1 /*
2 * Copyright (c) 2020 HiSilicon (Shanghai) Technologies CO., LIMITED.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef CONFIG_FLASH_ENCRYPT_SUPPORT
17 #include <hi_nvm.h>
18 #include <load_partition_table.h>
19 #include "load_crypto.h"
20 #include "burn_file.h"
21
loader_clear_content(hi_u8 * content,hi_u32 content_len)22 hi_void loader_clear_content(hi_u8 *content, hi_u32 content_len)
23 {
24 if ((content == HI_NULL) || (content_len == 0)) {
25 return;
26 }
27
28 hi_u32 cs = (uintptr_t)content ^ content_len ^ 0x0 ^ content_len;
29 (hi_void)memset_s(content, content_len, 0x0, content_len, cs);
30 }
31
crpto_set_aes_ctrl_default_value(hi_cipher_aes_ctrl * aes_ctrl)32 static hi_void crpto_set_aes_ctrl_default_value(hi_cipher_aes_ctrl *aes_ctrl)
33 {
34 if (aes_ctrl == HI_NULL) {
35 return;
36 }
37 aes_ctrl->random_en = HI_FALSE;
38 aes_ctrl->key_from = HI_CIPHER_AES_KEY_FROM_CPU;
39 aes_ctrl->work_mode = HI_CIPHER_AES_WORK_MODE_CBC;
40 aes_ctrl->key_len = HI_CIPHER_AES_KEY_LENGTH_256BIT;
41 }
42
crypto_destory(hi_void)43 static hi_u32 crypto_destory(hi_void)
44 {
45 return hi_cipher_deinit();
46 }
47
crypto_load_salt(crypto_workkey_partition part,hi_flash_crypto_content * key_content)48 static hi_u32 crypto_load_salt(crypto_workkey_partition part, hi_flash_crypto_content *key_content)
49 {
50 hi_u32 ret = HI_ERR_SUCCESS;
51 hi_u8 salt_e[ROOT_SALT_LENGTH] = { 0 };
52
53 hi_u32 cs = (uintptr_t)salt_e ^ (hi_u32)sizeof(salt_e) ^ 0x0 ^ ROOT_SALT_LENGTH;
54 (hi_void) memset_s(salt_e, sizeof(salt_e), 0x0, ROOT_SALT_LENGTH, cs);
55
56 if (part == CRYPTO_WORKKEY_KERNEL_A) {
57 ret = hi_factory_nv_read(HI_NV_FTM_KERNELA_WORK_ID, key_content, sizeof(hi_flash_crypto_content), 0);
58 if (ret != HI_ERR_SUCCESS) {
59 goto fail;
60 }
61 } else if (part == CRYPTO_WORKKEY_KERNEL_A_BACKUP) {
62 ret = hi_factory_nv_read(HI_NV_FTM_BACKUP_KERNELA_WORK_ID, key_content, sizeof(hi_flash_crypto_content), 0);
63 if (ret != HI_ERR_SUCCESS) {
64 goto fail;
65 }
66 }
67
68 if (memcmp(key_content->root_salt, salt_e, ROOT_SALT_LENGTH) == HI_ERR_SUCCESS) {
69 ret = HI_PRINT_ERRNO_CRYPTO_SALT_EMPTY_ERR;
70 goto fail;
71 }
72 fail:
73 return ret;
74 }
75
crypto_get_root_salt(hi_flash_crypto_content * key_content)76 static hi_u32 crypto_get_root_salt(hi_flash_crypto_content *key_content)
77 {
78 hi_u32 ret = crypto_load_salt(CRYPTO_WORKKEY_KERNEL_A, key_content);
79 if (ret != HI_ERR_SUCCESS) {
80 ret = crypto_load_salt(CRYPTO_WORKKEY_KERNEL_A_BACKUP, key_content);
81 if (ret == HI_PRINT_ERRNO_CRYPTO_SALT_EMPTY_ERR) {
82 ret = hi_cipher_trng_get_random_bytes(key_content->root_salt, ROOT_SALT_LENGTH);
83 if (ret != HI_ERR_SUCCESS) {
84 return ret;
85 }
86 }
87 }
88
89 return ret;
90 }
91
crypto_prepare(hi_flash_crypto_content * save_content)92 static hi_u32 crypto_prepare(hi_flash_crypto_content *save_content)
93 {
94 hi_u32 ret;
