1 // Copyright 2018 Espressif Systems (Shanghai) PTE LTD
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 #include <string.h>
15 #include "esp_spi_flash.h"
16 #include "esp32/rom/spi_flash.h"
17 #include "esp32/rom/cache.h"
18 
spi_flash_guard_start(void)19 static inline void IRAM_ATTR spi_flash_guard_start(void)
20 {
21     const spi_flash_guard_funcs_t *ops = spi_flash_guard_get();
22     if (ops && ops->start) {
23         ops->start();
24     }
25 }
26 
spi_flash_guard_end(void)27 static inline void IRAM_ATTR spi_flash_guard_end(void)
28 {
29     const spi_flash_guard_funcs_t *ops = spi_flash_guard_get();
30     if (ops && ops->end) {
31         ops->end();
32     }
33 }
34 
35 extern void flash_rom_init(void);
spi_flash_write_encrypted_chip(size_t dest_addr,const void * src,size_t size)36 esp_rom_spiflash_result_t IRAM_ATTR spi_flash_write_encrypted_chip(size_t dest_addr, const void *src, size_t size)
37 {
38     const uint8_t *ssrc = (const uint8_t *)src;
39     esp_rom_spiflash_result_t rc = ESP_ROM_SPIFLASH_RESULT_OK;
40 
41     assert((dest_addr % 16) == 0);
42     assert((size % 16) == 0);
43 
44     /* esp_rom_spiflash_write_encrypted encrypts data in RAM as it writes,
45        so copy to a temporary buffer - 32 bytes at a time.
46 
47        Each call to esp_rom_spiflash_write_encrypted takes a 32 byte "row" of
48        data to encrypt, and each row is two 16 byte AES blocks
49        that share a key (as derived from flash address).
50     */
51     uint8_t encrypt_buf[32] __attribute__((aligned(4)));
52     uint32_t row_size;
53     for (size_t i = 0; i < size; i += row_size) {
54         uint32_t row_addr = dest_addr + i;
55         if (i == 0 && (row_addr % 32) != 0) {
56             /* writing to second block of a 32 byte row */
57             row_size = 16;
58             row_addr -= 16;
59             /* copy to second block in buffer */
60             memcpy(encrypt_buf + 16, ssrc + i, 16);
61             /* decrypt the first block from flash, will reencrypt to same bytes */
62             spi_flash_read_encrypted(row_addr, encrypt_buf, 16);
63         } else if (size - i == 16) {
64             /* 16 bytes left, is first block of a 32 byte row */
65             row_size = 16;
66             /* copy to first block in buffer */
67             memcpy(encrypt_buf, ssrc + i, 16);
68             /* decrypt the second block from flash, will reencrypt to same bytes */
69             spi_flash_read_encrypted(row_addr + 16, encrypt_buf + 16, 16);
70         } else {
71             /* Writing a full 32 byte row (2 blocks) */
72             row_size = 32;
73             memcpy(encrypt_buf, ssrc + i, 32);
74         }
75 
76         spi_flash_guard_start();
77         flash_rom_init();
78         rc = esp_rom_spiflash_write_encrypted(row_addr, (uint32_t *)encrypt_buf, 32);
79         spi_flash_guard_end();
80         if (rc != ESP_ROM_SPIFLASH_RESULT_OK) {
81             break;
82         }
83     }
84     memset(encrypt_buf, 0, sizeof(encrypt_buf));
85 
86     return rc;
87 }
88