1 /* 2 * Copyright (c) 2001-2020, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef _MBEDTLS_CC_MNG_INT_H 8 #define _MBEDTLS_CC_MNG_INT_H 9 10 /************************ Includes ******************************/ 11 #include "cc_hal_plat.h" 12 #include "cc_regs.h" 13 #include "dx_nvm.h" 14 #include "cc_pal_types_plat.h" 15 16 /************************ Enums ******************************/ 17 /*! HASH boot key definition. */ 18 typedef enum { 19 CC_MNG_HASH_BOOT_KEY_0_128B = 0, /*!< 128-bit truncated SHA256 digest of public key 0. */ 20 CC_MNG_HASH_BOOT_KEY_1_128B = 1, /*!< 128-bit truncated SHA256 digest of public key 1. */ 21 CC_MNG_HASH_BOOT_KEY_256B = 2, /*!< 256-bit SHA256 digest of public key. */ 22 CC_MNG_HASH_BOOT_NOT_USED = 0xF, 23 CC_MNG_HASH_MAX_NUM = 0x7FFFFFFF, /*!\internal use external 128-bit truncated SHA256 digest */ 24 }mbedtls_mng_pubKeyType_t; 25 26 /************************ Defines ******************************/ 27 #define CC_MNG_LCS_CM 0x0 /*! Chip manufacturer (CM LCS). */ 28 #define CC_MNG_LCS_DM 0x1 /*! Device manufacturer (DM LCS). */ 29 #define CC_MNG_LCS_SEC_ENABLED 0x5 /*! Security enabled (Secure LCS). */ 30 #define CC_MNG_LCS_RMA 0x7 /*! RMA (RMA LCS). */ 31 32 #define CC_MNG_INVALID_REG_VAL 0xFFFFFFFF 33 34 #define CC_MNG_OEM_RMA_SHFT 30 35 #define CC_MNG_OEM_RMA_MSK 3 36 37 #define CC_MNG_HOST_KPICV_LOCK_BIT_SHFT 1 38 #define CC_MNG_HOST_KCEICV_LOCK_BIT_SHFT 2 39 #define CC_MNG_HOST_KCP_LOCK_BIT_SHFT 3 40 #define CC_MNG_HOST_KCE_LOCK_BIT_SHFT 4 41 42 /* Peripheral ID registers values */ 43 #define CC_MNG_PID_0_VAL 0x000000C0UL 44 #define CC_MNG_PID_1_VAL 0x000000B0UL 45 #define CC_MNG_PID_2_VAL 0x0000000BUL 46 #define CC_MNG_PID_3_VAL 0x00000000UL 47 #define CC_MNG_PID_4_VAL 0x00000004UL 48 #define CC_MNG_PID_SIZE_WORDS 5 49 50 #define CC_MNG_PID_2_1_VAL 0x0000002BUL 51 52 /* Component ID registers values */ 53 #define CC_MNG_CID_0_VAL 0x0DUL 54 #define CC_MNG_CID_1_VAL 0xF0UL 55 #define CC_MNG_CID_2_VAL 0x05UL 56 #define CC_MNG_CID_3_VAL 0xB1UL 57 #define CC_MNG_CID_SIZE_WORDS 4 58 59 /*! Definition for all ones word. */ 60 #define CC_MNG_ALL_ONES_VALUE 0xffffffffUL 61 /*! Definition for number of bits in a 32bit word. */ 62 #define CC_MNG_ALL_ONES_NUM_BITS 32 63 64 /*! Defines the maximal hash boot key size in words. */ 65 #define CC_MNG_MAX_HASH_SIZE_IN_WORDS 8 66 /*! Defines the maximal hash boot key size in bytes. */ 67 #define CC_MNG_MAX_HASH_SIZE_IN_BYTES (CC_MNG_MAX_HASH_SIZE_IN_WORDS*sizeof(uint32_t)) 68 /*! Defines the maximal full-hash boot key size in words. */ 69 #define CC_MNG_256B_HASH_SIZE_IN_WORDS CC_MNG_MAX_HASH_SIZE_IN_WORDS 70 /*! Defines the maximal dual-hash boot key size in words. */ 71 #define CC_MNG_128B_HASH_SIZE_IN_WORDS CC_MNG_MAX_HASH_SIZE_IN_WORDS/2 72 73 /************************ Macros ******************************/ 74 /* calc OTP memory length: 75 read RTL OTP address width. The supported sizes are 6 (for 2 Kbits),7,8,9,10,11 (for 64 Kbits). 76 convert value parameter to addresses of 32b words */ 77 #define CC_GET_OTP_LENGTH(otpLength) \ 78 do { \ 79 otpLength = CC_HAL_READ_REGISTER(CC_REG_OFFSET(HOST_RGF, OTP_ADDR_WIDTH_DEF)); \ 80 otpLength = CC_REG_FLD_GET(0, OTP_ADDR_WIDTH_DEF, VALUE, otpLength); \ 81 otpLength = (1 << otpLength); \ 82 }while(0) 83 84 /* read a word directly from OTP memory */ 85 #define CC_READ_OTP_WORD(otpAddr, otpData) \ 86 do { \ 87 otpData = CC_HAL_READ_REGISTER(CC_OTP_BASE_ADDR + otpAddr); \ 88 }while(0) 89 90 #define CC_READ_MRAM_WORD(mramOffs, mramData) \ 91 do { \ 92 mramData = (*((volatile uint32_t *)(DX_MRAM_CC + (mramOffs)))); \ 93 }while(0) 94 95 /*! Poll NVM register to assure that the NVM boot is finished (and LCS and the keys are valid). */ 96 #define CC_WAIT_ON_NVM_IDLE_BIT() \ 97 do { \ 98 uint32_t regVal; \ 99 do { \ 100 regVal = CC_HAL_READ_REGISTER(CC_REG_OFFSET(HOST_RGF, NVM_IS_IDLE)); \ 101 regVal = CC_REG_FLD_GET(0, NVM_IS_IDLE, VALUE, regVal); \ 102 }while( !regVal ); \ 103 }while(0) 104 105 /*! Check Hbk configuration in OTP memory. */ 106 #define CC_IS_HBK_FULL(isHbkFull, error) \ 107 do { \ 108 error = mbedtls_mng_otpWordRead(CC_OTP_MANUFACTURE_FLAG_OFFSET, &isHbkFull); \ 109 isHbkFull = CC_REG_FLD_GET2(0, OTP_MANUFACTURE_FLAG, HBK0_NOT_IN_USE, isHbkFull); \ 110 }while(0) 111 112 /*! Poll on the crypto busy till it is = 0. */ 113 #define CC_WAIT_ON_CRYPTO_BUSY() \ 114 do { \ 115 uint32_t regVal=1; \ 116 do { \ 117 regVal = CC_HAL_READ_REGISTER(CC_REG_OFFSET(HOST_RGF, CRYPTO_BUSY)); \ 118 }while( regVal ); \ 119 }while(0) 120 121 /* MACRO to count one bits */ 122 #define CC_MNG_COUNT_ONE_BITS(number, BitCount) \ 123 do \ 124 { \ 125 uint32_t tmp_num = number; \ 126 BitCount = 0; \ 127 while (tmp_num) \ 128 { \ 129 tmp_num = tmp_num & (tmp_num - 1); \ 130 BitCount = BitCount + 1; \ 131 } \ 132 } while (0) 133 134 /*! This macro counts the number of zeroes in a 32bits word. */ 135 #define CC_MNG_COUNT_ZEROES(regVal, regZero) \ 136 do { \ 137 uint32_t val = regVal; \ 138 val = val - ((val >> 1) & 0x55555555); \ 139 val = (val & 0x33333333) + ((val >> 2) & 0x33333333); \ 140 val = ((((val + (val >> 4)) & 0xF0F0F0F) * 0x1010101) >> 24); \ 141 regZero += (32 - val); \ 142 }while(0) 143 144 145 /************************ API's ******************************/ 146 /*! 147 @brief This function reads an OTP word from from 'otpAddress' to 'pOtpWord'. 148 149 @return CC_OK on success. 150 @return A non-zero value from cc_manage.h on failure. 151 */ 152 int mbedtls_mng_otpWordRead(uint32_t otpAddress, /*!< [in] OTP Address: An Offset in Words in the OTP address space. */ 153 uint32_t *pOtpWord); /*!< [in/out] OTP Word pointer: An address to store the read Word. */ 154 155 /*! 156 @brief This function returns the LCS value'. 157 158 @return CC_OK on success. 159 @return A non-zero value from cc_manage.h on failure. 160 */ 161 int mbedtls_mng_lcsGet(uint32_t *pLcs); /*!< [in/out] LCS Value: An address to store the LCS Value. */ 162 163 /*! 164 @brief This function reads software revocation counter from OTP memory, according to the provided key index. 165 166 @return CC_OK on success. 167 @return A non-zero value from cc_manage.h on failure. 168 */ 169 int mbedtls_mng_swVersionGet( 170 mbedtls_mng_pubKeyType_t keyIndex, /*!< [in] Enumeration defining the key hash to retrieve: 128-bit HBK0, 128-bit HBK1, or 256-bit HBK. */ 171 uint32_t *swVersion /*!< [out] The value of the requested counter as read from OTP memory. */ 172 ); 173 174 /*! 175 @brief This function retrieves the public key hash from OTP memory, according to the provided index. 176 177 @return CC_OK on success. 178 @return A non-zero value from cc_manage.h on failure. 179 */ 180 int mbedtls_mng_pubKeyHashGet( 181 mbedtls_mng_pubKeyType_t keyIndex, /*!< [in] Enumeration defining the key hash to retrieve: 128-bit HBK0, 128-bit HBK1, or 256-bit HBK. */ 182 uint32_t *hashedPubKey, /*!< [out] A buffer to contain the public key HASH. */ 183 uint32_t hashResultSizeWords /*!< [in] The size of the hash in 32-bit words: 184 - Must be 4 for 128-bit hash. 185 - Must be 8 for 256bit hash. */ 186 ); 187 188 #endif // _MBEDTLS_CC_MNG_INT_H 189 190
