Platform: Corstone1000: Integrate new ROM driver
Integrates new ROM driver for corstone1000. Mostly similar to RSS
integration.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
Change-Id: I179c812d5cb34d3a24f9138c7daeb54c8fae6bbc
diff --git a/platform/ext/target/arm/corstone1000/bl1/bl1_1_shared_symbols.txt b/platform/ext/target/arm/corstone1000/bl1/bl1_1_shared_symbols.txt
index 8eb3158..2434c00 100644
--- a/platform/ext/target/arm/corstone1000/bl1/bl1_1_shared_symbols.txt
+++ b/platform/ext/target/arm/corstone1000/bl1/bl1_1_shared_symbols.txt
@@ -12,7 +12,7 @@
bl1_trng_generate_random
bl_secure_memcpy
bl_secure_memeql
-cc3xx_finish
+cc3xx_uninit
computed_bl1_2_hash
corstone1000_watchdog_reset_timer
pq_crypto_verify
diff --git a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_2.c b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_2.c
index 4e9fe0d..63cd4c8 100644
--- a/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_2.c
+++ b/platform/ext/target/arm/corstone1000/bl1/boot_hal_bl1_2.c
@@ -78,7 +78,7 @@
int32_t result;
#ifdef CRYPTO_HW_ACCELERATOR
- result = cc3xx_finish();
+ result = cc3xx_uninit();
if (result) {
while (1);
}
diff --git a/platform/ext/target/arm/corstone1000/bl1/cc312_rom_crypto.c b/platform/ext/target/arm/corstone1000/bl1/cc312_rom_crypto.c
index 75b0d0e..e6e1c86 100644
--- a/platform/ext/target/arm/corstone1000/bl1/cc312_rom_crypto.c
+++ b/platform/ext/target/arm/corstone1000/bl1/cc312_rom_crypto.c
@@ -22,7 +22,7 @@
{
fih_int fih_rc = FIH_FAILURE;
- fih_rc = fih_int_encode_zero_equality(cc3xx_hash_sha256_init());
+ fih_rc = fih_int_encode_zero_equality(cc3xx_hash_init(CC3XX_HASH_ALG_SHA256));
if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
FIH_RET(FIH_FAILURE);
}
@@ -32,35 +32,21 @@
fih_int bl1_sha256_finish(uint8_t *hash)
{
- fih_int fih_rc = FIH_FAILURE;
+ uint32_t tmp_buf[32 / sizeof(uint32_t)];
- fih_rc = fih_int_encode_zero_equality(cc3xx_hash_sha256_finish(hash, 32));
- if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
- FIH_RET(FIH_FAILURE);
- }
+ cc3xx_hash_finish(tmp_buf, 32);
+
+ memcpy(hash, tmp_buf, sizeof(tmp_buf));
return FIH_SUCCESS;
}
fih_int bl1_sha256_update(uint8_t *data, size_t data_length)
{
- size_t idx;
fih_int fih_rc = FIH_FAILURE;
- for (idx = 0; idx + 0x8000 < data_length; idx += 0x8000) {
- fih_rc = FIH_FAILURE;
- fih_rc = fih_int_encode_zero_equality(cc3xx_hash_sha256_update(data + idx,
- 0x8000));
- if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
- FIH_RET(FIH_FAILURE);
- }
- }
- if (idx != (data_length - (data_length % 0x8000))) {
- FIH_RET(FIH_FAILURE);
- }
-
- fih_rc = fih_int_encode_zero_equality(cc3xx_hash_sha256_update(data + idx,
- data_length - idx));
+ fih_rc = fih_int_encode_zero_equality(cc3xx_hash_update(data,
+ data_length));
if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
FIH_RET(FIH_FAILURE);
}
@@ -72,39 +58,26 @@
size_t data_length,
uint8_t *hash)
{
