1 /**************************************************************************//**
4 * @brief MaskROM library header file
6 * @copyright (C) 2018 Nuvoton Technology Corp. All rights reserved.
7 *****************************************************************************/
8 #ifndef __MKROM_LIB_H__
9 #define __MKROM_LIB_H__
17 /** @addtogroup Standard_Driver Standard Driver
21 /** @addtogroup MKROM_Driver MKROM Driver
25 /** @addtogroup MKROM_EXPORTED_CONSTANTS MKROM Exported Constants
28 /*--------------------------------------------------------------------------------------------------*/
29 /* Status and Error Code Constant Definitions */
30 /*--------------------------------------------------------------------------------------------------*/
31 #define BL_ERR_TT_CHECK 0xF0F00000UL /*!< Not a Non-secure parameter */
32 #define BL_ERR_PARAMETER 0xF0F00001UL /*!< Invalid parameter */
33 #define BL_PARAM_ALIGN 0xF0F00002UL /*!< Parameter alignment error */
34 #define BL_NOT_FLASH_ADDR 0xF0F00003UL /*!< Invalid flash address */
35 #define BL_NOT_SRAM_ADDR 0xF0F00004UL /*!< Invalid sram address */
36 #define BL_XOM_NOT_CONFIG 0xF0F00005UL /*!< XOM is not configure yet */
37 #define BL_XOM_HAS_CONFIG 0xF0F00006UL /*!< XOM has beeen configured */
38 #define BL_XOM_HAS_ACTIVE 0xF0F00007UL /*!< XOM is actived */
39 #define BL_XOM_BASE_ERROR 0xF0F00008UL /*!< Invalid XOM base address */
40 #define BL_KPROM_NOT_ENABLE 0xF0F00009UL /*!< KPROM is not enabled yet */
41 #define BL_KPROM_KEY_FORBID 0xF0F0000AUL /*!< KPROM comparison is forbidden */
42 #define BL_KPROM_KEY_UNMATCH 0xF0F0000BUL /*!< KPROM comparison is unmatched */
43 #define BL_KPROM_KEY_LOCKED 0xF0F0000CUL /*!< KPROM write-protect is enabled */
44 #define BL_KPROM_SET_FAIL 0xF0F0000EUL /*!< Set KPROM key fail */
45 #define BL_ISP_CMD_FAIL (-1) /*!< FMC command fail */
46 #define BL_FLASH_ALLONE 0xA11FFFFFUL /*!< Check-all-one result is all one */
47 #define BL_FLASH_NOT_ALLONE 0xA1100000UL /*!< Check-all-one result is not all one*/
49 /*--------------------------------------------------------------------------------------------------*/
50 /* Random Number Generator Constant Definitions */
51 /*--------------------------------------------------------------------------------------------------*/
52 #define BL_RNG_PRNG (0UL) /*!<Use H/W random number generator */
53 #define BL_RNG_SWRNG (1UL) /*!<Use S/W random number generator */
54 #define BL_RNG_LIRC32K (0UL) /*!<Use LIRC32 for random number generator */
55 #define BL_RNG_LXT (2UL) /*!<Use LXT for random number generator */
56 #define XTRNG_PRNG (0UL) /*!<Use H/W random number generator */
57 #define XTRNG_SWRNG (1UL) /*!<Use S/W random number generator */
58 #define XTRNG_LIRC32K (0UL) /*!<Use LIRC32 for random number generator */
59 #define XTRNG_LXT (2UL) /*!<Use LXT for random number generator */
61 /*--------------------------------------------------------------------------------------------------*/
62 /* Maximum SecureISP Mode Transmit/Receive Packet Size Constant Definitions */
63 /*--------------------------------------------------------------------------------------------------*/
64 #define MAX_PKT_SIZE 64
66 /*@}*/ /* end of group MKROM_EXPORTED_CONSTANTS */
69 /** @addtogroup MKROM_EXPORTED_STRUCTS MKROM Exported Structs
73 * @details Random number generator structure
77 uint32_t opt; /*!< Operation mode */
78 int32_t data_len; /*!< Internal use for random number generator */
79 uint8_t buf[32]; /*!< Internal use for random number generator */
80 uint8_t buf2[20]; /*!< Internal use for random number generator */
85 uint32_t opt; /*!< Operation mode */
86 int32_t data_len; /*!< Internal use for random number generator */
87 uint8_t buf[32]; /*!< Internal use for random number generator */
88 uint8_t buf2[20]; /*!< Internal use for random number generator */
93 * @details XCRPT_T is structure for access MKROM Crypto library
97 CRPT_T *crpt; /*!< The pointer of the CRYPTO module */
98 ECC_CURVE *pCurve; /*!< Internal use for ECC */
99 ECC_CURVE Curve_Copy; /*!< Internal use for ECC */
100 uint32_t AES_CTL[4]; /*!< AES channel selection */
101 uint32_t TDES_CTL[4]; /*!< TDES channel selection */
104 /*---------------------------------------------------------------------------------------------------*/
105 /* Define a global constant XCRPT as the access address of g_xcrpta for using MKROM Crypto library. */
106 /*---------------------------------------------------------------------------------------------------*/
107 extern XCRPT_T g_xcrpt;
108 #define XCRPT (&g_xcrpt)
112 * @details Command packet structure for transmit/receive data in SecureISP function
117 uint16_t u16CRC16; /* CRC16 checksum of from u8CmdID to Word-13 */
118 uint16_t u16CmdID; /* Command ID */
121 uint16_t u16PacketID; /* Packet ID */
122 uint16_t u16Len; /* Valid data length in command data field */
