--- a/salld.h
+++ b/salld.h
* @brief SA LLD Interface Unit API and Data Definitions
*
* ============================================================================
- * Copyright (c) Texas Instruments Incorporated 2009-2012
+ * Copyright (c) Texas Instruments Incorporated 2009-2018
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#define sa_ERR_NOMEM -3
/**
- * @def sa_ERR_INV_BUF
+ * @def sa_ERR_INV_BUF (deprecated)
* SALLD Return Codes -- Invalid buffers.
*/
#define sa_ERR_INV_BUF -4
*/
#define sa_ERR_PKA_DOWNLOAD_FAIL -30
+/**
+ * @def sa_ERR_ENGINE_STATE
+ * The SA2UL engines are in an unexpected state
+ */
+#define sa_ERR_ENGINE_STATE -31
+
/**
* @def sa_PKA_OP_IN_PROGRESS
* The current PKA operation is still in progress.
*/
#define sa_PKA_OP_COMPLETE sa_ERR_OK
+/**
+ * @def sa_MAX_PS_AI_WORD_COUNT
+ * upto 12 32-bit words of 'personalizatoin string' and 'additional input' used for
+ * SP-800-90A AES-256 DRBG
+ */
+
+#define sa_MAX_PS_AI_WORD_COUNT 12
+
+
/*@}*/
/** @} */
sa_AuthMode_SHA1, /**< SHA1 mode */
sa_AuthMode_SHA2_224, /**< 224-bit SHA2 mode */
sa_AuthMode_SHA2_256, /**< 256-bit SHA2 mode */
+ sa_AuthMode_SHA2_384, /**< 384-bit SHA2 mode
+ @note: This mode is used at Data Mode only for SA2_UL */
+ sa_AuthMode_SHA2_512, /**< 512-bit SHA2 mode
+ @note: This mode is used at Data Mode only for SA2_UL */
sa_AuthMode_HMAC_MD5, /**< HMAC with MD5 mode */
sa_AuthMode_HMAC_SHA1, /**< HMAC with SHA1 mode */
sa_AuthMode_HMAC_SHA2_224, /**< HMAC with 224-bit SHA2 mode */
sa_AuthMode_HMAC_SHA2_256, /**< HMAC with 256-bit SHA2 mode */
+ sa_AuthMode_HMAC_SHA2_384, /**< HMAC with 224-bit SHA mode
+ @note: This mode is used at Data Mode only for SA2_UL */
+ sa_AuthMode_HMAC_SHA2_512, /**< HMAC with 256-bit SHA mode
+ @note: This mode is used at Data Mode only for SA2_UL */
sa_AuthMode_GMAC, /**< Galois Message Authentication Code mode */
sa_AuthMode_GMAC_AH, /**< Galois Message Authentication Code mode for IPSEC AH operation
@note: This mode is used at Data Mode only */
#define sa_SIZE_CONFIG_SASS_GEN2 0x0002
+/**
+ * @def sa_SIZE_CONFIG_SASS_UL_GEN2
+ * Control Info -- 0:First generation Security Accelerator Ultra Lite Sub-System (SAUL)
+ * 1:Second generattion Security Aaccelerator Ultra Lite Sub-System (SA2_UL)
+ * at more advanced keystone3 devices such as Maxwell
+ */
+
+#define sa_SIZE_CONFIG_SASS_UL_GEN2 0x0003
+
+
/*@}*/
/** @} */
uint16_t macSize; /**< Specify the size of the authentication tag in bytes */
} Sa_AcConfigParams_t;
+/**
+ * @defgroup SALLDDmConfigCtrlBit Data Mode Configuration Control Bit Definitions
+ * @ingroup salld_api_constants
+ * @{
+ *
+ * @name Data Mode Configuration Control Bit Definitions
+ *
+ * Bitmap definition of the ctrlBitMap in Sa_DmConfigParams_t.
+ *
+ */
+/*@{*/
+/**
+ * @def sa_DM_CONFIG_SELECT_AIR_CIPHER_ENG
+ * Control Info -- 1: indicate selection of Air Cipher engine in data mode
+ * 0: use Encryption engine (default)
+ * @note: There are Encryption Engine and Air Cipher Engine in SASS. There are
+ * certain types of algorithms such as AES_CTR which both of these engines are
+ * capable of executing. By default the data mode selects to use the encryption
+ * engine for the algorithms such as AES_CTR. To seperate the Air Cipher traffic
+ * from the IPSec traffic, application may select the air cipher engine
+ * for the encryption by setting this bit.
