1
2
3
4
5
6
7#include <common.h>
8#include <errno.h>
9#include <fsl_sec.h>
10#include <memalign.h>
11#include "desc.h"
12#include "desc_constr.h"
13#include "jobdesc.h"
14#include "jr.h"
15
16
17#define MFG_PUBK_DSC_WORDS 4
18#define MFG_SIGN_DSC_WORDS 8
19
20static void mfg_build_sign_dsc(u32 *dsc_ptr, const u8 *m, int size,
21 u8 *dgst, u8 *c, u8 *d)
22{
23 u32 *dsc = dsc_ptr;
24 struct pdb_mp_sign *pdb;
25
26 init_job_desc_pdb(dsc, 0, sizeof(struct pdb_mp_sign));
27
28 pdb = (struct pdb_mp_sign *)desc_pdb(dsc);
29
30
31 pdb->pdb_hdr = (PDB_MP_CSEL_P256);
32
33
34 pdb_add_ptr(&pdb->dma_addr_msg, virt_to_phys((void *)m));
35
36
37 pdb_add_ptr(&pdb->dma_addr_hash, virt_to_phys((void *)dgst));
38
39
40 pdb_add_ptr(&pdb->dma_addr_c_sig, virt_to_phys((void *)c));
41
42
43 pdb_add_ptr(&pdb->dma_addr_d_sig, virt_to_phys((void *)d));
44
45
46 pdb->img_size = size;
47
48
49 append_cmd(dsc, (CMD_OPERATION | OP_TYPE_DECAP_PROTOCOL |
50 OP_PCLID_MP_SIGN));
51}
52
53static void mfg_build_pubk_dsc(u32 *dsc_ptr, u8 *dst)
54{
55 u32 *dsc = dsc_ptr;
56 struct pdb_mp_pub_k *pdb;
57
58 init_job_desc_pdb(dsc, 0, sizeof(struct pdb_mp_pub_k));
59
60 pdb = (struct pdb_mp_pub_k *)desc_pdb(dsc);
61
62
63 pdb->pdb_hdr = (PDB_MP_CSEL_P256);
64
65
66 pdb_add_ptr(&pdb->dma_pkey, virt_to_phys((void *)dst));
67
68
69 append_cmd(dsc, (CMD_OPERATION | OP_TYPE_DECAP_PROTOCOL |
70 OP_PCLID_MP_PUB_KEY));
71}
72
73int gen_mppubk(u8 *dst)
74{
75 int size, ret;
76 u32 *dsc;
77
78
79 dsc = memalign(ARCH_DMA_MINALIGN,
80 sizeof(uint32_t) * MFG_PUBK_DSC_WORDS);
81 if (!dsc) {
82 debug("Not enough memory for descriptor allocation\n");
83 return -ENOMEM;
84 }
85
86 mfg_build_pubk_dsc(dsc, dst);
87
88 size = roundup(sizeof(uint32_t) * MFG_PUBK_DSC_WORDS,
89 ARCH_DMA_MINALIGN);
90 flush_dcache_range((unsigned long)dsc, (unsigned long)dsc + size);
91
92 size = roundup(FSL_CAAM_MP_PUBK_BYTES, ARCH_DMA_MINALIGN);
93 flush_dcache_range((unsigned long)dst, (unsigned long)dst + size);
94
95
96 puts("\nGenerating Manufacturing Protection Public Key\n");
97
98 ret = run_descriptor_jr(dsc);
99 if (ret) {
100 debug("Error in public key generation %d\n", ret);
101 goto err;
102 }
103
104 size = roundup(FSL_CAAM_MP_PUBK_BYTES, ARCH_DMA_MINALIGN);
105 invalidate_dcache_range((unsigned long)dst, (unsigned long)dst + size);
106err:
107 free(dsc);
108 return ret;
109}
110
111int sign_mppubk(const u8 *m, int data_size, u8 *dgst, u8 *c, u8 *d)
112{
113 int size, ret;
114 u32 *dsc;
115
116
117 dsc = memalign(ARCH_DMA_MINALIGN,
118 sizeof(uint32_t) * MFG_SIGN_DSC_WORDS);
119 if (!dsc) {
120 debug("Not enough memory for descriptor allocation\n");
121 return -ENOMEM;
122 }
123
124 mfg_build_sign_dsc(dsc, m, data_size, dgst, c, d);
125
126 size = roundup(sizeof(uint32_t) * MFG_SIGN_DSC_WORDS,
127 ARCH_DMA_MINALIGN);
128 flush_dcache_range((unsigned long)dsc, (unsigned long)dsc + size);
129
130 size = roundup(data_size, ARCH_DMA_MINALIGN);
131 flush_dcache_range((unsigned long)m, (unsigned long)m + size);
132
133 size = roundup(FSL_CAAM_MP_MES_DGST_BYTES, ARCH_DMA_MINALIGN);
134 flush_dcache_range((unsigned long)dgst, (unsigned long)dgst + size);
135
136 size = roundup(FSL_CAAM_MP_PRVK_BYTES, ARCH_DMA_MINALIGN);
137 flush_dcache_range((unsigned long)c, (unsigned long)c + size);
138 flush_dcache_range((unsigned long)d, (unsigned long)d + size);
139
140
141 puts("\nSigning message with Manufacturing Protection Private Key\n");
142
143 ret = run_descriptor_jr(dsc);
144 if (ret) {
145 debug("Error in public key generation %d\n", ret);
146 goto err;
147 }
148
149 size = roundup(FSL_CAAM_MP_MES_DGST_BYTES, ARCH_DMA_MINALIGN);
150 invalidate_dcache_range((unsigned long)dgst,
151 (unsigned long)dgst + size);
152
153 size = roundup(FSL_CAAM_MP_PRVK_BYTES, ARCH_DMA_MINALIGN);
154 invalidate_dcache_range((unsigned long)c, (unsigned long)c + size);
155 invalidate_dcache_range((unsigned long)d, (unsigned long)d + size);
156
157err:
158 free(dsc);
159 return ret;
160}
161