125 uint32_t au32Data[12]; /* Data fields */
128 uint32_t u32CRC32; /* CRC32 from Word-0 to Word-13 for check cmd integrity */
131 uint32_t RSVD; /* Reserved */
137 * @details ECC public key structure
141 uint32_t au32Key0[8]; /* 256-bits */
142 uint32_t au32Key1[8]; /* 256-bits */
143 } __attribute__((packed)) ECC_PUBKEY_T;
147 * @details ECC ECDSA signature structure
151 uint32_t au32R[8]; /* 256-bits */
152 uint32_t au32S[8]; /* 256-bits */
153 } __attribute__((packed)) ECDSA_SIGN_T;
157 * @details SecureISP operation mode enumerate
164 RESYNC_ISP = 0x80, /* To set SecureISP in waiting connection state */
169 * @details Global ISP information data for perform SecureISP function
171 typedef void (*ISPCallback)(uint32_t *pu32Buf, uint32_t u32Data);
172 typedef void (*USBDEPFunc)(void);
175 uint32_t u32CmdMask; /* Disable the specify command in SecureISP */
177 uint32_t au32AESKey[8]; /* AES-256 keys */
178 uint32_t au32AESIV[4]; /* AES IV, 128-bits */
180 ECC_PUBKEY_T ClientPubKey; /* Client's ECC public key, 64-bytes (256-bits + 256-bits) */
181 ECC_PUBKEY_T ServerPubKey; /* Server's ECC public key, 64-bytes (256-bits + 256-bits) */
183 ECDSA_SIGN_T sign; /* 64-bytes (256-bits R + 256-bits S) */
185 uint32_t IsConnectOK; /* Internal use in SecureISP */
186 uint32_t timeout; /* Timeout period for connecting to SecureISP Tool */
188 __attribute__((aligned(4))) uint8_t rcvbuf[MAX_PKT_SIZE]; /* Internal use in SecureISP */
189 __attribute__((aligned(4))) uint8_t rspbuf[MAX_PKT_SIZE]; /* Internal use in SecureISP */
191 USBDEPFunc pfnUSBDEP[USBD_MAX_EP]; /* Internal use in SecureISP */
192 uint32_t IsUSBDataReady; /* Internal use in SecureISP */
194 uint32_t UARTClockFreq; /* UART clock frequency */
195 uint32_t UARTDataIdx; /* Internal use in SecureISP */
196 uint32_t IsUARTDataReady; /* Internal use in SecureISP */
198 ISPCallback pfnVendorFunc; /* Vendor function address */
200 uint32_t tmp0[8]; /* Internal use in SecureISP */
201 uint32_t tmp1[8]; /* Internal use in SecureISP */
207 * @details Global USBD data for SecureISP USB
208 * @note This data is internal use in SecureISP operation
212 uint8_t g_usbd_SetupPacket[8];
213 volatile uint8_t g_usbd_RemoteWakeupEn;
214 volatile uint8_t g_usbd_u8ZeroFlag;
216 volatile uint8_t *g_usbd_CtrlInPointer;
217 volatile uint8_t *g_usbd_CtrlOutPointer;
218 volatile uint32_t g_usbd_CtrlInSize;
219 volatile uint32_t g_usbd_CtrlOutSize;
220 volatile uint32_t g_usbd_CtrlOutSizeLimit;
221 volatile uint32_t g_usbd_UsbAddr;
222 volatile uint32_t g_usbd_UsbConfig;
223 volatile uint32_t g_usbd_CtrlMaxPktSize;
224 volatile uint32_t g_usbd_UsbAltInterface;
226 S_USBD_INFO_T *g_usbd_sInfo;
228 VENDOR_REQ g_usbd_pfnVendorRequest;
229 CLASS_REQ g_usbd_pfnClassRequest;
230 SET_INTERFACE_REQ g_usbd_pfnSetInterface;
231 SET_CONFIG_CB g_usbd_pfnSetConfigCallback;
232 uint32_t g_u32EpStallLock;
237 /*@}*/ /* end of group MKROM_EXPORTED_STRUCTS */
240 /** @addtogroup MKROM_EXPORTED_FUNCTIONS Bootloader Exported Functions
244 * @brief Get MKROM Version Number
246 * @return Version number of MKROM
247 * @details This API will return the MKROM version number.
249 uint32_t BL_GetVersion(void);
253 * @brief Enable FMC ISP Function and return maximum APROM size
255 * @return Maximum APROM size
256 * @details This API will unlock register write-protect, enable relative settings for access FMC ISP commands
257 * and return maximum APROM by chip package.
259 uint32_t BL_EnableFMC(void);
263 * @brief Disable FMC ISP Function
266 * @details This API will disable relative settings for disable FMC ISP function and lock register write-protect
267 * until last ISP operation is finished.
269 void BL_DisableFMC(void);
273 * @brief Get FMC ISP Busy Status
275 * @retval 0 ISP operation is finished
276 * @retval 1 ISP operation is in processing
277 * @details This API indicates ISP operation in in processing or finished.
279 uint32_t BL_GetISPStatus(void);
283 * @brief Get Non-secure Boundary
285 * @return Current Non-secure boundary
286 * @details This API can get current Non-secure boundary address.
288 uint32_t BL_GetNSBoundary(void);
292 * @brief Set All Flash Region Lock
294 * @retval -1 Set flash all lock failed
295 * @retval 0 Set flash all lock operation is success
296 * @details This API will protect all flash region read/write operate by ICE interface.
298 int32_t BL_SetFlashAllLock(void);
302 * @brief Read Non-secure Flash Address Data (for Non-secure region)
303 * @param[in] u32NSAddr Non-secure flash address
304 * @retval 0xF0F00000 u32NSAddr isn't in Non-secure area
305 * @retval 0xF0F00001 u32NSAddr isn't word aligned
306 * @retval 0xF0F00003 u32NSAddr isn't valid flash address
307 * @retval -1 Flash read failed
308 * @retval The data of specified Non-secure address
309 * @details To read word data from specified Non-secure flash address.
