diff --git a/Makefile b/Makefile index ae2fd85c..ed7feb8e 100644 --- a/Makefile +++ b/Makefile @@ -727,6 +727,7 @@ UBOOTINCLUDE := \ -I$(srctree)/arch/$(ARCH)/thumb1/include),) \ -I$(srctree)/arch/$(ARCH)/include \ $(if $(CONFIG_TARGET_LIGHT_C910), -I$(srctree)/lib/sec_library/include) \ + $(if $(CONFIG_TARGET_LIGHT_C910), -I$(srctree)/lib/sec_library/include/soft_crypto) \ -include $(srctree)/include/linux/kconfig.h NOSTDINC_FLAGS += -nostdinc -isystem $(shell $(CC) -print-file-name=include) @@ -757,6 +758,8 @@ libs-y += drivers/net/phy/ libs-y += drivers/power/ \ drivers/power/domain/ \ drivers/power/fuel_gauge/ \ + drivers/power/charge/ \ + drivers/mcu/ \ drivers/power/mfd/ \ drivers/power/pmic/ \ drivers/power/battery/ \ diff --git a/arch/riscv/dts/Makefile b/arch/riscv/dts/Makefile index 54601c03..c02d0d59 100644 --- a/arch/riscv/dts/Makefile +++ b/arch/riscv/dts/Makefile @@ -7,6 +7,7 @@ dtb-$(CONFIG_TARGET_LIGHT_EVB_MPW_C910) += light-evb-mpw-c910.dtb dtb-$(CONFIG_TARGET_LIGHT_FPGA_FM_C910) += light-fpga-fm-c910.dtb dtb-$(CONFIG_TARGET_LIGHT_C910) += light-a-ref.dtb light-b-ref.dtb light-a-val.dtb light-b-product.dtb light-a-product.dtb light-ant-ref.dtb light-beagle.dtb light-b-power.dtb light-lpi4a.dtb light-milkv-meles.dtb dtb-$(CONFIG_TARGET_LIGHT_C910) += light-lpi4a-laptop.dtb +dtb-$(CONFIG_TARGET_LIGHT_C910) += th1520-rvbook.dtb targets += $(dtb-y) diff --git a/arch/riscv/dts/light-a-val.dts b/arch/riscv/dts/light-a-val.dts index 87db40a9..27502811 100644 --- a/arch/riscv/dts/light-a-val.dts +++ b/arch/riscv/dts/light-a-val.dts @@ -312,7 +312,7 @@ tpm@0{ compatible = "z32h330tc,z32h330tc-spi"; reg = <0>; - spi-max-frequency = <40000000>; + spi-max-frequency = <20000000>; }; }; diff --git a/arch/riscv/dts/th1520-rvbook.dts b/arch/riscv/dts/th1520-rvbook.dts new file mode 100644 index 00000000..f9c3b177 --- /dev/null +++ b/arch/riscv/dts/th1520-rvbook.dts @@ -0,0 +1,947 @@ +/dts-v1/; +#include +#include + +/ { + model = "T-HEAD c910 light"; + compatible = "thead,c910_light"; + #address-cells = <2>; + #size-cells = <2>; + + charge-animation { + compatible = "rockchip,uboot-charge"; + uboot-low-power-voltage = <7300>; + powerkey-gpio= <&ao_gpio_porta 6 0>; + status = "okay"; + }; + + leds { + status = "okay"; + compatible = "gpio-leds"; + red-led { + gpios = <&gpio1_porta 14 0>; // GPIO_ACTIVE_HIGH: 0 + label = "battery_charging"; + default-state = "off"; + }; + + green-led { + gpios = <&gpio1_porta 13 0>; // GPIO_ACTIVE_HIGH: 0 + label = "battery_full"; + default-state = "off"; + }; + + blue-led { + gpios = <&gpio1_porta 15 0>; // GPIO_ACTIVE_HIGH: 0 + label = "battery_start"; + default-state = "off"; + }; + }; + + memory@0 { + device_type = "memory"; + reg = <0x0 0xc0000000 0x0 0x40000000>; + }; + + aliases { + spi0 = &spi0; + spi1 = &qspi0; + spi2 = &qspi1; + }; + + cpus { + #address-cells = <1>; + #size-cells = <0>; + timebase-frequency = <3000000>; + u-boot,dm-pre-reloc; + cpu@0 { + device_type = "cpu"; + reg = <0>; + status = "okay"; + compatible = "riscv"; + riscv,isa = "rv64imafdcvsu"; + mmu-type = "riscv,sv39"; + u-boot,dm-pre-reloc; + }; + }; + + soc { + #address-cells = <2>; + #size-cells = <2>; + compatible = "simple-bus"; + ranges; + u-boot,dm-pre-reloc; + + intc: interrupt-controller@ffd8000000 { + compatible = "riscv,plic0"; + reg = <0xff 0xd8000000 0x0 0x04000000>; + status = "disabled"; + }; + + dummy_apb: apb-clock { + compatible = "fixed-clock"; + clock-frequency = <62500000>; + clock-output-names = "dummy_apb"; + #clock-cells = <0>; + u-boot,dm-pre-reloc; + }; + + dummy_ahb: ahb-clock { + compatible = "fixed-clock"; + clock-frequency = <250000000>; + clock-output-names = "core"; + #clock-cells = <0>; + u-boot,dm-pre-reloc; + }; + + dummy_spi: spi-clock { + compatible = "fixed-clock"; + clock-frequency = <396000000>; + clock-output-names = "dummy_spi"; + #clock-cells = <0>; + u-boot,dm-pre-reloc; + }; + + dummy_qspi0: qspi0-clock { + compatible = "fixed-clock"; + clock-frequency = <792000000>; + clock-output-names = "dummy_qspi0"; + #clock-cells = <0>; + u-boot,dm-pre-reloc; + }; + + dummy_uart_sclk: uart-sclk-clock { + compatible = "fixed-clock"; + clock-frequency = <100000000>; + clock-output-names = "dummy_uart_sclk"; + #clock-cells = <0>; + u-boot,dm-pre-reloc; + }; + + dummy_i2c_icclk: i2c-icclk-clock { + compatible = "fixed-clock"; + clock-frequency = <50000000>; + clock-output-names = "dummy_i2c_icclk"; + #clock-cells = <0>; + u-boot,dm-pre-reloc; + }; + + dummy_dpu_pixclk: dpu-pix-clock { + compatible = "fixed-clock"; + clock-frequency = <74250000>; + clock-output-names = "dummy_dpu_pixclk"; + #clock-cells = <0>; + u-boot,dm-pre-reloc; + }; + + dummy_dphy_refclk: dphy-ref-clock { + compatible = "fixed-clock"; + clock-frequency = <24000000>; + clock-output-names = "dummy_dpu_refclk"; + #clock-cells = <0>; + u-boot,dm-pre-reloc; + }; + + i2c0: i2c@ffe7f20000 { + compatible = "snps,designware-i2c"; + reg = <0xff 0xe7f20000 0x0 0x4000>; + clocks = <&dummy_i2c_icclk>; + clock-frequency = <100000>; + + #address-cells = <1>; + #size-cells = <0>; + + usbc0: husb311_0@4e { + compatible = "hynetek,husb311"; + int-n-gpios = <&gpio3_porta 10 1>; + reg = <0x4e>; + status = "okay"; + + usb_con0: connector { + compatible = "usb-c-connector"; + label = "USB-C"; + data-role = "dual"; + power-role = "dual"; + try-power-role = "sink"; + source-pdos = ; + sink-pdos = + ; + op-sink-microwatt = <10000000>; + }; + }; + + cw2015@62 { + clock-frequency = <100000>; + status = "okay"; + compatible = "cellwise,cw2015"; + reg = <0x62>; + cellwise,battery-profile = /bits/ 8 + <0x17 0x67 0x66 0x65 0x64 0x63 0x61 0x5E + 0x52 0x6D 0x4D 0x58 0x5B 0x51 0x44 0x3B + 0x33 0x2C 0x26 0x23 0x24 0x29 0x34 0x42 + 0x49 0x16 0x0E 0xB8 0x3D 0x5D 0x68 0x7D + 0x78 0x75 0x7B 0x7A 0x3F 0x18 0x82 0x48 + 0x09 0x4A 0x1A 0x47 0x86 0x93 0x97 0x15 + 0x49 0x71 0x9A 0xC3 0x80 0x41 0x4F 0xCB + 0x2F 0x00 0x64 0xA5 0xB5 0x0D 0xB8 0x91>; + cellwise,monitor-interval-ms = <5000>; + cellwise,dual-cell = <1>; + }; + + bq25703: bq25703@6b { + status = "okay"; + compatible = "ti,bq25703"; + reg = <0x6b>; + typec0-enable-gpios = <&gpio3_porta 13 0>; //CHG_PATH_SEL0_180 + typec1-enable-gpios = <&gpio3_porta 12 0>; //CHG_PATH_SEL1_180 + ti,charge-current = <2500000>; + ti,max-input-voltage = <5000000>; + ti,input-current = <2000000>; + }; + }; + + i2c1: i2c@ffe7f24000{ + compatible = "snps,designware-i2c"; + reg = <0xff 0xe7f24000 0x0 0x4000>; + clocks = <&dummy_i2c_icclk>; + clock-frequency = <100000>; + + #address-cells = <1>; + #size-cells = <0>; + + mcu_hc32fx:mcu-hc32fx@0x4c { + status = "okay"; + compatible = "mcu_hc32fx"; + reg = <0x4c>; + }; + + usbc1: husb311_1@4e { + compatible = "hynetek,husb311"; + int-n-gpios = <&gpio1_porta 5 1>; + reg = <0x4e>; + status = "okay"; + + usb_con1: connector { + compatible = "usb-c-connector"; + label = "USB-C"; + data-role = "dual"; + power-role = "dual"; + try-power-role = "sink"; + source-pdos = ; + sink-pdos = + ; + op-sink-microwatt = <10000000>; + }; + }; + }; + + i2c2: i2c@ffec00c000{ + compatible = "snps,designware-i2c"; + reg = <0xff 0xec00c000 0x0 0x4000>; + clocks = <&dummy_i2c_icclk>; + clock-frequency = <100000>; + + #address-cells = <1>; + #size-cells = <0>; + }; + + i2c3: i2c@ffec014000{ + compatible = "snps,designware-i2c"; + reg = <0xff 0xec014000 0x0 0x4000>; + clocks = <&dummy_i2c_icclk>; + clock-frequency = <100000>; + + #address-cells = <1>; + #size-cells = <0>; + }; + + i2c4: i2c@ffe7f28000{ + compatible = "snps,designware-i2c"; + reg = <0xff 0xe7f28000 0x0 0x4000>; + clocks = <&dummy_i2c_icclk>; + clock-frequency = <100000>; + + #address-cells = <1>; + #size-cells = <0>; + + pcal6408ahk_a: gpio@20 { + compatible = "nxp,pca9554"; + reg = <0x20>; + gpio-controller; + #gpio-cells = <2>; + }; + }; + + i2c5: i2c@fff7f2c000{ + compatible = "snps,designware-i2c"; + reg = <0xff 0xf7f2c000 0x0 0x4000>; + clocks = <&dummy_i2c_icclk>; + clock-frequency = <100000>; + + #address-cells = <1>; + #size-cells = <0>; + }; + + serial@ffe7014000 { + compatible = "snps,dw-apb-uart"; + reg = <0xff 0xe7014000 0x0 0x400>; + clocks = <&dummy_uart_sclk>; + clock-frequency = <100000000>; + clock-names = "baudclk"; + reg-shift = <2>; + reg-io-width = <4>; + u-boot,dm-pre-reloc; + }; + + gmac0: ethernet@ffe7070000 { + compatible = "snps,dwmac"; + reg = <0xff 0xe7070000 0x0 0x2000>; + clocks = <&dummy_apb>; + clock-names = "stmmaceth"; + snps,pbl = <32>; + snps,fixed-burst; + + phy-mode = "rgmii-id"; + phy-handle = <&phy_88E1111_a>; + status = "disabled"; + mdio0 { + #address-cells = <1>; + #size-cells = <0>; + compatible = "snps,dwmac-mdio"; + + phy_88E1111_a: ethernet-phy@1 { + reg = <0x1>; + }; + + phy_88E1111_b: ethernet-phy@2 { + reg = <0x2>; + }; + }; + }; + + gmac1: ethernet@ffe7060000 { + compatible = "snps,dwmac"; + reg = <0xff 0xe7060000 0x0 0x2000>; + clocks = <&dummy_apb>; + clock-names = "stmmaceth"; + snps,pbl = <32>; + snps,fixed-burst; + phy-mode = "rgmii-id"; + phy-handle = <&phy_88E1111_b>; + status = "disabled"; + }; + + emmc: sdhci@ffe7080000 { + compatible = "snps,dwcmshc-sdhci"; + reg = <0xff 0xe7080000 0x0 0x10000>; + index = <0x0>; + clocks = <&dummy_ahb>; + clock-frequency = <198000000>; + clock-names = "core"; + max-frequency = <198000000>; + sdhci-caps-mask = <0x0 0x1000000>; + mmc-hs400-1_8v; + non-removable; + no-sdio; + no-sd; + bus-width = <8>; + voltage= "1.8v"; + pull_up; + io_fixed_1v8; + fifo-mode; + u-boot,dm-pre-reloc; + }; + + sdhci0: sd@ffe7090000 { + compatible = "snps,dwcmshc-sdhci"; + reg = <0xff 0xe7090000 0x0 0x10000>; + index = <0x1>; + clocks = <&dummy_ahb>; + clock-frequency = <198000000>; + max-frequency = <198000000>; + sd-uhs-sdr104; + pull_up; + clock-names = "core"; + bus-width = <4>; + voltage= "3.3v"; + }; + + qspi0: spi@ffea000000 { + compatible = "snps,dw-apb-ssi-quad"; + reg = <0xff 0xea000000 0x0 0x1000>; + clocks = <&dummy_qspi0>; + num-cs = <1>; + cs-gpio = <&gpio2_porta 3 0>; // GPIO_ACTIVE_HIGH: 0 + spi-max-frequency = <100000000>; + #address-cells = <1>; + #size-cells =<0>; + spi-flash@0 { + #address-cells = <1>; + #size-cells = <1>; + compatible = "spi-nand"; + spi-tx-bus-width = <4>; + spi-rx-bus-width = <4>; + reg = <0>; + }; + }; + + qspi1: spi@fff8000000 { + compatible = "snps,dw-apb-ssi-quad"; + reg = <0xff 0xf8000000 0x0 0x1000>; + clocks = <&dummy_spi>; + num-cs = <1>; + cs-gpio = <&gpio0_porta 1 0>; // GPIO_ACTIVE_HIGH: 0 + spi-max-frequency = <66000000>; + #address-cells = <1>; + #size-cells =<0>; + spi-flash@0 { + #address-cells = <1>; + #size-cells = <1>; + compatible = "spi-nand"; + spi-tx-bus-width = <4>; + spi-rx-bus-width = <4>; + reg = <0>; + }; + }; + + spi0: spi@ffe700c000 { + compatible = "snps,dw-apb-ssi"; + reg = <0xff 0xe700c000 0x0 0x1000>; + clocks = <&dummy_spi>; + cs-gpio = <&gpio2_porta 15 0>; + spi-max-frequency = <100000000>; + #address-cells = <1>; + #size-cells = <0>; + tpm@0{ + compatible = "z32h330tc,z32h330tc-spi"; + reg = <0>; + spi-max-frequency = <22000000>; + }; + }; + + gpio2: gpio@ffe7f34000 { + compatible = "snps,dw-apb-gpio"; + reg = <0xff 0xe7f34000 0x0 0x1000>; + clocks = <&dummy_apb>; + #address-cells = <1>; + #size-cells = <0>; + gpio2_porta: gpio-controller@0 { + compatible = "snps,dw-apb-gpio-port"; + gpio-controller; + #gpio-cells = <2>; + snps,nr-gpios = <32>; + reg = <0>; + }; + }; + + gpio3: gpio@ffe7f38000 { + compatible = "snps,dw-apb-gpio"; + reg = <0xff 0xe7f38000 0x0 0x1000>; + clocks = <&dummy_apb>; + #address-cells = <1>; + #size-cells = <0>; + gpio3_porta: gpio-controller@0 { + compatible = "snps,dw-apb-gpio-port"; + gpio-controller; + #gpio-cells = <2>; + snps,nr-gpios = <32>; + reg = <0>; + }; + }; + + gpio0: gpio@ffec005000 { + compatible = "snps,dw-apb-gpio"; + reg = <0xff 0xec005000 0x0 0x1000>; + clocks = <&dummy_apb>; + #address-cells = <1>; + #size-cells = <0>; + gpio0_porta: gpio-controller@0 { + compatible = "snps,dw-apb-gpio-port"; + gpio-controller; + #gpio-cells = <2>; + snps,nr-gpios = <32>; + reg = <0>; + }; + }; + + ao_gpio: gpio@fffff41000 { + compatible = "snps,dw-apb-gpio"; + reg = <0xff 0xfff41000 0x0 0x1000>; + #address-cells = <1>; + #size-cells = <0>; + + ao_gpio_porta: ao_gpio-controller@0 { + compatible = "snps,dw-apb-gpio-port"; + gpio-controller; + #gpio-cells = <2>; + nr-gpios-snps = <32>; + reg = <0>; + + }; + }; + + gpio1: gpio@ffec006000 { + compatible = "snps,dw-apb-gpio"; + reg = <0xff 0xec006000 0x0 0x1000>; + clocks = <&dummy_apb>; + #address-cells = <1>; + #size-cells = <0>; + + gpio1_porta: gpio-controller@0 { + compatible = "snps,dw-apb-gpio-port"; + gpio-controller; + #gpio-cells = <2>; + snps,nr-gpios = <32>; + reg = <0>; + }; + }; + + pwm: pwm@ffec01c000 { + compatible = "thead,pwm-light"; + reg = <0xff 0xec01c000 0x0 0x4000>; + #pwm-cells = <2>; + }; + + dsi_regs: dsi-controller@ffef500000 { + compatible = "thead,light-dsi-regs", "syscon"; + reg = <0xff 0xef500000 0x0 0x10000>; + status = "okay"; + }; + + vosys_regs: vosys@ffef528000 { + compatible = "thead,light-vo-subsys", "syscon"; + reg = <0xff 0xef528000 0x0 0x1000>; + status = "okay"; + }; + + dpu: dc8200@ffef600000 { + compatible = "verisilicon,dc8200"; + reg = <0xff 0xef600000 0x0 0x100>; + }; + + axiscr { + compatible = "thead,axiscr"; + reg = <0xff 0xff004000 0x0 0x1000>; + lock-read = "okay"; + lock-write = "okay"; + #address-cells = <2>; + #size-cells = <2>; + u-boot,dm-pre-reloc; + axiscr0: axisrc@0 { + device_type = "axiscr"; + region = <0x00 0x00000000 0x00 0x80000000>; // 4KB align + status = "disabled"; + #address-cells = <2>; + #size-cells = <2>; + u-boot,dm-pre-reloc; + }; + axiscr1: axisrc@1 { + device_type = "axiscr"; + region = <0x00 0x80000000 0x00 0x80000000>; // 4KB align + status = "disabled"; + #address-cells = <2>; + #size-cells = <2>; + u-boot,dm-pre-reloc; + }; + axiscr2: axisrc@2 { + device_type = "axiscr"; + region = <0x01 0x00000000 0x00 0x80000000>; // 4KB align + status = "disabled"; + #address-cells = <2>; + #size-cells = <2>; + u-boot,dm-pre-reloc; + }; + }; + + axiparity { + compatible = "thead,axiparity"; + reg = <0xff 0xff00c000 0x0 0x1000>; + lock = "okay"; + #address-cells = <2>; + #size-cells = <2>; + u-boot,dm-pre-reloc; + axiparity0: axiparity@0 { + device_type = "axiparity"; + region = <0x00 0x00000000 0x01 0x0000000>; // 4KB align + status = "disabled"; + #address-cells = <2>; + #size-cells = <2>; + u-boot,dm-pre-reloc; + }; + axiparity1: axiparity@1 { + device_type = "axiparity"; + region = <0x01 0x00000000 0x01 0x00000000>; // 4KB align + status = "disabled"; + #address-cells = <2>; + #size-cells = <2>; + u-boot,dm-pre-reloc; + }; + }; + + dsi_bridge: dsi-bridge { + compatible = "thead,light-dsi-bridge"; + clocks = <&dummy_dpu_pixclk>; + clock-names = "pix-clk"; + phys = <&dsi_dphy>; + phy-names = "dphy"; + }; + + dsi_host: dsi-host { + compatible = "synopsys,dw-mipi-dsi"; + regmap = <&dsi_regs>; + status = "okay"; + }; + + dsi_dphy: dsi-dphy { + compatible = "synopsys,dw-dphy"; + regmap = <&dsi_regs>; + vosys-regmap = <&vosys_regs>; + clocks = <&dummy_dpu_pixclk>, <&dummy_dphy_refclk>; + clock-names = "pix-clk", "ref-clk"; + #phy-cells = <0>; + status = "okay"; + }; + + lcd_backlight: pwm-backlight { + compatible = "pwm-backlight"; + pwms = <&pwm 0 5000000>; + brightness-levels = <0 4 8 16 32 64 128 255>; + default-brightness-level = <7>; + }; + + ili9881c_panel { + status = "disabled"; + compatible = "ilitek,ili9881c"; + backlight = <&lcd_backlight>; + reset-gpios = <&gpio1_porta 5 1>; /* active low */ + lcd-en-gpios = <&pcal6408ahk_a 2 0>; /* active high */ + lcd-bias-en-gpios = <&pcal6408ahk_a 4 0>;/* active high */ + }; + + aon { + compatible = "thead,light-aon"; + status = "okay"; + + wakeup-by-gpio-on; + wakeup-by-rtc-on; + + pd: light-aon-pd { + compatible = "thead,light-aon-pd"; + #power-domain-cells = <1>; + }; + + light-regu-reg { + compatible = "thead,light-dialog-pmic"; + status = "okay"; + + soc_dvdd18_aon_reg: soc_dvdd18_aon { + regulator-name = "soc_dvdd18_aon"; + regulator-boot-on; + regulator-always-on; + }; + + soc_avdd33_usb3_reg: soc_avdd33_usb3 { + regulator-name = "soc_avdd33_usb3"; + regulator-boot-on; + regulator-always-on; + }; + + soc_dvdd08_aon_reg: soc_dvdd08_aon { + regulator-name = "soc_dvdd08_aon"; + regulator-boot-on; + regulator-always-on; + }; + + soc_apcpu_dvdd_dvddm_reg: soc_apcpu_dvdd_dvddm { + regulator-name = "soc_apcpu_dvdd_dvddm"; + regulator-min-microvolt = <300000>; + regulator-max-microvolt = <1570000>; + regulator-boot-on; + regulator-always-on; + }; + + soc_dvdd08_ddr_reg: soc_dvdd08_ddr { + regulator-name = "soc_dvdd08_ddr"; + regulator-boot-on; + regulator-always-on; + }; + + soc_vdd_ddr_1v8_reg: soc_vdd_ddr_1v8 { + regulator-name = "soc_vdd_ddr_1v8"; + regulator-boot-on; + regulator-always-on; + }; + + soc_vdd_ddr_1v1_reg: soc_vdd_ddr_1v1 { + regulator-name = "soc_vdd_ddr_1v1"; + regulator-boot-on; + regulator-always-on; + }; + + soc_vdd_ddr_0v6_reg: soc_vdd_ddr_0v6 { + regulator-name = "soc_vdd_ddr_0v6"; + regulator-boot-on; + regulator-always-on; + }; + + soc_dvdd18_ap_reg: soc_dvdd18_ap { + regulator-name = "soc_dvdd18_ap"; + regulator-boot-on; + regulator-always-on; + }; + + soc_dvdd08_ap_reg: soc_dvdd08_ap { + regulator-name = "soc_dvdd08_ap"; + regulator-boot-on; + regulator-always-on; + }; + + soc_avdd08_mipi_hdmi_reg: soc_avdd08_mipi_hdmi { + regulator-name = "soc_avdd08_mipi_hdmi"; + regulator-boot-on; + regulator-always-on; + }; + + soc_avdd18_mipi_hdmi_reg: soc_avdd18_mipi_hdmi { + regulator-name = "soc_avdd18_mipi_hdmi"; + regulator-boot-on; + regulator-always-on; + }; + + soc_dvdd33_emmc_reg: soc_dvdd33_emmc { + regulator-name = "soc_dvdd33_emmc"; + regulator-boot-on; + regulator-always-on; + }; + + soc_dvdd18_emmc_reg: soc_dvdd18_emmc { + regulator-name = "soc_vdd18_emmc"; + regulator-boot-on; + regulator-always-on; + }; + soc_dovdd18_scan_reg: soc_dovdd18_scan { + regulator-name = "soc_dovdd18_scan"; + regulator-min-microvolt = <900000>; + regulator-max-microvolt = <3600000>; + }; + soc_vext_2v8_reg: soc_vext_2v8 { + regulator-name = "soc_vext_2v8"; + regulator-boot-on; + regulator-always-on; + }; + soc_dvdd12_scan_reg: soc_dvdd12_scan { + regulator-name = "soc_dvdd12_scan"; + regulator-min-microvolt = <900000>; + regulator-max-microvolt = <3600000>; + }; + soc_avdd28_scan_en_reg: soc_avdd28_scan_en { + regulator-name = "soc_avdd28_scan_en"; + regulator-min-microvolt = <2800000>; + regulator-max-microvolt = <2800000>; + }; + }; + + aon_pmic_config { + compatible = "thead,light-pmic-conf"; + status = "okay"; + + #address-cells = <1>; + #size-cells = <0>; + iic-config = <0 0 2>; + pmic_dev_0: pmic-dev@0 { + pmic-name = "dialog,da9063,v1"; + pmic-addr = <0x5a 0x5b>; + pmic_wdt_on; + status = "okay"; + }; + + pmic_dev_1: pmic-dev@1 { + pmic-name = "dialog,da9121,v1"; + pmic-addr = <0x68>; + status = "okay"; + }; + + regu_config_0 { + reg_info = <&soc_dvdd18_aon_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO3>; + }; + }; + + regu_config_1 { + reg_info = <&soc_avdd33_usb3_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO9>; + }; + }; + + regu_config_2 { + reg_info = <&soc_dvdd08_aon_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO2>; + }; + }; + + regu_config_3 { + reg_info = <&soc_apcpu_dvdd_dvddm_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_BCORE1>; + auto_on_info = <0 0 800000>; + }; + + regu_id@1 { + pmic_dev = <&pmic_dev_0 DA9063_ID_BCORE2>; + auto_on_info = <1 0 800000>; + }; + + regu_id@2 { + pmic_dev = <&pmic_dev_0 DA9063_ID_BUCKIO>; + auto_on_info = <2 0 800000>; + }; + + coupling_info@0 { + negative-min; + info = <0 2 5 30>; + }; + + coupling_info@1 { + negative-min; + info = <1 2 5 30>; + }; + }; + + regu_config_4 { + reg_info = <&soc_dvdd08_ddr_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_BUCKPERI>; + }; + }; + + regu_config_5 { + reg_info = <&soc_vdd_ddr_1v8_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO4>; + }; + }; + + regu_config_6 { + reg_info = <&soc_vdd_ddr_1v1_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_BUCKMEM>; + }; + }; + + regu_config_7 { + reg_info = <&soc_vdd_ddr_0v6_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_BUCKPRO>; + }; + }; + + regu_config_8 { + reg_info = <&soc_dvdd18_ap_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO11>; + }; + }; + + regu_config_9 { + reg_info = <&soc_dvdd08_ap_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_1 DA9121_ID_BUCK1>; + parent_pmic_dev = <&pmic_dev_0 2 0>; + }; + }; + + regu_config_10 { + reg_info = <&soc_avdd08_mipi_hdmi_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO1>; + }; + }; + + regu_config_11 { + reg_info = <&soc_avdd18_mipi_hdmi_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO5>; + }; + }; + + regu_config_12 { + reg_info = <&soc_dvdd33_emmc_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO10>; + }; + }; + + regu_config_13 { + reg_info = <&soc_dvdd18_emmc_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_GPIO7>; + parent_pmic_dev = <&pmic_dev_0 7 0>; + }; + }; + + regu_config_14 { + reg_info = <&soc_dovdd18_scan_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO6>; + auto_on_info = <2 1 1800000>; + auto_off_info = <7 1>; + }; + }; + + regu_config_15 { + reg_info = <&soc_vext_2v8_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO7>; + auto_on_info = <3 1 2800000>; + auto_off_info = <8 1>; + }; + }; + + regu_config_16 { + reg_info = <&soc_dvdd12_scan_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_LDO8>; + auto_on_info = <4 1 1200000>; + auto_off_info = <9 1>; + }; + }; + + regu_config_17 { + reg_info = <&soc_avdd28_scan_en_reg>; + status = "okay"; + regu_id@0 { + pmic_dev = <&pmic_dev_0 DA9063_ID_GPIO4>; + }; + }; + }; + }; + }; + + chosen { + bootargs = "console=ttyS0,115200"; + stdout-path = "/soc/serial@ffe7014000:115200"; + }; +}; diff --git a/board/thead/light-c910/Kconfig b/board/thead/light-c910/Kconfig index 8cb2d230..caa668cc 100644 --- a/board/thead/light-c910/Kconfig +++ b/board/thead/light-c910/Kconfig @@ -86,6 +86,10 @@ config LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A bool "light lpi4a security boot with verification" default n +config LIGHT_SEC_BOOT_WITH_VERIFY_RVBOOK + bool "light lpi4a security boot with verification" + default n + config TARGET_LIGHT_FPGA_FM_C910 bool "light fullmask FPGA board" default n @@ -126,6 +130,10 @@ config TARGET_LIGHT_FM_C910_LPI4A bool "light fullmask for Lichee Pi 4A board " default n +config TARGET_LIGHT_FM_C910_RVBOOK + bool "light fullmask for RVBOOK board " + default n + config TARGET_LIGHT_FM_C910_B_POWER bool "light fullmask for light-b-power board " default n diff --git a/board/thead/light-c910/Makefile b/board/thead/light-c910/Makefile index 38f4ace9..f376e320 100644 --- a/board/thead/light-c910/Makefile +++ b/board/thead/light-c910/Makefile @@ -7,6 +7,10 @@ DDR_SRC_PATH=lpddr4/src DDR_REGU_SRC=lpddr-regu DDR_FW_PATH=$(DDR_SRC_PATH)/ddr_phy_fw +ifdef CONFIG_RV_BOOK +obj-y += sys_clk.o +endif + ifdef CONFIG_SPL_BUILD obj-y += spl.o obj-y += sys_clk.o diff --git a/board/thead/light-c910/board.c b/board/thead/light-c910/board.c index de9b3a3e..d99e2308 100644 --- a/board/thead/light-c910/board.c +++ b/board/thead/light-c910/board.c @@ -22,7 +22,11 @@ #ifdef CONFIG_USB_DWC3 static struct dwc3_device dwc3_device_data = { +#ifdef CONFIG_RV_BOOK + .maximum_speed = USB_SPEED_HIGH, +#else .maximum_speed = USB_SPEED_SUPER, +#endif .dr_mode = USB_DR_MODE_PERIPHERAL, .index = 0, }; diff --git a/board/thead/light-c910/boot.c b/board/thead/light-c910/boot.c index 645f1e37..9f516d88 100644 --- a/board/thead/light-c910/boot.c +++ b/board/thead/light-c910/boot.c @@ -15,6 +15,7 @@ #include "../../../lib/sec_library/include/sec_crypto_sha.h" #include "../../../lib/sec_library/include/kdf.h" #include "../../../lib/sec_library/include/sec_crypto_mac.h" +#include "fastboot.h" #if CONFIG_IS_ENABLED(LIGHT_SEC_UPGRADE) @@ -24,6 +25,14 @@ /* The macro is used to enable uboot version in efuse */ #define LIGHT_UBOOT_VERSION_IN_ENV 1 +/* The macro is used to enable secimg version in env */ +#define LIGHT_SECIMG_VERSION_IN_ENV 1 + +/* vimage return value */ +#define VIMAGE_UPGRADE_NOT_REQUIRED 1 +#define VIMAGE_BREAK_VERSION_RULE_ERROR 2 +#define VIMAGE_SIGNATRE_VERIFICATION_FAILED 3 + /* The macro is used to enble RPMB ACCESS KEY from KDF */ //#define LIGHT_KDF_RPMB_KEY 1 @@ -38,7 +47,8 @@ static const unsigned char emmc_rpmb_key_sample[32] = {0x33, 0x22, 0x11, 0x00, 0 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; #endif static unsigned int upgrade_image_version = 0; - +static char *current_slot = "a"; +static char *update_slot = "b"; #define RPMB_EMMC_CID_SIZE 16 #define RPMB_CID_PRV_OFFSET 9 #define RPMB_CID_CRC_OFFSET 15 @@ -46,8 +56,8 @@ static unsigned int upgrade_image_version = 0; static int tee_rpmb_key_gen(uint8_t* key, uint32_t * length) { uint32_t data[RPMB_EMMC_CID_SIZE / 4]; - uint8_t huk[32]; - uint32_t huk_len; + uint8_t huk[32]; + uint32_t huk_len; struct mmc *mmc = find_mmc_device(0); int i; sc_mac_t mac_handle; @@ -72,14 +82,14 @@ static int tee_rpmb_key_gen(uint8_t* key, uint32_t * length) memset((void *)((uint64_t)data + RPMB_CID_PRV_OFFSET), 0, 1); memset((void *)((uint64_t)data + RPMB_CID_CRC_OFFSET), 0, 1); - /* Step1: Derive HUK from KDF function */ + /* Step1: Derive HUK from KDF function */ ret = csi_kdf_gen_hmac_key(huk, &huk_len); if (ret) { printf("kdf gen hmac key faild[%d]\r\n", ret); return -1; } - /* Step2: Using HUK and data to generate RPMB key */ + /* Step2: Using HUK and data to generate RPMB key */ ret = sc_mac_init(&mac_handle, 0); if (ret) { printf("mac init faild[%d]\r\n", ret); @@ -152,22 +162,25 @@ int csi_rpmb_write_access_key(void) int csi_tf_get_image_version(unsigned int *ver) { + int ret = 0; +#if !LIGHT_SECIMG_VERSION_IN_ENV char runcmd[64] = {0}; unsigned char blkdata[256]; - int ret = 0; - /* tf version reside in RPMB block#0, offset#16*/ sprintf(runcmd, "mmc rpmb read 0x%lx 0 1", (unsigned long)blkdata); ret = run_command(runcmd, 0); if (ret == 0) { *ver = (blkdata[16] << 8) + blkdata[17]; } - +#else + *ver = env_get_hex("tf_version", 0); +#endif return ret; } int csi_tf_set_image_version(unsigned int ver) { +#if !LIGHT_SECIMG_VERSION_IN_ENV char runcmd[64] = {0}; unsigned char blkdata[256]; unsigned long *temp_rpmb_key_addr = NULL; @@ -194,7 +207,9 @@ int csi_tf_set_image_version(unsigned int ver) sprintf(runcmd, "mmc rpmb write 0x%lx 0 1 0x%lx", (unsigned long)blkdata, (unsigned long)temp_rpmb_key_addr); run_command(runcmd, 0); - +#else + env_set_hex("tf_version", ver); +#endif return 0; } @@ -205,17 +220,19 @@ int csi_tf_set_upgrade_version(void) int csi_tee_get_image_version(unsigned int *ver) { + int ret = 0; +#if !LIGHT_SECIMG_VERSION_IN_ENV char runcmd[64] = {0}; unsigned char blkdata[256]; - int ret = 0; - /* tf version reside in RPMB block#0, offset#0*/ sprintf(runcmd, "mmc rpmb read 0x%lx 0 1", (unsigned long)blkdata); ret = run_command(runcmd, 0); if (ret == 0) { *ver = (blkdata[0] << 8) + blkdata[1]; } - +#else + *ver = env_get_hex("tee_version", 0); +#endif return ret; } @@ -234,6 +251,7 @@ int csi_kernel_get_image_version(unsigned int *ver) int csi_tee_set_image_version(unsigned int ver) { +#if !LIGHT_SECIMG_VERSION_IN_ENV char runcmd[64] = {0}; unsigned char blkdata[256]; unsigned long *temp_rpmb_key_addr = NULL; @@ -259,7 +277,9 @@ int csi_tee_set_image_version(unsigned int ver) #endif sprintf(runcmd, "mmc rpmb write 0x%lx 0 1 0x%lx", (unsigned long)blkdata, (unsigned long)temp_rpmb_key_addr); run_command(runcmd, 0); - +#else + env_set_hex("tee_version", ver); +#endif return 0; } @@ -270,22 +290,25 @@ int csi_tee_set_upgrade_version(void) int csi_sbmeta_get_image_version(unsigned int *ver) { + int ret = 0; +#if !LIGHT_SECIMG_VERSION_IN_ENV char runcmd[64] = {0}; unsigned char blkdata[256]; - int ret = 0; - /* sbmeta version reside in RPMB block#0, offset#48*/ sprintf(runcmd, "mmc rpmb read 0x%lx 0 1", (unsigned long)blkdata); ret = run_command(runcmd, 0); if (ret == 0) { *ver = (blkdata[48] << 8) + blkdata[49]; } - +#else + *ver = env_get_hex("sbmeta_version", 0); +#endif return ret; } int csi_sbmeta_set_image_version(unsigned int ver) { +#if !LIGHT_SECIMG_VERSION_IN_ENV char runcmd[64] = {0}; unsigned char blkdata[256]; unsigned long *temp_rpmb_key_addr = NULL; @@ -310,7 +333,9 @@ int csi_sbmeta_set_image_version(unsigned int ver) #endif sprintf(runcmd, "mmc rpmb write 0x%lx 0 1 0x%lx", (unsigned long)blkdata, (unsigned long)temp_rpmb_key_addr); run_command(runcmd, 0); - +#else + env_set_hex("sbmeta_version", ver); +#endif return 0; } @@ -438,13 +463,13 @@ int verify_image_version_rule(unsigned int new_ver, unsigned int cur_ver) /* This is unsecure function */ if ((new_ver_y - cur_ver_y) == 0) { printf("New version is equal to Current version, upgrade process terminates \n\n\n"); - return -1; + return VIMAGE_UPGRADE_NOT_REQUIRED; } printf("This is unsecure function upgrade, going on uprade anyway\n"); } else if ((new_ver_x - cur_ver_x) != 1) { /* Check the seure version rule */ printf("The upgrade version(X) breaks against the rule\n\n\n"); - return -1; + return VIMAGE_BREAK_VERSION_RULE_ERROR; } printf("check image verison rule pass\n\n\n"); @@ -560,7 +585,7 @@ int light_vimage(int argc, char *const argv[]) unsigned long vimage_addr = 0; unsigned int new_img_version = 0; unsigned int cur_img_version = 0; - char imgname[32] = {0}; + char imgname[32] = {0}; if (argc < 3) return CMD_RET_USAGE; @@ -575,35 +600,43 @@ int light_vimage(int argc, char *const argv[]) printf("get new img version fail\n"); return CMD_RET_FAILURE; } - if (strcmp(imgname, UBOOT_PART_NAME) == 0) { - new_img_version = (((new_img_version & 0xff )+1) << 8) | ((new_img_version & 0xff00)>>8); - } + if (strcmp(imgname, UBOOT_PART_NAME) == 0) { + new_img_version = (((new_img_version & 0xff )+1) << 8) | ((new_img_version & 0xff00)>>8); + } printf("Get new image version from image header: v%d.%d\n", (new_img_version & 0xff00)>>8, new_img_version & 0xff); - /* Check image version for ROLLBACK resisance */ + /* Check image version for ROLLBACK resisance */ if (strcmp(imgname, TF_PART_NAME) == 0) { - ret = csi_tf_get_image_version(&cur_img_version); if (ret != 0) { printf("Get tf img version fail\n"); return CMD_RET_FAILURE; } +#if LIGHT_NON_COT_BOOT + /* if in non-cot mode, tf and tee will not be signed at first */ + if (image_have_head(vimage_addr) == 0 && ((cur_img_version & 0xFF00) >> 8 == 0)) { + return VIMAGE_UPGRADE_NOT_REQUIRED; + } +#endif } else if (strcmp(imgname, TEE_PART_NAME) == 0){ - ret = csi_tee_get_image_version(&cur_img_version); if (ret != 0) { printf("Get tee img version fail\n"); return CMD_RET_FAILURE; } +#if LIGHT_NON_COT_BOOT + /* if in non-cot mode, tf and tee will not be signed at first */ + if (image_have_head(vimage_addr) == 0 && ((cur_img_version & 0xFF00) >> 8 == 0)) { + return VIMAGE_UPGRADE_NOT_REQUIRED; + } +#endif } else if (strcmp(imgname, KERNEL_PART_NAME) == 0){ - ret = csi_kernel_get_image_version(&cur_img_version); if (ret != 0) { printf("Get kernel img version fail\n"); return CMD_RET_FAILURE; } } else if (strcmp(imgname, SBMETA_PART_NAME) == 0){ - ret = csi_sbmeta_get_image_version(&cur_img_version); if (ret != 0) { printf("Get sbmeta img version fail\n"); @@ -626,13 +659,13 @@ int light_vimage(int argc, char *const argv[]) printf("unsupport image file\n"); return CMD_RET_FAILURE; } - + /* Verify image version rule */ ret = verify_image_version_rule(new_img_version, cur_img_version); if (ret != 0) { - return CMD_RET_FAILURE; + return ret; } - + /* Save new image version to allow caller upgrade image version */ upgrade_image_version = new_img_version; @@ -646,27 +679,27 @@ int light_vimage(int argc, char *const argv[]) if (strcmp(imgname, TF_PART_NAME) == 0) { ret = verify_customer_image(T_TF, vimage_addr); if (ret != 0) { - return CMD_RET_FAILURE; + return VIMAGE_SIGNATRE_VERIFICATION_FAILED; } } else if (strcmp(imgname, TEE_PART_NAME) == 0) { ret = verify_customer_image(T_TEE, vimage_addr); if (ret != 0) { - return CMD_RET_FAILURE; + return VIMAGE_SIGNATRE_VERIFICATION_FAILED; } } else if (strcmp(imgname, KERNEL_PART_NAME) == 0) { ret = verify_customer_image(T_KRLIMG, vimage_addr); if (ret != 0) { - return CMD_RET_FAILURE; + return VIMAGE_SIGNATRE_VERIFICATION_FAILED; } } else if (strcmp(imgname, UBOOT_PART_NAME) == 0) { ret = verify_customer_image(T_UBOOT, vimage_addr); if (ret != 0) { - return CMD_RET_FAILURE; + return VIMAGE_SIGNATRE_VERIFICATION_FAILED; } } else if (strcmp(imgname, SBMETA_PART_NAME) == 0) { ret = verify_customer_image(T_SBMETA, vimage_addr); if (ret != 0) { - return CMD_RET_FAILURE; + return VIMAGE_SIGNATRE_VERIFICATION_FAILED; } } else { printf("Error: unknow image name\n"); @@ -687,8 +720,8 @@ int light_secboot(int argc, char * const argv[]) printf("\n\n"); printf("Now, we start to verify all trust firmware before boot kernel !