+ *
+ * For devices such as K2G (NSS_LITE) which do not have air cipher engine
+ * setting this bit would cause error during datamode channel control configuration.
+ *
+ * This bit is supported for SA LLD releases version 3.0.0.15 or higher
+ */
+#define sa_DM_CONFIG_SELECT_AIR_CIPHER_ENG ((uint16_t) (0x0001U))
+
+/**
+ * @def sa_DM_CONFIG_PROMOTE_NONSECURE
+ * Control Info -- 1: promotion of normal world packet to secure packet
+ * intended to land in the secure memory (only for sa2ul)
+ * 0: no promotion
+ * @note: Promotion of non-secure packet to be secure packet also always requires
+ * the 48-bit SCPTR that comes with the packet to be within the range
+ * of 'SCPTR Promote Range' registers.
+ *
+ * For devices that do not have SA2UL setting this bit would cause no action
+ *
+ */
+#define sa_DM_CONFIG_PROMOTE_CHANNEL ((uint16_t) (0x0002U))
+
+/**
+ * @def sa_DM_CONFIG_DEMOTE_SECURE
+ * Control Info -- 1: demotion of secure packet to normal world packet
+ * intended to land in the secure memory (only for sa2ul)
+ * 0: no demotion
+ *
+ * For devices that do not have SA2UL setting this bit would cause no action
+ *
+ */
+#define sa_DM_CONFIG_DEMOTE_CHANNEL ((uint16_t) (0x0004U))
+
+/**
+ * @def sa_DM_CONFIG_USE_SECURE_CTX_FOR_NON_SECURE_CHANNEL
+ * Control Info -- 1: a normal world packet may use secure context
+ * 0: non-secure packet for this context can't use secure context
+ *
+ * For devices that do not have SA2UL setting this bit would cause no action
+ *
+ */
+#define sa_DM_CONFIG_USE_SECURE_CTX_FOR_NON_SECURE_CHANNEL ((uint16_t) (0x0008U))
+
+/**
+ * @def sa_DM_CONFIG_USE_DKEK
+ * Control Info -- 1: Set the USE_DKEK flag in the security context so
+ * that DKEK programmed by DMSC is loaded in-band
+ * instead of user-supplied key
+ * 0: Do not set USE_DKEK flag. User supplies a key
+ * directly.
+ *
+ * For devices that do not have SA2UL setting this bit would cause no action
+ *
+ */
+#define sa_DM_CONFIG_USE_DKEK ((uint16_t) (0x0010U))
+
+
+/*@}*/
+/** @} */
+
/**
* @ingroup salld_api_structures
* @brief Data Mode Configuration Parameters structure
---------------------------------------------------------------------------
| - sa_CipherMode_CCM | - (IV Size + Salt Size) should not exceed 13 |
| | - AAD size should not exceed 14 |
- | | - authentication mode should not be null |
+ | | - authentication mode should be null |
---------------------------------------------------------------------------
| - sa_CipherMode_GCM | - (IV Size + Salt Size) should be 12 |
| | - AAD size should not exceed 16 |
- | | - authentication mode should not be null |
+ | | - authentication mode should be null |
---------------------------------------------------------------------------
| - sa_CipherMode_DES_CBC | - (IV Size should be 8 |
| | - Salt size should be 0 |
---------------------------------------------------------------------------
| - sa_AuthMode_GMAC | - (IV Size + Salt Size) should be 12 |
| | - AAD size should not exceed 16 |
- | | - cipher mode should not be null |
+ | | - cipher mode should be null |
---------------------------------------------------------------------------
| - sa_AuthMode_GMAC_AH | - (IV Size should be 8 |
| | - Salt size should be 4 |
- | | - cipher mode should not be null |
+ | | - cipher mode should be null |
---------------------------------------------------------------------------
| - sa_AuthMode_KASUMI_F9 | - (IV Size should be 8 |
| | |
@endverbatim
*/
typedef struct {
+ uint16_t ctrlBitMap; /**< Various control information as specified at @ref SALLDDmConfigCtrlBit */