311 uint32_t BL_FlashRead(uint32_t u32NSAddr);
315 * @brief Read Multi-Word Data from Non-secure Flash Address (for Non-secure region)
316 * @param[in] u32NSAddr Starting Non-secure flash address
317 * @param[out] pu32NSRamBuf Non-secure sram address to store reading data
318 * @param[in] u32Size Total read byte counts, it should be word aligned and maximum size is one page size.
319 * @retval 0xF0F00000 u32NSAddr or pu32NSRamBuf region isn't in Non-secure area
320 * @retval 0xF0F00001 Wrong u32NSAddr, pu32NSRamBuf or u32Size parameter
321 * @retval 0xF0F00003 u32NSAddr isn't valid flash address
322 * @retval 0xF0F00004 pu32NSRamBuf isn't valid sram address
323 * @retval -1 Multi-words read failed
324 * @retval 0 Read operation is success
325 * @details To read multi-words data start from specified Non-secure flash address.
326 * And maximum read size is one page size, 2048 bytes.
328 int32_t BL_FlashMultiRead(uint32_t u32NSAddr, uint32_t *pu32NSRamBuf, uint32_t u32Size);
332 * @brief Program Data into Non-secure Flash Address (for Non-secure region)
333 * @param[in] u32NSAddr Non-secure flash address
334 * @param[in] u32Data 32-bit Data to program
335 * @retval 0xF0F00000 u32NSAddr isn't in Non-secure area
336 * @retval 0xF0F00001 u32NSAddr isn't word aligned
337 * @retval 0xF0F00003 u32NSAddr isn't valid flash address
338 * @retval -1 Flash write failed
339 * @retval 0 Program command is finished
340 * @details To program word data into specified Non-secure flash address.
342 int32_t BL_FlashWrite(uint32_t u32NSAddr, uint32_t u32Data);
346 * @brief Program Multi-Word Data into Non-secure Flash Address (for Non-secure region)
347 * @param[in] u32NSAddr Starting Non-secure flash address
348 * @param[in] pu32NSRamBuf Non-secure sram buffer address to store program data
349 * @param[in] u32Size Total program byte counts, it should be word aligned and maximum size is one page size.
350 * @retval 0xF0F00000 u32NSAddr or pu32NSRamBuf region isn't in Non-secure area
351 * @retval 0xF0F00001 Wrong u32NSAddr, pu32NSRamBuf or u32Size parameter
352 * @retval 0xF0F00003 u32NSAddr isn't valid flash address
353 * @retval 0xF0F00004 pu32NSRamBuf isn't valid sram address
354 * @retval -1 Multi-words write failed
355 * @retval 0 Program operation is finished
356 * @details To program multi-words data start from specified Non-secure flash address.
357 * And maximum program size is one page size, 2048 bytes.
359 int32_t BL_FlashMultiWrite(uint32_t u32NSAddr, uint32_t *pu32NSRamBuf, uint32_t u32Size);
363 * @brief Non-secure Flash Page Erase (for Non-secure region)
364 * @param[in] u32NSAddr Non-secure flash region to be erased and must be a page size aligned address.
365 * @retval 0xF0F00000 u32NSAddr region isn't in Non-secure area
366 * @retval 0xF0F00001 u32NSAddr isn't page size aligned
367 * @retval 0xF0F00003 u32NSAddr isn't valid flash address
368 * @retval -1 Page erase failed
369 * @retval 0 Page erase success
370 * @details This API is used to perform page erase command on specified Non-secure flash address.
371 * And this address must be a page size aligned address.
373 int32_t BL_FlashPageErase(uint32_t u32NSAddr);
377 * @brief Get Non-secure Flash Area CRC32 Checksum (for Non-secure region)
378 * @param[in] u32NSAddr Non-secure flash region to be calculated. u32NSAddr must be a page size aligned address.
379 * @param[in] u32ByteCount Byte counts of Non-secure flash area to be calculated. It must be multiple of 2048 bytes.
380 * @retval 0xF0F00000 u32NSAddr region isn't in Non-secure area
381 * @retval 0xF0F00001 Wrong u32NSAddr or u32ByteCount parameter
382 * @retval 0xF0F00003 u32NSAddr isn't valid flash address
383 * @retval -1 Execute CRC32 operation failed
384 * @retval Result of CRC32 checksum
385 * @details This API will calculate the CRC32 checksum result of specified non-secure flash area.
386 * The starting address and calculated size must be all 2048 bytes page size aligned.
388 uint32_t BL_FlashChecksum(uint32_t u32NSAddr, uint32_t u32ByteCount);
392 * @brief Check Non-secure Flash Area Data are all ONE or not (for Non-secure region)
393 * @param[in] u32NSAddr Non-secure flash region to be calculated. u32NSAddr must be a page size aligned address.
394 * @param[in] u32ByteCount Byte counts of Non-secure flash area to be calculated. It must be multiple of 2048 bytes.
395 * @retval 0xF0F00000 u32NSAddr region isn't in Non-secure area
396 * @retval 0xF0F00001 Wrong u32NSAddr or u32ByteCount parameter
397 * @retval 0xF0F00003 u32NSAddr isn't valid flash address
398 * @retval -1 Execute Check Flash All One operation failed
399 * @retval 0xA11FFFFF The contents of verified Non-secure flash area are 0xFFFFFFFF
400 * @retval 0xA1100000 Some contents of verified Non-secure flash area are not 0xFFFFFFFF
401 * @details This API is used to check specified Non-secure flash area are all 0xFFFFFFFF or not.
403 uint32_t BL_CheckFlashAllOne(uint32_t u32NSAddr, uint32_t u32ByteCount);
407 * @brief Read Company ID
409 * @return The company ID (32-bit)
410 * @details The company ID of Nuvoton is fixed to be 0xDA.
412 uint32_t BL_ReadCID(void);
416 * @brief Read Device ID
418 * @return The device ID (32-bit)
419 * @details This function is used to read device ID.
