view fluid-mnf/calplus/secure_types.h @ 324:43c92df87ac6

frbl2test: meat filled in
author Mychaela Falconia <falcon@freecalypso.org>
date Fri, 06 Mar 2020 00:30:18 +0000
parents 9cecc930d78f
children
line wrap: on
line source

/*                %Z% nom : %M% SID: %I% date : %G%                           */
/* Filename:      %M%                                                         */
/* Version:       %I%                                                         */
/******************************************************************************
 *                   WIRELESS COMMUNICATION SYSTEM DEVELOPMENT
 *
 *             (C) 2002 Texas Instruments France. All rights reserved
 *
 *                          Author : Constantin HAIDAMOUS
 *
 *
 *  Important Note
 *  --------------
 *
 *  This S/W is a preliminary version. It contains information on a product
 *  under development and is issued for evaluation purposes only. Features
 *  characteristics, data and other information are subject to change.
 *
 *  The S/W is furnished under Non Disclosure Agreement and may be used or
 *  copied only in accordance with the terms of the agreement. It is an offence
 *  to copy the software in any way except as specifically set out in the
 *  agreement. No part of this document may be reproduced or transmitted in any
 *  form or by any means, electronic or mechanical, including photocopying and
 *  recording, for any purpose without the express written permission of Texas
 *  Instruments Inc.
 *
 ******************************************************************************
 *
 *  FILE NAME: secure_types.h
 *
 *
 *  PURPOSE:
 *
 *
 *  FILE REFERENCES:
 *
 *  Name                  IO      Description
 *  -------------         --      ---------------------------------------------
 *
 *
 *
 *  EXTERNAL VARIABLES:
 *
 *  Source: none
 *
 *  Name                    Type              IO   Description
 *  -------------------     ---------------   --   ----------------------------
 *
 *
 *
 *  ABNORMAL TERMINATION CONDITIONS, ERROR AND WARNING MESSAGES:
 *
 *
 *
 *  ASSUMPTION, CONSTRAINTS, RESTRICTIONS:
 *
 *
 *
 *  NOTES:
 *
 *
 *
 *  REQUIREMENTS/FUNCTIONAL SPECIFICATION REFERENCES:
 *
 *
 *
 *
 *  DEVELOPMENT HISTORY:
 *
 *  Date        Name(s)               Version  Description
 *  ----------  --------------------  -------  ---------------------------------
 *  04/12/2002  Constantin HAIDAMOUS  V1.0.0   First release
 *  22-Apr-02   Francois AMAND        V1.0.1   Update of secure status to
 *                                             facilitate integration in final
 *                                             ROM code.
 *                                             Data alignment in struture to
 *                                             optimize memory requirement.
 *                                             Management of global secure data.
 *  28-Apr-02   Francois AMAND        V1.0.2   Update some constants to be
 *                                             compliant with certificate
 *                                             definition.
 *                                             Add CALYPSO PLUS specific
 *                                             parameters structure.
 *                                             Differentiate Manufacturer and
 *                                             Platform certificate.
 *                                             Add debug request field in Manu-
 *                                             facturer certificate.
 *                                             Optimize certificate field size.
 *                                             Change commentary wrapper to be
 *                                             ANSI compliant.
 *  29-Apr-02   Francois AMAND        V1.0.3   Remove unused constant.
 *                                             Set under compilation flag the
 *                                             secure services.
 *  14-May-02   Francois AMAND        V1.0.4   Add CONF_CSI field in T_CONF_PARAM
 *                                             structure definition.
 *                                             Change name of CS_MODE to EX_CTRL
 *                                             Change size of DCCTRL_CSx to 8
 *                                             bits to optimize size and alignment.
 *  17-May-02   Francois AMAND        V1.0.5   Modification of hashing size for
 *                                             binding/unbinding.
 *  17-May-02   Constantin HAIDAMOUS  V1.0.6   Integration of data structure for
 *                                             binding/unbinding services API .
 *  17-May-02   Francois AMAND        V1.0.7   Integration of RSA S/W and Check
 *                                             ROM in Secure Services.
 *                                             Update of Secure Services manage-
 *                                             ment.
 *  22-May-02   Constantin HAIDAMOUS  V1.0.8   Changing RSA modulus length , Max
 *                                             RSA length =2048 bits. Adding initial
 *                                             vectore for Binding structure.
 *  27-May-02   Francois AMAND        V1.0.9   Changing SAMSON to CALYPSO.
 *                                             Addition of Secure Services for
 *                                             RUN Time checker.
 *  28-May-02   Constantin HAIDAMOUS  V1.0.10  Changing C_PLAT_SIG_SIZE to 4.
 *
 *  06-June-02  Constantin HAIDAMOUS  V1.0.11  Changing Secure service API.
 *
 *  12-Jun-02   Francois AMAND        V1.0.12  Update of T_CONF_PARAM according
 *                                             to last memory interface spec.
 *  13-Jun-02   Constantin HAIDAMOUS  V1.0.13  Update of T_UNBINDCTX for segmented
 *                                             unbind operation optimization.
 *  14-Jun-02   Constantin HAIDAMOUS  V1.0.14  Update of T_BINDCTX for segmented
 *                                             bind operation .
 *  14-Jun-02   Francois AMAND        V1.0.15  Force d_temp in Secure RAM.
 *                                             Remove other definitions.
 *  25-Jun-02   Francois AMAND        V1.0.16  Addition of Platform unbinding
 *                                             during boot concept under compi-
 *                                             lation flag C_PLATFORM_UNBIND_BOOT.
 *  27-Jun-02   Constantin HAIDAMOUS  V1.0.17  Adding C_SECURE_RNG_ALARM to E_SECURE_STATUS
 *                                             C_SECURE_RNG_ALARM = C_RNG_ALARM from Safenet
 *  09-Jul-02   Constantin HAIDAMOUS  V1.0.18  Adding Application ID and Timeout for Bind function
 *  16-Jul-02   Francois AMAND        V1.0.19  Add S/W pseudo-random generator.
 *  19-Jul-02   Francois AMAND        V1.0.20  Remove S/W pseudo-random.
 *  01-Aug-02   Constantin HAIDAMOUS  V1.0.21  Removing boolean b_HashDone in Bind and Unbind Context
 *  27-Jan-03   Francois AMAND        V2.0.0   Remove of C_PLATFORM_UNBIND_BOOT flag
 *  27-Jan-03   Francois AMAND        V2.0.1   Add compliance with SW@P 2.0 (REQ03047)
 *  20-Mar-03   Francois AMAND        V2.0.2   Code cleaning
 *
 *  ALGORITHM:
 *
 *
 *******************************************************************************/