95 hi_u8 rootkey_iv[ROOTKEY_IV_BYTE_LENGTH];
96 hi_cipher_kdf_ctrl ctrl;
97 hi_u32 cs;
98
99 ret = hi_cipher_init();
100 if (ret != HI_ERR_SUCCESS) {
101 return ret;
102 }
103
104 ret = crypto_get_root_salt(save_content);
105 if (ret != HI_ERR_SUCCESS) {
106 return ret;
107 }
108
109 cs = (uintptr_t)rootkey_iv ^ sizeof(rootkey_iv) ^ ((uintptr_t)save_content->root_salt) ^ ROOT_SALT_LENGTH;
110 ret = memcpy_s(rootkey_iv, sizeof(rootkey_iv), save_content->root_salt, ROOT_SALT_LENGTH, cs);
111 if (ret != HI_ERR_SUCCESS) {
112 return ret;
113 }
114
115 ctrl.salt = rootkey_iv;
116 ctrl.salt_len = sizeof(rootkey_iv);
117 ctrl.kdf_cnt = KDF_ITERATION_CNT;
118 ctrl.kdf_mode = HI_CIPHER_SSS_KDF_KEY_STORAGE;
119 return hi_cipher_kdf_key_derive(&ctrl);
120 }
121
boot_get_crypto_kernel_start(uintptr_t file_addr)122 hi_u32 boot_get_crypto_kernel_start(uintptr_t file_addr)
123 {
124 hi_u32 flash_offset = 0;
125 loaderboot_get_start_addr_offset(file_addr, &flash_offset);
126
127 return flash_offset;
128 }
129
crypto_decrypt_hash(hi_flash_crypto_content * key_content)130 static hi_u32 crypto_decrypt_hash(hi_flash_crypto_content *key_content)
131 {
132 hi_u32 ret;
133 hi_u32 cs;
134 hi_u32 content_size = (hi_u32)sizeof(hi_flash_crypto_content);
135
136 hi_flash_crypto_content *content_tmp = (hi_flash_crypto_content *)boot_malloc(content_size);
137 if (content_tmp == HI_NULL) {
138 return HI_PRINT_ERRNO_MALLOC_EXAUST_ERR;
139 }
140
141 cs = (uintptr_t)(content_tmp) ^ content_size ^ (uintptr_t)(key_content) ^ content_size;
142 ret = (hi_u32)memcpy_s(content_tmp, content_size, key_content, content_size, cs);
143 if (ret != EOK) {
144 goto fail;
145 }
146
147 hi_cipher_aes_ctrl aes_ctrl = {
148 .random_en = HI_FALSE,
149 .key_from = HI_CIPHER_AES_KEY_FROM_KDF,
150 .work_mode = HI_CIPHER_AES_WORK_MODE_CBC,
151 .key_len = HI_CIPHER_AES_KEY_LENGTH_256BIT,
152 };
153 cs = (uintptr_t)(aes_ctrl.iv) ^ (hi_u32)sizeof(aes_ctrl.iv) ^ (uintptr_t)(content_tmp->iv_nv) ^ IV_BYTE_LENGTH;
154 ret = (hi_u32)memcpy_s(aes_ctrl.iv, sizeof(aes_ctrl.iv), content_tmp->iv_nv, IV_BYTE_LENGTH, cs);
155 if (ret != EOK) {
156 goto fail;
157 }
158 ret = hi_cipher_aes_config(&aes_ctrl);
159 if (ret != HI_ERR_SUCCESS) {
160 goto crypto_fail;
161 }
162 ret = hi_cipher_aes_crypto((uintptr_t)content_tmp->iv_content, (uintptr_t)key_content->iv_content,
163 content_size - ROOT_SALT_LENGTH - IV_BYTE_LENGTH, HI_FALSE);
164 if (ret != HI_ERR_SUCCESS) {
165 goto crypto_fail;
166 }
167
168 crypto_fail:
169 (hi_void) hi_cipher_aes_destroy_config();
170 fail:
171 loader_clear_content((hi_u8 *)content_tmp, content_size);
172 crypto_mem_free(content_tmp);
173 return ret;
174 }
175
crypto_encrypt_hash(hi_flash_crypto_content * key_content)176 static hi_u32 crypto_encrypt_hash(hi_flash_crypto_content *key_content)
177 {
178 hi_cipher_aes_ctrl aes_ctrl;