421 uint32_t BL_ReadDID(void);
425 * @brief Read Product ID
427 * @return The product ID (32-bit)
428 * @details This function is used to read product ID.
430 uint32_t BL_ReadPID(void);
435 * @param[in] u32Index Index of the UCID to read and u32Index must be 0, 1, 2, or 3.
436 * @return The UCID of specified index
437 * @details This function is used to read unique chip ID (UCID).
439 uint32_t BL_ReadUCID(uint32_t u32Index);
444 * @param[in] u32Index UID index. 0 = UID[31:0], 1 = UID[63:32], 2 = UID[95:64]
445 * @return The 32-bit unique ID data of specified UID index
446 * @details To read out specified 32-bit unique ID.
448 uint32_t BL_ReadUID(uint32_t u32Index);
452 * @brief Get XOM Active Status
453 * @param[in] u32XOM Specified XOM region, it must be between 0~3.
454 * @retval 0xF0F00001 Invalid u32XOM number
455 * @retval 0 Current XOM region isn't active yet
456 * @retval 1 Current XOM region is active
457 * @details This API will return specified XOM region active status.
459 uint32_t BL_GetXOMActiveStatus(uint32_t u32XOM);
463 * @brief Read XOM Setting (for Non-secure region)
464 * @param[in] u32XOM Specified XOM region, it must be between 0~3
465 * @param[out] pu32Base Return specified XOM base address
466 * @param[out] pu32PageCnt Return specified XOM page count
467 * @retval 0xF0F00000 pu32Base, pu32PageCnt or XOM base address isn't in Non-secure area
468 * @retval 0xF0F00001 Wrong u32XOM, pu32Base or pu32PageCnt parameter
469 * @retval 0xF0F00003 XOM base address isn't valid flash address
470 * @retval 0xF0F00004 pu32Base or pu32PageCnt isn't valid sram address
471 * @retval 0xF0F00005 XOM region isn't configured
472 * @retval 0 Read specified XOM setting success
473 * @details This API will read specified XOM relative settings.
475 int32_t BL_ReadXOMRegion(uint32_t u32XOM, uint32_t *pu32Base, uint32_t *pu32PageCnt);
479 * @brief Set XOM Region and Active (for Non-secure region)
480 * @param[in] u32XOM Specified XOM region, it must be between 0~3
481 * @param[in] u32Base Base address of XOM region
482 * @param[in] u32PageCnt Page count of XOM region
483 * @param[in] u32IsDebugMode 1: Enable XOM debug mode; others will disable XOM debug mode.
484 * @retval 0xF0F00000 XOM region isn't in Non-secure area
485 * @retval 0xF0F00001 Wrong u32XOM, u32Base or u32PageCnt parameter
486 * @retval 0xF0F00003 u32Base isn't valid flash address
487 * @retval 0xF0F00006 XOM region has configured
488 * @retval 0xF0F00007 XOM region has active
489 * @retval -1 Set XOM failed
490 * @retval 0 Set specified XOM success
491 * @details This API will set specified XOM active.
493 int32_t BL_SetXOMRegion(uint32_t u32XOM, uint32_t u32Base, uint32_t u32PageCnt, uint32_t u32IsDebugMode);
497 * @brief Erase XOM Setting (for Non-secure region)
498 * @param[in] u32XOMBase Specified XOM region to be erase
499 * @retval 0xF0F00000 u32XOMBase or erase XOM region isn't in Non-secure area
500 * @retval 0xF0F00001 u32XOMBase isn't page size aligned
501 * @retval 0xF0F00003 u32XOMBase isn't valid flash address
502 * @retval 0xF0F00008 Invalid u32XOMBase address
503 * @retval -1 Erase XOM region failed
504 * @retval 0 Erase XOM region success
505 * @details This API will erase specified XOM region data and relative XOM setting.
507 int32_t BL_EraseXOMRegion(uint32_t u32XOMBase);
511 * @brief Get XOM Erased Status
513 * @retval -1 Erase XOM operation failed
514 * @retval 0 Erase XOM operation success
515 * @details This API will return the XOM erase operation is success or not.
517 int32_t BL_GetXOMEraseStatus(void);
521 * @brief Read KPKEYSTS Status
523 * @return KPKEYSTS register status
524 * @details This API can read KPROM KPKEYSTS register status.
526 uint32_t BL_GetKPROMStatus(void);
530 * @brief Read KPKEYCNT Status
532 * @return KPKEYCNT register status
533 * @details This API can read KPROM KPKEYCNT register status.
535 uint32_t BL_GetKPROMCounter(void);
539 * @brief Read KPCNT Status
541 * @return KPCNT register status
542 * @details This API can read KPROM KPCNT register status.
544 uint32_t BL_GetKPROMPowerOnCounter(void);
548 * @brief Execute KPROM Key Comparison
549 * @param[in] key0 KPROM key0
550 * @param[in] key1 KPROM key1
551 * @param[in] key2 KPROM key2
552 * @retval 0xF0F00009 KPROM function isn't enabled
553 * @retval 0xF0F0000A Trigger KPROM key comparison is FORBID
554 * @retval 0xF0F0000B KPROM Key is mismatch
555 * @retval 0xF0F0000C KPROM key still locked
556 * @retval 0 KPROM Key are matched
557 * @details With this API, user can unlock KPROM write-protection and then execute FMC program command well.
559 int32_t BL_TrgKPROMCompare(uint32_t key0, uint32_t key1, uint32_t key2);
563 * @brief Execute CHIP Reset
566 * @details This API will perform reset CHIP command to reset chip.
568 void BL_ResetChip(void);
571 /*--------------------------------------------------------------------------------------------------*/
572 /* The following functions are for Secure code only */
573 /*--------------------------------------------------------------------------------------------------*/
575 * @brief Check if ECC Private Key Valid
576 * @param[in] xcrpt The pointer of the global XCRPT data
577 * @param[in] ecc_curve The pre-defined ECC curve.