+ uint32_t tmp_buf[32 / sizeof(uint32_t)];
fih_int fih_rc = FIH_FAILURE;
- size_t idx = 0;
if (data == NULL || hash == NULL) {
FIH_RET(FIH_FAILURE);
}
- fih_rc = fih_int_encode_zero_equality(cc3xx_hash_sha256_init());
+ fih_rc = fih_int_encode_zero_equality(cc3xx_hash_init(CC3XX_HASH_ALG_SHA256));
if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
FIH_RET(FIH_FAILURE);
}
- for (idx = 0; idx + 0x8000 < data_length; idx += 0x8000) {
- fih_rc = FIH_FAILURE;
- fih_rc = fih_int_encode_zero_equality(cc3xx_hash_sha256_update(data + idx,
- 0x8000));
- if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
- FIH_RET(FIH_FAILURE);
- }
- }
- if (idx != (data_length - (data_length % 0x8000))) {
+ fih_rc = fih_int_encode_zero_equality(cc3xx_hash_update(data,
+ data_length));
+ if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
FIH_RET(FIH_FAILURE);
}
+ cc3xx_hash_finish(tmp_buf, 32);
- fih_rc = fih_int_encode_zero_equality(cc3xx_hash_sha256_update(data + idx,
- data_length - idx));
- if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
- FIH_RET(FIH_FAILURE);
- }
- fih_rc = fih_int_encode_zero_equality(cc3xx_hash_sha256_finish(hash, 32));
- if(fih_not_eq(fih_rc, FIH_SUCCESS)) {
- FIH_RET(FIH_FAILURE);
- }
+ memcpy(hash, tmp_buf, sizeof(tmp_buf));
FIH_RET(FIH_SUCCESS);
}
@@ -143,10 +116,10 @@
uint8_t *plaintext)
{
cc3xx_aes_key_id_t cc3xx_key_type;
- uint8_t __ALIGNED(4) key_buf[32];
+ uint32_t key_buf[32 / sizeof(uint32_t)];
int32_t rc = 0;
- size_t idx = 0;
const uint8_t *input_key = key_buf;
+ cc3xx_err_t err;
if (ciphertext_length == 0) {
return 0;
@@ -156,8 +129,12 @@
return -1;
}
+ if ((uintptr_t)counter & 0x3) {
+ return -1;
+ }
+
if (key_material == NULL) {
- rc = bl1_key_to_cc3xx_key(key_id, &cc3xx_key_type, key_buf,
+ rc = bl1_key_to_cc3xx_key(key_id, &cc3xx_key_type, (uint8_t *)key_buf,
sizeof(key_buf));
if (rc) {
return rc;
@@ -167,20 +144,18 @@
input_key = key_material;
}
- for (idx = 0; idx + 0x8000 < ciphertext_length; idx += 0x8000) {
- rc = cc3xx_aes(cc3xx_key_type, input_key, CC3XX_AES_KEYSIZE_256,
- ciphertext + idx, 0x8000, counter, plaintext + idx,
- CC3XX_AES_DIRECTION_ENCRYPT, CC3XX_AES_MODE_CTR);
- if (rc != CC3XX_ERR_SUCCESS) {
- return rc;
- }
+ err = cc3xx_aes_init(CC3XX_AES_DIRECTION_DECRYPT, CC3XX_AES_MODE_CTR,
+ cc3xx_key_type, input_key, CC3XX_AES_KEYSIZE_256,
+ (uint32_t *)counter, 16);
+ if (err != CC3XX_ERR_SUCCESS) {
+ return 1;
}
- /* Under CTR mode encryption and decryption are the same operation */
- return cc3xx_aes(cc3xx_key_type, input_key, CC3XX_AES_KEYSIZE_256,
- ciphertext + idx, ciphertext_length - idx, counter,
- plaintext + idx, CC3XX_AES_DIRECTION_ENCRYPT,
- CC3XX_AES_MODE_CTR);
+ cc3xx_aes_set_output_buffer(plaintext, ciphertext_length);
+ cc3xx_aes_update(ciphertext, ciphertext_length);
+ cc3xx_aes_finish(NULL);
+
+ return 0;
}
static int32_t aes_256_ecb_encrypt(enum tfm_bl1_key_id_t key_id,
@@ -189,8 +164,9 @@
uint8_t *ciphertext)
{