\n"); - /* Enject RPMB KEY directly in startup */ - csi_rpmb_write_access_key(); + /* Enject RPMB KEY directly in startup */ + csi_rpmb_write_access_key(); /* Initialize secure basis of functions */ ret = csi_sec_init(); @@ -825,273 +858,317 @@ void sec_firmware_version_dump(void) printf("\n\n"); } -void sec_upgrade_thread(void) +struct sec_img_upgrade_entry { + const char* filename; + const char* imgtype; + int (*set_version_func)(void); + const char *part_str; +}; + +static struct sec_img_upgrade_entry sec_img_list[] = { + {"sbmeta.bin", "sbmeta", csi_sbmeta_set_upgrade_version, "sbmeta"}, + {"trust_firmware.bin", "tf", csi_tf_set_upgrade_version, "tee"}, + {"tee.bin", "tee", csi_tee_set_upgrade_version, "tee"}, + {NULL, NULL, NULL, NULL}, +}; + +static struct blk_desc *dev_desc; +static int ab_get_blk(void) +{ + struct disk_partition part_info; + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (dev_desc == NULL) { + printf("Failed to find MMC device\n"); + return -1; + } + return 0; +} + +static int ab_get_sec_part(const char *part_str, int update_part) +{ + struct disk_partition part_info; + char partname[10] = {0}; + int part = 0; + + if (update_part) { + sprintf(partname, "%s_%s", part_str, update_slot); + } else { + sprintf(partname, "%s_%s", part_str, current_slot); + } + + part = part_get_info_by_name(dev_desc, partname, &part_info); + if (part < 0) { + printf("Failed to find MMC device\n"); + } + + return part; +} + +static int single_img_upgrade(struct sec_img_upgrade_entry *sec_img_entry) { const unsigned long temp_addr=0x200000; char runcmd[80]; - uint8_t * image_buffer = NULL; - uint8_t * image_malloc_buffer = NULL; - int ret = 0; - unsigned int sec_upgrade_flag = 0; + uint8_t * image_buffer = NULL; + uint8_t * image_malloc_buffer = NULL; unsigned int upgrade_file_size = 0; + const char *filename = NULL; + int update_part = 0; + int current_part = 0; + int ret = 0; + char *argv[3] = {"vimage", NULL, NULL}; + + if (sec_img_entry == NULL) { + return -1; + } + + update_part = ab_get_sec_part(sec_img_entry->part_str, 1); + if (update_part < 0) { + return -1; + } + + filename = sec_img_entry->filename; + + /* STEP 1: read upgrade image from storage */ + printf("read upgrade image (%s) from storage \n", filename); + sprintf(runcmd, "ext4load mmc ${mmcdev}:%x 0x%p %s", update_part, (void *)temp_addr, filename); + printf("runcmd:%s\n", runcmd); + ret = run_command(runcmd, 0); + if (ret != 0) { + printf("%s upgrade process is terminated due to some reason\n", filename); + return -1; + } + /* Fetch the total file size after read out operation end */ + upgrade_file_size = env_get_hex("filesize", 0); + printf("upgrade file size: %d\n", upgrade_file_size); + + /*store image to temp buffer as temp_addr may be decrypted*/ + image_malloc_buffer = malloc(upgrade_file_size); + if (image_malloc_buffer == NULL) { + image_buffer = (uint8_t*)temp_addr + upgrade_file_size; + } else { + image_buffer = image_malloc_buffer; + } + memcpy(image_buffer, (void*)temp_addr, upgrade_file_size); + + /* STEP 2: verify secure image */ + sprintf(runcmd, "0x%lx", temp_addr); + argv[1] = runcmd; + argv[2] = sec_img_entry->imgtype; + ret = light_vimage(3, argv); + if (ret == VIMAGE_UPGRADE_NOT_REQUIRED) { + printf("%s Image may not need upgrade\n", sec_img_entry->imgtype); + return 0; + } else if (ret != 0) { + return -1; + } + + /* STEP 3: update partition image in another slot */ + current_part = ab_get_sec_part(sec_img_entry->part_str, 0); + if (current_part < 0) { + return -1; + } + printf("write upgrade image (%s) into another slot \n", filename); + sprintf(runcmd, "ext4write mmc 0:%x 0x%p /%s 0x%x", current_part, (void *)image_buffer, filename, upgrade_file_size); + printf("runcmd:%s\n", runcmd); + ret = run_command(runcmd, 0); + if (ret != 0) { + printf("%s upgrade process is terminated due to some reason\n", filename); + return -1; + } + + /* STEP 4: update secure image version */ + sec_img_entry->set_version_func(); + + printf("\n\n%s image ugprade process is successful\n\n", filename); + return 0; +} + +static int sec_img_upgrade(void) +{ + int ret = 0; + struct sec_img_upgrade_entry *sec_img_entry = sec_img_list; + + ab_get_blk(); + + while (sec_img_entry->filename != NULL) { + ret = single_img_upgrade(sec_img_entry); + if (ret) { + printf("Fail to upgrade image\n"); + return -1; + } + + sec_img_entry++; + } + return 0; +} + +extern int hibernate_image_cleaned_flag; +extern void clean_hibernate_image_header(char *response); +static char *response[FASTBOOT_RESPONSE_LEN] = {0}; +void sec_upgrade_thread(void) +{ + const unsigned long temp_addr=0x200000; + char runcmd[80]; + int ret = 0; + unsigned int sec_upgrade_flag = 0; + unsigned int upgrade_file_size = 0; + + sec_upgrade_flag = env_get_hex("sec_upgrade_mode", 0); + current_slot = env_get("slot_suffix"); + update_slot = strcmp(current_slot, "a") == 0 ? "b" : "a"; + + if (sec_upgrade_flag == 0) { + return; + } + + clean_hibernate_image_header(response); + printf("bootstrap: sec_upgrade_flag: %x\n", sec_upgrade_flag); + if (sec_upgrade_flag == UBOOT_SEC_UPGRADE_FLAG) { + unsigned int block_cnt; + struct blk_desc *dev_desc; + const unsigned long uboot_temp_addr=0x80000000; + #define BLOCK_SIZE 512 + #define PUBKEY_HEADER_SIZE 0x1000 + + /* STEP 1: read upgrade image (u-boot-with-spl.bin) from stash partition */ + printf("read upgrade image (u-boot-with-spl.bin) from stash partition \n"); + sprintf(runcmd, "ext4load mmc 0:4 0x%p u-boot-with-spl.bin", (void *)temp_addr); + printf("runcmd:%s\n", runcmd); + ret = run_command(runcmd, 0); + if (ret != 0) { + printf("UBOOT Upgrade process is terminated due to some reason\n"); + goto _upgrade_uboot_exit; + } + + /* Fetch the total file size after read out operation end */ + upgrade_file_size = env_get_hex("filesize", 0); + printf("uboot upgrade file size: %d\n", upgrade_file_size); + + /* STEP 2: verify its authentiticy here */ + memmove((void *)uboot_temp_addr, (const void *)temp_addr, upgrade_file_size); + sprintf(runcmd, "vimage 0x%p uboot", (void *)(uboot_temp_addr+PUBKEY_HEADER_SIZE)); + printf("runcmd:%s\n", runcmd); + ret = run_command(runcmd, 0); + if (ret != 0) { + printf("UBOOT Image verification fail and upgrade process terminates\n"); + goto _upgrade_uboot_exit; + } + + /* STEP 3: update uboot partition */ + printf("write upgrade image (u-boot-with-spl.bin) into uboot partition \n"); + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { + printf("Invalid mmc device\n"); + goto _upgrade_uboot_exit; + } + block_cnt = upgrade_file_size / BLOCK_SIZE; + if (upgrade_file_size % BLOCK_SIZE) { + block_cnt = block_cnt +1; + } + + run_command("mmc partconf 0 1 0 1", 0); + sprintf(runcmd, "mmc write 0x%p 0 %x", (void *)temp_addr, block_cnt); + printf("runcmd:%s\n", runcmd); + ret = run_command(runcmd, 0); + run_command("mmc partconf 0 1 0 0", 0); + if (ret != 0) { + printf("UBOOT upgrade process is terminated due to some reason\n"); + goto _upgrade_uboot_exit; + } + + /* STEP 4: update tee version */ + ret = csi_uboot_set_upgrade_version(); + if (ret != 0) { + printf("Set uboot upgrade version fail\n"); + goto _upgrade_uboot_exit; + } + + printf("\n\nUBOOT image ugprade process is successful\n\n"); +_upgrade_uboot_exit: + /* set secure upgrade flag to 0 that indicate upgrade over */ + run_command("env set sec_upgrade_mode 0", 0); + run_command("saveenv", 0); + run_command("reset", 0); + } else if ((sec_upgrade_flag >> 16) == SEC_IMG_UPGRADE_FLAG) { + ret = sec_img_upgrade(); + if (ret) { + printf("secure image upgrade failed\n"); + /* if failed, clear upgrade flag, terminate upgradation */ + sec_upgrade_flag = 0; + } else { + /* if succeed, clear secure flag */ + sec_upgrade_flag = sec_upgrade_flag & 0x0000FFFF; + /* if boot need not update, switch current slot to update slot */ + if ((sec_upgrade_flag & 0xFF00) != BOOT_IMG_UPGRADE_FLAG) { + sprintf(runcmd, "env set slot_suffix %s", update_slot); + run_command(runcmd, 0); + } + } + /* set upgrade flag */ + sprintf(runcmd, "env set sec_upgrade_mode %x", sec_upgrade_flag); + run_command(runcmd, 0); + + run_command("saveenv", 0); + run_command("reset", 0); + } else if (((sec_upgrade_flag & 0xFF00) != BOOT_IMG_UPGRADE_FLAG) && + ((sec_upgrade_flag & 0xFF) != ROOT_IMG_UPGRADE_FLAG)) { + printf("Unknown bootstrap, Force sysem reboot\n"); + run_command("env set sec_upgrade_mode 0", 0); + run_command("saveenv", 0); + run_command("reset", 0); + } +} + +void nonsec_upgrade_thread(void) +{ + unsigned int sec_upgrade_flag; + unsigned long retries; + char runcmd[32] = {0}; sec_upgrade_flag = env_get_hex("sec_upgrade_mode", 0); - if (sec_upgrade_flag == 0) - return; - printf("bootstrap: sec_upgrade_flag: %x\n", sec_upgrade_flag); - if (sec_upgrade_flag == TF_SEC_UPGRADE_FLAG) { - /* STEP 1: read upgrade image (trust_firmware.bin) from stash partition */ - printf("read upgrade image (trust_firmware.bin) from stash partition \n"); - sprintf(runcmd, "ext4load mmc 0:4 0x%p trust_firmware.bin", (void *)temp_addr); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("TF upgrade process is terminated due to some reason\n"); - goto _upgrade_tf_exit; + retries = env_get_ulong("retries", 10, 5); + if (sec_upgrade_flag == 0) { + if (retries < 5 && retries > 0) { + printf("boot upgradation is successful!\n"); + run_command("env set retries 5", 0); + run_command("env save", 0); } - /* Fetch the total file size after read out operation end */ - upgrade_file_size = env_get_hex("filesize", 0); - printf("upgrade file size: %d\n", upgrade_file_size); - - /*store image to temp buffer as temp_addr may be decrypted*/ - image_malloc_buffer = malloc(upgrade_file_size); - if ( image_malloc_buffer == NULL ) { - image_buffer = (uint8_t*)temp_addr + upgrade_file_size; - } else { - image_buffer = image_malloc_buffer; + return; } - memcpy(image_buffer, (void*)temp_addr, upgrade_file_size); - /* STEP 2: verify its authentiticy here */ - sprintf(runcmd, "vimage 0x%p tf", (void *)temp_addr); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("TF Image verification fail and upgrade process terminates\n"); - goto _upgrade_tf_exit; + /* when sec_upgrade_mode != 0 and the first time try to boot. switch current slot to update slot*/ + if (retries == 5) { + printf("upgrade images are in slot %s...\n", update_slot); + sprintf(runcmd, "env set slot_suffix %s", update_slot); + run_command(runcmd, 0); + } + /* if ROOT image need upgrade, clear flag */ + if ((sec_upgrade_flag & 0xFF) == ROOT_IMG_UPGRADE_FLAG) { + printf("in root image upgrade process...\n"); + sec_upgrade_flag = sec_upgrade_flag & 0xFF00; + sprintf(runcmd, "env set sec_upgrade_mode %X", sec_upgrade_flag); + run_command(runcmd, 0); + } + + /* if boot image need upgrade, decrement retries */ + if ((sec_upgrade_flag & 0xFF00) == BOOT_IMG_UPGRADE_FLAG) { + printf("in boot image upgrade process...\n"); + retries--; + printf("remaining retry times: %ld\n", retries); + if (retries == 0 || retries > 5) { + /* + * upgrade failed. Now updated images are in current slot + * switch to original slot + */ + printf("boot images upgrade failed. switch slot to %s...\n", update_slot); + sprintf(runcmd, "env set slot_suffix %s", update_slot); + run_command(runcmd, 0); + run_command("env set sec_upgrade_mode 0", 0); + retries = 5; } - - /* STEP 3: update tf partition */ - printf("read upgrade image (trust_firmware.bin) into tf partition \n"); - sprintf(runcmd, "ext4write mmc 0:3 0x%p /trust_firmware.bin 0x%x", (void *)image_buffer, upgrade_file_size); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("TF upgrade process is terminated due to some reason\n"); - goto _upgrade_tf_exit; - } - - /* STEP 4: update tf version */ - ret = csi_tf_set_upgrade_version(); - if (ret != 0) { - printf("Set trustfirmware upgrade version fail\n"); - goto _upgrade_tf_exit; - } - - printf("\n\nTF image ugprade process is successful\n\n"); -_upgrade_tf_exit: - /* set secure upgrade flag to 0 that indicate upgrade over */ - run_command("env set sec_upgrade_mode 0", 0); - run_command("saveenv", 0); - run_command("reset", 0); - - if ( image_malloc_buffer != NULL ) { - free(image_malloc_buffer); - image_malloc_buffer = NULL; - } - } else if (sec_upgrade_flag == TEE_SEC_UPGRADE_FLAG) { - - /* STEP 1: read upgrade image (tee.bin) from stash partition */ - printf("read upgrade image (tee.bin) from stash partition \n"); - sprintf(runcmd, "ext4load mmc 0:4 0x%p tee.bin", (void *)temp_addr); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("TEE Upgrade process is terminated due to some reason\n"); - goto _upgrade_tee_exit; - } - /* Fetch the total file size after read out operation end */ - upgrade_file_size = env_get_hex("filesize", 0); - printf("TEE upgrade file size: %d\n", upgrade_file_size); - - /*store image to temp buffer as temp_addr may be decrypted*/ - image_malloc_buffer = malloc(upgrade_file_size); - if ( image_malloc_buffer == NULL ) { - image_buffer = (uint8_t*)temp_addr + upgrade_file_size; - } else { - image_buffer = image_malloc_buffer; - } - memcpy(image_buffer, (void*)temp_addr, upgrade_file_size); - - /* STEP 2: verify its authentiticy here */ - sprintf(runcmd, "vimage 0x%p tee", (void *)temp_addr); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("TEE Image verification fail and upgrade process terminates\n"); - goto _upgrade_tee_exit; - } - - /* STEP 3: update tee partition */ - printf("read upgrade image (tee.bin) into sbmeta partition \n"); - sprintf(runcmd, "ext4write mmc 0:3 0x%p /tee.bin 0x%x", (void *)image_buffer, upgrade_file_size); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("TEE upgrade process is terminated due to some reason\n"); - goto _upgrade_tee_exit; - } - - /* STEP 4: update tee version */ - ret = csi_tee_set_upgrade_version(); - if (ret != 0) { - printf("Set tee upgrade version fail\n"); - goto _upgrade_tee_exit; - } - - printf("\n\nTEE image ugprade process is successful\n\n"); -_upgrade_tee_exit: - /* set secure upgrade flag to 0 that indicate upgrade over */ - run_command("env set sec_upgrade_mode 0", 0); - run_command("saveenv", 0); - run_command("reset", 0); - - if ( image_malloc_buffer != NULL ) { - free(image_malloc_buffer); - image_malloc_buffer = NULL; - } - } else if (sec_upgrade_flag == SBMETA_SEC_UPGRADE_FLAG) { - - /* STEP 1: read upgrade image (sbmeta.bin) from stash partition */ - printf("read upgrade image (sbmeta.bin) from stash partition \n"); - sprintf(runcmd, "ext4load mmc 0:4 0x%p sbmeta.bin", (void *)temp_addr); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("SBMETA Upgrade process is terminated due to some reason\n"); - goto _upgrade_sbmeta_exit; - } - /* Fetch the total file size after read out operation end */ - upgrade_file_size = env_get_hex("filesize", 0); - printf("SBMETA upgrade file size: %d\n", upgrade_file_size); - - /*store image to temp buffer as temp_addr may be decrypted*/ - image_malloc_buffer = malloc(upgrade_file_size); - if ( image_malloc_buffer == NULL ) { - image_buffer = (uint8_t*)temp_addr + upgrade_file_size; - } else { - image_buffer = image_malloc_buffer; - } - memcpy(image_buffer, (void*)temp_addr, upgrade_file_size); - - /* STEP 2: verify its authentiticy here */ - sprintf(runcmd, "vimage 0x%p sbmeta", (void *)temp_addr); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("SBMETA Image verification fail and upgrade process terminates\n"); - goto _upgrade_sbmeta_exit; - } - - /* STEP 3: update sbmeta partition */ - printf("read upgrade image (SBMETA.bin) into sbmeta partition \n"); - sprintf(runcmd, "ext4write mmc 0:3 0x%p /sbmeta.bin 0x%x", (void *)image_buffer, upgrade_file_size); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("SBMETA upgrade process is terminated due to some reason\n"); - goto _upgrade_sbmeta_exit; - } - - /* STEP 4: update sbmeta version */ - ret = csi_sbmeta_set_upgrade_version(); - if (ret != 0) { - printf("Set sbmeta upgrade version fail\n"); - goto _upgrade_sbmeta_exit; - } - - printf("\n\nSBMETA image ugprade process is successful\n\n"); -_upgrade_sbmeta_exit: - /* set secure upgrade flag to 0 that indicate upgrade over */ - run_command("env set sec_upgrade_mode 0", 0); - run_command("saveenv", 0); - run_command("reset", 0); - - if ( image_malloc_buffer != NULL ) { - free(image_malloc_buffer); - image_malloc_buffer = NULL; - } - } else if (sec_upgrade_flag == UBOOT_SEC_UPGRADE_FLAG) { - unsigned int block_cnt; - struct blk_desc *dev_desc; - const unsigned long uboot_temp_addr=0x80000000; - #define BLOCK_SIZE 512 - #define PUBKEY_HEADER_SIZE 0x1000 - - /* STEP 1: read upgrade image (u-boot-with-spl.bin) from stash partition */ - printf("read upgrade image (u-boot-with-spl.bin) from stash partition \n"); - sprintf(runcmd, "ext4load mmc 0:4 0x%p u-boot-with-spl.bin", (void *)temp_addr); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("UBOOT Upgrade process is terminated due to some reason\n"); - goto _upgrade_uboot_exit; - } - - /* Fetch the total file size after read out operation end */ - upgrade_file_size = env_get_hex("filesize", 0); - printf("uboot upgrade file size: %d\n", upgrade_file_size); - - /* STEP 2: verify its authentiticy here */ - memmove((void *)uboot_temp_addr, (const void *)temp_addr, upgrade_file_size); - sprintf(runcmd, "vimage 0x%p uboot", (void *)(uboot_temp_addr+PUBKEY_HEADER_SIZE)); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - if (ret != 0) { - printf("UBOOT Image verification fail and upgrade process terminates\n"); - goto _upgrade_uboot_exit; - } - - /* STEP 3: update uboot partition */ - printf("write upgrade image (u-boot-with-spl.bin) into boot partition \n"); - dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); - if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { - printf("Invalid mmc device\n"); - goto _upgrade_uboot_exit; - } - block_cnt = upgrade_file_size / BLOCK_SIZE; - if (upgrade_file_size % BLOCK_SIZE) { - block_cnt = block_cnt +1; - } - - run_command("mmc partconf 0 1 0 1", 0); - sprintf(runcmd, "mmc write 0x%p 0 %x", (void *)temp_addr, block_cnt); - printf("runcmd:%s\n", runcmd); - ret = run_command(runcmd, 0); - run_command("mmc partconf 0 1 0 0", 0); - if (ret != 0) { - printf("UBOOT upgrade process is terminated due to some reason\n"); - goto _upgrade_uboot_exit; - } - - /* STEP 4: update tee version */ - ret = csi_uboot_set_upgrade_version(); - if (ret != 0) { - printf("Set uboot upgrade version fail\n"); - goto _upgrade_uboot_exit; - } - - printf("\n\nUBOOT image ugprade process is successful\n\n"); -_upgrade_uboot_exit: - /* set secure upgrade flag to 0 that indicate upgrade over */ - run_command("env set sec_upgrade_mode 0", 0); - run_command("saveenv", 0); - run_command("reset", 0); - } else { - printf("Unknown bootstrap, Force sysem reboot\n"); - run_command("reset", 0); + sprintf(runcmd, "env set retries %ld", retries); + run_command(runcmd, 0); + run_command("env save", 0); } } #endif - - diff --git a/board/thead/light-c910/light.c b/board/thead/light-c910/light.c index c777ad98..428380f2 100644 --- a/board/thead/light-c910/light.c +++ b/board/thead/light-c910/light.c @@ -15,6 +15,11 @@ #include #include #include +#ifdef CONFIG_RV_BOOK +#include +#include +#include +#endif #define SOC_PIN_AP_RIGHT_TOP (0x0) #define SOC_PIN_AP_LEFT_TOP (0x1) @@ -344,6 +349,193 @@ static int light_pinmx_get_mux_base(pin_name_t pin_name, uint32_t** cfg_base) return 0; } +#ifdef CONFIG_FASTBOOT_FLASH_MMC +/* + * The SN data is stored in the first 512B of the NV partition. It should be read out + * and updated. In the following situations, the update will fail: + * a. The NV partition cannot be found + * b. The length of the SN is out of range + * c. The value of the SN contains unprintable characters + */ +#define MAX_SN_SIZE (64 + 2) /* extra two bytes is used for magic number */ +#define MAX_READ_SIZE 512 +#define NV_MAC_OFFSET 128 +#define NV_MAC_SIZE 20 + +static int is_env_setted(const char *env_name) +{ +#ifdef U_BUILD_DEBUG + return 0; +#else + const char *env = env_get(env_name); + if(env && *env) { + return 1; + } + + return 0; +#endif +} + +static void update_sn(void) +{ + struct