uint16_t sessionEncKeySize; /**< Specify the size of the session encryption key in bytes */
uint16_t sessionMacKeySize; /**< Specify the size of the session mac key in bytes */
uint16_t sessionSaltSize; /**< Specify the size of the session salt used in the GCM/CCM operation in bytes */
uint16_t aadSize; /**< Specify the size of the additional authenticated data in bytes used in CCM and GCM modes */
uint16_t enc; /**< TRUE: Encryption(To-Air); FALSE: Decryption (From-Air)*/
uint16_t enc1st; /**< TRUE: Perform encryption first; FALSE: Perform authentication first */
+#if defined(NSS_LITE2)
+ uint8_t priv; /**< Specify the priv for the security context creation */
+ uint8_t privId; /**< Specify the priv ID for the security context to checking with incoming packets to match */
+#endif
} Sa_DataModeConfigParams_t;
/**
uint8_t ctrlBitfield; /**< Control Bit Map to specify destination related operations such as local DMA
as defined at @ref SALLDDestInfoCtrlBit */
- uint8_t flowID; /**< Specify the 8-bit CPPI Flow ID */
- uint16_t queueID; /**< Specify the 16-bit destination Queue ID */
+ uint16_t flowID; /**< Specify the CPPI Flow ID */
+ uint16_t queueID; /**< Specify the 16-bit destination Queue ID (OR Ring ID for SA2UL) */
uint32_t swInfo0; /**< User-defined channel-specific parameter which will be placed in SwInfo0 for packets from SA */
uint32_t swInfo1; /**< User-defined channel-specific parameter which will be placed in SwInfo1 for packets from SA */
-} Sa_DestInfo_t;
+} Sa_DestInfo_t;
/**
* @ingroup salld_api_structures
* @ingroup salld_api_constants
* @brief Define the maximum key size supported by SASS
*/
+#if defined(NSS_LITE2)
+#define SALLD_MAX_KEY_SIZE 64
+#else
#define SALLD_MAX_KEY_SIZE 32
+#endif
/**
* @defgroup SALLDIpsecKeyCtrlInfo SALLD IPSEC Key Control Info Bit Definitions
* Control Info -- Set: SALT available
*/
#define sa_DATA_MODE_KEY_CTRL_SALT 0x0004
+/**
+ * @def sa_DATA_MODE_KEY_USE_DKEK
+ * Control Info -- Set: USE_DKEK field in security context
+ */
+#define sa_DATA_MODE_KEY_USE_DKEK 0x0008
/*@}*/
/** @} */
* @ingroup salld_api_constants
* @brief Define the maxmium number of software info parameters at @ref Sa_SWInfo_t.
*/
-#define sa_MAX_SW_INFO_SIZE 3
+#define sa_MAX_SW_INFO_SIZE 3
/**
* @ingroup salld_api_structures
* be delivered to SA. It will be provided by the SA LLD based on the channel configuration
* parameters and the security protocols.The software information words should be copied
* to the CPPI Software words area as provided through the CPPI LLD or equivalent component.
+ *
+ * for SA2_UL (Ultra Lite Generation 2) devices, size is always 4 and the swInfo[3] would
+ * hold the first 32 bits of Protocol Specific data of CPPI
*/
typedef struct {
uint16_t size; /**< Specify the software info size in 32-bit words */
uint32_t swInfo[sa_MAX_SW_INFO_SIZE]; /**< Specify the software information for SA */
} Sa_SWInfo_t;
+
/**
* @ingroup salld_api_macros
* @brief sa_SWINFO_UPDATE_DEST_INFO is used to update the destination information within swInfo[2] at @ref Sa_SWInfo_t
*
+ * @note this macro is not applicable for socs such as AM65XX or J721E that have second generation SA Ultra Lite (SA2_UL)
+ *
* @details The application may want to deliver output packets to different queues for load balance.
* This macro is used to update the destination queue and CPPI flow number in the Sa_SWInfo_t data structure
* provided by Sa_chanSendData()
/**
* @ingroup salld_api_constants
+ * Note: For NSS_LITE2 the effective command label size is 4 bytes less than the maximum size
* @brief Define the maxmium size of the command label stored at cmdLbBuf of @ref Sa_CmdLabelInfo_t.