578 * @param[in] private_k The input private key.
579 * @return 1 Is valid.
580 * @return 0 Is not valid.
581 * @return -1 Invalid curve.
582 * @details This API is used to check if the private key is placed in valid range of curve.
584 int32_t XECC_IsPrivateKeyValid(XCRPT_T *xcrpt, E_ECC_CURVE ecc_curve, char private_k[]);
588 * @brief Generate ECC Public Key
589 * @param[in] xcrpt The pointer of the global XCRPT data
590 * @param[in] ecc_curve The pre-defined ECC curve.
591 * @param[in] private_k The input private key.
592 * @param[out] public_k1 The output public key 1.
593 * @param[out] public_k2 The output public key 2.
595 * @return -1 "ecc_curve" value is invalid.
596 * @details This API is used to generate a public key pair by a specified ECC private key and ECC curve.
598 int32_t XECC_GeneratePublicKey(XCRPT_T *xcrpt, E_ECC_CURVE ecc_curve, char *private_k, char public_k1[], char public_k2[]);
602 * @brief Generate ECDSA Signature
603 * @param[in] xcrpt The pointer of the global XCRPT data
604 * @param[in] ecc_curve The pre-defined ECC curve.
605 * @param[in] message The hash value of source context.
606 * @param[in] d The private key.
607 * @param[in] k The selected random integer.
608 * @param[out] R R of the (R,S) pair digital signature
609 * @param[out] S S of the (R,S) pair digital signature
611 * @return -1 "ecc_curve" value is invalid.
612 * @details This API is used to generate an ECDSA digital signature.
614 int32_t XECC_GenerateSignature(XCRPT_T *xcrpt, E_ECC_CURVE ecc_curve, char *message, char *d, char *k, char *R, char *S);
618 * @brief Verify ECDSA Signature
619 * @param[in] xcrpt The pointer of the global XCRPT data
620 * @param[in] ecc_curve The pre-defined ECC curve.
621 * @param[in] message The hash value of source context.
622 * @param[in] public_k1 The public key 1.
623 * @param[in] public_k2 The public key 2.
624 * @param[in] R R of the (R,S) pair digital signature
625 * @param[in] S S of the (R,S) pair digital signature
627 * @return -1 "ecc_curve" value is invalid.
628 * @return -2 Verification failed.
629 * @details This API is used to perform the ECDSA digital signature verification.
631 int32_t XECC_VerifySignature(XCRPT_T *xcrpt, E_ECC_CURVE ecc_curve, char *message, char *public_k1, char *public_k2, char *R, char *S);
635 * @brief Generate ECDH Secret Shared Key
636 * @param[in] xcrpt The pointer of the global XCRPT data
637 * @param[in] ecc_curve The pre-defined ECC curve.
638 * @param[in] private_k One's own private key.
639 * @param[in] public_k1 The other party's public key 1.
640 * @param[in] public_k2 The other party's public key 2.
641 * @param[out] secret_z The ECC CDH secret Z.
643 * @return -1 "ecc_curve" value is invalid.
644 * @details This API is used to generate an ECDH shared key.
646 int32_t XECC_GenerateSecretZ(XCRPT_T *xcrpt, E_ECC_CURVE ecc_curve, char *private_k, char public_k1[], char public_k2[], char secret_z[]);
650 * @brief Convert Data to Hex Format
651 * @param[in] count Byte counts for convert.
652 * @param[in] reg The input data buffer.
653 * @param[out] output The output data buffer.
655 * @details This API is used to convert the data to hex format.
657 void XECC_Reg2Hex(int32_t count, uint32_t volatile reg[], char output[]);
661 * @brief Convert Data to Register Format
662 * @param[in] input The input data buffer.
663 * @param[out] reg The output data buffer.
665 * @details This API is used to convert the data in a register data format.
667 void XECC_Hex2Reg(char input[], uint32_t volatile reg[]);
671 * @brief Get ID ECC R, S digital signature (for Secure code)
672 * @param[out] R R of the (R,S) pair digital signature
673 * @param[out] S S of the (R,S) pair digital signature
674 * @retval -1 Get R, S digital signature fail
676 * @details This API will return ECC R, S digital signature of chip ID, include PDID, UID0~2 and UCID0~3.
678 int32_t XECC_GetIDECCSignature(uint32_t *R, uint32_t *S);
682 * @brief Open TDES Encrypt/Decrypt
683 * @param[in] xcrpt The pointer of the global XCRPT data
684 * @param[in] u32Channel TDES channel. Must be 0~3.
685 * @param[in] u32EncDec 1: TDES encode; 0: TDES decode
686 * @param[in] Is3DES 1: TDES; 0: DES
687 * @param[in] Is3Key 1: TDES 3 key mode; 0: TDES 2 key mode
688 * @param[in] u32OpMode TDES operation mode, including:
689 * - \ref TDES_MODE_ECB
690 * - \ref TDES_MODE_CBC
691 * - \ref TDES_MODE_CFB
692 * - \ref TDES_MODE_OFB
693 * - \ref TDES_MODE_CTR
694 * @param[in] u32SwapType is TDES input/output data swap control and word swap control, including:
695 * - \ref TDES_NO_SWAP
696 * - \ref TDES_WHL_SWAP
697 * - \ref TDES_OUT_SWAP
698 * - \ref TDES_OUT_WHL_SWAP
699 * - \ref TDES_IN_SWAP
700 * - \ref TDES_IN_WHL_SWAP
701 * - \ref TDES_IN_OUT_SWAP
702 * - \ref TDES_IN_OUT_WHL_SWAP
704 * @details This API is used to enable TDES encrypt/decrypt function.