179 hi_u32 ret;
180 hi_u32 content_size = (hi_u32)sizeof(hi_flash_crypto_content);
181 hi_u32 encrypt_size = content_size - ROOT_SALT_LENGTH - IV_BYTE_LENGTH;
182
183 hi_flash_crypto_content *data_tmp = (hi_flash_crypto_content *)boot_malloc(content_size);
184 if (data_tmp == HI_NULL) {
185 return HI_PRINT_ERRNO_MALLOC_EXAUST_ERR;
186 }
187
188 hi_u32 cs = (uintptr_t)(aes_ctrl.iv) ^ (hi_u32)sizeof(aes_ctrl.iv) ^ (uintptr_t)(key_content->iv_nv) ^
189 IV_BYTE_LENGTH;
190 ret = (hi_u32)memcpy_s(aes_ctrl.iv, sizeof(aes_ctrl.iv), key_content->iv_nv, IV_BYTE_LENGTH, cs);
191 if (ret != EOK) {
192 goto fail;
193 }
194
195 aes_ctrl.random_en = HI_FALSE;
196 aes_ctrl.key_from = HI_CIPHER_AES_KEY_FROM_KDF;
197 aes_ctrl.work_mode = HI_CIPHER_AES_WORK_MODE_CBC;
198 aes_ctrl.key_len = HI_CIPHER_AES_KEY_LENGTH_256BIT;
199 ret = hi_cipher_aes_config(&aes_ctrl);
200 if (ret != HI_ERR_SUCCESS) {
201 goto crypto_fail;
202 }
203 ret = hi_cipher_aes_crypto((uintptr_t)key_content->iv_content, (uintptr_t)(data_tmp->iv_content),
204 encrypt_size, HI_TRUE);
205 if (ret != HI_ERR_SUCCESS) {
206 goto crypto_fail;
207 }
208
209 cs = (uintptr_t)(key_content->iv_content) ^ encrypt_size ^ (uintptr_t)(data_tmp->iv_content) ^ encrypt_size;
210 ret = (hi_u32)memcpy_s(key_content->iv_content, encrypt_size, data_tmp->iv_content, encrypt_size, cs);
211
212 crypto_fail:
213 (hi_void) hi_cipher_aes_destroy_config();
214 fail:
215 loader_clear_content((hi_u8 *)data_tmp, content_size);
216 crypto_mem_free(data_tmp);
217 return ret;
218 }
219
crypto_load_key_content(crypto_workkey_partition part,hi_flash_crypto_content * key_content)220 static hi_u32 crypto_load_key_content(crypto_workkey_partition part, hi_flash_crypto_content *key_content)
221 {
222 hi_u32 ret = HI_ERR_SUCCESS;
223 hi_u8 hash[SHA_256_LENGTH];
224 hi_u8 key_e[KEY_BYTE_LENGTH] = { 0 };
225
226 hi_u32 cs = (uintptr_t)key_e ^ (hi_u32)sizeof(key_e) ^ 0x0 ^ KEY_BYTE_LENGTH;
227 (hi_void) memset_s(key_e, sizeof(key_e), 0x0, KEY_BYTE_LENGTH, cs);
228 if (part == CRYPTO_WORKKEY_KERNEL_A) {
229 ret = hi_factory_nv_read(HI_NV_FTM_KERNELA_WORK_ID, key_content, sizeof(hi_flash_crypto_content), 0);
230 if (ret != HI_ERR_SUCCESS) {
231 goto fail;
232 }
233 } else if (part == CRYPTO_WORKKEY_KERNEL_A_BACKUP) {
234 ret = hi_factory_nv_read(HI_NV_FTM_BACKUP_KERNELA_WORK_ID, key_content, sizeof(hi_flash_crypto_content), 0);
235 if (ret != HI_ERR_SUCCESS) {
236 goto fail;
237 }
238 }
239
240 if (memcmp(key_content->work_text, key_e, KEY_BYTE_LENGTH) == HI_ERR_SUCCESS) {
241 ret = HI_PRINT_ERRNO_CRYPTO_KEY_EMPTY_ERR;
242 goto fail;
243 }
244
245 ret = crypto_decrypt_hash(key_content);
246 if (ret != HI_ERR_SUCCESS) {
247 goto fail;
248 }
249
250 ret = hi_cipher_hash_sha256((uintptr_t)(key_content->root_salt), sizeof(hi_flash_crypto_content) - SHA_256_LENGTH,
251 hash, SHA_256_LENGTH);