#include "standard.h"

#ifndef _SECURE_TYPES_H
  #define _SECURE_TYPES_H

  #ifndef C_SECURE_SERVICES
    #define C_SECURE_SERVICES 1
  #endif

  #ifndef C_CHIPSET
    #define C_CHIPSET_CALYPSO        4
    #define C_CHIPSET_CALYPSOPLUS   11
    #define C_CHIPSET               C_CHIPSET_CALYPSOPLUS
  #endif



  /****************************************************************************
   * Constants
   ****************************************************************************/

  #define C_WORD32LGB     4

//  #ifndef NULL  /* To avoid conflict with other compilers */
//    #define NULL (UWORD32 *) 0x00000000L
//  #endif

  /* Certificate block */

  /* Length in long word (32 bits) */

  #define C_SHA1HASHLG          5
  #define C_MD5HASHLG           4

  #define C_RSAKEYLG            64 /* Max Modulus size : 2048 bits */
  #define C_RSASIGLG            C_RSAKEYLG

  #define C_DIE_ID_SIZE         2  /* DIE ID defined on 64-bits */

  #define C_PLATFORM_DATA_SIZE  16048 /* Maximum value to have CertSize coded on 16-bits */

  #if C_SECURE_SERVICES == 1
    #define C_IVLG              2
    #define C_TDESKEYLG         4
    #define C_TDESKEYLGB        C_TDESKEYLG * C_WORD32LGB
    #define C_PLAT_SIG_SIZE     4 /* Must be a multiple of 64 bits */
  #endif

  #define C_MANUF_SIG_SIZE      C_RSASIGLG


  /* Certificate Type */

  #define C_CERTTYPE_MAN     0x00
  #define C_CERTTYPE_PLAT    0x01

  #if C_SECURE_SERVICES == 1
    /* Confidentiality request */

    #define C_CRYPTVOID      0x00
    #define C_CRYPTNOREQUEST 0x00
    #define C_CRYPTREQUEST   0x01
  #endif