blk_desc *dev_desc; + struct disk_partition part_info; + unsigned char buffer[MAX_READ_SIZE]; + int ret; + ulong block_start; + ulong block_count; + ulong n; + size_t length; + unsigned int i; + + ret = is_env_setted("serial#"); + if (ret) { + printf("serial# has been setted,skip read from nv partition\n"); + return; + } + + /* Get mmc dev */ + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (dev_desc == NULL) { + printf("Failed to find MMC device\n"); + goto err_exit; + } + + /* Get the nv partition infomation */ + ret = part_get_info_by_name(dev_desc, NV_PARTITION_NAME, &part_info); + if (ret < 0) { + printf("Failed to find '%s' partition\n", NV_PARTITION_NAME); + goto err_exit; + } + + /* Read the first MAX_READ_SIZE from NV partition data */ + block_start = part_info.start; + block_count = (MAX_READ_SIZE + dev_desc->blksz - 1) / dev_desc->blksz; + n = blk_dread(dev_desc, block_start, block_count, buffer); + if (n != block_count) { + printf("Failed to read data from '%s' partition\n", NV_PARTITION_NAME); + goto err_exit; + } + + /* Check the length of SN data */ + length = strnlen((char *)buffer, MAX_READ_SIZE); + if ((length > MAX_SN_SIZE)) { + printf("The size of SN data(%zu) is out of range \r\n", length); + goto err_exit; + } + /* Check the magic number of NV */ + i = 0; + if ((buffer[i++] != 'N') || (buffer[i++] != 'V')) { + printf("The magic number of NV partition is invalid\r\n"); + goto err_exit; + } + /* Check the value of the SN data; the SN value should consist of printable characters*/ + for (; i < length; i++) { + if ((buffer[i] < 33) || (buffer[i] > 126)) { + printf("Unprintable character detected[0x%x] @%d \r\n", buffer[i], i); + goto err_exit; + } + } + + /* The first two bytes are used for NV magic number */ + env_set("serial#", (char *)buffer + 2); + printf("Success to read SN value, update SN: %s to env serial# \r\n", buffer + 2); + + ret = run_command("env save",0); + if(ret != 0) { + printf("Failed to update SN to env\r\n"); + } + + return; + +err_exit: + printf("Failed to read the SN value; Using the default value instead\r\n"); + + return; +} + +static void update_mac(void) +{ + struct blk_desc *dev_desc; + struct disk_partition part_info; + unsigned char buffer[MAX_READ_SIZE]; + int ret; + ulong block_start; + ulong block_count; + ulong n; + size_t length; + unsigned int i; + + ret = is_env_setted("ethaddr"); + if (ret) { + printf("ethaddr has been setted,skip read from nv partition\n"); + return; + } + + /* Get mmc dev */ + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (dev_desc == NULL) { + printf("Failed to find MMC device\n"); + goto err_exit; + } + + /* Get the nv partition infomation */ + ret = part_get_info_by_name(dev_desc, NV_PARTITION_NAME, &part_info); + if (ret < 0) { + printf("Failed to find '%s' partition\n", NV_PARTITION_NAME); + goto err_exit; + } + + /* Read the first MAX_READ_SIZE from NV partition data */ + block_start = part_info.start; + block_count = (MAX_READ_SIZE + dev_desc->blksz - 1) / dev_desc->blksz; + n = blk_dread(dev_desc, block_start, block_count, buffer); + if (n != block_count) { + printf("Failed to read data from '%s' partition\n", NV_PARTITION_NAME); + goto err_exit; + } + + /* Check the length of MAC data */ + length = strnlen((char *)buffer + NV_MAC_OFFSET, MAX_READ_SIZE); + if (length != NV_MAC_SIZE) { + printf("The size of MAC data(%zu) is out of range\r\n", length); + goto err_exit; + } + /* Check the magic number of MAC */ + i = 0; + if ((buffer[NV_MAC_OFFSET + i++] != 'M') || (buffer[NV_MAC_OFFSET + i++] != 'A') || (buffer[NV_MAC_OFFSET + i++] != 'C')) { + printf("The magic number of NV partition is invalid\r\n"); + goto err_exit; + } + /* Check the value of the MAC data; the MAC value should consist of printable characters*/ + for (; i < length; i++) { + if ((buffer[NV_MAC_OFFSET + i] < 33) || (buffer[i + NV_MAC_OFFSET] > 126)) { + printf("Unprintable character detected\r\n"); + goto err_exit; + } + } + + /* The first two bytes are used for MAC magic number */ + env_set("ethaddr", (char *)buffer + 3 + NV_MAC_OFFSET); + printf("Success to read MAC value, update MAC: %s to env ethaddr \r\n", buffer + 3 + NV_MAC_OFFSET); + + return; + +err_exit: + printf("Failed to read the MAC value; Using the default value instead\r\n"); + + return; +} +#else +static void update_sn(void) +{ +} + +static void update_mac(void) +{ +} +#endif + /******************************************************************************* * function: danica_ioreuse_inital * @@ -1417,7 +1609,7 @@ static void light_iopin_init(void) light_pin_cfg(GMAC0_RXD2, PIN_SPEED_NORMAL, PIN_PN, 0xF); light_pin_cfg(GMAC0_RXD3, PIN_SPEED_NORMAL, PIN_PN, 0xF); } -#elif defined (CONFIG_TARGET_LIGHT_FM_C910_LPI4A) +#elif defined (CONFIG_TARGET_LIGHT_FM_C910_LPI4A) || defined(CONFIG_TARGET_LIGHT_FM_C910_RVBOOK) static void light_iopin_init(void) { /* aon-padmux config */ @@ -1430,7 +1622,10 @@ static void light_iopin_init(void) light_pin_cfg(CPU_JTG_TMS, PIN_SPEED_NORMAL, PIN_PN, 2); light_pin_mux(CPU_JTG_TDI, 3); light_pin_cfg(CPU_JTG_TDI, PIN_SPEED_NORMAL, PIN_PN, 2); - + #ifdef CONFIG_RV_BOOK + light_pin_mux(CPU_JTG_TRST, 3); + light_pin_cfg(CPU_JTG_TRST, PIN_SPEED_NORMAL, PIN_PN, 2); + #endif light_pin_mux(AOGPIO_7, 1); light_pin_mux(AOGPIO_8, 1); // light_pin_mux(AOGPIO_9, 0); @@ -2494,16 +2689,27 @@ static void light_mac_vaild_check(void) int board_late_init(void) { - + light_usb_boot_check(); #if CONFIG_IS_ENABLED(LIGHT_SEC_UPGRADE) extern void sec_upgrade_thread(void); + extern void nonsec_upgrade_thread(void); extern void sec_firmware_version_dump(void); sec_upgrade_thread(); + nonsec_upgrade_thread(); sec_firmware_version_dump(); #endif - light_usb_boot_check(); + light_mac_vaild_check(); ap_peri_clk_disable(); + +#ifdef CONFIG_MCU_HC32fX + mcu_poweron(); +#endif + +#ifdef CONFIG_DM_CHARGE_DISPLAY + charge_display(); +#endif + return 0; } @@ -2550,6 +2756,32 @@ static inline int fdt_disabled_node(void *blob,const char *path) return fdt_status_disabled(blob,offset); } +/*First check if path1 exist, if not, alternate to path2*/ +static inline int fdt_disabled_node_alt(void *blob,const char *path1, const char *path2) +{ + int offset; + offset = fdt_path_offset(blob,path1); + if (offset < 0) { + offset = fdt_path_offset(blob,path2); + if(offset < 0) + { + printf("ERROR:failed to find %s node or %s node in dtb (ret %d)\n",path1,path2,offset); + return offset; + } + } + return fdt_status_disabled(blob,offset); +} + +/*First check if alias name *fisrt exist, if not, alternate to alias name *alt*/ +static inline int fdt_status_disabled_by_alias_alt(void *blob,const char *fisrt,const char* alt) +{ + int ret; + ret = fdt_status_disabled_by_alias(blob,fisrt); + if(ret < 0) + ret = fdt_status_disabled_by_alias(blob,alt); + return ret; +} + static int do_board_check_hibernate(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { @@ -2558,15 +2790,25 @@ static int do_board_check_hibernate(cmd_tbl_t *cmdtp, int flag, int argc, ulong addr; void *blob = NULL; ulong mask = 0; - int mmc_parts; int resume_part; bool fastresume = 0; #define ON_RET_ERROR(str) if(ret < 0) printf("set node %s status failed %d\n",str,ret) ALLOC_CACHE_ALIGN_BUFFER(u8,swsusp_header_buf,PAGE_SIZE); u8 *header = &swsusp_header_buf[0]; + struct blk_desc *dev_desc; + struct disk_partition part_info; - mmc_parts = env_get_hex("mmcpart",3); - resume_part = mmc_parts - 2; + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (dev_desc == NULL) { + printf("Failed to find MMC device\n"); + return CMD_RET_FAILURE; + } + + resume_part = part_get_info_by_name(dev_desc, "swap", &part_info); + if (resume_part < 0) { + printf("Failed to find swap partition\n"); + return CMD_RET_FAILURE; + } if(argc >= 4) { // is user pass in ,use that sprintf(runcmd, "read %s %s %s 0 8", @@ -2636,10 +2878,10 @@ static int do_board_check_hibernate(cmd_tbl_t *cmdtp, int flag, int argc, ret = fdt_status_disabled_by_alias(blob,"i2c2"); ON_RET_ERROR("i2c2"); - ret = fdt_status_disabled_by_alias(blob,"audio_i2c0"); - ON_RET_ERROR("audio_i2c0"); - ret = fdt_status_disabled_by_alias(blob,"audio_i2c1"); - ON_RET_ERROR("audio_i2c1"); + ret = fdt_status_disabled_by_alias_alt(blob,"audio_i2c0","i2c5"); + ON_RET_ERROR("audio_i2c0 or i2c5"); + ret = fdt_status_disabled_by_alias_alt(blob,"audio_i2c1","i2c6"); + ON_RET_ERROR("audio_i2c1 or i2c6"); ret = fdt_status_disabled_by_alias(blob,"ethernet0"); ON_RET_ERROR("ethernet0"); ret = fdt_status_disabled_by_alias(blob,"ethernet1"); @@ -2656,24 +2898,24 @@ static int do_board_check_hibernate(cmd_tbl_t *cmdtp, int flag, int argc, //default mask is 0, need set this node disbaled if(0 == (mask & 0x01)) { - ret = fdt_disabled_node(blob,"/soc/light_i2s"); - ON_RET_ERROR("/soc/light_i2s"); - ret = fdt_disabled_node(blob,"/soc/audio_i2s0"); - ON_RET_ERROR("/soc/audio_i2s0"); - ret = fdt_disabled_node(blob,"/soc/audio_i2s1"); - ON_RET_ERROR("/soc/audio_i2s1"); - ret = fdt_disabled_node(blob,"/soc/audio_i2s2"); - ON_RET_ERROR("/soc/audio_i2s2"); + ret = fdt_disabled_node_alt(blob,"/soc/light_i2s","/soc/ap-i2s"); + ON_RET_ERROR("/soc/light_i2s or /soc/ap-i2s"); + ret = fdt_disabled_node_alt(blob,"/soc/audio_i2s0","/soc/audio-i2s0"); + ON_RET_ERROR("/soc/audio_i2s0 or /soc/audio-i2s0"); + ret = fdt_disabled_node_alt(blob,"/soc/audio_i2s1","/soc/audio-i2s1"); + ON_RET_ERROR("/soc/audio_i2s1 or /soc/audio-i2s1"); + ret = fdt_disabled_node_alt(blob,"/soc/audio_i2s2","/soc/audio-i2s2"); + ON_RET_ERROR("/soc/audio_i2s2 or /soc/audio-i2s2"); } if(0 == (mask & 0x02)) { - ret = fdt_disabled_node(blob,"/soc/audio_i2s_8ch_sd0"); - ON_RET_ERROR("/soc/audio_i2s_8ch_sd0"); - ret = fdt_disabled_node(blob,"/soc/audio_i2s_8ch_sd1"); - ON_RET_ERROR("/soc/audio_i2s_8ch_sd1"); - ret = fdt_disabled_node(blob,"/soc/audio_i2s_8ch_sd2"); - ON_RET_ERROR("/soc/audio_i2s_8ch_sd2"); - ret = fdt_disabled_node(blob,"/soc/audio_i2s_8ch_sd3"); - ON_RET_ERROR("/soc/audio_i2s_8ch_sd3"); + ret = fdt_disabled_node_alt(blob,"/soc/audio_i2s_8ch_sd0","/soc/i2s-8ch-sd0"); + ON_RET_ERROR("/soc/audio_i2s_8ch_sd0 or /soc/i2s-8ch-sd0"); + ret = fdt_disabled_node_alt(blob,"/soc/audio_i2s_8ch_sd1","/soc/i2s-8ch-sd1"); + ON_RET_ERROR("/soc/audio_i2s_8ch_sd1 or /soc/i2s-8ch-sd1"); + ret = fdt_disabled_node_alt(blob,"/soc/audio_i2s_8ch_sd2","/soc/i2s-8ch-sd2"); + ON_RET_ERROR("/soc/audio_i2s_8ch_sd2 or /soc/i2s-8ch-sd2"); + ret = fdt_disabled_node_alt(blob,"/soc/audio_i2s_8ch_sd3","/soc/i2s-8ch-sd3"); + ON_RET_ERROR("/soc/audio_i2s_8ch_sd3 or /soc/i2s-8ch-sd3"); } /*set resume_bootargs for kernel do fast bootup */ sprintf(runcmd,"resume=/dev/mmcblk0p%d notrace noftrace nopty noclkdebug ",resume_part); diff --git a/board/thead/light-c910/lpddr-regu/ddr_regu.c b/board/thead/light-c910/lpddr-regu/ddr_regu.c index b075b797..a57eced7 100644 --- a/board/thead/light-c910/lpddr-regu/ddr_regu.c +++ b/board/thead/light-c910/lpddr-regu/ddr_regu.c @@ -136,7 +136,7 @@ static const struct regulator_t g_apcpu_regu_id_list[] = { REGU_ID_DEF(IIC_IDX_AONIIC,APCPU_REGU_VDDM,0x31,0x39,0,1,800000,600000,3500000,12500,1), }, }; -#elif defined (CONFIG_TARGET_LIGHT_FM_C910_VAL_ANT_REF) || defined (CONFIG_TARGET_LIGHT_FM_C910_A_REF) || defined (CONFIG_TARGET_LIGHT_FM_C910_B_REF) || (CONFIG_TARGET_LIGHT_FM_C910_BEAGLE) || defined (CONFIG_TARGET_LIGHT_FM_C910_LPI4A) || defined (CONFIG_TARGET_LIGHT_FM_C910_MILKV_MELES) +#elif defined (CONFIG_TARGET_LIGHT_FM_C910_VAL_ANT_REF) || defined (CONFIG_TARGET_LIGHT_FM_C910_A_REF) || defined (CONFIG_TARGET_LIGHT_FM_C910_B_REF) || (CONFIG_TARGET_LIGHT_FM_C910_BEAGLE) || defined (CONFIG_TARGET_LIGHT_FM_C910_LPI4A) || defined (CONFIG_TARGET_LIGHT_FM_C910_MILKV_MELES) || defined(CONFIG_TARGET_LIGHT_FM_C910_RVBOOK) /** * board for ant-ref * @@ -955,7 +955,7 @@ int pmic_reset_apcpu_voltage(void) return ret; return 0; } -#elif defined (CONFIG_TARGET_LIGHT_FM_C910_VAL_ANT_REF) || defined (CONFIG_TARGET_LIGHT_FM_C910_A_REF) || defined (CONFIG_TARGET_LIGHT_FM_C910_B_REF)|| (CONFIG_TARGET_LIGHT_FM_C910_BEAGLE) || defined (CONFIG_TARGET_LIGHT_FM_C910_LPI4A) || defined (CONFIG_TARGET_LIGHT_FM_C910_MILKV_MELES) +#elif defined (CONFIG_TARGET_LIGHT_FM_C910_VAL_ANT_REF) || defined (CONFIG_TARGET_LIGHT_FM_C910_A_REF) || defined (CONFIG_TARGET_LIGHT_FM_C910_B_REF)|| (CONFIG_TARGET_LIGHT_FM_C910_BEAGLE) || defined (CONFIG_TARGET_LIGHT_FM_C910_LPI4A) || defined (CONFIG_TARGET_LIGHT_FM_C910_MILKV_MELES) || defined(CONFIG_TARGET_LIGHT_FM_C910_RVBOOK) int pmic_reset_apcpu_voltage(void) { int ret = -1; diff --git a/board/thead/light-c910/lpddr4/src/ddr_common_func.c b/board/thead/light-c910/lpddr4/src/ddr_common_func.c index 5d127008..64ec848d 100644 --- a/board/thead/light-c910/lpddr4/src/ddr_common_func.c +++ b/board/thead/light-c910/lpddr4/src/ddr_common_func.c @@ -994,7 +994,7 @@ if(bits==64) { } } -#define MEMSIZE_MIN_MB (2*1024) +#define MEMSIZE_MIN_MB (1*1024) #define MEMSIZE_MAX_MB (16*1024) #define UNIT_MB (1024*1024) int lpddr4_query_boundary(enum DDR_TYPE type, int rank_num, int speed, @@ -1007,35 +1007,29 @@ int lpddr4_query_boundary(enum DDR_TYPE type, int rank_num, int speed, if (bits == DDR_BITWIDTH_32) {// only phy0 if (rank_num == 2) { if (size == 0x80000000) //2GB - goto err_ret; + goto ret_ok; else if (size == 0x100000000) //4GB goto ret_ok; else if (size == 0x200000000) //8GB goto ret_ok; - else if (size == 0x400000000) //16GB - goto err_ret; else goto err_ret; } else { // single rank - if (size == 0x80000000) //2GB + if (size == 0x40000000) //1GB + goto ret_ok; + else if (size == 0x80000000) //2GB goto ret_ok; else if (size == 0x100000000) //4GB - goto err_ret; - else if (size == 0x200000000) //8GB - goto err_ret; - else if (size == 0x400000000) //16GB - goto err_ret; + goto ret_ok; else goto err_ret; } } else if (bits == DDR_BITWIDTH_64) { // phy0+phy1 if (rank_num == 2) { - if (size == 0x80000000) //2GB - goto err_ret; - else if (size == 0x100000000) //4GB - goto err_ret; + if (size == 0x100000000) //4GB + goto ret_ok; else if (size == 0x200000000) //8GB goto ret_ok; else if (size == 0x400000000) //16GB @@ -1045,13 +1039,11 @@ int lpddr4_query_boundary(enum DDR_TYPE type, int rank_num, int speed, } else { // single rank if (size == 0x80000000) //2GB - goto err_ret; + goto ret_ok; else if (size == 0x100000000) //4GB goto ret_ok; else if (size == 0x200000000) //8GB - goto err_ret; - else if (size == 0x400000000) //16GB - goto err_ret; + goto ret_ok; else goto err_ret; } @@ -1075,36 +1067,70 @@ int adjust_ddr_addrmap(enum DDR_TYPE type, int rank_num, int speed, if (bits == DDR_BITWIDTH_32) {// only phy0 if (rank_num == 2) { - if (size == 0x100000000) {//4GB + if (size == 0x80000000) {//2GB + wr(ADDRMAP0,0x001f0016); // cs_bit0: HIF[28] + wr(ADDRMAP6,0x0f070707); // row15: NULL + wr(ADDRMAP7,0x00000f0f); // row16: NULL + } + else if (size == 0x100000000) {//4GB wr(ADDRMAP0,0x001f0017); // cs_bit0: HIF[29] + wr(ADDRMAP6,0x07070707); // row15: HIF[28] wr(ADDRMAP7,0x00000f0f); // row16: NULL } else if (size == 0x200000000) {//8GB wr(ADDRMAP0,0x001f0018); // cs_bit0: HIF[30] + wr(ADDRMAP6,0x07070707); // row15: HIF[28] wr(ADDRMAP7,0x00000f07); // row16: HIF[29] } } else { // single rank - if (size == 0x80000000) //2GB - wr(ADDRMAP0,0x001f001f); // cs_bit0: NULL + wr(ADDRMAP0,0x001f001f); // cs_bit0: NULL + if (size == 0x40000000) {//1GB + wr(ADDRMAP6,0x0f070707); // row15: NULL + wr(ADDRMAP7,0x00000f0f); // row16: NULL + } + else if (size == 0x80000000) {//2GB + wr(ADDRMAP6,0x07070707); // row15: HIF[28] + wr(ADDRMAP7,0x00000f0f); // row16: NULL + } + else if (size == 0x100000000) {//4GB + wr(ADDRMAP6,0x07070707); // row15: HIF[28] + wr(ADDRMAP7,0x00000f07); // row16: HIF[29] + } } } else if (bits == DDR_BITWIDTH_64) { // phy0+phy1 if (rank_num == 2) { - if (size == 0x200000000) {//8GB + if (size == 0x100000000) {//4GB + wr(ADDRMAP0,0x00040017); // cs_bit0: HIF[29] + wr(ADDRMAP6,0x0f080808); // row15: NULL + wr(ADDRMAP7,0x00000f0f); // row16: NULL + } + else if (size == 0x200000000) {//8GB wr(ADDRMAP0,0x00040018); // cs_bit0: HIF[30] + wr(ADDRMAP6,0x08080808); // row15: HIF[29] wr(ADDRMAP7,0x00000f0f); // row16: NULL } else if (size == 0x400000000) {//16GB wr(ADDRMAP0,0x00040019); // cs_bit0: HIF[31] + wr(ADDRMAP6,0x08080808); // row15: HIF[29] wr(ADDRMAP7,0x00000f08); // row16: HIF[30] } } else { // single rank - if (size == 0x100000000) {//4GB - wr(ADDRMAP0,0x0004001f); // cs_bit0: NULL + wr(ADDRMAP0,0x0004001f); // cs_bit0: NULL + if (size == 0x80000000) {//2GB + wr(ADDRMAP6,0x0f080808); // row15: NULL wr(ADDRMAP7,0x00000f0f); // row16: NULL } + else if (size == 0x100000000) {//4GB + wr(ADDRMAP6,0x08080808); // row15: HIF[29] + wr(ADDRMAP7,0x00000f0f); // row16: NULL + } + else if (size == 0x200000000) {//8GB + wr(ADDRMAP6,0x08080808); // row15: HIF[29] + wr(ADDRMAP7,0x00000f08); // row16: HIF[30] + } } } else { diff --git a/board/thead/light-c910/sbmeta/sbmeta.c b/board/thead/light-c910/sbmeta/sbmeta.c index 047696c1..a127baa3 100644 --- a/board/thead/light-c910/sbmeta/sbmeta.c +++ b/board/thead/light-c910/sbmeta/sbmeta.c @@ -29,7 +29,7 @@ #define DMSG(fmt, args...) trace_printer("", fmt, ##args) #endif -#if CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_B) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A) +#if CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_B) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_RVBOOK) #if CONFIG_IS_ENABLED(LIGHT_SEC_UPGRADE) /* digest_size corresponding to digest_scheme specified in sbmeta_info_t */ static const int digest_size[] = {0, 20, 16, 28, 32, 48, 64, 32}; @@ -62,7 +62,8 @@ typedef struct { char filename[MAX_NAME_SIZE]; uint8_t digest[MAX_DIGEST_SIZE]; uint32_t relocated_addr; - uint32_t reserved[4]; + uint8_t security_level; + uint8_t reserved[15]; } sbmeta_info_t; static int is_sbmeta_info(uint32_t entry_src_addr) @@ -107,6 +108,11 @@ static int dump_sbmeta_info(sbmeta_info_t *sbmeta_info) IMSG("Image has been loaded\r\n"); } + if (sbmeta_info->security_level > SBMETA_SECURITY_LEVEL_SIGN || sbmeta_info->security_level < SBMETA_SECURITY_LEVEL_NONE) { + EMSG("security level is invalid\n"); + return CMD_RET_FAILURE; + } + /* dump sbmeta_info_t */ DMSG("image medium type: %d\n", sbmeta_info->medium_type); DMSG("image load part: mmc %d:%d\n", sbmeta_info->dev, sbmeta_info->part); @@ -136,6 +142,10 @@ static int sbmeta_field_verify(sbmeta_info_t *sbmeta_info, unsigned long img_src return CMD_RET_FAILURE; } + if (sbmeta_info->security_level < SBMETA_SECURITY_LEVEL_SIGN) { + return 0; + } + /* if image has secure header, check with sbmeta field */ if (image_have_head(img_src_addr)) { phead = (img_header_t *)img_src_addr; @@ -221,7 +231,7 @@ static int sbmeta_verify_image(uint32_t image_load_addr, sbmeta_info_t *sbmeta_i uint8_t checksum_scheme = sbmeta_info->checksum_scheme; uint8_t *digest = sbmeta_info->digest; uint8_t is_encrypted = sbmeta_info->isencrypted; - uint32_t security_level = env_get_hex("sbmeta_security_level", 3); + uint32_t security_level = sbmeta_info->security_level; uint32_t filesize = 0; char buf[64] = {0}; @@ -253,11 +263,11 @@ static int sbmeta_verify_image(uint32_t image_load_addr, sbmeta_info_t *sbmeta_i /* start verifying images */ IMSG("Process %s image verification ...