252 if (ret != HI_ERR_SUCCESS) {
253 goto fail;
254 }
255 if (memcmp(key_content->content_sh256, hash, SHA_256_LENGTH) != HI_ERR_SUCCESS) {
256 ret = HI_PRINT_ERRNO_CRYPTO_KEY_INVALID_ERR;
257 goto fail;
258 }
259 fail:
260 return ret;
261 }
262
crypto_save_work_key(crypto_workkey_partition part,hi_flash_crypto_content * key_content)263 static hi_u32 crypto_save_work_key(crypto_workkey_partition part, hi_flash_crypto_content *key_content)
264 {
265 hi_u32 ret;
266 hi_u32 cs;
267 hi_u32 content_size = (hi_u32)sizeof(hi_flash_crypto_content);
268 hi_flash_crypto_content *content_tmp = (hi_flash_crypto_content *)boot_malloc(content_size);
269 if (content_tmp == HI_NULL) {
270 return HI_PRINT_ERRNO_MALLOC_EXAUST_ERR;
271 }
272
273 cs = (uintptr_t)(content_tmp) ^ content_size ^ (uintptr_t)(key_content) ^ content_size;
274 ret = (hi_u32)memcpy_s(content_tmp, content_size, key_content, content_size, cs);
275 if (ret != EOK) {
276 goto fail;
277 }
278
279 /* Encrypt,then save to factory NV */
280 ret = crypto_encrypt_hash(content_tmp);
281 if (ret != HI_ERR_SUCCESS) {
282 goto fail;
283 }
284
285 if ((hi_u32)part & CRYPTO_WORKKEY_KERNEL_A) {
286 ret = hi_factory_nv_write(HI_NV_FTM_KERNELA_WORK_ID, content_tmp, content_size, 0);
287 if (ret != HI_ERR_SUCCESS) {
288 ret = HI_PRINT_ERRNO_CRYPTO_KEY_SAVE_ERR;
289 goto fail;
290 }
291 }
292 if ((hi_u32)part & CRYPTO_WORKKEY_KERNEL_A_BACKUP) {
293 ret = hi_factory_nv_write(HI_NV_FTM_BACKUP_KERNELA_WORK_ID, content_tmp, content_size, 0);
294 if (ret != HI_ERR_SUCCESS) {
295 ret = HI_PRINT_ERRNO_CRYPTO_KEY_SAVE_ERR;
296 goto fail;
297 }
298 }
299
300 fail:
301 loader_clear_content((hi_u8 *)content_tmp, content_size);
302 crypto_mem_free(content_tmp);
303 return ret;
304 }
305
crypto_is_need_gen_key(hi_flash_crypto_content * key_content,hi_u8 * need_gen_key)306 static hi_u32 crypto_is_need_gen_key(hi_flash_crypto_content *key_content, hi_u8 *need_gen_key)
307 {
308 hi_u32 cs;
309 hi_flash_crypto_content tmp_content = {0};
310 hi_u32 content_size = sizeof(hi_flash_crypto_content);
311
312 hi_u32 ret = crypto_load_key_content(CRYPTO_WORKKEY_KERNEL_A, &tmp_content);
313 if (ret != HI_ERR_SUCCESS) {
314 ret = crypto_load_key_content(CRYPTO_WORKKEY_KERNEL_A_BACKUP, &tmp_content);
315 if (ret == HI_PRINT_ERRNO_CRYPTO_KEY_EMPTY_ERR) {
316 *need_gen_key = 1;
317 return HI_ERR_SUCCESS;
318 } else if (ret != HI_ERR_SUCCESS) {
319 goto fail;
320 } else {
321 ret = crypto_save_work_key(CRYPTO_WORKKEY_KERNEL_A, &tmp_content);
322 }
323 }
324
325 if (ret == HI_ERR_SUCCESS) {
326 cs = (uintptr_t)(key_content) ^ content_size ^ (uintptr_t)(&tmp_content) ^ content_size;
327 ret = (hi_u32)memcpy_s(key_content, content_size, &tmp_content, content_size, cs);
328 }
329
330 cs = (uintptr_t)(&tmp_content) ^ content_size ^ 0x0 ^ content_size;
331 (hi_void)memset_s(&tmp_content, content_size, 0x0, content_size, cs);