  /* Debug request */

  #define C_DEBUGNOREQUEST   0x00
  #define C_DEBUGREQUEST     0x01


  /* CS image check request */

  #define C_CSIMGNOREQUEST   0x00
  #define C_CSIMGREQUEST     0x01


  /* Temporary block */

  #define C_TEMPDATALG        32
  #define C_TEMPDATALGB       C_TEMPDATALG * C_WORD32LGB

  #define C_CERT_TEMP_SWKEY   0
  #define C_CERT_TEMP_DATA    C_CERT_TEMP_SWKEY + C_TDESKEYLG


  /****************************************************************************
   * Structures
   ****************************************************************************/

  /* CALYPSO PLUS Parameters */
  typedef struct {
    /* External Memory Interface configuration */
    UWORD16 d_conf_cs5;
    UWORD16 d_exws_cs5;
    UWORD16 d_ex_ctrl;

    /* Authentication configuration */
    UWORD16 d_cs_img_req;
    UWORD32 d_flash_size;
    UWORD32 d_granularity;
  } T_CONF_PARAM;


  /* RSA Public key */

  typedef struct
  {
    UWORD32  a_Modulus[C_RSAKEYLG];  /* Public Modulus */
    UWORD32  d_ModulusLength;        /* Public Modulus length in bytes */
    UWORD32  d_Exponent;             /* Public Exponent */
  } T_RSAPUBKEY;


  /*Certificate Structure*/

  typedef struct
  {
    UWORD16       d_Certsize;                         /* Size of Certificate */
    UWORD8        d_Certtype;                         /* Type of Certificate */
    UWORD8        d_Debugrequest;                     /* Debug Request */
    UWORD32       d_Addcode;                          /* Start Address of Code */
    UWORD32       d_Codesize;                         /* Size of Code */
    UWORD32       d_CodeStartAdd;                     /* Entry Point Address */
    T_RSAPUBKEY   d_Manpubkey;                        /* Manufacturer Public Key */
    T_RSAPUBKEY   d_Origpubkey;                       /* Originator Public Key */
    UWORD32       a_Origpubkeysig[C_MANUF_SIG_SIZE];  /* Originator Public Key Signature */
    UWORD32       a_Swsig[C_MANUF_SIG_SIZE];          /* Software Signature */
    T_CONF_PARAM  d_Confparam;                        /* Configuration Parameters */
    UWORD32       a_die_id[C_DIE_ID_SIZE];            /* Die Id */
  } T_MANUFACTURER_CERTIFICATE;


  /*
   * Manufacturer Certificate structure containing dynamic Platform Data
   */
  typedef struct
  {
    T_MANUFACTURER_CERTIFICATE  d_manufacturer_certificate;
    UWORD32                     a_platform_data[C_PLATFORM_DATA_SIZE];   /* Platform Data */
    UWORD32                     a_Certsig[C_MANUF_SIG_SIZE];             /* Certificate Signature */
  } T_MANUFACTURER_CERTIFICATE_PLATFORM_DATA;


  /*
   * Manufacturer Certificate structure for the flash programmer without the dynamic Platform Data
   */
  typedef struct
  {
    UWORD16       d_Certsize;                         /* Size of Certificate */
    UWORD8        d_Certtype;                         /* Type of Certificate */
    UWORD8        d_Debugrequest;                     /* Debug Request */
    UWORD32       d_Addcode;                          /* Start Address of Code */
    UWORD32       d_Codesize;                         /* Size of Code */
    UWORD32       d_CodeStartAdd;                     /* Entry Point Address */
    T_RSAPUBKEY   d_Manpubkey;                        /* Manufacturer Public Key */
    T_RSAPUBKEY   d_Origpubkey;                       /* Originator Public Key */
    UWORD32       a_Origpubkeysig[C_MANUF_SIG_SIZE];  /* Originator Public Key Signature */
    UWORD32       a_Swsig[C_MANUF_SIG_SIZE];          /* Software Signature */
    T_CONF_PARAM  d_Confparam;                        /* Configuration Parameters */
    UWORD32       a_die_id[C_DIE_ID_SIZE];            /* Die Id */
    UWORD32       a_Certsig[C_MANUF_SIG_SIZE];        /* Certificate Signature */
  } T_MANUFACTURER_CERTIFICATE_FLASH_PROGRAMMER;


