal_bool bPassCheck = KAL_FALSE;
kal_int32 err_code = 0xFE;
kal_uint8 key[256]; // at most 256 bytes
kal_int32 real_key_len;
real_key_len = custom_nvram_get_database_key(key, sizeof(key));
if(req->msg_num == 2 && real_key_len >0) // we must wait until we collect all
{
if(req->msg_idx == 0) // allocate a peer buffer to store it.
{
if(p_g_pbs_ft_nvram != NULL) // free previous buffer
{
free_peer_buff(p_g_pbs_ft_nvram);
p_g_pbs_ft_nvram = NULL;
}
// allocate a new peer buffer
if( NULL != (p_g_pbs_ft_nvram=construct_peer_buff(pdu_length, 0, 0, TD_CTRL)) )
{
p_g_u1_ft_nvram_pdu_ptr = get_peer_buff_pdu( p_g_pbs_ft_nvram, &g_u2_ft_nvram_pdu_length );
kal_mem_cpy(p_g_u1_ft_nvram_pdu_ptr, pdu_ptr , pdu_length);
p_g_pbs_ft_nvram->pdu_len = pdu_length;
}
return; // wait for next message
}
else // the second message with encrpted data
{
kal_int32 i;
RC4_CNXT cnxt;
kal_uint8 *output_data = (kal_uint8*) get_ctrl_buffer(g_u2_ft_nvram_pdu_length); // since at most 2k bytes
if(p_g_u1_ft_nvram_pdu_ptr!=NULL)
{
// get the key
//real_key_len = custom_nvram_get_database_key(key, sizeof(key));
if(real_key_len >0) // get the key
{
// deciphered the input data
che_rc4_set_key((RC4_CNXT *)&cnxt, (kal_uint32)real_key_len, (kal_uint8 *)key);
che_rc4((RC4_CNXT *)&cnxt, p_g_u1_ft_nvram_pdu_ptr , g_u2_ft_nvram_pdu_length, key, real_key_len, CHE_MODE_NULL, output_data);
for(i=0; i<g_u2_ft_nvram_pdu_length; i++)
{
if(output_data[i] != pdu_ptr[i])
{
err_code = 0xFD;
break;
}
}
if(i == g_u2_ft_nvram_pdu_length)
{
bPassCheck = true;
}
}
}
else
{
err_code = 0xFC;
}
free_ctrl_buffer(output_data);
}
}
else
{
if(real_key_len == 0 || g_b_ft_nvram_proc_locally == true) // sec not ON
bPassCheck = true;
}
if(!bPassCheck)
{
// invoke:
nvram_write_cnf_struct cnf_result;
cnf_result.file_idx = req->file_idx;
cnf_result.para = req->para;
cnf_result.result = err_code;
// allocate a peer buffer to stored the output data for debug
FT_WriteTo_NVRAM_CNF(&cnf_result);
return;
}
if(real_key_len >0 &&
req->msg_num == 2 &&
p_g_pbs_ft_nvram != NULL) // re-assign the pdu_ptr, and free the buffer
{
kal_mem_cpy(pdu_ptr, p_g_u1_ft_nvram_pdu_ptr,pdu_length);
free_peer_buff(p_g_pbs_ft_nvram);
p_g_pbs_ft_nvram = NULL;
}
#endif // #ifdef __NVRAM_SECRET_DATA__
FT_ALLOC_OTHER_MSG(&ilm_ptr ,sizeof(nvram_write_req_struct));
nvram_ptr_loc_para=(nvram_write_req_struct *)(ilm_ptr.local_para_ptr);
nvram_ptr_loc_para->file_idx=req->file_idx;/* LID */
nvram_ptr_loc_para->para=req->para;
nvram_ptr_loc_para->access_id=0 ; // change it!
#ifdef _LOW_COST_SINGLE_BANK_FLASH_
{
// stop RF
L1TST_Stop();
}
#endif // #ifdef _LOW_COST_SINGLE_BANK_FLASH_
// keep a runtime buffer of the written value for updating L1 runtime
// FIX: ACCESS OUT-OF BOUND
if(pdu_length > sizeof(ft_rf_data_pt))
{
kal_mem_cpy(&ft_rf_data_pt, pdu_ptr, sizeof(ft_rf_data_pt));
}
else
{
kal_mem_cpy(&ft_rf_data_pt, pdu_ptr, pdu_length);
}
ilm_ptr.peer_buff_ptr = peer_buff;
/* FT_SEND_MSG(src_mod, dest_mod, sap_id, msg_id, ilm_ptr) */
FT_SEND_MSG(MOD_FT, MOD_NVRAM, PS_NVRAM_SAP, MSG_ID_NVRAM_WRITE_REQ, &ilm_ptr);
if(ptrMsg != NULL)
ptrMsg->peer_buff_ptr=NULL;/* make sure the NVRAM will release the mem*/
}