332
333 fail:
334 return ret;
335 }
336
crypto_gen_key_content(hi_flash_crypto_content * key_content)337 static hi_u32 crypto_gen_key_content(hi_flash_crypto_content *key_content)
338 {
339 hi_u8 salt[IV_BYTE_LENGTH];
340 hi_u8 kdf_key[KEY_BYTE_LENGTH];
341 hi_cipher_kdf_ctrl ctrl;
342
343 (hi_void)hi_cipher_trng_get_random_bytes(salt, IV_BYTE_LENGTH);
344 (hi_void)hi_cipher_trng_get_random_bytes(kdf_key, KEY_BYTE_LENGTH);
345 (hi_void)hi_cipher_trng_get_random_bytes(key_content->iv_nv, IV_BYTE_LENGTH);
346 (hi_void)hi_cipher_trng_get_random_bytes(key_content->iv_content, IV_BYTE_LENGTH);
347
348 hi_u32 cs = (uintptr_t)(ctrl.key) ^ (hi_u32)sizeof(ctrl.key) ^ (uintptr_t)kdf_key ^ (hi_u32)sizeof(kdf_key);
349 if ((hi_u32)memcpy_s(ctrl.key, sizeof(ctrl.key), kdf_key, sizeof(kdf_key), cs) != EOK) {
350 return HI_ERR_FAILURE;
351 }
352 ctrl.salt = salt;
353 ctrl.salt_len = sizeof(salt);
354 ctrl.kdf_cnt = KDF_ITERATION_CNT;
355 ctrl.kdf_mode = HI_CIPHER_SSS_KDF_KEY_DEVICE; /* In this mode, user should provide root key. */
356 if (hi_cipher_kdf_key_derive(&ctrl) != HI_ERR_SUCCESS) {
357 return HI_ERR_FAILURE;
358 }
359
360 cs = (uintptr_t)(key_content->work_text) ^ KEY_BYTE_LENGTH ^ (uintptr_t)(ctrl.result) ^
361 (hi_u32)sizeof(ctrl.result);
362 if (memcpy_s(key_content->work_text, KEY_BYTE_LENGTH, ctrl.result, sizeof(ctrl.result), cs) != EOK) {
363 return HI_ERR_FAILURE;
364 }
365
366 if (hi_cipher_hash_sha256((uintptr_t)(key_content->root_salt), sizeof(hi_flash_crypto_content) - SHA_256_LENGTH,
367 key_content->content_sh256, SHA_256_LENGTH) != HI_ERR_SUCCESS) {
368 return HI_ERR_FAILURE;
369 }
370
371 return HI_ERR_SUCCESS;
372 }
373
crypto_encrypt_data(hi_flash_crypto_content * content,hi_u32 flash_addr,hi_u32 len)374 static hi_u32 crypto_encrypt_data(hi_flash_crypto_content *content, hi_u32 flash_addr, hi_u32 len)
375 {
376 hi_u32 ret = HI_ERR_FAILURE;
377 hi_cipher_aes_ctrl aes_ctrl;
378
379 hi_u8 *fw_cyp_data = boot_malloc(len);
380 if (fw_cyp_data == HI_NULL) {
381 return HI_PRINT_ERRNO_CRYPTO_PREPARE_ERR;
382 }
383
384 hi_u32 cs = (uintptr_t)(aes_ctrl.key) ^ (hi_u32)sizeof(aes_ctrl.key) ^
385 (uintptr_t)(content->work_text) ^ KEY_BYTE_LENGTH;
386 if (memcpy_s(aes_ctrl.key, sizeof(aes_ctrl.key), content->work_text, KEY_BYTE_LENGTH, cs) != EOK) {
387 goto fail;
388 }
389
390 cs = (uintptr_t)(aes_ctrl.iv) ^ (hi_u32)sizeof(aes_ctrl.iv) ^ (uintptr_t)(content->iv_content) ^ IV_BYTE_LENGTH;
391 if (memcpy_s(aes_ctrl.iv, sizeof(aes_ctrl.iv), content->iv_content, IV_BYTE_LENGTH, cs) != EOK) {
392 goto fail;
393 }
394
395 crpto_set_aes_ctrl_default_value(&aes_ctrl);
396 ret = hi_cipher_aes_config(&aes_ctrl);
397 if (ret != HI_ERR_SUCCESS) {
398 goto fail;
399 }
400
401 ret = hi_cipher_aes_crypto(flash_addr + SFC_BUFFER_BASE_ADDRESS, (uintptr_t)fw_cyp_data, len, HI_TRUE);
402 if (ret != HI_ERR_SUCCESS) {