706 void XTDES_Open(XCRPT_T *xcrpt, uint32_t u32Channel, uint32_t u32EncDec, int32_t Is3DES, int32_t Is3Key, uint32_t u32OpMode, uint32_t u32SwapType);
710 * @brief Start TDES Encrypt/Decrypt
711 * @param[in] xcrpt The pointer of the global XCRPT data
712 * @param[in] u32Channel TDES channel. Must be 0~3.
713 * @param[in] u32DMAMode TDES DMA control, including:
714 * - \ref CRYPTO_DMA_ONE_SHOT One shot TDES encrypt/decrypt.
715 * - \ref CRYPTO_DMA_CONTINUE Continuous TDES encrypt/decrypt.
716 * - \ref CRYPTO_DMA_LAST Last TDES encrypt/decrypt of a series of XTDES_Start.
718 * @details This API is used to start TDES encrypt/decrypt.
720 void XTDES_Start(XCRPT_T *xcrpt, int32_t u32Channel, uint32_t u32DMAMode);
724 * @brief Set TDES Keys
725 * @param[in] xcrpt The pointer of the global XCRPT data
726 * @param[in] u32Channel TDES channel. Must be 0~3.
727 * @param[in] au32Keys The TDES keys. au32Keys[0][0] is Key0 high word and au32Keys[0][1] is key0 low word.
729 * @details This API is used to set TDES keys.
731 void XTDES_SetKey(XCRPT_T *xcrpt, uint32_t u32Channel, uint32_t au32Keys[3][2]);
735 * @brief Set TDES Initial Vectors
736 * @param[in] xcrpt The pointer of the global XCRPT data
737 * @param[in] u32Channel TDES channel. Must be 0~3.
738 * @param[in] u32IVH TDES initial vector high word.
739 * @param[in] u32IVL TDES initial vector low word.
741 * @details This API is used to set TDES initial vectors.
743 void XTDES_SetInitVect(XCRPT_T *xcrpt, uint32_t u32Channel, uint32_t u32IVH, uint32_t u32IVL);
747 * @brief Set TDES DMA Transfer Configuration
748 * @param[in] xcrpt The pointer of the global XCRPT data
749 * @param[in] u32Channel TDES channel. Must be 0~3.
750 * @param[in] u32SrcAddr TDES DMA source address
751 * @param[in] u32DstAddr TDES DMA destination address
752 * @param[in] u32TransCnt TDES DMA transfer byte count
754 * @details This API is used to configure the TDES DMA transfer.
756 void XTDES_SetDMATransfer(XCRPT_T *xcrpt, uint32_t u32Channel, uint32_t u32SrcAddr, uint32_t u32DstAddr, uint32_t u32TransCnt);
760 * @brief Open SHA Encrypt
761 * @param[in] xcrpt The pointer of the global XCRPT data
762 * @param[in] u32OpMode SHA operation mode, including:
763 * - \ref SHA_MODE_SHA1
764 * - \ref SHA_MODE_SHA224
765 * - \ref SHA_MODE_SHA256
766 * - \ref SHA_MODE_SHA384
767 * - \ref SHA_MODE_SHA512
768 * @param[in] u32SwapType is the SHA input/output data swap control, including:
770 * - \ref SHA_OUT_SWAP
772 * - \ref SHA_IN_OUT_SWAP
773 * @param[in] hmac_key_len HMAC key byte count
775 * @details This API is used to enable SHA encrypt function.
777 void XSHA_Open(XCRPT_T *xcrpt, uint32_t u32OpMode, uint32_t u32SwapType, uint32_t hmac_key_len);
781 * @brief Start SHA Encrypt
782 * @param[in] xcrpt The pointer of the global XCRPT data
783 * @param[in] u32DMAMode SHA DMA control, including:
784 * - \ref CRYPTO_DMA_ONE_SHOT One shot SHA encrypt.
785 * - \ref CRYPTO_DMA_CONTINUE Continuous SHA encrypt.
786 * - \ref CRYPTO_DMA_LAST Last SHA encrypt of a series of XSHA_Start.
788 * @details This API is used to start SHA encrypt.
790 void XSHA_Start(XCRPT_T *xcrpt, uint32_t u32DMAMode);
794 * @brief Set SHA DMA Transfer Configuration
795 * @param[in] xcrpt The pointer of the global XCRPT data
796 * @param[in] u32SrcAddr SHA DMA source address
797 * @param[in] u32TransCnt SHA DMA transfer byte count
799 * @details This API is used to configure the SHA DMA transfer.
801 void XSHA_SetDMATransfer(XCRPT_T *xcrpt, uint32_t u32SrcAddr, uint32_t u32TransCnt);
805 * @brief Read SHA Digest
806 * @param[in] xcrpt The pointer of the global XCRPT data
807 * @param[out] u32Digest The SHA encrypt output digest.
809 * @details This API is used to read the SHA digest.
811 void XSHA_Read(XCRPT_T *xcrpt, uint32_t u32Digest[]);
815 * @brief Open AES Encrypt/Decrypt
816 * @param[in] xcrpt The pointer of the global XCRPT data
817 * @param[in] u32Channel AES channel. Must be 0~3.
818 * @param[in] u32EncDec 1: AES encode; 0: AES decode
819 * @param[in] u32OpMode AES operation mode, including:
820 * - \ref AES_MODE_ECB
821 * - \ref AES_MODE_CBC
822 * - \ref AES_MODE_CFB
823 * - \ref AES_MODE_OFB
824 * - \ref AES_MODE_CTR
825 * - \ref AES_MODE_CBC_CS1
826 * - \ref AES_MODE_CBC_CS2
827 * - \ref AES_MODE_CBC_CS3
828 * @param[in] u32KeySize is AES key size, including:
829 * - \ref AES_KEY_SIZE_128
830 * - \ref AES_KEY_SIZE_192
831 * - \ref AES_KEY_SIZE_256
832 * @param[in] u32SwapType is AES input/output data swap control, including:
834 * - \ref AES_OUT_SWAP
836 * - \ref AES_IN_OUT_SWAP
838 * @details This API is used to enable AES encrypt/decrypt function.