\n", image_name); - if (security_level == 3 || is_encrypted != 0) { + if (security_level == SBMETA_SECURITY_LEVEL_SIGN || is_encrypted != 0) { if (verify_customer_image(image_type, image_load_addr) != 0) { return CMD_RET_FAILURE; } - } else if (security_level == 2) { + } else if (security_level == SBMETA_SECURITY_LEVEL_HASH) { if (memcmp(digest, buf, 64) == 0) { EMSG("sbmeta info doesn't specify digest value in security level 2\r\n"); return CMD_RET_FAILURE; @@ -309,7 +319,8 @@ static int light_sbmetaboot(int argc, char *const argv[]) sbmeta_info_t *sbmeta_info = NULL; /* Load sbmeta image to memory */ - snprintf(cmd, sizeof(cmd), "ext4load mmc $mmcdev:%x 0x%p %s", SBMETA_PART, (void *)(uintptr_t)LIGHT_SBMETA_ADDR, SBMETA_FILENAME); + snprintf(cmd, sizeof(cmd), "ext4load mmc ${mmcdev}:${mmcsbmetapart} 0x%x %s", (void *)(uintptr_t)LIGHT_SBMETA_ADDR, SBMETA_FILENAME); + printf("%s\n",cmd); if (run_command(cmd, 0) != 0) { /* if sbmeta doesn't exist, do secboot by default */ IMSG("SBMETA doesn't exist, go to verify tf/tee\r\n"); @@ -324,7 +335,6 @@ static int light_sbmetaboot(int argc, char *const argv[]) return 0; } - /* initialize crypto algorithm interfaces */ if (csi_sec_init() != 0) { return CMD_RET_FAILURE; diff --git a/board/thead/light-c910/sbmeta/sbmeta.h b/board/thead/light-c910/sbmeta/sbmeta.h index 5a721b80..4abb17b4 100644 --- a/board/thead/light-c910/sbmeta/sbmeta.h +++ b/board/thead/light-c910/sbmeta/sbmeta.h @@ -14,10 +14,9 @@ #define MAX_DIGEST_SIZE 64 #define SBMETA_MAGIC 0x544D4253 /* = {'S', 'B', 'M', 'T'} */ -#if CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_B) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A) +#if CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_B) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_RVBOOK) #define LIGHT_SBMETA_ADDR 0x10000000 #endif -#define SBMETA_PART 5 #define ENTRY_SIZE 128 #define PLAIN_SBMETA_TEXT 4096 #define SBMETA_SIZE 4736 /* 4K SMBETA image + 640 footer */ @@ -27,8 +26,8 @@ #define SIGN_TYPE_NUM 6 #define SBMETA_FILENAME "sbmeta.bin" -#define SBMETA_SECURITY_LEVEL_H 3 /* verify signature and hash */ -#define SBMETA_SECURITY_LEVEL_M 2 /* verify checksum */ -#define SBMETA_SECURITY_LEVEL_L 1 /* no verification */ +#define SBMETA_SECURITY_LEVEL_SIGN 3 /* verify signature and hash */ +#define SBMETA_SECURITY_LEVEL_HASH 2 /* verify checksum */ +#define SBMETA_SECURITY_LEVEL_NONE 1 /* no verification */ #endif diff --git a/board/thead/light-c910/sec_check.c b/board/thead/light-c910/sec_check.c index 847e9ef5..6c586c15 100644 --- a/board/thead/light-c910/sec_check.c +++ b/board/thead/light-c910/sec_check.c @@ -75,7 +75,7 @@ void designware_get_mac_from_fuse(unsigned char *mac) } } -#if CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_B) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_ANT_REF) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A) +#if CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_B) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_ANT_REF) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_RVBOOK) /* Secure function for image verificaiton here */ int get_image_version(unsigned long img_src_addr) { diff --git a/board/thead/light-c910/spl.c b/board/thead/light-c910/spl.c index 6358a930..9eaa4c7f 100644 --- a/board/thead/light-c910/spl.c +++ b/board/thead/light-c910/spl.c @@ -508,7 +508,11 @@ void board_init_f(ulong dummy) } #endif ddr_clk_config(0); +#ifdef CONFIG_RV_BOOK + cpu_clk_config(750000000); +#else cpu_clk_config(0); +#endif init_ddr(); setup_ddr_scramble(); diff --git a/board/thead/light-c910/sys_clk.c b/board/thead/light-c910/sys_clk.c index 8c237790..cd89eec9 100644 --- a/board/thead/light-c910/sys_clk.c +++ b/board/thead/light-c910/sys_clk.c @@ -20,12 +20,106 @@ #define LIGHT_APSYS_RSTGEN_ADDRBASE 0xffff015000 #define LIGHT_DPU_CLOCK_GATING_CTRL0 0xffef601A28 #define LIGHT_DPU_CLOCK_GATING_CTRL1 0xffef601A2C +#ifdef CONFIG_RV_BOOK +#define LIGHT_CPU_PLL_IDX(x) (x) +#endif void show_sys_clk(void) { /* Do nothing for FPGA */ } +#ifdef CONFIG_RV_BOOK + +static int _light_get_pllid(void) +{ + unsigned int val; + int ret; + val = readl((void *)LIGHT_APCLK_ADDRBASE + 0x100); + if(val & 0x1) + ret = LIGHT_CPU_PLL_IDX(1); + else + ret = LIGHT_CPU_PLL_IDX(0); + return ret; +} + +void update_cpu_freq(uint32_t val) +{ + if(_light_get_pllid() == LIGHT_CPU_PLL_IDX(0)) + { + /* update cpupll1*/ + writel(0x20000000, (void *)LIGHT_APCLK_ADDRBASE + 0x14); + writel(val, (void *)LIGHT_APCLK_ADDRBASE + 0x10); + writel(0x23000000, (void *)LIGHT_APCLK_ADDRBASE + 0x14); + udelay(3); + writel(0x03000000, (void *)LIGHT_APCLK_ADDRBASE + 0x14); + readl((void *)LIGHT_APCLK_ADDRBASE + 0x80); + readl((void *)LIGHT_APCLK_ADDRBASE + 0x80); + while(!(readl((void *)LIGHT_APCLK_ADDRBASE + 0x80) & 0x10)); + udelay(11); + }else{ + /* update cpupll0*/ + writel(0x20000000, (void *)LIGHT_APCLK_ADDRBASE + 0x04); + writel(val, (void *)LIGHT_APCLK_ADDRBASE + 0x00); + writel(0x23000000, (void *)LIGHT_APCLK_ADDRBASE + 0x04); + udelay(3); + writel(0x03000000, (void *)LIGHT_APCLK_ADDRBASE + 0x04); + readl((void *)LIGHT_APCLK_ADDRBASE + 0x80); + readl((void *)LIGHT_APCLK_ADDRBASE + 0x80); + while(!(readl((void *)LIGHT_APCLK_ADDRBASE + 0x80) & 0x02)); + udelay(11); + } +} + +void cpu_clk_config(int32_t cpu_freq) +{ +#ifndef CONFIG_TARGET_LIGHT_FPGA_FM_C910 /* for sillicon */ + unsigned int tmp; + + switch(cpu_freq){ + case 750000000: + { + /* 4. update c910_cclk to 750Mhz */ + update_cpu_freq(0x1407d01); + /* config bus: cpu clk ratio to 1:1 */ + writel((readl((const volatile void __iomem *)(LIGHT_APCLK_ADDRBASE + 0x100)) & (~(0x7<<8))) | (0x0<<8), (void *)(LIGHT_APCLK_ADDRBASE + 0x100)); // ratio=0 + writel(readl((const volatile void __iomem *)(LIGHT_APCLK_ADDRBASE + 0x100)) & (~(0x1<<11)), (void *)(LIGHT_APCLK_ADDRBASE + 0x100)); // sync=0 + writel(readl((const volatile void __iomem *)(LIGHT_APCLK_ADDRBASE + 0x100)) | (0x1<<11), (void *)(LIGHT_APCLK_ADDRBASE + 0x100)); // sync=1 + printf("cpu frequency to 750\n"); + } + break; + case 1500000000: + { + /* 4. update c910_cclk to 1.5Ghz */ + update_cpu_freq(0x01207d01); + /* config bus: cpu clk ratio to 1:2 */ + writel((readl((const volatile void __iomem *)(LIGHT_APCLK_ADDRBASE + 0x100)) & (~(0x7<<8))) | (0x1<<8), (void *)(LIGHT_APCLK_ADDRBASE + 0x100)); // ratio=0 + writel(readl((const volatile void __iomem *)(LIGHT_APCLK_ADDRBASE + 0x100)) & (~(0x1<<11)), (void *)(LIGHT_APCLK_ADDRBASE + 0x100)); // sync=0 + writel(readl((const volatile void __iomem *)(LIGHT_APCLK_ADDRBASE + 0x100)) | (0x1<<11), (void *)(LIGHT_APCLK_ADDRBASE + 0x100)); // sync=1 + printf("cpu frequency to 1500\n"); + } + break; + default: + return; + } + if(_light_get_pllid() == LIGHT_CPU_PLL_IDX(0)) + { + /* switch c910_cclk to cpu_pll1_foutpostdiv */ + tmp = readl((void *)LIGHT_APCLK_ADDRBASE + 0x100); + tmp |= 0x1; + writel(tmp, (void *)LIGHT_APCLK_ADDRBASE + 0x100); + }else + { + /* switch c910_cclk to cpu_pll0_foutpostdiv */ + tmp = readl((void *)LIGHT_APCLK_ADDRBASE + 0x100); + tmp &= ~0x1; + writel(tmp, (void *)LIGHT_APCLK_ADDRBASE + 0x100); + } + udelay(1); +#endif +} + +#else void cpu_clk_config(uint32_t cpu_freq) { #ifndef CONFIG_TARGET_LIGHT_FPGA_FM_C910 /* for sillicon */ @@ -54,6 +148,7 @@ void cpu_clk_config(uint32_t cpu_freq) udelay(1); #endif } +#endif void sys_clk_config(void) { @@ -336,6 +431,24 @@ void sys_clk_config(void) #endif } +#ifndef CONFIG_SPL_BUILD +static int cpu_switch_freq(cmd_tbl_t *cmdtp, int flag, int argc, + char * const argv[]) +{ + cpu_clk_config(1500000000); + return 0; +} + +U_BOOT_CMD( + cpufreq_switch, + 2, + 0, + cpu_switch_freq, + "switch cpu freq to highest", + "" +); +#endif + void ddr_clk_config(int ddr_freq) { /* Do nothing for FPGA */ diff --git a/cmd/Makefile b/cmd/Makefile index a73a3dbe..a972b463 100644 --- a/cmd/Makefile +++ b/cmd/Makefile @@ -138,6 +138,7 @@ obj-$(CONFIG_CMD_TPM) += tpm-common.o obj-$(CONFIG_CMD_TPM_V1) += tpm-v1.o obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o obj-$(CONFIG_CMD_TPM_V2) += tpm-v2.o +obj-$(CONFIG_CMD_MEASURED_BOOT) += mboot.o obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o obj-$(CONFIG_CMD_TSI148) += tsi148.o obj-$(CONFIG_CMD_UBI) += ubi.o diff --git a/cmd/bootandroid.c b/cmd/bootandroid.c index 923d1669..74ecacd8 100644 --- a/cmd/bootandroid.c +++ b/cmd/bootandroid.c @@ -237,9 +237,15 @@ static int prepare_data_from_vendor_boot(struct andr_img_hdr *hdr, int dtb_start if (ramdisk_entry->ramdisk_type != VENDOR_RAMDISK_TYPE_RECOVERY) { continue; } - printf("find recovery from ramdisk table."); + printf("find recovery from ramdisk table.\n"); int ramdisk_start = env_get_hex(ENV_RAMDISK_ADDR, DEFAULT_RAMDISK_ADDR); int recovery_ramdisk_offset = vendor_boot_pagesize * o + ramdisk_entry->ramdisk_offset; + + printf("ramdisk_start:%x, ramdisk_size:%x, dtb_start:%x\n", ramdisk_start, ramdisk_entry->ramdisk_size, dtb_start); + if (ramdisk_start + ramdisk_entry->ramdisk_size > dtb_start) { + printf("ramdisk space are overlaped !!!\n"); + } + memcpy((void *)(uint64_t)ramdisk_start, vendor_boot_data + recovery_ramdisk_offset, ramdisk_entry->ramdisk_size);//ramdisk //get bootconfig form vendor_boot.img and append bootconfig to ramdisk @@ -292,10 +298,10 @@ static void prepare_loaded_parttion_data(const uint8_t* data, bool isRecovery) printf("Boot image kernel_start:%x, kernel_offset:%x, kernel_size:%d\n", kernel_start, kernel_offset, hdr->kernel_size); printf("Boot image ramdisk_start:%x, ramdisk_offset:%x, ramdisk_size:%d\n", ramdisk_start, ramdisk_offset, hdr->ramdisk_size); printf("Boot image page_size:%d\n", hdr->page_size); - printf("dtb_offset:%x, dtb_size:%d\n", dtb_offset, hdr->dtb_size); + printf("dtb_start:%x, dtb_offset:%x, dtb_size:%d\n", dtb_start, dtb_offset, hdr->dtb_size); - if (kernel_start + hdr->kernel_size > ramdisk_start || kernel_start + hdr->kernel_size > dtb_start) { - printf("boot.img kernel space and ramdis space are overlaped !!!\n"); + if (kernel_start + hdr->kernel_size > ramdisk_start || kernel_start + hdr->kernel_size > dtb_start || ramdisk_start + hdr->ramdisk_size > dtb_start) { + printf("boot.img kernel space and ramdisk space are overlaped !!!\n"); } else { memcpy((void *)(uint64_t)kernel_start, data + kernel_offset, hdr->kernel_size); if (!isRecovery) { diff --git a/cmd/booti.c b/cmd/booti.c index 594e535a..bac909f1 100644 --- a/cmd/booti.c +++ b/cmd/booti.c @@ -118,7 +118,7 @@ U_BOOT_CMD( #endif -#if CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_B) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_ANT_REF) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A) +#if CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_VAL_B) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_ANT_REF) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_LPI4A) || CONFIG_IS_ENABLED(LIGHT_SEC_BOOT_WITH_VERIFY_RVBOOK) #if CONFIG_IS_ENABLED(LIGHT_SEC_UPGRADE) extern int light_secboot(int argc, char * const argv[]); #endif @@ -137,6 +137,91 @@ U_BOOT_CMD( "vimage addr imgname[[tee/tf] - verify specifed image resides in addr\n" ); +/* check whether partition numbers are consistent with the slot suffix */ +static int do_light_bootab(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { + char *slot_suffix = env_get("slot_suffix"); + int teepart = env_get_hex("mmcteepart", 3); + + struct disk_partition part_info; + struct blk_desc *dev_desc; + int part = 0; + + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (dev_desc == NULL) { + printf("Failed to find MMC device\n"); + return 1; + } + + if ((strcmp(slot_suffix, "a") == 0) && (teepart != 3)) { + part = part_get_info_by_name(dev_desc, "boot_a", &part_info); + if (part < 0) { + printf("Failed to find MMC device\n"); + return 1; + } + env_set_hex("mmcbootpart", part); + + part = part_get_info_by_name(dev_desc, "tee_a", &part_info); + if (part < 0) { + printf("Failed to find MMC device\n"); + return 1; + } + env_set_hex("mmcteepart", part); + + part = part_get_info_by_name(dev_desc, "sbmeta_a", &part_info); + if (part < 0) { + printf("Failed to find MMC device\n"); + return 1; + } + env_set_hex("mmcsbmetapart", part); + + part = part_get_info_by_name(dev_desc, "root_a", &part_info); + if (part < 0) { + printf("root AB partition is not enabled\n"); + } else { + env_set_hex("mmcpart", part); + } + + run_command("env save", 0); + } else if ((strcmp(slot_suffix, "b") == 0) && (teepart != 10)) { + part = part_get_info_by_name(dev_desc, "boot_b", &part_info); + if (part < 0) { + printf("Failed to find MMC device\n"); + return 1; + } + env_set_hex("mmcbootpart", part); + + part = part_get_info_by_name(dev_desc, "tee_b", &part_info); + if (part < 0) { + printf("Failed to find MMC device\n"); + return 1; + } + env_set_hex("mmcteepart", part); + + part = part_get_info_by_name(dev_desc, "sbmeta_b", &part_info); + if (part < 0) { + printf("Failed to find MMC device\n"); + return 1; + } + env_set_hex("mmcsbmetapart", part); + + part = part_get_info_by_name(dev_desc, "root_b", &part_info); + if (part < 0) { + printf("root AB partition is not enabled\n"); + } else { + env_set_hex("mmcpart", part); + } + run_command("env save", 0); + } + printf("current active slot is:%s\n", slot_suffix); + return CMD_RET_SUCCESS; +} + +U_BOOT_CMD( + light_bootab, CONFIG_SYS_MAXARGS, 1, do_light_bootab, + "Light A/B updates", + NULL +); + #endif #endif diff --git a/cmd/mboot.c b/cmd/mboot.c new file mode 100644 index 00000000..af501202 --- /dev/null +++ b/cmd/mboot.c @@ -0,0 +1,122 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2018 Bootlin + * Author: Miquel Raynal + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include "tpm-user-utils.h" +#include "sec_library.h" + +enum mboot_type { + UBOOT_IMAGE = 0, + KERNEL_IMAGE, + PARTITIONS_STR, + MBOOT_TYPE_MAX, +}; +enum pcr_index { + PCR_0 = 0, + PCR_1, + PCR_2, + PCR_3, + PCR_4, + PCR_5, + PCR_6, + PCR_7, +}; +static uint8_t image_digest[32] __attribute__((aligned(64))) = { 0 }; + +#define CHECK_RET_WITH_RET(x, ret) \ + do { \ + if (!