403 goto crypto_fail;
404 }
405
406 ret = g_flash_cmd_funcs.write(flash_addr, len, (hi_u8 *)fw_cyp_data, HI_TRUE);
407 if (ret != HI_ERR_SUCCESS) {
408 goto crypto_fail;
409 }
410
411 crypto_fail:
412 (hi_void) hi_cipher_aes_destroy_config();
413 fail:
414 crypto_mem_free(fw_cyp_data);
415 return ret;
416 }
417
crypto_burn_encrypt(uintptr_t file_addr)418 hi_u32 crypto_burn_encrypt(uintptr_t file_addr)
419 {
420 hi_u8 need_gen_key = 0;
421 hi_u32 crypto_kernel_addr = boot_get_crypto_kernel_start(file_addr);
422
423 hi_flash_crypto_content *key_content = (hi_flash_crypto_content *)boot_malloc(sizeof(hi_flash_crypto_content));
424 if (key_content == HI_NULL) {
425 return HI_PRINT_ERRNO_CRYPTO_PREPARE_ERR;
426 }
427
428 hi_u32 ret = crypto_prepare(key_content);
429 if (ret != HI_ERR_SUCCESS) {
430 loader_clear_content((hi_u8 *)key_content, sizeof(hi_flash_crypto_content));
431 crypto_mem_free(key_content);
432 return HI_PRINT_ERRNO_CRYPTO_PREPARE_ERR;
433 }
434
435 ret = crypto_is_need_gen_key(key_content, &need_gen_key);
436 if (ret != HI_ERR_SUCCESS) {
437 goto fail;
438 }
439
440 if (need_gen_key == 1) {
441 ret = crypto_gen_key_content(key_content);
442 if (ret != HI_ERR_SUCCESS) {
443 goto fail;
444 }
445
446 if (crypto_save_work_key(CRYPTO_WORKKEY_KERNEL_A_BOTH, key_content) != HI_ERR_SUCCESS) {
447 goto fail;
448 }
449 }
450
451 ret = crypto_encrypt_data(key_content, crypto_kernel_addr, CRYPTO_KERNEL_LENGTH);
452 if (ret != HI_ERR_SUCCESS) {
453 ret = HI_PRINT_ERRNO_CRYPTO_FW_ENCRYPT_ERR;
454 goto fail;
455 }
456
457 fail:
458 loader_clear_content((hi_u8 *)key_content, sizeof(hi_flash_crypto_content));
459 crypto_mem_free(key_content);
460 crypto_destory();
461 return ret;
462 }
463
crypto_check_encrypt(hi_void)464 hi_u32 crypto_check_encrypt(hi_void)
465 {
466 hi_u32 ret;
467 ret = hi_factory_nv_init(HI_FNV_DEFAULT_ADDR, HI_NV_DEFAULT_TOTAL_SIZE, HI_NV_DEFAULT_BLOCK_SIZE);
468 if (ret != HI_ERR_SUCCESS) {
469 return ret;
470 }
471
472 ret = hi_flash_partition_init();
473 if (ret != HI_ERR_SUCCESS) { /* use flash table */
474 return ret;
475 }
476
477 hi_flash_partition_table *partition = hi_get_partition_table();
478 uintptr_t kernel_a_addr = partition->table[HI_FLASH_PARTITON_KERNEL_A].addr;
479
480 /* 应用程序加密流程 */
481 /* Application bin encryption process */
482 ret = crypto_burn_encrypt(kernel_a_addr);
483 if (ret != HI_ERR_SUCCESS) {
484 boot_put_errno(ret);
485 return ret;
486 }
487
488 return HI_ERR_SUCCESS;
489 }
490
crypto_encrypt_factory_image(uintptr_t file_addr)491 hi_u32 crypto_encrypt_factory_image(uintptr_t file_addr)
492 {
493 /* 产测程序加密流程 */
494 /* Factory test bin encryption process */
495 hi_u32 ret = crypto_burn_encrypt(file_addr);
496 if (ret != HI_ERR_SUCCESS) {
497 boot_put_errno(ret);
498 return ret;
499 }
500
501 return HI_ERR_SUCCESS;
502 }
503
504 #endif
505