cc3xx_aes_key_id_t cc3xx_key_type;
- uint8_t __ALIGNED(4) key_buf[32];
+ uint32_t key_buf[32 / sizeof(uint32_t)];
int32_t rc = 0;
+ cc3xx_err_t err;
if (ciphertext_length == 0) {
return 0;
@@ -205,9 +181,17 @@
return rc;
}
- return cc3xx_aes(cc3xx_key_type, key_buf, CC3XX_AES_KEYSIZE_256, plaintext,
- ciphertext_length, NULL, ciphertext,
- CC3XX_AES_DIRECTION_ENCRYPT, CC3XX_AES_MODE_ECB);
+ err = cc3xx_aes_init(CC3XX_AES_DIRECTION_ENCRYPT, CC3XX_AES_MODE_ECB,
+ cc3xx_key_type, (uint32_t *)key_buf,
+ CC3XX_AES_KEYSIZE_256,
+ NULL, 0);
+ if (err != CC3XX_ERR_SUCCESS) {
+ return 1;
+ }
+
+ cc3xx_aes_set_output_buffer(ciphertext, ciphertext_length);
+ cc3xx_aes_update(plaintext, ciphertext_length);
+ cc3xx_aes_finish(NULL);
}
/* This is a counter-mode KDF complying with NIST SP800-108 where the PRF is a
diff --git a/platform/ext/target/arm/corstone1000/bl1/cc312_rom_trng.c b/platform/ext/target/arm/corstone1000/bl1/cc312_rom_trng.c
index a59b93f..b506a8b 100644
--- a/platform/ext/target/arm/corstone1000/bl1/cc312_rom_trng.c
+++ b/platform/ext/target/arm/corstone1000/bl1/cc312_rom_trng.c
@@ -10,8 +10,6 @@
int32_t bl1_trng_generate_random(uint8_t *output, size_t output_size)
{
- cc3xx_err_t err;
-
if (output_size == 0) {
return 0;
}
@@ -20,15 +18,11 @@
return -1;
}
- cc3xx_rng_init();
- err = cc3xx_rng_get_random(output, output_size);
- cc3xx_rng_finish();
-
- return err;
+ return cc3xx_rng_get_random(output, output_size);
}
unsigned char fih_delay_random_uchar(void) {
- unsigned char out = 0;
- bl1_trng_generate_random(&out, sizeof(out));
- return out;
+ uint32_t out = 0;
+ cc3xx_rng_get_random_uint(256, &out);
+ return (unsigned char)out;
}
diff --git a/platform/ext/target/arm/corstone1000/cc3xx_config.h b/platform/ext/target/arm/corstone1000/cc3xx_config.h
new file mode 100644
index 0000000..df05dc0
--- /dev/null
+++ b/platform/ext/target/arm/corstone1000/cc3xx_config.h
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef CC3XX_CONFIG_H
+#define CC3XX_CONFIG_H
+
+#ifndef CC3XX_CONFIG_BASE_ADDRESS
+#include "platform_base_address.h"
+#define CC3XX_CONFIG_BASE_ADDRESS (CC3XX_BASE_S)
+#endif /* CC3XX_CONFIG_BASE_ADDRESS */
+
+/* Whether the SHA256 hash support is enabled */
+#define CC3XX_CONFIG_HASH_SHA256_ENABLE
+
+/* Whether the SHA224 hash support is enabled */
+/* #define CC3XX_CONFIG_HASH_SHA224_ENABLE */
+
+/* Whether the SHA1 hash support is enabled */
+/* #define CC3XX_CONFIG_HASH_SHA1_ENABLE */
+
+/* Whether hashing can be restartable */
+/* #define CC3XX_CONFIG_HASH_RESTARTABLE_ENABLE */
+
+/* Whether the AES CTR support is enabled */
+#define CC3XX_CONFIG_AES_CTR_ENABLE
+
+/* Whether the AES ECB support is enabled */
+#define CC3XX_CONFIG_AES_ECB_ENABLE
+
+/* Whether the AES CBC support is enabled */
+/* #define CC3XX_CONFIG_AES_CBC_ENABLE */
+
+/* Whether the AES GCM support is enabled */
+/* #define CC3XX_CONFIG_AES_GCM_ENABLE */
+/* #define CC3XX_CONFIG_AES_GCM_VARIABLE_IV_ENABLE */