  #if C_SECURE_SERVICES == 1
    /*
     *  Define ROM secure service entry point address
     */
    #define C_ROM_SSERVICE_ENTRY_POINT_ADDR   0x00000024L

    /*
     *  Definition of function pointer to use ROM Secure Services
     */
    typedef UWORD16 (*T_ROM_SSERVICE) (UWORD16, void *, void *);


    typedef struct
    {
      UWORD16       d_Certsize;                   /* Size of Certificate */
      UWORD8        d_Certtype;                   /* Type of Certificate */
      UWORD8        d_Confrequest;                /* Confidentiality Request */
      UWORD32       d_Addcode;                    /* Start Address of Code */
      UWORD32       d_Codesize;                   /* Size of Code */
      UWORD32       d_AppID;                      /* Application Id */
      UWORD32       a_iv[C_IVLG];                 /* Initial Vector for TDES CBC */
      UWORD32       a_Encswkey[C_TDESKEYLG];      /* Encrypted S/W Key */
      UWORD32       a_Swsig[C_PLAT_SIG_SIZE];     /* Software Signature */
      UWORD32       a_Certsig[C_PLAT_SIG_SIZE];   /* Certificate Signature */
    } T_PLATFORM_CERTIFICATE;


    /* Unbind Context Structure used for segmented Unbind operation */

    typedef struct
    {
      UWORD32  d_Startpos;                    /* Start Position of Data to Process */
      UWORD32  d_Currentpos;                  /* Current Position of Data to Process */
      UWORD32  a_Currentdigest[C_MD5HASHLG];  /* Current Digest */
      UWORD32  d_Digcount;                    /* Digest Count */
      UWORD32  a_Currentiv[C_IVLG];           /* Current Initial Vector */
      UWORD32  a_Encswkey[C_TDESKEYLG];       /* Encrypted TDES Software Key */
      UWORD32  a_iv[C_IVLG];                  /* Initial Vector */
      UWORD32  d_Codesize;                    /* Code Size */
      UWORD32  d_AppID;                       /* Application Id */
      UWORD32  a_Swsig[C_PLAT_SIG_SIZE];      /* Software Signature */
      UWORD8   d_Confrequest;                 /* Confidentiality Request */
      BOOLEAN  b_UnbindDone;                  /* Set to 1 if Data Unbinding is Done */
    } T_UNBINDCTX;


   /* Bind Context Structure used for segmented Bind operation */

    typedef struct
    {
      UWORD32  d_Startpos;                    /* Start Position of Data to Process */
      UWORD32  d_Currentpos;                  /* Current Position of Data to Process */
      UWORD32  a_Currentdigest[C_MD5HASHLG];  /* Current Digest */
      UWORD32  d_Digcount;                    /* Digest Count */
      UWORD32  a_Currentiv[C_IVLG];           /* Current Initial Vector */
      UWORD32  a_Encswkey[C_TDESKEYLG];       /* Encrypted TDES Software Key */
      UWORD32  a_iv[C_IVLG];                  /* Initial Vector */
      UWORD32  d_Addcode;                     /* Store Address of Code */
      UWORD32  d_Codesize;                    /* Code Size */
      UWORD32  d_AppID;                       /* Application Id */
      UWORD8   d_Confrequest;                 /* Confidentiality Request */
      BOOLEAN  b_KeyCreateDone;               /* Set to 1 if TDES Software Key Creation is Done */
      BOOLEAN  b_BindDone;                    /* Set to 1 if Data Binding is Done */
    } T_BINDCTX;


    typedef struct
    {
      T_PLATFORM_CERTIFICATE*  p_Cert;
      UWORD32*                 p_Code;
      T_PLATFORM_CERTIFICATE*  p_CertCtx;
      T_UNBINDCTX*             p_UnbindCtx;
      UWORD32                  d_Steplength;
      BOOLEAN                  b_start;
    } T_SSERVICE_UNBIND;



    typedef struct
    {
      T_PLATFORM_CERTIFICATE*   p_Cert;
      UWORD32*                  p_Code;
      T_PLATFORM_CERTIFICATE*   p_CertCtx;
      T_BINDCTX*                p_BindCtx;
      UWORD32                   d_Steplength;
      UWORD32                   d_timeout;
      BOOLEAN                   b_start;
    } T_SSERVICE_BIND;


