1 /* 2 * Copyright (c) 2020 HiSilicon (Shanghai) Technologies CO., LIMITED. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef __CRYPTO_H__ 17 #define __CRYPTO_H__ 18 #ifdef CONFIG_FLASH_ENCRYPT_SUPPORT 19 #include <hi_flashboot.h> 20 #include <hi_types.h> 21 #include <hi_upg_file.h> 22 23 #define crypto_mem_free(sz) \ 24 do { \ 25 if ((sz) != HI_NULL) { \ 26 boot_free(sz); \ 27 } \ 28 (sz) = HI_NULL; \ 29 } while (0) 30 31 #define IV_BYTE_LENGTH 16 32 #define ROOTKEY_IV_BYTE_LENGTH 32 33 34 #define DIE_ID_BYTE_LENGTH 24 35 36 #define KEY_BYTE_LENGTH 32 37 38 #define SHA_256_LENGTH 32 39 40 #define ROOT_SALT_LENGTH 32 41 42 #define CRYPTO_CNT_NUM 6 43 44 #define CRYPTO_KERNEL_LENGTH 4096 45 46 #define KERNEL_RAM_ADDR 0xD8400 47 48 #define KDF_ITERATION_CNT 1024 49 50 #define MIN_CRYPTO_BLOCK_SIZE 16 51 52 #define HI_NV_FTM_KERNELA_WORK_ID 0x4 53 #define HI_NV_FTM_BACKUP_KERNELA_WORK_ID 0x5 54 #define HI_NV_FTM_KERNELB_WORK_ID 0x6 55 #define HI_NV_FTM_BACKUP_KERNELB_WORK_ID 0x7 56 57 #define LZMA_HEAD_SIZE 13 58 #define DATA_MEDIUM_NOT_INIT 0 59 #define DATA_MEDIUM_RAM 1 60 #define DATA_MEDIUM_FLASH 2 61 62 typedef enum { 63 CRYPTO_WORKKEY_KERNEL_A = 0x1, 64 CRYPTO_WORKKEY_KERNEL_A_BACKUP = 0x2, 65 CRYPTO_WORKKEY_KERNEL_A_BOTH = 0x3, 66 CRYPTO_WORKKEY_KERNEL_B = 0x4, 67 CRYPTO_WORKKEY_KERNEL_B_BACKUP = 0x8, 68 CRYPTO_WORKKEY_KERNEL_B_BOTH = 0xC, 69 } crypto_workkey_partition; 70 71 typedef struct { 72 hi_u8 root_salt[ROOT_SALT_LENGTH]; 73 hi_u8 iv_nv[IV_BYTE_LENGTH]; /* The root key encrypts the initial vector value of the working key 74 and stores it in plaintext in the NV. */ 75 hi_u8 iv_content[IV_BYTE_LENGTH]; 76 hi_u8 work_text[KEY_BYTE_LENGTH]; /* Working key ciphertext */ 77 hi_u8 content_sh256[SHA_256_LENGTH]; /* Ciphertext of the preceding three data hash calculation results */ 78 } hi_flash_crypto_content; 79 80 typedef struct { 81 uintptr_t kernel_addr; 82 uintptr_t crypto_start_addr; 83 uintptr_t crypto_end_addr; 84 hi_u16 crypto_total_size; 85 hi_u16 cryptoed_size; 86 hi_u8 *buf; 87 hi_u8 upg_iv[IV_BYTE_LENGTH]; 88 hi_u8 upg_salt[IV_BYTE_LENGTH]; 89 hi_bool is_verify_byte; 90 hi_u8 data_medium; 91 hi_u16 ram_offset; 92 hi_bool is_crypto_section; 93 hi_bool para_is_init; 94 } boot_crypto_ctx; 95 96 boot_crypto_ctx *boot_crypto_get_ctx(hi_void); 97 boot_crypto_ctx *boot_decrypt_get_ctx(hi_void); 98 hi_u32 crypto_decrypt(hi_u32 ram_addr, hi_u32 ram_size); 99 hi_u32 crypto_load_flash_raw(uintptr_t ram_addr, hi_u32 ram_size); 100 hi_void crypto_check_decrypt(hi_void); 101 hi_u32 crypto_kernel_write(hi_u32 start, hi_u32 offset, hi_u8 *buffer, hi_u32 size); 102 hi_u32 crypto_kernel_read(hi_u32 start, hi_u32 offset, hi_u8 *buf, hi_u32 buf_len); 103 104 hi_u32 boot_decrypt_upg_file(hi_u32 addr_write, const hi_upg_section_head *section_head); 105 hi_void boot_decrypt_free_memory(hi_void); 106 107 #endif 108 #endif 109