*/
-#define sa_MAX_CMDLB_SIZE 96
-
+#if defined (NSS_LITE2)
+#define sa_MAX_CMDLB_SIZE ((uint32_t)(100U))
+#else
+#define sa_MAX_CMDLB_SIZE ((uint32_t)(96U))
+#endif
/**
* @ingroup salld_api_structures
* @brief SA Command Label Information structure
typedef struct {
uint16_t scSize; /**< Specify the size of the required security context */
uint16_t scID; /**< Security Context ID specified by the application */
- uint8_t* scBuf; /**< Security Context Buffer provided by the application
+ uintptr_t scBuf; /**< Security Context Buffer provided by the application
(16-byte alignment required) */
} Sa_ScReqInfo_t;
* 1:Enables internal internal packet information data collection (for Debug Purpose only)
*
* @note This control bit is applicable to Air Cipher channels only. This fetaure should not be enabled if there might be
- * both Air Cipher and SRTP channels.
+ * both Air Cipher and SRTP channels. This feature bit is not supported for C6678 device.
*/
#define sa_CONFIG_CTRL_BITMAP_TRIGGER_PKT_INFO_LOG 0x0002
+/**
+ * @def sa_CONFIG_CTRL_BITMAP_SET_SCPTR_RANGE
+ * Control Info -- 0:Disable setting of security context pointer range limit set
+ * 1:Enables security context pointer range limit set
+ *
+ * @note This control bit is applicable to SA2UL only (for other generations it is don't care).
+ * For SA2UL promote (packet from non secure to secure operations), the security context range needs to be
+ * set in SCPTR_Promote_Range registers
+ */
+
+#define sa_CONFIG_CTRL_BITMAP_SET_SCPTR_RANGE 0x0004
+
+/**
+ * @def sa_CONFIG_CTRL_BITMAP_LIMIT_ACCESS
+ * Control Info -- 0: All SA2UL registers may be accessed
+ * 1: Limit access to SA2UL registers which are reserved
+ * for use by DMSC firmware
+ *
+ * @note This control bit is applicable to SA2UL only (for other generations it is don't care).
+ * It is furthermore only necessary on High Secure (HS) device variants
+ * when an application wishes to share access to the SA2UL instance which
+ * is owned by DMSC firmware. DMSC prohibits read/write access to MMRA
+ * region on this instance, so this bit has the following effect:
+ *
+ * * Bypasses programming ENGINE_ENABLE register. DMSC sets all engines
+ * to enabled at device boot. The driver can confirm engine status
+ * through the ENGINE_STATUS register.
+ *
+ * * Ignores the SET_SCPTR_RANGE control flag and bypasses any attempt to
+ * access the SCPTR promote registers
+ */
+
+#define sa_CONFIG_CTRL_BITMAP_LIMIT_ACCESS 0x0008
+
+
/*@}*/
/** @} */
uint16_t ctrlBitMap; /**< Various configuration information as specified at @ref saSizeConfigCtrlBit */
} Sa_SizeCfg_t;
+/**
+ * @ingroup salld_api_structures
+ * @brief SA Security Context Range Structure for promote operations
+ *
+ * @details for SA2UL promote operations, the range register needs to be set with correct address ranges
+ */
+typedef struct {
+ uint32_t scPtrPromoteLowRangeL; /**< The lower 32-bits of SCPTR lower limit (must be 4KB aligned) */
+ uint32_t scPtrPromoteLowRangeH; /**< The upper 16-bits of SCPTR lower limit */
+ uint32_t scPtrPromoteHighRangeL; /**< The lower 32-bits of SCPTR upper limit (must be 4KB aligned) */