    /*
     *  Structure definition for RSA S/W secure services
     */
    typedef struct
    {
      UWORD32 *     p_datain;
      UWORD32 *     p_dataout;
      UWORD32       output_length;
      T_RSAPUBKEY * p_rsapubkey;
      UWORD32 *     p_rsaheap;
    } T_SSERVICE_RSA;


    /*
     *  Structure definition for Checker ROM secure services
     */
    typedef struct
    {
      UWORD16   d_checksum;
      UWORD16   d_rom_id;
    } T_SSERVICE_CHECKROM;


    /*
     *  Structure definition for Run Time Checker secure services
     */
    typedef struct
    {
      UWORD32 *                       p_rsaheap;
      T_MANUFACTURER_CERTIFICATE *    p_certificate;
    } T_SSERVICE_RUNTIMECHECKER;


    /*
     *  Structure definition for Run Time Platform Data Checker secure services
     */
    typedef struct
    {
      T_PLATFORM_CERTIFICATE*  p_Cert;
    } T_SSERVICE_RUNTIME_PLAT_CHECKER;


  #endif /*  C_SECURE_SERVICES == 1 */

  /****************************************************************************
   * Global variables
   ****************************************************************************/
  #ifndef SECURE_GLOBAL
    #define SECURE_GLOBAL extern
  #endif

  #ifdef _TMS470
    #pragma DATA_SECTION(d_temp,".secdata")
    #pragma DATA_SECTION(a_hash_certificate,".secdata")
  #endif

  SECURE_GLOBAL UWORD32 d_temp[C_TEMPDATALG];               /* Temporary data in Secure RAM */
  SECURE_GLOBAL UWORD32 a_hash_certificate[C_SHA1HASHLG];   /* SHA-1 hashing of Manufacturer Certificate */

  /****************************************************************************
   * Status
   ****************************************************************************/

  typedef enum
  {
    C_SECURE_ERROR          = 0,
    C_SECURE_SUCCESS        = 1,
    C_SECURE_INVALID_ID     = 2,
    C_SECURE_RNG_ALARM      = 3,
    C_SECURE_INVALID_DIE_ID = 4,
    C_SECURE_BLANK_DIE_ID   = 5
  } E_SECURE_STATUS;


  /****************************************************************************
   * Function prototype for secure services
   ****************************************************************************/

  #if C_SECURE_SERVICES == 1
    #define C_MAX_DEFINED_ID                                6
    #define C_SEC_SERVICE_BINDING_ID                        0x0000
    #define C_SEC_SERVICE_UNBINDING_ID                      0x0001
    #define C_SEC_SERVICE_RSA_ID                            0x0002
    #define C_SEC_SERVICE_CHECKROM_ID                       0x0003
    #define C_SEC_SERVICE_RUN_TIME_CHECKER_ID               0x0004
    #define C_SEC_SERVICE_RUN_TIME_PLATFORM_DATA_CHECKER    0x0005

    E_SECURE_STATUS ROM_Sservice_Unbind(UWORD16            reserved,
                                        T_SSERVICE_UNBIND* p_StructUnbind);

    E_SECURE_STATUS ROM_Sservice_Bind(UWORD16          reserved,
                                      T_SSERVICE_BIND* p_StructBind);

    E_SECURE_STATUS ROM_Sservice_Rsa(UWORD16           reserved,
                                     T_SSERVICE_RSA*   p_StructRsa);

    E_SECURE_STATUS ROM_Sservice_CheckRom(UWORD16              reserved,
                                          T_SSERVICE_CHECKROM* p_StructCheckRom);

    E_SECURE_STATUS ROM_Sservice_RunTimeChecker(
                                  UWORD16                      reserved,
                                  T_SSERVICE_RUNTIMECHECKER*   p_StructRunTimeChecker);

    E_SECURE_STATUS ROM_Sservice_RunTimePlatformDataChecker(
                                  UWORD16                          reserved,
                                  T_SSERVICE_RUNTIME_PLAT_CHECKER* p_StructRunTimePlatChecker);

  #endif

#endif /* _SECURE_TYPES_H */