840 void XAES_Open(XCRPT_T *xcrpt, uint32_t u32Channel, uint32_t u32EncDec, uint32_t u32OpMode, uint32_t u32KeySize, uint32_t u32SwapType);
844 * @brief Start AES Encrypt/Decrypt
845 * @param[in] xcrpt The pointer of the global XCRPT data
846 * @param[in] u32Channel AES channel. Must be 0~3.
847 * @param[in] u32DMAMode AES DMA control, including:
848 * - \ref CRYPTO_DMA_ONE_SHOT One shot AES encrypt/decrypt.
849 * - \ref CRYPTO_DMA_CONTINUE Continuous AES encrypt/decrypt.
850 * - \ref CRYPTO_DMA_LAST Last AES encrypt/decrypt of a series of XAES_Start.
852 * @details This API is used to start AES encrypt/decrypt.
854 void XAES_Start(XCRPT_T *xcrpt, int32_t u32Channel, uint32_t u32DMAMode);
858 * @brief Set AES Keys
859 * @param[in] xcrpt The pointer of the global XCRPT data
860 * @param[in] u32Channel AES channel. Must be 0~3.
861 * @param[in] au32Keys An word array contains AES keys.
862 * @param[in] u32KeySize is AES key size, including:
863 * - \ref AES_KEY_SIZE_128
864 * - \ref AES_KEY_SIZE_192
865 * - \ref AES_KEY_SIZE_256
867 * @details This API is used to set AES keys.
869 void XAES_SetKey(XCRPT_T *xcrpt, uint32_t u32Channel, uint32_t au32Keys[], uint32_t u32KeySize);
873 * @brief Set AES Initial Vectors
874 * @param[in] xcrpt The pointer of the global XCRPT data
875 * @param[in] u32Channel AES channel. Must be 0~3.
876 * @param[in] au32IV A four entry word array contains AES initial vectors.
878 * @details This API is used to set AES initial vectors.
880 void XAES_SetInitVect(XCRPT_T *xcrpt, uint32_t u32Channel, uint32_t au32IV[]);
884 * @brief Set AES DMA Transfer Configuration
885 * @param[in] xcrpt The pointer of the global XCRPT data
886 * @param[in] u32Channel AES channel. Must be 0~3.
887 * @param[in] u32SrcAddr AES DMA source address
888 * @param[in] u32DstAddr AES DMA destination address
889 * @param[in] u32TransCnt AES DMA transfer byte count
891 * @details This API is used to configure the AES DMA transfer.
893 void XAES_SetDMATransfer(XCRPT_T *xcrpt, uint32_t u32Channel, uint32_t u32SrcAddr, uint32_t u32DstAddr, uint32_t u32TransCnt);
897 * @brief Initial Random Number Generator (for Secure code)
899 * @param[in] rng The structure of random number generator
900 * @param[in] opt Operation modes. Possible options are,
901 * (XTRNG_PRNG | XTRNG_LIRC32K),
902 * (XTRNG_PRNG | XTRNG_LXT),
903 * (XTRNG_SWRNG | XTRNG_LIRC32K),
904 * (XTRNG_SWRNG | XTRNG_LXT)
908 * @details This API is used to initial random number generator.
909 * After initial this API success, user can call XTRNG_Random API to generate the random number.
911 int32_t XTRNG_RandomInit(XTRNG_T *rng, uint32_t opt);
915 * @brief Generate Random Number (for Secure code)
917 * @param[in] rng The structure of random number generator
918 * @param[out] p Starting buffer address to store random number
919 * @param[in] size Total byte counts of random number
922 * @details This API is used to generate random number.
924 int32_t XTRNG_Random(XTRNG_T *rng, uint8_t *p, uint32_t size);
928 * @brief Get ID ECC R, S Digital Signature (for Secure code)
929 * @param[out] R R of the (R,S) pair digital signature
930 * @param[out] S S of the (R,S) pair digital signature
931 * @retval -1 Get R, S digital signature fail
933 * @details This API will return ECC R, S digital signature of chip ID, include PDID, UID0~2 and UCID0~3.
935 int32_t BL_GetIDECCSignature(uint32_t *R, uint32_t *S);
939 * @brief Initial Random Number Generator (for Secure code)
941 * @param[in] rng The structure of random number generator
942 * @param[in] opt Operation modes. Possible options are,
943 * (BL_RNG_PRNG | BL_RNG_LIRC32K),
944 * (BL_RNG_PRNG | BL_RNG_LXT),
945 * (BL_RNG_SWRNG | BL_RNG_LIRC32K),
946 * (BL_RNG_SWRNG | BL_RNG_LXT)
950 * @details This API is used to initial random number generator.
951 * After initial this API success, user can perform BL_Random API to generate the random number.
953 int32_t BL_RandomInit(BL_RNG_T *rng, uint32_t opt);
957 * @brief Generate Random Number (for Secure code)
959 * @param[in] rng The structure of random number generator
960 * @param[out] p Starting buffer address to store random number
961 * @param[in] size Total byte counts of random number
964 * @details This API is used to generate random number.
966 int32_t BL_Random(BL_RNG_T *rng, uint8_t *p, uint32_t size);
970 * @brief Initialize SecureISP Function (for Secure code)
971 * @param[in] pISPInfo The ISP information data buffer address
972 * @param[in] pUSBDInfo USB data buffer for SecureISP USB
973 * @param[in] mode Operation mode. Possible options are
976 * - \ref USB_UART_MODE
978 * @return Return process status and exit SecureISP mode.
979 * @details Executing this API will initialize USB or UART1 SecureISP function.
980 * User can use SecureISP Tool to communicate with target chip.
981 * @note Configure relate USB and UART1 settings are necessary before executing this API.