+ uint32_t scPtrPromoteHighRangeH; /**< The upper 16-bits of SCPTR upper limit */
+} Sa_ScPtrRangeCfg_t;
+
/**
* @defgroup saEngSelMode SA Engine Selector Algorithms
* @ingroup salld_api_constants
void *instPoolBaseAddr; /**< Base address of the global shared memory pool from which global
LLD instance & channel instance memory is allocated.*/
void *scPoolBaseAddr; /**< Base address of the global shared memory pool from which SA
- security context memory is allocated. This is a DMA\92able memory */
+ security context memory is allocated. This is a DMA-able memory */
+ Sa_ScPtrRangeCfg_t scPtrRange; /**< Security Context Buffer Range low and high address configuration */
uint32_t ctrlBitMap; /**< Various configuration information as specified at @ref saConfigCtrlBit */
} Sa_Config_t;
* P1_xyx ==> P0_xyz with P0_z = 1, on binary curve y**2+xy =x**3+ax**2+b (mod p) */
sa_PKA_OP_EC2m_MUL_SACLE, /**< Large Vector Point Multiply following by Scale on a Binary Field Curve:
* k*P1_xyx ==> P0_xyz with P1_z = 1 and P0_z = 1, on binary curve y**2+xy =x**3+ax**2+b (mod p) */
- sa_PKA_OP_ECp_DSA_SIGN /**< Large Vector ECDSA sign operation on a Prime Field Curve:
+ sa_PKA_OP_ECp_DSA_SIGN, /**< Large Vector ECDSA sign operation on a Prime Field Curve:
* k*P1_xyx ==> P0_xyz with P1_z = 1 and P0_z = 1, on prime curve y**2=x**3 + ax + b (mod p)
* r = P0x mod N, s = 1/k * (h + rd) mod N where h = hash(m)n, d = private key
*/
-
+ sa_PKA_OP_ECp_DSA_VERIFY /**< Large Vector ECDSA verify operation on a Prime Field Curve:
+ * u1*P1_xyx + u2 * Y ==> P0_xyz with P1_z = 1 and P0_z = 1, on prime curve y**2=x**3 + ax + b (mod p)
+ * u1 = h * w(mod N) and u2 = r * w mod N where where w = 1/s * mod N, h = hash(m)n, Y = public key
+ */
} Sa_PkaOpTypes_t;
/*@}*/
/** @} */
uint32_t* pS; /**< Pointer to output parameter s in 32-bit word array */
} Sa_PkaECDSASignParams_t;
+/**
+ * @ingroup salld_api_structures
+ * @brief SALLD PKA Elliptic Curve (EC) DSA Verify Operation Parameters Structure
+ *
+ * This structure defines the input and output parameters of ECDSA Verify operation on a
+ * Prime (Binary) Field Curve as described below
+ *
+ * k*P1_xyz ==> P0_xyz, on prime curve y**2=x**3+ax+b (mod p) or where P1_z = 1
+ * binary curve y**2+xy=x**3+ax**2+b (mod p)
+ * k: Alen
+ * p, a, b (c), P1_x, P1_y, P1_z, P0_x, P0_y, P0_z: BLen
+ *
+ * c**2 = b (md p) on the binary curve
+ *
+ * N: multiplicative (integer) order of the point P1 means that n times P1 = O
+ * h: messgae hash truncated to n bit Hash(m)n
+ * d: private key
+ *
+ * Output:
+ * r = P0x mod n;
+ * s = (1/k)(h + dr) mod N
+ *
+ * @par
+ *
+ * Restrictions of input parameters:
+ * - Prime Curve: 1 < ALen <= 24 (maximum vector length is 768 bits)
+ * - Prime Curve: 1 < BLen <= 24 (maximum vector length is 768 bits)
+ * - Binary Curve: 1 < ALen <= 18 (maximum vector length is 571 bits)
+ * - Binary Curve: 1 < BLen <= 18 (maximum vector length is 571 bits)
+ * - Binary Curve: Modulus p must be a prime
+ * - Prime Curve: Modulus p must be a prime > 2**63
+ * - The highest word of the modulus vector, as indicated by BLen, may not be zero.
+ * - a < p and b < p
+ * - P1 must be on the curve
+ * - 1 < k <= n, where n is the curve's order.