(x)) { \ + return ret; \ + } \ + } while (0) + +static uint32_t hash_image_sha256(long image_addr, size_t size, void *digest, uint32_t *digest_len) +{ + uint32_t ret; + sc_sha_t sha; + sc_sha_context_t ctx; + + CHECK_RET_WITH_RET(ret = csi_sec_library_init(), ret); + CHECK_RET_WITH_RET(ret = sc_sha_init(&sha, 0), ret); + CHECK_RET_WITH_RET(ret = sc_sha_start(&sha, &ctx, SC_SHA_MODE_256), ret); + CHECK_RET_WITH_RET(ret = sc_sha_trans_config(&sha, &ctx, SC_SHA_DMA_MODE), ret); + CHECK_RET_WITH_RET(ret = sc_sha_update(&sha, &ctx, (void *)image_addr, size), ret); + CHECK_RET_WITH_RET(ret = sc_sha_finish(&sha, &ctx, digest, digest_len), ret); + + return SC_OK; +} + +static int do_measured_boot(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +{ + struct udevice *dev; + struct tpm_chip_priv *priv; + uint32_t index, type; + uint32_t rc; + int ret; + long image_addr = 0; + size_t image_size = 0; + uint32_t image_digest_len = 0; + char *partitions_str = NULL; + + if (argc != 1) + return CMD_RET_USAGE; + + ret = get_tpm(&dev); + if (ret) + return ret; + + tpm_init(dev); /* Initialization TPM2 chip */ + rc = tpm2_startup(dev, TPM2_SU_CLEAR); /* Startup TPM2 chip with mode TPM_ST_CLEAR*/ + if (rc) + report_return_code(rc); + + priv = dev_get_uclass_priv(dev); + if (!priv) + return -EINVAL; + + for (type = UBOOT_IMAGE; type < MBOOT_TYPE_MAX; type++) { + if (type == UBOOT_IMAGE) { /*U-BOOT Image */ + index = PCR_0; + image_addr = CONFIG_SPL_TEXT_BASE; + image_size = CONFIG_SPL_MAX_SIZE+CONFIG_SYS_MONITOR_LEN; + } else if (type == KERNEL_IMAGE) { /* KERNEL Image */ + index = PCR_0; + image_addr = 0x00200000; + if (fs_set_blk_dev("mmc", "0:2", 2)) + return -EINVAL; + if (fs_size("Image", &image_size) < 0) + return -EINVAL; + } else if (type == PARTITIONS_STR) { /* PARTITIONS */ + index = PCR_5; + partitions_str = env_get("partitions"); + image_addr = (long)partitions_str; + image_size = strlen(partitions_str); + } + + rc = hash_image_sha256(image_addr, image_size, image_digest, &image_digest_len); + if (rc) + return -EINVAL; + + rc = tpm2_pcr_extend(dev, index, image_digest); + if (rc) + break; + } + + return report_return_code(rc); +} + +U_BOOT_CMD( + measured_boot, CONFIG_SYS_MAXARGS, 1, do_measured_boot, + "extend hash(u-boot), hash(kernel), hash(partitions str) to pcr0 and pcr5", + "" +); diff --git a/configs/light_a_val_sec_defconfig b/configs/light_a_val_sec_defconfig index 17628629..2c9d7da2 100644 --- a/configs/light_a_val_sec_defconfig +++ b/configs/light_a_val_sec_defconfig @@ -25,6 +25,7 @@ CONFIG_FIXUP_MEMORY_REGION=y # CONFIG_CMD_TPM_V2 is not set # CONFIG_CMD_TPM is not set # CONFIG_CMD_TPM_TEST is not set +# CONFIG_CMD_MEASURED_BOOT is not set CONFIG_CMD_BOOT_SLAVE=y CONFIG_CMD_ERASEENV=y CONFIG_CMD_GPT=y @@ -114,3 +115,5 @@ CONFIG_DDR_REGU_0V8=800000 CONFIG_DDR_REGU_1V1=1100000 CONFIG_MISC=y CONFIG_LIGHT_AON_CONF=y +# CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION is not set +# CONFIG_FASTBOOT_ECIES_AUTH is not set diff --git a/configs/light_b_product_sec_defconfig b/configs/light_b_product_sec_defconfig index f57e0676..b4cdd87b 100644 --- a/configs/light_b_product_sec_defconfig +++ b/configs/light_b_product_sec_defconfig @@ -107,3 +107,5 @@ CONFIG_DDR_REGU_0V8=800000 CONFIG_DDR_REGU_1V1=1100000 CONFIG_MISC=y CONFIG_LIGHT_AON_CONF=y +# CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION is not set +# CONFIG_FASTBOOT_ECIES_AUTH is not set diff --git a/configs/light_lpi4a_android_defconfig b/configs/light_lpi4a_android_defconfig index 8a6db720..04c48732 100644 --- a/configs/light_lpi4a_android_defconfig +++ b/configs/light_lpi4a_android_defconfig @@ -19,7 +19,7 @@ CONFIG_SYS_PROMPT="C910 Light# " CONFIG_DDR_LP4X_3733_DUALRANK=y # CONFIG_DDR_LP4_3733_DUALRANK is not set CONFIG_DDR_BOARD_CONFIG=y -CONFIG_FIXUP_MEMORY_REGION=n +CONFIG_FIXUP_MEMORY_REGION=y CONFIG_CMD_BOOT_SLAVE=y CONFIG_CMD_ERASEENV=y CONFIG_CMD_GPT=y @@ -93,7 +93,7 @@ CONFIG_CMD_BMP=y CONFIG_VIDEO_BRIDGE=y CONFIG_DM_PCA953X=y CONFIG_VIDEO_VS_DPU=y -CONFIG_VIDEO_LCD_ILITEK_ILI9881C=y +CONFIG_VIDEO_LCD_JD9365DA=y CONFIG_VIDEO_DW_DSI_LIGHT=y CONFIG_VIDEO_DW_DPHY=y CONFIG_VIDEO_DW_DSI_HOST=y diff --git a/configs/light_lpi4a_sec_defconfig b/configs/light_lpi4a_sec_defconfig index 37190ffc..dd887db1 100644 --- a/configs/light_lpi4a_sec_defconfig +++ b/configs/light_lpi4a_sec_defconfig @@ -113,3 +113,5 @@ CONFIG_DDR_REGU_0V8=800000 CONFIG_DDR_REGU_1V1=1100000 CONFIG_MISC=y CONFIG_LIGHT_AON_CONF=y +# CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION is not set +# CONFIG_FASTBOOT_ECIES_AUTH is not set diff --git a/configs/light_rvbook_defconfig b/configs/light_rvbook_defconfig new file mode 100644 index 00000000..9baf8f5d --- /dev/null +++ b/configs/light_rvbook_defconfig @@ -0,0 +1,130 @@ +CONFIG_RV_BOOK=y +CONFIG_RISCV=y +CONFIG_SPL_MMC_SUPPORT=y +CONFIG_ENV_SIZE=0x20000 +CONFIG_ENV_OFFSET=0xe0000 +CONFIG_NR_DRAM_BANKS=8 +CONFIG_SPL=y +CONFIG_SMP=y +CONFIG_TARGET_LIGHT_C910=y +CONFIG_TARGET_LIGHT_FM_C910_RVBOOK=y +# CONFIG_THEAD_PLIC is not set +# CONFIG_THEAD_LIGHT_TIMER is not set +# CONFIG_THEAD_LIGHT_DIGITAL_SENSOR is not set +CONFIG_ARCH_RV64I=y +CONFIG_DISTRO_DEFAULTS=y +CONFIG_BUILD_TARGET="u-boot-with-spl.bin" +CONFIG_DISPLAY_CPUINFO=y +CONFIG_DISPLAY_BOARDINFO=y +# CONFIG_SPL_LEGACY_IMAGE_SUPPORT is not set +CONFIG_SPL_RAM_SUPPORT=y +CONFIG_SPL_RAM_DEVICE=y +CONFIG_SYS_PROMPT="C910 Light# " +CONFIG_DDR_LP4X_3733_DUALRANK=y +# CONFIG_DDR_LP4_3733_DUALRANK is not set +CONFIG_DDR_BOARD_CONFIG=y +CONFIG_FIXUP_MEMORY_REGION=y +CONFIG_CMD_BOOT_SLAVE=y +CONFIG_CMD_ERASEENV=y +CONFIG_CMD_GPT=y +CONFIG_CMD_MTD=y +CONFIG_CMD_EXT4_WRITE=y +CONFIG_CMD_SPI=y +CONFIG_CMD_I2C=y +CONFIG_CMD_MEMTEST=y +CONFIG_DDR_SCAN=y +CONFIG_DDR_PRBS_TEST=n +# CONFIG_DOS_PARTITION is not set +# CONFIG_ISO_PARTITION is not set +CONFIG_PARTITION_TYPE_GUID=y +CONFIG_OF_EMBED=y +CONFIG_DEFAULT_DEVICE_TREE="th1520-rvbook" +CONFIG_ENV_IS_IN_MMC=y +CONFIG_SYS_RELOC_GD_ENV_ADDR=y +CONFIG_SPL_CLK=y +CONFIG_USB_FUNCTION_FASTBOOT=y +CONFIG_UDP_FUNCTION_FASTBOOT=y +CONFIG_FASTBOOT_BUF_ADDR=0x10000000 +CONFIG_FASTBOOT_FLASH=y +CONFIG_FASTBOOT_FLASH_MMC_DEV=0 +CONFIG_FASTBOOT_CMD_OEM_FORMAT=y +CONFIG_DM_GPIO=y +CONFIG_DM_I2C=y +CONFIG_SYS_I2C_DW=y +CONFIG_DWAPB_GPIO=y +# CONFIG_MMC_SPI is not set +CONFIG_MMC_VERBOSE=y +CONFIG_SUPPORT_EMMC_BOOT=y +CONFIG_MMC_IO_VOLTAGE=y +CONFIG_MMC_UHS_SUPPORT=y +CONFIG_MMC_HS400_SUPPORT=y +CONFIG_MMC_DW=y +CONFIG_MMC_DW_SNPS=y +CONFIG_MMC_SDHCI=y +CONFIG_MMC_SDHCI_SNPS=y +CONFIG_MMC_SDHCI_SDMA=y +CONFIG_CMD_MMC=y +CONFIG_CMD_MMC_RPMB=y +CONFIG_SUPPORT_EMMC_RPMB=y +CONFIG_DM_MTD=y +CONFIG_MTD_SPI_NAND=y +CONFIG_SPI_FLASH_WINBOND=y +CONFIG_ETH_DESIGNWARE=y +CONFIG_PHY_REALTEK=y +CONFIG_RTL8211E_PINE64_GIGABIT_FIX=y +CONFIG_RTL8211X_PHY_FORCE_MASTER=y +CONFIG_RTL8211F_PHY_FORCE_EEE_RXC_ON=y +CONFIG_SYS_NS16550=y +CONFIG_SPI=y +CONFIG_DESIGNWARE_SPI=y +CONFIG_DESIGNWARE_QSPI=y +CONFIG_USB=y +CONFIG_USB_DWC3=y +CONFIG_USB_GADGET=y +CONFIG_USB_GADGET_MANUFACTURER="U-Boot-THEAD" +CONFIG_USB_GADGET_VENDOR_NUM=0x1234 +CONFIG_USB_GADGET_PRODUCT_NUM=0x8888 +# CONFIG_SPL_USE_TINY_PRINTF is not set +# CONFIG_EFI_LOADER is not set +# CONFIG_LIGHT_SEC_BOOT is not set +CONFIG_BOARD_LATE_INIT=y +CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y +CONFIG_DM_VIDEO=y +CONFIG_PHY=y +CONFIG_REGMAP=y +CONFIG_SYSCON=y +CONFIG_CMD_BMP=y +CONFIG_VIDEO_BRIDGE=y +CONFIG_DM_PCA953X=y +CONFIG_VIDEO_VS_DPU=y +CONFIG_VIDEO_LCD_ILITEK_ILI9881C=y +CONFIG_VIDEO_LCD_CUSTOM_LOGO=y +CONFIG_VIDEO_DW_DSI_LIGHT=y +CONFIG_VIDEO_DW_DPHY=y +CONFIG_VIDEO_DW_DSI_HOST=y +CONFIG_SYS_WHITE_ON_BLACK=y +CONFIG_PMIC_VOL_INIT=y +CONFIG_DDR_REGU_0V6=600000 +CONFIG_DDR_REGU_0V8=800000 +CONFIG_DDR_REGU_1V1=1100000 +CONFIG_TPM=y +CONFIG_TPM_V2=y +CONFIG_TPM_Z32H330TC_SPI=y +CONFIG_CMD_TPM=y +CONFIG_CMD_TPM_V2=y +CONFIG_CMD_TPM_TEST=y +CONFIG_DM_CHARGE_DISPLAY=y +CONFIG_CHARGE_ANIMATION=y +CONFIG_DM_FUEL_GAUGE=y +CONFIG_POWER_FG_CW201X=y +CONFIG_CHARGER_BQ25700=y +CONFIG_LED=y +CONFIG_LED_GPIO=y +CONFIG_DM_MCU=y +CONFIG_MCU_HC32fX=y +CONFIG_DM_POWER_DELIVERY=y +CONFIG_TYPEC_TCPM=y +CONFIG_TYPEC_TCPCI=y +CONFIG_TYPEC_HUSB311=y +CONFIG_MISC=y +CONFIG_LIGHT_AON_CONF=y diff --git a/configs/light_rvbook_sec_defconfig b/configs/light_rvbook_sec_defconfig new file mode 100644 index 00000000..8d6ca7de --- /dev/null +++ b/configs/light_rvbook_sec_defconfig @@ -0,0 +1,132 @@ +CONFIG_RV_BOOK=y +CONFIG_RISCV=y +CONFIG_SPL_MMC_SUPPORT=y +CONFIG_ENV_SIZE=0x20000 +CONFIG_ENV_OFFSET=0xe0000 +CONFIG_NR_DRAM_BANKS=8 +CONFIG_SPL=y +CONFIG_SMP=y +CONFIG_TARGET_LIGHT_C910=y +# CONFIG_THEAD_PLIC is not set +# CONFIG_THEAD_LIGHT_TIMER is not set +# CONFIG_THEAD_LIGHT_DIGITAL_SENSOR is not set +CONFIG_ARCH_RV64I=y +CONFIG_DISTRO_DEFAULTS=y +CONFIG_BUILD_TARGET="u-boot-with-spl.bin" +CONFIG_DISPLAY_CPUINFO=y +CONFIG_DISPLAY_BOARDINFO=y +# CONFIG_SPL_LEGACY_IMAGE_SUPPORT is not set +CONFIG_SPL_RAM_SUPPORT=y +CONFIG_SPL_RAM_DEVICE=y +CONFIG_SYS_PROMPT="C910 Light# " +CONFIG_DDR_LP4X_3733_DUALRANK=y +# CONFIG_DDR_LP4_3733_DUALRANK is not set +CONFIG_DDR_BOARD_CONFIG=y +CONFIG_FIXUP_MEMORY_REGION=y +CONFIG_CMD_BOOT_SLAVE=y +CONFIG_CMD_ERASEENV=y +CONFIG_CMD_GPT=y +CONFIG_CMD_MTD=y +CONFIG_CMD_EXT4_WRITE=y +CONFIG_CMD_SPI=y +CONFIG_CMD_I2C=y +CONFIG_CMD_MEMTEST=y +CONFIG_DDR_SCAN=y +CONFIG_DDR_PRBS_TEST=n +# CONFIG_DOS_PARTITION is not set +# CONFIG_ISO_PARTITION is not set +CONFIG_PARTITION_TYPE_GUID=y +CONFIG_OF_EMBED=y +CONFIG_DEFAULT_DEVICE_TREE="th1520-rvbook" +CONFIG_ENV_IS_IN_MMC=y +CONFIG_SYS_RELOC_GD_ENV_ADDR=y +CONFIG_SPL_CLK=y +CONFIG_USB_FUNCTION_FASTBOOT=y +CONFIG_UDP_FUNCTION_FASTBOOT=y +CONFIG_FASTBOOT_BUF_ADDR=0x10000000 +CONFIG_FASTBOOT_FLASH=y +CONFIG_FASTBOOT_FLASH_MMC_DEV=0 +CONFIG_FASTBOOT_CMD_OEM_FORMAT=y +CONFIG_DM_GPIO=y +CONFIG_DM_I2C=y +CONFIG_SYS_I2C_DW=y +CONFIG_DWAPB_GPIO=y +# CONFIG_MMC_SPI is not set +CONFIG_MMC_VERBOSE=y +CONFIG_SUPPORT_EMMC_BOOT=y +CONFIG_MMC_IO_VOLTAGE=y +CONFIG_MMC_UHS_SUPPORT=y +CONFIG_MMC_HS400_SUPPORT=y +CONFIG_MMC_DW=y +CONFIG_MMC_DW_SNPS=y +CONFIG_MMC_SDHCI=y +CONFIG_MMC_SDHCI_SNPS=y +CONFIG_MMC_SDHCI_SDMA=y +CONFIG_CMD_MMC=y +CONFIG_CMD_MMC_RPMB=y +CONFIG_SUPPORT_EMMC_RPMB=y +CONFIG_DM_MTD=y +CONFIG_MTD_SPI_NAND=y +CONFIG_SPI_FLASH_WINBOND=y +CONFIG_ETH_DESIGNWARE=y +CONFIG_PHY_REALTEK=y +CONFIG_RTL8211E_PINE64_GIGABIT_FIX=y +CONFIG_RTL8211X_PHY_FORCE_MASTER=y +CONFIG_RTL8211F_PHY_FORCE_EEE_RXC_ON=y +CONFIG_SYS_NS16550=y +CONFIG_SPI=y +CONFIG_DESIGNWARE_SPI=y +CONFIG_DESIGNWARE_QSPI=y +CONFIG_USB=y +CONFIG_USB_DWC3=y +CONFIG_USB_GADGET=y +CONFIG_USB_GADGET_MANUFACTURER="U-Boot-THEAD" +CONFIG_USB_GADGET_VENDOR_NUM=0x1234 +CONFIG_USB_GADGET_PRODUCT_NUM=0x8888 +# CONFIG_SPL_USE_TINY_PRINTF is not set +# CONFIG_EFI_LOADER is not set + +CONFIG_LIGHT_SEC_BOOT_WITH_VERIFY_RVBOOK=y +CONFIG_LIGHT_SEC_UPGRADE=y +CONFIG_BOARD_LATE_INIT=y +CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y +CONFIG_DM_VIDEO=y +CONFIG_PHY=y +CONFIG_REGMAP=y +CONFIG_SYSCON=y +CONFIG_CMD_BMP=y +CONFIG_VIDEO_BRIDGE=y +CONFIG_DM_PCA953X=y +CONFIG_VIDEO_VS_DPU=y +CONFIG_VIDEO_LCD_ILITEK_ILI9881C=y +CONFIG_VIDEO_LCD_CUSTOM_LOGO=y +CONFIG_VIDEO_DW_DSI_LIGHT=y +CONFIG_VIDEO_DW_DPHY=y +CONFIG_VIDEO_DW_DSI_HOST=y +CONFIG_SYS_WHITE_ON_BLACK=y +CONFIG_PMIC_VOL_INIT=y +CONFIG_DDR_REGU_0V6=600000 +CONFIG_DDR_REGU_0V8=800000 +CONFIG_DDR_REGU_1V1=1100000 +CONFIG_TPM=y +CONFIG_TPM_V2=y +CONFIG_TPM_Z32H330TC_SPI=y +CONFIG_CMD_TPM=y +CONFIG_CMD_TPM_V2=y +CONFIG_CMD_TPM_TEST=y +CONFIG_DM_CHARGE_DISPLAY=y +CONFIG_CHARGE_ANIMATION=y +CONFIG_DM_FUEL_GAUGE=y +CONFIG_POWER_FG_CW201X=y +CONFIG_CHARGER_BQ25700=y +CONFIG_LED=y +CONFIG_LED_GPIO=y +CONFIG_DM_MCU=y +CONFIG_MCU_HC32fX=y +CONFIG_DM_POWER_DELIVERY=y +CONFIG_TYPEC_TCPM=y +CONFIG_TYPEC_TCPCI=y +CONFIG_TYPEC_HUSB311=y +CONFIG_MISC=y +CONFIG_LIGHT_AON_CONF=y +CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION=y diff --git a/drivers/Kconfig b/drivers/Kconfig index 9d99ce02..86e74ae5 100644 --- a/drivers/Kconfig +++ b/drivers/Kconfig @@ -130,6 +130,8 @@ source "drivers/w1-eeprom/Kconfig" source "drivers/watchdog/Kconfig" +source "drivers/mcu/Kconfig" + config PHYS_TO_BUS bool "Custom physical to bus address mapping" help diff --git a/drivers/Makefile b/drivers/Makefile index e977f19a..33d5b377 100644 --- a/drivers/Makefile +++ b/drivers/Makefile @@ -85,6 +85,9 @@ obj-y += misc/ obj-$(CONFIG_MMC) += mmc/ obj-$(CONFIG_NVME) += nvme/ obj-$(CONFIG_PCI_ENDPOINT) += pci_endpoint/ +ifdef CONFIG_RV_BOOK +obj-$(CONFIG_DM_POWER_DELIVERY) += power/power_delivery/ +endif obj-y += dfu/ obj-$(CONFIG_PCH) += pch/ obj-y += phy/allwinner/ diff --git a/drivers/fastboot/Kconfig b/drivers/fastboot/Kconfig index e1586b86..a65aa08b 100644 --- a/drivers/fastboot/Kconfig +++ b/drivers/fastboot/Kconfig @@ -135,6 +135,14 @@ config FASTBOOT_CMD_OEM_FORMAT relies on the env variable partitions to contain the list of partitions as required by the gpt command. +config FASTBOOT_CMD_OEM_NV_OPERATION + bool "Enable the 'oem nv get/set' command" + help + Add support for the "oem get/set" command from a client. + +config FASTBOOT_ECIES_AUTH + bool "Enabled ecies fastboot auth" + endif # FASTBOOT endmenu diff --git a/drivers/fastboot/Makefile b/drivers/fastboot/Makefile index 048af5aa..868bbf38 100644 --- a/drivers/fastboot/Makefile +++ b/drivers/fastboot/Makefile @@ -3,5 +3,7 @@ obj-y += fb_common.o obj-y += fb_getvar.o obj-y += fb_command.o +obj-$(CONFIG_FASTBOOT_ECIES_AUTH) += fb_ecies.o obj-$(CONFIG_FASTBOOT_FLASH_MMC) += fb_mmc.o obj-$(CONFIG_FASTBOOT_FLASH_NAND) += fb_nand.o +obj-$(CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION) += fb_nv_operation.o \ No newline at end of file diff --git a/drivers/fastboot/fb_command.c b/drivers/fastboot/fb_command.c index 92b33b89..6d5eb4ed 100644 --- a/drivers/fastboot/fb_command.c +++ b/drivers/fastboot/fb_command.c @@ -45,6 +45,19 @@ static void oem_format(char *, char *); static void oem_command(char *, char *); int image_have_head(unsigned long img_src_addr); +#if CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION +void oem_nv_get_proccess(char *cmd_parameter, char *response); +void oem_nv_set_proccess(char *cmd_parameter, char *response); +void oem_nv_factory_recovery_process(char *cmd_parameter, char *response); +static void oem_nv_get(char *cmd_parameter, char *response); +static void oem_nv_set(char *cmd_parameter, char *response); +static void oem_fcty(char *cmd_parameter, char *response); +#endif + +#ifdef CONFIG_FASTBOOT_ECIES_AUTH +int ecies_process_data(uint8_t * data, int data_size,char *response); +#endif + static const struct { const char *command; void (*dispatch)(char *cmd_parameter, char *response); @@ -97,6 +110,20 @@ static const struct { .command = "oem command", .dispatch = oem_command, }, +#if CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION + [FASTBOOT_COMMAND_OEM_NV_GET] = { + .command = "oem nv get", + .dispatch = oem_nv_get, + }, + [FASTBOOT_COMMAND_OEM_NV_SET] = { + .command = "oem nv set", + .dispatch = oem_nv_set, + }, + [FASTBOOT_COMMAND_OEM_FCTY] = { + .command = "oem fcty", + .dispatch = oem_fcty, + }, +#endif }; /** @@ -294,7 +321,90 @@ int check_image_board_id(uint8_t *image_data) return 0; } +int hibernate_image_cleaned_flag = 0; +void clean_hibernate_image_header(char *response) +{ + struct blk_desc *dev_desc; + disk_partition_t info; + if(0x03 == hibernate_image_cleaned_flag) //already erased all + { + return; + } + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { + fastboot_fail("invalid mmc device", response); + return; + } + char * buf = memalign(CONFIG_SYS_CACHELINE_SIZE,4096); + if(!buf) { + printf(" mem alloc for hibernate partition header failed!\n"); + return; + } + /* if fastresume partition exists, earse the old image header */ + if(part_get_info_by_name(dev_desc, "fastresume", &info)) { + printf(" find fastresume partition , erase the header:\n"); + memset(buf,0xff,4096); + if(blk_dwrite(dev_desc, info.start, 4096/info.blksz, buf) != 4096/info.blksz) + { + printf(" fastresume header write failed!\n"); + hibernate_image_cleaned_flag = 0; + } + else + { + hibernate_image_cleaned_flag |= 0x1; + } + } + /* if swap partition exists, earse the old image header */ + if(part_get_info_by_name(dev_desc, "swap", &info)) { + printf(" find swap partition , erase the header:\n"); + memset(buf,0xff,4096); + if(blk_dwrite(dev_desc, info.start, 4096/info.blksz, buf) != 4096/info.blksz) + { + printf(" swap header write failed!\n"); + hibernate_image_cleaned_flag = 0; + } + else + { + hibernate_image_cleaned_flag |= 0x2; + } + } + free(buf); +} + #if CONFIG_IS_ENABLED(FASTBOOT_FLASH) +void fasboot_uboot_write_process(void *buf, char *response) +{ + char cmdbuf[32]; + u32 block_cnt; + struct blk_desc *dev_desc; + int ret = 0; + disk_partition_t info; + + ret = check_image_board_id(buf); + if (ret != 0) { + fastboot_fail("U-BOOT image does not match the type of BOARD", response); + return; + } + + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { + fastboot_fail("invalid mmc device", response); + return; + } + + run_command("mmc partconf 0 1 0 1", 0); + + block_cnt = image_size / BLOCK_SIZE; + if (image_size % BLOCK_SIZE) { + block_cnt = block_cnt +1; + } + + sprintf(cmdbuf, "mmc write 0x%p 0 %x", buf, block_cnt); + + run_command(cmdbuf, 0); + run_command("mmc partconf 0 1 0 0", 0); +} + /** * flash() - write the downloaded image to the indicated partition. * @@ -308,36 +418,10 @@ static void flash(char *cmd_parameter, char *response) { #ifdef THEAD_LIGHT_FASTBOOT char cmdbuf[32]; - u32 block_cnt; struct blk_desc *dev_desc; disk_partition_t info; - int ret = 0; - if (strcmp(cmd_parameter, "uboot") == 0) { - ret = check_image_board_id(fastboot_buf_addr); - if (ret != 0) { - fastboot_fail("U-BOOT image does not match the type of BOARD", response); - return; - } - - dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); - if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { - fastboot_fail("invalid mmc device", response); - return; - } - - run_command("mmc partconf 0 1 0 1", 0); - - block_cnt = image_size / BLOCK_SIZE; - if (image_size % BLOCK_SIZE) { - block_cnt = block_cnt +1; - } - - sprintf(cmdbuf, "mmc write 0x%p 0 %x", fastboot_buf_addr, block_cnt); - - run_command(cmdbuf, 0); - run_command("mmc partconf 0 1 0 0", 0); - + fasboot_uboot_write_process(fastboot_buf_addr, response); } else if ((strcmp(cmd_parameter, "fw") == 0)) { memcpy((void *)LIGHT_FW_ADDR, fastboot_buf_addr, image_size); } else if ((strcmp(cmd_parameter, "uImage") == 0)) { @@ -352,13 +436,15 @@ static void flash(char *cmd_parameter, char *response) memcpy((void *)LIGHT_TF_FW_ADDR, fastboot_buf_addr, image_size); } else if ((strcmp(cmd_parameter, TEE_PART_NAME) == 0)) { memcpy((void *)LIGHT_TEE_FW_ADDR, fastboot_buf_addr, image_size); - } else if ((strcmp(cmd_parameter, "boot") == 0)) { + } +#ifdef CONFIG_RV_BOOK + else if ((strcmp(cmd_parameter, "boot") == 0)) { dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); if (!dev_desc || dev_desc->type == DEV_TYPE_UNKNOWN) { - fastboot_fail("invalid mmc device", response); - return; - } - /* if fastresume partition exists, earse the old image header */ + fastboot_fail("invalid mmc device", response); + return; + } + /* if fastresume partition exists, earse the old image header */ if(part_get_info_by_name(dev_desc, "fastresume", &info)) { printf(" find fastresume partition , erase the header:\n"); char * buf = memalign(CONFIG_SYS_CACHELINE_SIZE,4096); @@ -371,6 +457,22 @@ static void flash(char *cmd_parameter, char *response) free(buf); } } +#endif +#ifdef CONFIG_FASTBOOT_ECIES_AUTH + else if ((strcmp(cmd_parameter, "ecies") == 0)) { + ecies_process_data(fastboot_buf_addr, image_size,response); + return; + } +#endif + + //If version is updated, hibernate image may not compatible