+
+/* Whether the AES CMAC support is enabled */
+/* #define CC3XX_CONFIG_AES_CMAC_ENABLE */
+
+/* Whether the AES CCM support is enabled */
+/* #define CC3XX_CONFIG_AES_CCM_ENABLE */
+
+
+/* Whether AES can be restartable */
+/* #define CC3XX_CONFIG_AES_RESTARTABLE_ENABLE */
+
+/* Whether the AES tunnelling support is enabled. Without this, running CCM mode
+ * AES will instead only run the CBC_MAC operation with the CCM IVs, with the
+ * CTR decryption having to be done seperately. */
+#define CC3XX_CONFIG_AES_TUNNELLING_ENABLE
+
+/* Whether CHACHA is enabled */
+/* #define CC3XX_CONFIG_CHACHA_ENABLE */
+
+/* Whether CHACHA can be restartable */
+/* #define CC3XX_CONFIG_CHACHA_RESTARTABLE_ENABLE */
+
+/* Whether CHACHA_POLY1305 is enabled */
+/* #define CC3XX_CONFIG_CHACHA_POLY1305_ENABLE */
+
+/* Whether DMA remapping is enabled */
+#define CC3XX_CONFIG_DMA_REMAP_ENABLE
+
+/* Whether CC will WFI instead of busy-wait looping while waiting for crypto
+ * operations to complete.
+ */
+/* #define CC3XX_CONFIG_DMA_WFI_WAIT_ENABLE */
+
+/* How many DMA remap regions are available */
+#ifndef CC3XX_CONFIG_DMA_REMAP_REGION_AM
+#define CC3XX_CONFIG_DMA_REMAP_REGION_AM 4
+#endif /* CC3XX_CONFIG_DMA_REMAP_REGION_AM */
+
+/* Whether RNG is enabled */
+#define CC3XX_CONFIG_RNG_ENABLE
+
+/* The number of times the TRNG will be re-read when it fails a statical test
+ * before an error is returned.
+ */
+#ifndef CC3XX_CONFIG_RNG_MAX_ATTEMPTS
+#define CC3XX_CONFIG_RNG_MAX_ATTEMPTS 16
+#endif /* CC3XX_CONFIG_RNG_MAX_ATTEMPTS */
+
+/* This is the number of cycles between consecutive samples of the oscillator
+ * output. It needs to be set to a _reasonably_ large number, though It's
+ * unclear exactly what sort of number is reasonable. In general, if the
+ * statistical tests keep failing then increase it, if the RNG is too slow then
+ * decrease it. A sensible default is set here, and has worked correctly with a
+ * variety of cc3xx implementations.
+ */
+#ifndef CC3XX_CONFIG_RNG_SUBSAMPLING_RATE
+#define CC3XX_CONFIG_RNG_SUBSAMPLING_RATE 0x1337
+#endif /* !CC_RNG_SUBSAMPLING_RATE */
+
+/* Between 0 and 3 inclusive. 0 should be the fastest oscillator ring */
+#ifndef CC3XX_CONFIG_RNG_RING_OSCILLATOR_ID
+#define CC3XX_CONFIG_RNG_RING_OSCILLATOR_ID 0
+#endif /* !CC_RNG_RING_OSCILLATOR_ID */
+
+/* Whether DPA mitigations are enabled. Has a code-size and performance cost */
+#define CC3XX_CONFIG_DPA_MITIGATIONS_ENABLE
+
+/* Whether DFA mitigations are enabled. Has a code-size and performance cost */
+#define CC3XX_CONFIG_DFA_MITIGATIONS_ENABLE
+
+/* Whether an external secure word copying function (for copying keys etc) will
+ * be provided by the platform
+ */
+#define CC3XX_CONFIG_STDLIB_EXTERNAL_SECURE_WORD_COPY
+
+#ifndef CC3XX_CONFIG_STDLIB_LFSR_MAX_ATTEMPTS
+#define CC3XX_CONFIG_STDLIB_LFSR_MAX_ATTEMPTS 128
+#endif /* CC3XX_CONFIG_STDLIB_LFSR_MAX_ATTEMPTS */
+
+#endif /* CC3XX_CONFIG_H */