+ */
+typedef struct {
+ uint32_t* pModP; /**< Pointer to Modulus p in 32-bit word array */
+ uint32_t* pEcA; /**< Pointer to EC curve parameter a in 32-bit word array */
+ uint32_t* pEcBC; /**< Pointer to EC curve parameter b (or c) in 32-bit word array */
+ uint32_t* pN; /**< Pointer to multiplicative (integer) order N in 32-bit word array */
+ uint32_t* pH; /**< Pointer to hash data (h) in 32-bit word array */
+ Sa_PkaECPoint_t pY; /**< Pointer to public key (y) in 32-bit word array */
+ Sa_PkaECPoint_t point1; /**< Pointers to input point 1 (P1_xyz) */
+ uint32_t* pR; /**< Pointer to signature parameter r in 32-bit word array */
+ uint32_t* pS; /**< Pointer to signature parameter s in 32-bit word array */
+ uint32_t* pRes; /**< Pointer to output parameter Result (res) in 32-bit word array */
+} Sa_PkaECDSAVerifyParams_t;
+
/**
* @defgroup PkaOpModes PKA Operation Modes
* @ingroup salld_api_constants
Sa_PkaECMulParams_t ecMul; /**< Specify the input/output parameters for EC point multiply operation */
Sa_PkaECScaleParams_t ecScale; /**< Specify the input/output parameters for EC point scale operation */
Sa_PkaECDSASignParams_t ecDSASign; /**< Specify the input/output parameters for ECDSA Sign operation */
+ Sa_PkaECDSAVerifyParams_t ecDSAVerify; /**< Specify the input/output parameters for ECDSA Sign operation */
} params; /**< Specify the operation specific input/output parameters */
} Sa_PkaReqInfo2_t;
* Control Info -- Set: RNG reset
*/
#define sa_RNG_CTRL_RESET 0x0004
+
+/*@}*/
+
+
+/**
+ * @defgroup SALLDRng2ConfigCtrlInfo SALLD RNG2 Configuration Control Info Bit Definitions
+ * @ingroup salld_api_constants
+ * @{
+ *
+ * @name RNG2 Configuration Control Info Bit Definitions
+ *
+ * Bitmap definition of the ctrlBitfield in @ref Sa_Rng2ConfigParams_t.
+ */
+/*@{*/
+/**
+ * @def sa_RNG2_CTRL_REINIT
+ * Control Info -- Set: Force re-initialization
+ * Clear: Perform initialization only if not actived
+ */
+#define sa_RNG2_CTRL_REINIT 0x0001
+
+/**
+ * @def sa_RNG_CTRL_RESET
+ * Control Info -- Set: RNG2 reset
+ */
+#define sa_RNG2_CTRL_RESET 0x0002
+
+/**
+ * @def sa_RNG2_CTRL_DRBG_USE
+ * Control Info -- Set: DRBG use for SA2UL
+ * Clear: No DRBG for SA2UL
+ */
+#define sa_RNG2_CTRL_DRBG_USE 0x0004
+
+/**
+ * @def sa_RNG2_CTRL_DRBG_KNOWN_TESTS
+ * Control Info -- Set: DRBG use for SA2UL
+ * Clear: No DRBG for SA2UL
+ */
+#define sa_RNG2_CTRL_DRBG_KNOWN_TESTS 0x0008
+
+
/*@}*/
+
/** @} */
/**
the next random number (0:default) */
} Sa_RngConfigParams_t;
+/**
+ * @ingroup salld_api_structures
+ * @brief SALLD RNG2 Configuration Structure
+ *
+ * Data structure defines the RNG2 configuration related parameters
+ *
+ */
+typedef struct {
+ uint16_t ctrlBitfield; /**< Specify the initialization mode and other control information as defined
+ at @ref SALLDRng2ConfigCtrlInfo */
+ uint16_t clockDiv; /**< Specify the clock divider (1, 16) 0: default */
+ uint32_t sampleCycles; /**< Sets the number of FRO samples that are XOR-ed together into one bit
+ to be shifted into the main shift register.
+ This value must be such that there is at least one bit of entropy (in total)
+ in each 8 bits that are shifted.
+ Note: Value 0 in this field selects 65536 FRO samples to be XOR-ed together */
+ uint32_t pStringLen; /** < Personalization string length in 32-bit words (valid values 1 thorugh 12) */
+ uint32_t pStringData[sa_MAX_PS_AI_WORD_COUNT]; /** < Personalization String and Additional Input for SP-800-90A
+ AES-256 DRBG (valid when DRBG is enabled */
+
+} Sa_Rng2ConfigParams_t;
+
/**
* @ingroup salld_api_structures
* @brief SALLD RNG Output Structure
* with @ref Sa_getRandomNum().
*/
typedef struct {
- uint32_t hi; /**< Upper 32 bits of the 64-bit Random Number output */
- uint32_t lo; /**< Lower 32 bits of the 64-bit Random Number output */
+ uint32_t hi; /**< Upper 32 bits of the lower 64-bit Random Number output */
+ uint32_t lo; /**< Lower 32 bits of the lower 64-bit Random Number output */
} Sa_RngData_t;
+/**
+ * @ingroup salld_api_structures
+ * @brief SALLD RNG2 Output Structure
+ *
+ * This structure defines the random number output provided upon request
+ * with @ref Sa_getRandomNum2().