983 int32_t BL_SecureISPInit(ISP_INFO_T *pISPInfo, BL_USBD_INFO_T *pUSBDInfo, E_ISP_MODE mode);
987 * @brief Process USBD Interrupt (for Secure code)
988 * @param[in] pfnEPTable Starting address to store EP callback function
989 * @param[in] pInfo The ISP information data buffer address
990 * @param[in] pUSBDInfo USB data buffer for SecureISP USB
991 * @retval -1 Execute API in Non-secure code
992 * @retval 0 Process USBD interrupt event success
993 * @details This API is used to process USBD command and should be called in USBD_IRQHandler().
995 int32_t BL_ProcessUSBDInterrupt(uint32_t *pfnEPTable, uint32_t *pInfo, uint32_t *pUSBDInfo);
999 * @brief Process UART1 Interrupt (for Secure code)
1000 * @param[in] pInfo The ISP information data buffer address
1001 * @retval -1 Execute API in Non-secure code
1002 * @retval 0 Process UART1 interrupt event success
1003 * @details This API is used to process UART1 command and should be called in UART1_IRQHandler().
1005 int32_t BL_ProcessUART1Interrupt(uint32_t *pInfo);
1009 * @brief Get Vendor Data (for Secure code)
1010 * @param[in] pInfo The ISP information data buffer address
1011 * @param[out] pu32Data Data buffer to store vendor data. Maximum buffer size is 44 bytes.
1012 * @param[in] pu32Buf Internal used data buffer address
1014 * @retval -1 Invalid command packet
1015 * @retval -2 Not in vendor function
1016 * @details This API is used to get the vendor data and should be called in the vendor function.
1018 int32_t BL_GetVendorData(uint32_t *pInfo, uint32_t *pu32Data, uint32_t *pu32Buf);
1022 * @brief Return Vendor Data (for Secure code)
1023 * @param[in] pu32Data Data buffer to store response data
1024 * @param[in] u32Len Data buffer length, maximum size is 40 bytes.
1025 * @param[in] pu32Buf Internal used data buffer address
1027 * @retval -1 Invalid buffer length
1028 * @retval -2 Not in vendor function
1029 * @details This API is used to return vendor data to server and should be called in the vendor function.
1031 int32_t BL_ReturnVendorData(uint32_t *pu32Data, uint32_t u32Len, uint32_t *pu32Buf);
1035 * @brief Generate Command Response Data (for Secure code)
1036 * @param[in] pCMD Buffer address to store command data
1037 * @param[in] pISPInfo The ISP information data buffer address
1038 * @retval 0 Command success
1039 * @retval Other Command fail
1040 * @details This API is used to generate response data to server.
1042 int32_t Cmd_GenRspPacket(CMD_PACKET_T *pCMD, ISP_INFO_T *pISPInfo);
1046 * @brief Parse Command (for Secure code)
1047 * @param[in] pCMD Buffer address to store command
1048 * @param[in] pISPInfo The ISP information data buffer address
1049 * @retval 0 Command success
1050 * @retval Other Command fail
1051 * @details This API is used to parse data from server.
1053 int32_t Cmd_ParseReqPacket(CMD_PACKET_T *pCMD, ISP_INFO_T *pISPInfo);
1057 * @brief Parse CONNECT Command (for Secure code)
1058 * @param[in] pISPInfo The ISP information data buffer address
1060 * @retval Other Command fail
1061 * @details This API is used for parse CONNECT command only.
1063 int32_t ParseCONNECT(ISP_INFO_T *pISPInfo);
1067 * @brief Parse related ECDH Commands (for Secure code)
1068 * @param[in] pISPInfo The ISP information data buffer address
1070 * @retval Other Command fail
1071 * @details This API is used for parse related ECDH commands.
1073 int32_t ParseECDH(ISP_INFO_T *pISPInfo);
1077 * @brief Parse Commands (for Secure code)
1078 * @param[in] pISPInfo The ISP information data buffer address
1080 * @retval Other Command fail
1081 * @details This API is used for parse all commands except CONNECT and related ECDH commands.
1083 int32_t ParseCommands(ISP_INFO_T *pISPInfo);
1087 * @brief Initialize USBD Module (for Secure code)
1088 * @param[in] param The structure of USBD information
1089 * @param[in] pfnClassReq USB Class request callback function
1090 * @param[in] pfnSetInterface USB Set Interface request callback function
1091 * @param[in] pUSBDInfo USB data buffer for SecureISP USB mode
1092 * @retval -1 Execute API in Non-secure code
1094 * @details This function will enable USB controller, USB PHY transceiver and pull-up resistor of USB_D+ pin. USB PHY will drive SE0 to bus.
1096 int32_t BL_USBDOpen(const S_USBD_INFO_T *param, CLASS_REQ pfnClassReq, SET_INTERFACE_REQ pfnSetInterface, uint32_t *pUSBDInfo);
1100 * @brief Install EP Callback Function (for Secure code)
1101 * @param[in] ep EP number
1102 * @param[in] pfnEPHandler EP callback function
1103 * @param[in] pfnEPTable Starting address to store EP callback function
1106 * @details This function is used to set specific EP callback function
1108 int32_t BL_USBDInstallEPHandler(uint32_t ep, void *pfnEPHandler, uint32_t *pfnEPTable);
1112 * @brief Start USBD Function (for Secure code)
1114 * @retval -1 Execute API in Non-secure code
1116 * @details Enable WAKEUP, FLDET, USB and BUS interrupts. Disable software-disconnect function after 100ms delay with SysTick timer.
1118 int32_t BL_USBDStart(void);
1121 /*@}*/ /* end of group MKROM_EXPORTED_FUNCTIONS */
1123 /*@}*/ /* end of group MKROM_Driver */
1125 /*@}*/ /* end of group Standard_Driver */
1132 #endif /* __MKROM_LIB_H__ */
1134 /*** (C) COPYRIGHT 2018 Nuvoton Technology Corp. ***/
projects / freertos / blob