+ */
+typedef struct {
+ uint32_t hihi; /**< Upper 32 bits of the higher 64-bit Random Number output */
+ uint32_t hilo; /**< Lower 32 bits of the higher 64-bit Random Number output */
+ uint32_t hi; /**< Upper 32 bits of the lower 64-bit Random Number output */
+ uint32_t lo; /**< Lower 32 bits of the lower 64-bit Random Number output */
+} Sa_Rng2Data_t;
+
+
/**
* @ingroup salld_api_constants
* @brief Define the maximum number of buffers the module (SALLD) can request
@@ -3233,6 +3553,22 @@ int16_t Sa_downloadImage (Sa_Handle handle, int modId, void* image, int sizeByte
*/
int16_t Sa_rngInit (Sa_Handle handle, Sa_RngConfigParams_t* cfg);
+/**
+ * @ingroup salld_api_functions
+ * @brief The function is called to initialize and configure the RNG (Random Number Generator) module
+ * inside SA2UL
+ *
+ * @remark For a multi-core device, it is up to the upper-layer application to make sure that only
+ * the master core performs the RNG hardware initialization.
+ *
+ * @param[in] handle SALLD instance identifier.
+ * @param[in] cfg Pointer the RNG configuration parameters as defined at @ref Sa_RngConfigParams_t
+ * @retval Value @ref salldRetCodes
+ * @pre None
+ */
+int16_t Sa_rng2Init (Sa_Handle handle, Sa_Rng2ConfigParams_t* cfg);
+
+
/**
* @ingroup salld_api_functions
* @brief This function returns a 64-bit true random number
*/
int16_t Sa_getRandomNum (Sa_Handle handle, uint16_t f_isr, Sa_RngData_t* rnd);
+/**
+ * @ingroup salld_api_functions
+ * @brief This function returns a 128-bit true random number
+ *
+ * @details This function is called to get a 64-bit true random number. It is a non-blocking function
+ * call which indicates the random number is not available if the RNG is still in the
+ * process of generating the next random number.
+ * @remark For a multi-core device, it is up to the application to prevent this function from being invoked
+ * by multiple CGEM cores simultaneously.
+ *
+ * @param[in] handle SALLD instance identifier.
+ * @param[in] f_isr Flag to indicate whether it is called from interrupt srevice routine
+ * @param[in] rnd Pointer to the 128-bit random number
+ * @retval Value @ref salldRetCodes
+ * @pre RNG is initialized
+ */
+int16_t Sa_getRandomNum2 (Sa_Handle handle, uint16_t f_isr, Sa_Rng2Data_t* rnd);
+
/**
* @ingroup salld_api_functions
* @brief Sa_rngClose decativates the SA RNG module
@@ -3262,6 +3616,18 @@ int16_t Sa_getRandomNum (Sa_Handle handle, uint16_t f_isr, Sa_RngData_t* rnd);
*/
int16_t Sa_rngClose (Sa_Handle handle);
+/**
+ * @ingroup salld_api_functions
+ * @brief Sa_rngClose decativates the SA RNG module
+ *
+ * @details This function deactivates the SA RNG module and clears LLD internal state.
+ *
+ * @param[in] handle The PA LLD instance identifier
+ * @retval Value @ref salldRetCodes
+ */
+int16_t Sa_rng2Close (Sa_Handle handle);
+
+
/**
* @ingroup salld_api_functions
* @brief This function initializes the PKA (Public Key Accelerator) module inside SA
void sa_mDmResetCmdLb(Sa_CmdLbUpdateInfo_t* updateInfo,
uint32_t* cmdLb)
{
+
+#ifdef NSS_LITE2
+ cmdLb++;
+#endif
+
if (updateInfo->validBitfield & sa_CMDL_UPDATE_VALID_ENC)
{
/* Clear the encSize and encOffset field to simplify the operation in command label updating Macros */
{
uint8_t *iv = pEncIV;
+#ifdef NSS_LITE2
+ cmdLb++;
+#endif
+
/* Handle Option 1, (Option 2 & Option 3) in two different groups */
/* Update the command label header (8 byte) */
cmdLb[0] |= encSize;
uint32_t* cmdLb)
{
-
+#ifdef NSS_LITE2
+ cmdLb++;
+#endif
+
cmdLb[0] |= encSize;
cmdLb[1] |= ((uint32_t)encOffset << 24);
Sa_CmdLbUpdateInfo_t* updateInfo,
uint32_t* cmdLb)
{
-
+#ifdef NSS_LITE2
+ cmdLb++;
+#endif
+
switch (updateInfo->subMode)
{
case sa_DM_GEN: /* General Mode operation */
@@ -4407,6 +4788,51 @@ static inline void sa_PSINFO_SET_IV(Sa_psInfo_t *x, uint32_t *iv, int ivSize)
*
*/
+/**
+ * @page appendix3 SA2_UL Requirements for packet to pass Security Attributes Checkes
+ *
+ * In addition to the first-level check that the context fetch must pass is to satisfy
+ * the external firewall module's check at the soc level configured by DMSC, the second-level check
+ * that SA2_UL does is to compare the incoming packet\92s security attributes
+ * against the attributes that are stored as part of the SCCTL inside the security context.
+ * The following table summarizes the evaluation that will occur before a context is used for the packet
+ * processing. The rightmost column shows the possible change in 'secure' attribute of the packet
+ * if and only if the check passes. If packet check fails, the original packet attribute is untouched.
+ *
+ * @verbatim
+ * |----------------------------------------------------|-------------------------------------------------|----------------|
+ * | Incoming Packet Attributes | Attributes in Security Context | |
+ * |--------|---------|--------|--------|------|--------|--------|---------|--------|-----|------|--------| Impact |
+ * | Secure | Promote | Demote | NS | Priv | PrivID | Ctx | Ctx | Ctx | Ctx | Priv | PrivID | on out |
+ * | | | | Crypto | | | Secure | Promote | Demote | NS | | | pkt attributes |
+ * |--------|---------|--------|--------|------|--------|--------|---------|--------|-----|------|--------|----------------|
+ * | 0 | 0 | 0 | 0 | b | c | 0 | 0 | 0 | 0 | b | c | No Change |
+ * |--------|---------|--------|--------|------|--------|--------|---------|--------|-----|------|--------|----------------|
+ * | 1 | 0 | 0 | 0 | b | c | 1 | 0 | 0 | 0 | b | c | No Change |
+ * |--------|---------|--------|--------|------|--------|--------|---------|--------|-----|------|--------|----------------|
+ * | 0 | 1 | 0 | 0 | b | c | 1 | 1 | 0 | 0 | b | c | Secure=1(note2)|
+ * |--------|---------|--------|--------|------|--------|--------|---------|--------|-----|------|--------|----------------|
+ * | 1 | 0 | 1 | 0 | b | c | 1 | 0 | 1 | 0 | b | c | Secure=0(note3)|
+ * |--------|---------|--------|--------|------|--------|--------|---------|--------|-----|------|--------|----------------|
+ * | 0 | 0 | 0 | 1 | b | c | 1 | 0 | 0 | 1 | b | c |No Change(note4)|
+ * |--------|---------|--------|--------|------|--------|--------|---------|--------|-----|------|--------|----------------|
+ *
+ * @endverbatim
+ * Legend:
+ * The 'b' and 'c' can be any legal value of 2-bit priv and 8-bit privid respectively. The priv attribute on the
+ * input packet must match the priv attribute in the context. Similarly the privid attribute on the input packet
+ * must match the privid attribute in the context, except when the privid in the context is using the wildcard
+ * value (0xC3) which will bypass the privid check.
+ * Note 1: Promotion of non-secure packet to be secure packet also always requires the 48-bit SCPTR that
+ * comes with the packet to be within the range of 'SCPTR Promote Range' registers.
+ * Note 2: Output packet (with secure attribute = 1) is intended to land in a secure memory.
+ * Note 3: Output packet (with secure attribute = 0) is intended to land in a non-secure memory.
+ * Note 4: When the input packet has NS_crypto = 1 and the context has AllowNS = 1, a non-secure packet
+ * is allowed to use a secure context without knowing the key, but the output packet is intended to land in a
+ * non-secure memory (secure attribute on the packet stays at 0).
+ * Any other attributes combinations from the table above will result in security exceptions.
+ *
+ */
#ifdef __cplusplus
}