with current,erase it. + if ((strcmp(cmd_parameter, "boot") == 0) + || (strcmp(cmd_parameter, "uboot") == 0) + || (strcmp(cmd_parameter, "root") == 0)) { + + clean_hibernate_image_header(response); + } + if(strcmp(cmd_parameter, "uboot") == 0 || (strcmp(cmd_parameter, "fw") == 0) || (strcmp(cmd_parameter, "uImage") == 0) || (strcmp(cmd_parameter, "dtb") == 0) || (strcmp(cmd_parameter, "rootfs") == 0) || (strcmp(cmd_parameter, "aon") == 0)) { @@ -380,54 +482,7 @@ static void flash(char *cmd_parameter, char *response) #endif #if CONFIG_IS_ENABLED(LIGHT_SEC_UPGRADE) - if(strcmp(cmd_parameter, TF_IMG_UPD_NAME) == 0) { - #if CONFIG_IS_ENABLED(FASTBOOT_FLASH_MMC) - /* tee/tf/uboot image must be written into stash partition */ - sprintf(cmdbuf, "%s", STASH_PART_NAME); - fastboot_mmc_flash_write(cmdbuf, fastboot_buf_addr, image_size, response); - #endif - /* Send ACK to host */ - fastboot_okay(NULL, response); - - /* set secure upgrade flag to indicate it is TF image upgrade*/ - sprintf(cmdbuf,"env set sec_upgrade_mode 0x%x", TF_SEC_UPGRADE_FLAG); - run_command(cmdbuf, 0); - run_command("saveenv", 0); - run_command("reset", 0); - return; - } else if (strcmp(cmd_parameter, TEE_IMG_UPD_NAME) == 0) { - #if CONFIG_IS_ENABLED(FASTBOOT_FLASH_MMC) - /* tee/tf/uboot image must be written into stash partition */ - sprintf(cmdbuf, "%s", STASH_PART_NAME); - fastboot_mmc_flash_write(cmdbuf, fastboot_buf_addr, image_size, response); - #endif - - /* Send ACK to host */ - fastboot_okay(NULL, response); - - /* set secure upgrade flag to indicate it is TEE image upgrade*/ - sprintf(cmdbuf,"env set sec_upgrade_mode 0x%x", TEE_SEC_UPGRADE_FLAG); - run_command(cmdbuf, 0); - run_command("saveenv", 0); - run_command("reset", 0); - return; - } else if (strcmp(cmd_parameter, SBMETA_IMG_UPD_NAME) == 0) { - #if CONFIG_IS_ENABLED(FASTBOOT_FLASH_MMC) - /* tee/tf/uboot image must be written into stash partition */ - sprintf(cmdbuf, "%s", STASH_PART_NAME); - fastboot_mmc_flash_write(cmdbuf, fastboot_buf_addr, image_size, response); - #endif - - /* Send ACK to host */ - fastboot_okay(NULL, response); - - /* set secure upgrade flag to indicate it is TEE image upgrade*/ - sprintf(cmdbuf,"env set sec_upgrade_mode 0x%x", SBMETA_SEC_UPGRADE_FLAG); - run_command(cmdbuf, 0); - run_command("saveenv", 0); - run_command("reset", 0); - return; - } else if (strcmp(cmd_parameter, UBOOT_IMG_UPD_NAME) == 0) { + if (strcmp(cmd_parameter, UBOOT_IMG_UPD_NAME) == 0) { #if CONFIG_IS_ENABLED(FASTBOOT_FLASH_MMC) env_set_hex("ubootupdsize", image_size); @@ -530,3 +585,38 @@ static void oem_command(char *cmd_parameter, char *response) else fastboot_okay(NULL, response); } + +#if CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION +/** + * oem_nv_get() - Execute the OEM NV GET command + * + * @cmd_parameter: Pointer to command parameter + * @response: Pointer to fastboot response buffer + */ + static void oem_nv_get(char *cmd_parameter, char *response) + { + oem_nv_get_proccess(cmd_parameter,response); + } + +/** + * oem_nv_set() - Execute the OEM NV Set command + * + * @cmd_parameter: Pointer to command parameter + * @response: Pointer to fastboot response buffer + */ + static void oem_nv_set(char *cmd_parameter, char *response) + { + oem_nv_set_proccess(cmd_parameter,response); + } + +/** + * oem_fcty() - Execute the OEM fcty command + * + * @cmd_parameter: Pointer to command parameter + * @response: Pointer to fastboot response buffer + */ + static void oem_fcty(char *cmd_parameter, char *response) + { + oem_nv_factory_recovery_process(cmd_parameter,response); + } + #endif \ No newline at end of file diff --git a/drivers/fastboot/fb_ecies.c b/drivers/fastboot/fb_ecies.c new file mode 100644 index 00000000..e0c41ca8 --- /dev/null +++ b/drivers/fastboot/fb_ecies.c @@ -0,0 +1,198 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#if CONFIG_IS_ENABLED(FASTBOOT_FLASH) +extern void fasboot_uboot_write_process(void *buf, char *response); +#define MAX_ECIES_IMAGE_SIZE (9*1024*1024) +#define ECIES_MALLOC_START (MAX_ECIES_IMAGE_SIZE * 2) + +typedef struct { + uint32_t magic; + uint32_t file_size; + char partition_name[64]; +} __attribute__((__packed__)) send_file_info_t; + +static uint32_t ecies_file_pos = 0; +static int slave_init = 0; + +static int current_pos = 0; + +void *csi_ecies_malloc(uint32_t size) +{ + void * ptr = NULL; + + if (current_pos + size >= CONFIG_FASTBOOT_BUF_SIZE) { + current_pos = 0; + } + + ptr = (void *)(long)(CONFIG_FASTBOOT_BUF_ADDR + ECIES_MALLOC_START + current_pos); + current_pos += size; + return ptr; +}; + +void csi_ecies_free(void *buffer) +{ + return; +}; + +static int ecies_data_write(uint8_t *buf,uint8_t *data,int data_len) +{ + char response[FASTBOOT_RESPONSE_LEN]; + + if (data_len == 0 || buf == NULL || data == NULL) { + return -1; + } + + memcpy(buf + ecies_file_pos,data,data_len); + ecies_file_pos += data_len; + if (ecies_file_pos == sizeof(send_file_info_t) + ((send_file_info_t *)buf)->file_size) { + if (strcmp(((send_file_info_t *)buf)->partition_name, TEE_PART_NAME) == 0) { + memcpy((void *)LIGHT_TEE_FW_ADDR, buf + sizeof(send_file_info_t), ((send_file_info_t *)buf)->file_size); + #if CONFIG_IS_ENABLED(FASTBOOT_FLASH_MMC) + fastboot_mmc_flash_write(((send_file_info_t *)buf)->partition_name, buf + sizeof(send_file_info_t), ((send_file_info_t *)buf)->file_size, + response); + #endif + #if CONFIG_IS_ENABLED(FASTBOOT_FLASH_NAND) + fastboot_nand_flash_write(((send_file_info_t *)buf)->partition_name, buf + sizeof(send_file_info_t), ((send_file_info_t *)buf)->file_size, + response); + #endif + } else if (strcmp(((send_file_info_t *)buf)->partition_name, UBOOT_PART_NAME) == 0) { + fasboot_uboot_write_process(buf + sizeof(send_file_info_t),response); + } else { + printf("unknown partition name\n"); + return -2; + } + + ecies_file_pos = 0; + } else if(ecies_file_pos > sizeof(send_file_info_t) + ((send_file_info_t *)buf)->file_size) { + return -3; + } + + return 0; +} + +static void hex_to_str(char *dest, const uint8_t *src, int len) +{ + char ddl = 0; + char ddh = 0; + int i = 0; + + for (i = 0; i < len; i++) { + ddh = 48 + src[i] / 16; + ddl = 48 + src[i] % 16; + + if (ddh > 57) { + ddh = ddh + 7; + } + + if (ddl > 57) { + ddl = ddl + 7; + } + + dest[i * 2] = ddh; + dest[i * 2 + 1] = ddl; + } + + dest[len * 2] = '\0'; +} + +int ecies_process_data(uint8_t * data, int data_size,char *response) +{ + static ecies_session_t ss_slave; + char apduResponse[ECIES_INIT_RESPONSE_LEN] = {0}; + uint8_t *plaintext = csi_ecies_malloc(MAX_ECIES_IMAGE_SIZE); + uint32_t plaintextLen = 0; + uint32_t apduResponseLen = 0; + int ret = 0; + uint8_t cla = 0; + uint8_t errcode = 0; + + if (plaintext == NULL) { + ret = -1; + goto end; + } + + if (!slave_init) { + csi_sec_library_init(); + ret = hal_ecies_slave_init(&ss_slave); + if (ret != 0) { + strcpy(response,"hal_ecies_slave_init ERROR"); + ret = -2; + goto end; + } + } + ret = hal_ecies_slave_session_comm(&ss_slave, data, data_size, (uint8_t *)apduResponse, &apduResponseLen, plaintext, &plaintextLen); + if (ret != 0) { + ret = hal_ecies_status_get((uint8_t *)apduResponse, apduResponseLen, &cla, &errcode); + if (ret != 0) { + strcpy(response,"hal_ecies_errcode_get ERROR"); + ret = -3; + goto end; + } + + if (cla == ECIES_CLA_INITIALIZE_UPDATE_RESPONSE && errcode == ECIES_RESPONSE_SESSION_OPENED_ERROR) { + slave_init = 0; + ecies_file_pos = 0; + hal_ecies_slave_uninit(&ss_slave); + ret = hal_ecies_slave_init(&ss_slave); + if (ret != 0) { + strcpy(response,"hal_ecies_slave_init ERROR"); + ret = -4; + goto end; + } + ret = hal_ecies_slave_session_comm(&ss_slave, data, data_size, (uint8_t*)apduResponse, &apduResponseLen, plaintext, &plaintextLen); + if (ret != 0) { + strcpy(response,"hal_ecies_slave_session_comm ERROR"); + ret = -5; + goto end; + } + } else if(errcode != ECIES_RESPONSE_OK) { + if (errcode == ECIES_CLA_SDATA_SEND_RESPONSE) { + strcpy(response,"ECIES_CLA_SDATA_SEND_RESPONSE ERROR"); + ret = -6; + goto end; + } else if (errcode == ECIES_CLA_SESSION_CLOSE) { + strcpy(response,"ECIES_CLA_SESSION_CLOSE ERROR"); + ret = -7; + goto end; + } else if (errcode == ECIES_CLA_INITIALIZE_UPDATE) { + strcpy(response,"ECIES_CLA_INITIALIZE_UPDATE ERROR"); + ret = -8; + goto end; + } + } + } + + if (slave_init && plaintextLen) { + ret = ecies_data_write((uint8_t*)(long)(CONFIG_FASTBOOT_BUF_ADDR + MAX_ECIES_IMAGE_SIZE),plaintext,plaintextLen); + if (ret != 0) { + strcpy(response,"ecies_data_write ERROR"); + ret = -8; + goto end; + } + } + + slave_init = 1; + + strcpy(response,"SUCCESS:"); + hex_to_str(response + strlen(response),(uint8_t*)apduResponse,apduResponseLen); + ret = 0; +end: + if (plaintext) { + csi_ecies_free(plaintext); + plaintext = NULL; + } + + return ret; +} + +#endif \ No newline at end of file diff --git a/drivers/fastboot/fb_nv_operation.c b/drivers/fastboot/fb_nv_operation.c new file mode 100644 index 00000000..deb72283 --- /dev/null +++ b/drivers/fastboot/fb_nv_operation.c @@ -0,0 +1,342 @@ +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../lib/sec_library/include/soc.h" + +#define MAX_NV_NUMBER_SIZE 32 +#define MAX_NV_DATA_SIZE 128 +#define NV_BLOCK_SIZE 512 + +extern int32_t wj_efuse_get_lc(long unsigned int, int *lc); + +typedef enum { + FB_SYS_ACTION_FACTORY_RECOVER, + FB_SYS_ACTION_READ_EFUSE, +} fb_sys_action_t; + +static int nv_get(uint8_t *data,int offset,int data_len) +{ + struct blk_desc *dev_desc; + struct disk_partition part_info; + ulong block_start; + uint8_t data_nv[NV_BLOCK_SIZE] = {0}; + int ret; + int n; + + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (dev_desc == NULL) { + return -1; + } + + ret = part_get_info_by_name(dev_desc, NV_PARTITION_NAME, &part_info); + if (ret < 0) { + return -2; + } + + if(NV_BLOCK_SIZE != dev_desc->blksz) { + return -4; + } + + block_start = part_info.start + offset / dev_desc->blksz; + n = blk_dread(dev_desc, block_start, 1, data_nv); + if (n != 1) { + return -5; + } + + memcpy(data,data_nv + offset % NV_BLOCK_SIZE,data_len); + + return 0; +} + +static int nv_set(uint8_t *data,int offset,int data_len) +{ + struct blk_desc *dev_desc; + struct disk_partition part_info; + ulong block_start; + uint8_t data_nv[NV_BLOCK_SIZE] = {0}; + int ret; + int n; + + + dev_desc = blk_get_dev("mmc", CONFIG_FASTBOOT_FLASH_MMC_DEV); + if (dev_desc == NULL) { + return -1; + } + + ret = part_get_info_by_name(dev_desc, NV_PARTITION_NAME, &part_info); + if (ret < 0) { + return -2; + } + + if (NV_BLOCK_SIZE != dev_desc->blksz) { + return -3; + } + + block_start = part_info.start + offset / dev_desc->blksz; + + n = blk_dread(dev_desc, block_start, 1, data_nv); + if (n != 1) { + return -4; + } + memcpy(data_nv + offset % NV_BLOCK_SIZE,data,data_len); + n = blk_dwrite(dev_desc, block_start, 1, data_nv); + if (n != 1) { + return -5; + } + + return 0; +} + +static int factory_recovery(char *response) +{ +#if CONFIG_IS_ENABLED(FASTBOOT_FLASH_MMC) + fastboot_mmc_erase("metadata", response); + if (strcmp(response, "OKAY") != 0) { + return -1; + } + fastboot_mmc_erase("misc", response); + if (strcmp(response, "OKAY") != 0) { + return -2; + } +#endif +#if CONFIG_IS_ENABLED(FASTBOOT_FLASH_NAND) + fastboot_nand_erase("metadata", response); + if (strcmp(response, "OKAY") != 0) { + return -3; + } + fastboot_nand_erase("misc", response); + if (strcmp(response, "OKAY") != 0) { + return -4; + } +#endif + + strcpy(response,"OKAY"); + + return 0; +} + +static int read_efuse_status(char *response) +{ + int ret; + int lc = 0; + ret = wj_efuse_get_lc(WJ_EFUSE_BASE, &lc); + if (ret) { + return -1; + } + + if(lc == 0) { + strcpy(response,"LC_INIT"); + } else { + strcpy(response,"LC_BLOWNED"); + } + + return 0; + +} + +static int sys_action(int flag,char *response) +{ + if (flag == FB_SYS_ACTION_FACTORY_RECOVER) { + return factory_recovery(response); + } else if (flag == FB_SYS_ACTION_READ_EFUSE) { + return read_efuse_status(response); + } else { + return -1; + } + + return 0; +} + +static int toupper(int c) +{ + if (c >= 'a' && c <= 'z') { + return c - 32; + } + + return c; +} + +static void str_to_hex(uint8_t *dest, const char *src, int len) +{ + char h1, h2; + unsigned char s1, s2; + + for (int i = 0; i < len; i++) { + h1 = src[2 * i]; + h2 = src[2 * i + 1]; + s1 = toupper(h1) - 48; + s2 = toupper(h2) - 48; + if (s1 > 9) { + s1 = s1 - 7; + } + + if (s2 > 9) { + s2 = s2 - 7; + } + + dest[i] = s1 * 16 + s2; + } +} + +static void hex_to_str(char *dest, const uint8_t *src, int len) +{ + char ddl = 0; + char ddh = 0; + int i = 0; + + for (i = 0; i < len; i++) { + ddh = 48 + src[i] / 16; + ddl = 48 + src[i] % 16; + + if (ddh > 57) { + ddh = ddh + 7; + } + + if (ddl > 57) { + ddl = ddl + 7; + } + + dest[i * 2] = ddh; + dest[i * 2 + 1] = ddl; + } + + dest[len * 2] = '\0'; +} + +static int char_to_int(char *data,int *out) +{ + *out = 0; + while(*data) { + if(*data < '0' || *data > '9') + return -1; + + *out = *out * 10 + (*data - '0'); + ++data; + } + + return 0; +} +#if CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION +void oem_nv_factory_recovery_process(char *cmd_parameter, char *response) +{ + int ret = 0; + int flag = 0; + + ret = char_to_int(cmd_parameter,&flag); + if (ret != 0) { + strcpy(response,"ERROR FLAG INVALID"); + return; + } + + ret = sys_action(flag,response); + if (ret != 0) { + strcpy(response,"ERROR SYS ACTION FAILED"); + return; + } +} + + +void oem_nv_get_proccess(char *cmd_parameter, char *response) + { + char *sep = NULL; + char offset[MAX_NV_NUMBER_SIZE] = {0}; + char len[MAX_NV_NUMBER_SIZE] = {0}; + int sep_pos = 0; + uint8_t nv_data[MAX_NV_DATA_SIZE + 32] = {0}; + char nv_data_str[MAX_NV_DATA_SIZE * 2 + 1] = {0}; + int ret; + int offset_int = 0; + int len_int = 0; + + sep = strstr(cmd_parameter, ":"); + if (sep == NULL) { + strcpy(response,"ERROR INVALID PARAM"); + return; + } + + sep_pos = sep - cmd_parameter; + memcpy(offset,cmd_parameter,sep - cmd_parameter); + memcpy(len,cmd_parameter + (sep - cmd_parameter) + 1,strlen(cmd_parameter) - sep_pos - 1); + + ret = char_to_int(offset,&offset_int); + if (ret != 0) { + strcpy(response,"ERROR OFFSET INVALID"); + return; + } + + ret = char_to_int(len,&len_int); + if (ret != 0) { + strcpy(response,"ERROR LEN INVALID"); + return; + } + + if (len_int > MAX_NV_DATA_SIZE) { + strcpy(response,"ERROR NV SIZE TOO LARGE"); + return; + } + + ret = nv_get(nv_data, offset_int, len_int); + if (ret != 0) { + printf("nv_get failed:%d\n",ret); + strcpy(response,"ERROR NV GET FAILED"); + return; + } + + hex_to_str(nv_data_str,nv_data,len_int); + strcpy(response,"SUCCESS:"); + strcat(response,nv_data_str); + } + +void oem_nv_set_proccess(char *cmd_parameter, char *response) +{ + char *sep = NULL; + char offset[MAX_NV_NUMBER_SIZE] = {0}; + uint8_t nv_data[MAX_NV_DATA_SIZE + 32] = {0}; + char *nv_data_str; + int data_len; + int ret; + int offset_int = 0; + + sep = strstr(cmd_parameter, ":"); + if (sep == NULL) { + strcpy(response,"ERROR INVALID PARAM"); + return; + } + + memcpy(offset,cmd_parameter,sep - cmd_parameter); + nv_data_str = cmd_parameter + (sep - cmd_parameter) + 1; + + data_len = strlen(nv_data_str) / 2; + + ret = char_to_int(offset,&offset_int); + if (ret != 0) { + strcpy(response,"ERROR OFFSET INVALID"); + return; + } + + if (data_len > MAX_NV_DATA_SIZE) { + strcpy(response,"ERROR NV SIZE TOO LARGE"); + return; + } + + str_to_hex(nv_data,nv_data_str,data_len); + + ret = nv_set(nv_data, offset_int, data_len); + if (ret != 0) { + strcpy(response,"ERROR NV SET FAILED"); + return; + } + + strcpy(response,"OKAY"); + } + #endif \ No newline at end of file diff --git a/drivers/mcu/Kconfig b/drivers/mcu/Kconfig new file mode 100755 index 00000000..66538972 --- /dev/null +++ b/drivers/mcu/Kconfig @@ -0,0 +1,15 @@ +menu "MCU Support" + +config DM_MCU + bool "Enable driver model for mcu device support" + depends on DM + help + This adds a simple uclass for mcu device. + +config MCU_HC32fX + bool "Enable HC32fX MCU support" + depends on DM_MCU + help + This adds a driver for the HC32fX MCU support. + +endmenu diff --git a/drivers/mcu/Makefile b/drivers/mcu/Makefile new file mode 100755 index 00000000..5c81429c --- /dev/null +++ b/drivers/mcu/Makefile @@ -0,0 +1,9 @@ +# +# Copyright (c) 2015 Google, Inc +# Written by Simon Glass +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_DM_MCU) += mcu-uclass.o +obj-$(CONFIG_MCU_HC32fX) += mcu_hc32fx.o diff --git a/drivers/mcu/mcu-uclass.c b/drivers/mcu/mcu-uclass.c new file mode 100755 index 00000000..02b9a318 --- /dev/null +++ b/drivers/mcu/mcu-uclass.c @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2015 Google, Inc + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include +#include +#include + +int _mcu_shutdown(struct udevice *dev) +{ + struct mcu_ops *ops = dev_get_driver_ops(dev); + + if (!ops->shutdown) + return -ENOSYS; + + return ops->shutdown(dev); +} + +int _mcu_poweron(struct udevice *dev) +{ + struct mcu_ops *ops = dev_get_driver_ops(dev); + + if (!ops->poweron) + return -ENOSYS; + + return ops->poweron(dev); +} + +int mcu_poweron(void) +{ + struct udevice *mcu; + int ret; + + ret = uclass_get_device(UCLASS_MCU, 0, &mcu); + if (ret) { + printf("Get UCLASS_MCU failed, ret=%d\n", ret); + return ret; + } + + return _mcu_poweron(mcu); +} + +int mcu_shutdown(void) +{ + struct udevice *mcu; + int ret; + + ret = uclass_get_device(UCLASS_MCU, 0, &mcu); + if (ret) { + printf("Get charge display failed, ret=%d\n", ret); + return ret; + } + + return _mcu_shutdown(mcu); +} + +UCLASS_DRIVER(mcu) = { + .id = UCLASS_MCU, + .name = "mcu", +}; diff --git a/drivers/mcu/mcu_hc32fx.c b/drivers/mcu/mcu_hc32fx.c new file mode 100755 index 00000000..8e8f8fc4 --- /dev/null +++ b/drivers/mcu/mcu_hc32fx.c @@ -0,0 +1,97 @@ + +#include +#include +#include +#include +#include + +DECLARE_GLOBAL_DATA_PTR; + +#define HC32FX_POWEROFF_20 0x20 +#define HC32FX_POWERON_30 0x30 +#define POWER_OFF 0x55 +#define POWER_ON 0x01 + +struct hc32fx_info { + struct udevice *dev; +}; + +static u8 hc32fx_read(struct hc32fx_info *hc32fx, u8 reg) +{ + u8 val; + int ret; + + ret = dm_i2c_read(hc32fx->dev, reg, &val, 1); + if (ret) { + printf("write error to device: %p register: %#x!", + hc32fx->dev, reg); + return ret; + } + + return val; +} + +static int hc32fx_write(struct hc32fx_info *hc32fx, u8 reg, u8 val) +{ + int ret; + + ret = dm_i2c_write(hc32fx->dev, reg, &val, 1); + if (ret) { + printf("write error to device: %p register: %#x!", + hc32fx->dev, reg); + return ret; + } + + return 0; +} + +static int mcu_hc32fx_poweron(struct udevice *dev) +{ + struct hc32fx_info *hc32fx = dev_get_priv(dev); + int ret; + + ret = hc32fx_write(hc32fx, HC32FX_POWERON_30, POWER_ON); + if(ret) + printf("set mcu POWERON fail\n"); + + return ret; +} + +static int mcu_hc32fx_shutdown(struct udevice *dev) +{ + struct hc32fx_info *hc32fx = dev_get_priv(dev); + int ret; + + ret = hc32fx_write(hc32fx, HC32FX_POWEROFF_20, POWER_OFF); + if(ret) + printf("set mcu POWEROFF fail\n"); + + return ret; +} + +static int mcu_gpio_probe(struct udevice *dev) +{ + struct hc32fx_info *priv = dev_get_priv(dev); + priv->dev = dev; + + return 0; +} + +static const struct mcu_ops mcu_hc32fx_ops = { + .poweron = mcu_hc32fx_poweron, + .shutdown = mcu_hc32fx_shutdown, +}; + +static const struct udevice_id hc32fx_ops_ids[] = { + { .compatible = "mcu_hc32fx" }, + { } +}; + +U_BOOT_DRIVER(mcu_gpio) = { + .name = "hc32fx-mcu", + .id = UCLASS_MCU, + .of_match = hc32fx_ops_ids, + .ops = &mcu_hc32fx_ops, + .priv_auto_alloc_size = sizeof(struct hc32fx_info), + .probe = mcu_gpio_probe, +}; diff --git a/drivers/power/Kconfig b/drivers/power/Kconfig index 9495dca3..9dc597eb 100644 --- a/drivers/power/Kconfig +++ b/drivers/power/Kconfig @@ -2,10 +2,22 @@ menu "Power" source "drivers/power/domain/Kconfig" +source "drivers/power/fuel_gauge/Kconfig" + source "drivers/power/pmic/Kconfig" source "drivers/power/regulator/Kconfig" +source "drivers/power/charge/Kconfig" + +source "drivers/power/power_delivery/Kconfig" + +config DM_CHARGE_DISPLAY + bool "Enable driver model for charge display support" + depends on DM + help + This adds a simple uclass for charge display. + choice prompt "Select Sunxi PMIC Variant" depends on ARCH_SUNXI @@ -72,6 +84,13 @@ config SY8106A_POWER endchoice +config CHARGE_ANIMATION + bool "Enable charge animation" + depends on DM_CHARGE_DISPLAY && DM_FUEL_GAUGE + select ARM_CPU_SUSPEND + help + This adds a simple function for charge animation display. + config AXP_DCDC1_VOLT int "axp pmic dcdc1 voltage" depends on AXP221_POWER || AXP809_POWER || AXP818_POWER diff --git a/drivers/power/Makefile b/drivers/power/Makefile index dd5bc0dc..535e7632 100644 --- a/drivers/power/Makefile +++ b/drivers/power/Makefile @@ -3,11 +3,13 @@ # Copyright (c) 2009 Wind River Systems, Inc. # Tom Rix +obj-$(CONFIG_DM_CHARGE_DISPLAY) += charge-display-uclass.o obj-$(CONFIG_AXP152_POWER) += axp152.o obj-$(CONFIG_AXP209_POWER) += axp209.o obj-$(CONFIG_AXP221_POWER) += axp221.o obj-$(CONFIG_AXP809_POWER) += axp809.o obj-$(CONFIG_AXP818_POWER) += axp818.o +obj-$(CONFIG_CHARGE_ANIMATION) += charge_animation.o obj-$(CONFIG_EXYNOS_TMU) += exynos-tmu.o obj-$(CONFIG_FTPMU010_POWER) += ftpmu010.o obj-$(CONFIG_SY8106A_POWER) += sy8106a.o diff --git a/drivers/power/charge-display-uclass.c b/drivers/power/charge-display-uclass.c new file mode 100755 index 00000000..2d85bec3 --- /dev/null +++ b/drivers/power/charge-display-uclass.c @@ -0,0 +1,40 @@ +/* + * (C) Copyright 2017 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include + +int charge_display_show(struct udevice *dev) +{ + const struct dm_charge_display_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->show) + return -ENOSYS; + + return ops->show(dev); +} + +int charge_display(void) +{ + struct udevice *dev; + struct udevice *fg_dev; + int ret; + + ret = uclass_get_device(UCLASS_CHARGE_DISPLAY, 0, &dev); + if (ret) { + debug("Get charge display failed, ret=%d\n", ret); + return ret; + } + + return charge_display_show(dev); +} + +UCLASS_DRIVER(charge_display) = { + .id = UCLASS_CHARGE_DISPLAY, + .name = "charge_display", +}; diff --git a/drivers/power/charge/Kconfig b/drivers/power/charge/Kconfig new file mode 100755 index 00000000..456de9d5 --- /dev/null +++ b/drivers/power/charge/Kconfig @@ -0,0 +1,5 @@ +config CHARGER_BQ25700 + bool "BQ25700 charger support" + depends on DM_FUEL_GAUGE + help + This adds support for BQ25700 charger support. diff --git a/drivers/power/charge/Makefile b/drivers/power/charge/Makefile new file mode 100755 index 00000000..1bd450fa --- /dev/null +++ b/drivers/power/charge/Makefile @@ -0,0 +1,7 @@ +# +# Copyright (c) 2019 Fuzhou Rockchip Electronics Co., Ltd +# +# SPDX-License-Identifier: GPL-2.0+ +# + +obj-$(CONFIG_CHARGER_BQ25700) += bq25700_charger.o \ No newline at end of file diff --git a/drivers/power/charge/bq25700_charger.c b/drivers/power/charge/bq25700_charger.c new file mode 100755 index 00000000..f87e7e42 --- /dev/null +++ b/drivers/power/charge/bq25700_charger.c @@ -0,0 +1,334 @@ +/* + * (C) Copyright 2019 Fuzhou Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include +#include +#include +#include + +DECLARE_GLOBAL_DATA_PTR; + +#define BQ25700_ID 0x25700 +#define BQ25703_ID 0x25703 + +#define COMPAT_BQ25700 "ti,bq25700" +#define COMPAT_BQ25703 "ti,bq25703" + +#define BQ25700_I2C_SPEED 100000 +#define BQ25700_CHARGE_CURRENT_1500MA 0x5C0 +#define BQ25700_SDP_INPUT_CURRENT_500MA 0xA00 +#define BQ25700_DCP_INPUT_CURRENT_1500MA 0x1E00 +#define BQ25700_DCP_INPUT_CURRENT_2000MA 0x2800 +#define BQ25700_DCP_INPUT_CURRENT_3000MA 0x3C00 + +#define WATCHDOG_ENSABLE (0x03 << 13) + +#define BQ25700_CHARGEOPTION0_REG 0x12 +#define BQ25700_CHARGECURREN_REG 0x14 +#define BQ25700_CHARGERSTAUS_REG 0x20 +#define BQ25700_INPUTVOLTAGE_REG 0x3D +#define BQ25700_INPUTCURREN_REG 0x3F + +#define BQ25703_CHARGEOPTION0_REG 0x00 +#define BQ25703_CHARGECURREN_REG 0x02 +#define BQ25703_CHARGERSTAUS_REG 0x20 +#define BQ25703_INPUTVOLTAGE_REG 0x0A +#define BQ25703_INPUTCURREN_REG 0x0E +#define PD_MUN 2 +#define TYPEC0_I2C "i2c@ffe7f20000" +#define TYPEC1_I2C "i2c@ffe7f24000" + +enum bq25700_table_ids { + /* range tables */ + TBL_ICHG, + TBL_CHGMAX, + TBL_INPUTVOL, + TBL_INPUTCUR, + TBL_SYSVMIN, + TBL_OTGVOL, + TBL_OTGCUR, + TBL_EXTCON, +}; + +struct bq25700 { + struct udevice *dev; + u32 ichg; + u32 chip_id; + struct udevice *pd[PD_MUN]; +}; + +struct bq25700_range { + u32 min; + u32 max; + u32 step; +}; + +static int bq25700_read(struct bq25700 *charger, uint reg) +{ + u16 val; + int ret; + + ret = dm_i2c_read(charger->dev, reg, (u8 *)&val, 2); + if (ret) { + printf("write error to device: %p register: %#x!", + charger->dev, reg); + return ret; + } + + return val; +} + +static int bq25700_write(struct bq25700 *charger, uint reg, u16 val) +{ + int ret; + + ret = dm_i2c_write(charger->dev, reg, (u8 *)&val, 2); + if (ret) { + printf("write error to device: %p register: %#x!", + charger->dev, reg); + return ret; + } + + return 0; +} + +static const union { + struct bq25700_range rt; +} bq25700_tables[] = { + /* range tables */ + [TBL_ICHG] = {.rt = {0, 8128000, 64000}}, + /* uV */ + [TBL_CHGMAX] = {.rt = {0, 19200000, 16000}}, + /* uV max charge voltage*/ + [TBL_INPUTVOL] = {.rt = {3200000, 19520000, 64000}}, + /* uV input charge voltage*/ + [TBL_INPUTCUR] = {.rt = {0, 6350000, 50000}}, + /*uA input current*/ + [TBL_SYSVMIN] = {.rt = {1024000, 16182000, 256000}}, + /* uV min system voltage*/ + [TBL_OTGVOL] = {.rt = {4480000, 20800000, 64000}}, + /*uV OTG volage*/ + [TBL_OTGCUR] = {.rt = {0, 6350000, 50000}}, +}; + +static u32 bq25700_find_idx(u32 value, enum bq25700_table_ids id) +{ + const struct bq25700_range *rtbl = &bq25700_tables[id].rt; + u32 rtbl_size; + u32 idx; + + rtbl_size = (rtbl->max - rtbl->min) / rtbl->step + 1; + + for (idx = 1; + idx < rtbl_size && (idx * rtbl->step + rtbl->min <= value); + idx++) + ; + + return idx - 1; +} + +static bool bq25700_charger_status(struct bq25700 *charger) +{ + int state_of_charger; + u16 value; + + value = bq25700_read(charger, BQ25700_CHARGERSTAUS_REG); + state_of_charger = value >> 15; + + return state_of_charger; +} + +static bool bq25703_charger_status(struct bq25700 *charger) +{ + int state_of_charger; + u16 value; + + value = bq25700_read(charger, BQ25703_CHARGERSTAUS_REG); + state_of_charger = value >> 15; + + return state_of_charger; +} + +static bool bq257xx_charger_status(struct udevice *dev) +{ + struct bq25700 *charger = dev_get_priv(dev); + + if (charger->chip_id == BQ25700_ID) + return bq25700_charger_status(charger); + else + return bq25703_charger_status(charger); +} + +static int bq25700_charger_capability(struct udevice *dev) +{ + return FG_CAP_CHARGER; +} + +static int bq25700_get_usb_type(void) +{ +#ifdef CONFIG_PHY_ROCKCHIP_INNO_USB2 + return rockchip_chg_get_type(); +#else + return 0; +#endif +} + +static int bq25700_get_pd_output_val(struct bq25700 *charger, + int *vol, int *cur) +{ + struct power_delivery_data pd_data; + int ret; + + if (!charger->pd[0] && !charger->pd[1]) { + return -EINVAL; + } + + memset(&pd_data, 0, sizeof(pd_data)); + int i = 0; + for (i = 0; i < PD_MUN; i++) { + if (!charger->pd[i]) { + continue; + } + ret = power_delivery_get_data(charger->pd[i], &pd_data); + if (ret) { + continue; + } + if (!pd_data.online || !pd_data.voltage || !pd_data.current) { + continue; + } + + *vol = pd_data.voltage; + *cur = pd_data.current; + printf("voltage is %d current is %d\n", *vol, *cur); + goto end; + } + return -EINVAL; + +end: + return 0; +} + +static void bq25703_charger_current_init(struct bq25700 *charger) +{ + u16 charge_current = BQ25700_CHARGE_CURRENT_1500MA; + u16 sdp_inputcurrent = BQ25700_SDP_INPUT_CURRENT_500MA; + u16 dcp_inputcurrent = BQ25700_DCP_INPUT_CURRENT_1500MA; + int pd_inputvol, pd_inputcurrent; + u16 vol_idx = 0, cur_idx; + u16 temp; + + temp = bq25700_read(charger, BQ25703_CHARGEOPTION0_REG); + temp &= (~WATCHDOG_ENSABLE); + bq25700_write(charger, BQ25703_CHARGEOPTION0_REG, temp); + + if (!bq25700_get_pd_output_val(charger, &pd_inputvol, + &pd_inputcurrent)) { + if (pd_inputvol > 5000000) { + vol_idx = bq25700_find_idx(pd_inputvol - 1280000 - 3200000, + TBL_INPUTVOL); + vol_idx = vol_idx << 6; + } + cur_idx = bq25700_find_idx(pd_inputcurrent, + TBL_INPUTCUR); + cur_idx = cur_idx << 8; + if (pd_inputcurrent != 0) + { + bq25700_write(charger, BQ25703_INPUTCURREN_REG, + cur_idx); + if (vol_idx) + bq25700_write(charger, BQ25703_INPUTVOLTAGE_REG, + vol_idx); + charge_current = bq25700_find_idx(pd_inputcurrent, + TBL_ICHG); + charge_current = charge_current << 6; + } + } else { + bq25700_write(charger, BQ25703_INPUTCURREN_REG, + dcp_inputcurrent); + } + + if (bq25703_charger_status(charger)) { + bq25700_write(charger, BQ25703_CHARGECURREN_REG, + charge_current); + } +} + +static int bq25700_ofdata_to_platdata(struct udevice *dev) +{ + struct bq25700 *charger = dev_get_priv(dev); + const void *blob = gd->fdt_blob; + int node, node1; + + charger->dev = dev; + + node = fdt_node_offset_by_compatible(blob, 0, COMPAT_BQ25700); + node1 = fdt_node_offset_by_compatible(blob, 0, COMPAT_BQ25703); + if ((node < 0) && (node1 < 0)) { + printf("Can't find dts node for charger bq25700\n"); + return -ENODEV; + } + + if (node < 0) { + node = node1; + charger->chip_id = BQ25703_ID; + } else { + charger->chip_id = BQ25700_ID; + } + + return 0; +} + +static int bq25700_probe(struct udevice *dev) +{ + struct bq25700 *charger = dev_get_priv(dev); + int ret; + + struct udevice *pd_tmp; + struct udevice *dev_tmp; + + for (uclass_first_device(UCLASS_PD, &pd_tmp); + pd_tmp; + uclass_next_device(&pd_tmp)) + { + dev_tmp = dev_get_parent(pd_tmp); + if (!strncmp(TYPEC0_I2C, dev_tmp->name, strlen(TYPEC0_I2C))) { // Ensure that typec0 has the highest priority + charger->pd[0] = pd_tmp; + } else if (!strncmp(TYPEC1_I2C, dev_tmp->name, strlen(TYPEC1_I2C))) { + charger->pd[1] = pd_tmp; + } + } + + if (charger->chip_id == BQ25703_ID) { + bq25703_charger_current_init(charger); + } + + return 0; +} + +static const struct udevice_id charger_ids[] = { + {.compatible = "ti,bq25700"}, + {.compatible = "ti,bq25703"}, + {}, + { }, +}; + +static struct dm_fuel_gauge_ops charger_ops = { + .get_chrg_online = bq257xx_charger_status, + .capability = bq25700_charger_capability, +}; + +U_BOOT_DRIVER(bq25700_charger) = { + .name = "bq25700_charger", + .id = UCLASS_FG, + .probe = bq25700_probe, + .of_match = charger_ids, + .ops = &charger_ops, + .ofdata_to_platdata = bq25700_ofdata_to_platdata, + .priv_auto_alloc_size = sizeof(struct bq25700), +}; diff --git a/drivers/power/charge_animation.c b/drivers/power/charge_animation.c new file mode 100755 index 00000000..27c03e92 --- /dev/null +++ b/drivers/power/charge_animation.c @@ -0,0 +1,366 @@ +/* + * (C) Copyright 2017 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef CONFIG_IRQ +#include +#include +#endif + +DECLARE_GLOBAL_DATA_PTR; + +#define IMAGE_RECALC_IDX -1 +#define IMAGE_SOC_100_IDX(n) ((n) - 2) +#define IMAGE_LOWPOWER_IDX(n) ((n) - 1) +#define SYSTEM_SUSPEND_DELAY_MS 5000 +#define FUEL_GAUGE_POLL_MS 1000 + +#define LED_CHARGING_NAME "battery_charging" +#define LED_CHARGING_FULL_NAME "battery_full" +#define LED_CHARGING_START_NAME "battery_start" + +struct charge_image { + const char *name; + int soc; + int period; /* ms */ +}; + +struct charge_animation_priv { + struct udevice *fg; + struct udevice *charger; + struct udevice *mcu; +#ifdef CONFIG_LED + struct udevice *led_charging; + struct udevice *led_full; + struct udevice *led_start; +#endif + const struct charge_image *image; + int image_num; + + int auto_wakeup_key_state; + ulong auto_screen_off_timeout; /* ms */ + ulong suspend_delay_timeout; /* ms */ +}; + +struct gpio_desc powerkey_gpio; +static int leds_switch = 0; + +#ifdef CONFIG_LED +static int leds_update(struct udevice *dev, int soc) +{ + struct charge_animation_priv *priv = dev_get_priv(dev); + static int old_soc = -1; + int ret, ledst; + + if (old_soc == soc) + return 0; + + old_soc = soc; + if (priv->led_charging) { + ledst = (soc < 100) ? LEDST_ON : LEDST_OFF; + ret = led_set_state(priv->led_charging, ledst); + if (ret) { + printf("set charging led %s failed, ret=%d\n", + (ledst == LEDST_ON) ? "ON" : "OFF", ret); + return ret; + } + } + + if (priv->led_full) { + ledst = (soc == 100) ? LEDST_ON : LEDST_OFF; + ret = led_set_state(priv->led_full, ledst); + if (ret) { + printf("set charging full led %s failed, ret=%d\n", + ledst == LEDST_ON ? "ON" : "OFF", ret); + return ret; + } + } + + return 0; +} + +static int leds_charge_on(struct udevice *dev, int soc) +{ + struct charge_animation_priv *priv = dev_get_priv(dev); + int ret, ledst; + + ledst = LEDST_ON; + ret = led_set_state(priv->led_full, ledst); + if (ret) { + printf("set charging full led %s failed, ret=%d\n", + ledst == LEDST_ON ? "ON" : "OFF", ret); + return ret; + } + return 0; +} + +static int leds_charge_off(struct udevice *dev, int soc) +{ + struct charge_animation_priv *priv = dev_get_priv(dev); + int ret, ledst; + ledst = LEDST_OFF; + ret = led_set_state(priv->led_charging, ledst); + if (ret) { + printf("set charging full led %s failed, ret=%d\n", + ledst == LEDST_ON ? "ON" : "OFF", ret); + return ret; + } + ret = led_set_state(priv->led_full, ledst); + if (ret) { + printf("set charging full led %s failed, ret=%d\n", + ledst == LEDST_ON ? "ON" : "OFF", ret); + return ret; + } + return 0; +} + +static int leds_charge_update(struct udevice *dev, int soc) +{ + struct charge_animation_priv *priv = dev_get_priv(dev); + int ret, ledst; + if (leds_switch > 5){ + leds_charge_on(dev, soc); + } else { + leds_charge_off(dev, soc); + } + leds_switch++; + if (leds_switch > 10) + leds_switch = 0; + return 0; +} + + +#else +static int leds_update(struct udevice *dev, int soc) { return 0; } + +static int leds_charge_on(struct udevice *dev, int soc) { return 0; } + +static int leds_charge_off(struct udevice *dev, int soc) { return 0; } + +static int leds_charge_update(struct udevice *dev, int soc) { return 0; } +#endif + +static int charge_animation_ofdata_to_platdata(struct udevice *dev) +{ + struct charge_animation_pdata *pdata = dev_get_platdata(dev); + pdata->low_power_voltage = + dev_read_u32_default(dev, "uboot-low-power-voltage", 0); + + return 0; +} + +static int fg_charger_get_chrg_online(struct udevice *dev) +{ + struct charge_animation_priv *priv = dev_get_priv(dev); + struct udevice *charger; + + charger = priv->charger ? : priv->fg; + + return fuel_gauge_get_chrg_online(charger); +} + +static int get_reboot_state(void){ + const char *var_name = "battery_charge"; + char *value = env_get(var_name); + if (value) + if (strcmp(value, "0") == 0) { + env_set(var_name, "1"); + env_save(); + return 0; + } + + env_set(var_name, "1"); + env_save(); + + return 1; +} + +static int charge_animation_show(struct udevice *dev) +{ + int soc, voltage, ret, charging = 0; + struct charge_animation_priv *priv = dev_get_priv(dev); + struct charge_animation_pdata *pdata = dev_get_platdata(dev); + struct udevice *fg = priv->fg; + struct udevice *mcu = priv->mcu; + + voltage = fuel_gauge_get_voltage(fg); + if (voltage < 0) + return -EINVAL; + + while (voltage < pdata->low_power_voltage + 50) { + soc = fuel_gauge_update_get_soc(fg); + if (soc < 0 || soc > 100) { + printf("get soc failed: %d\n", soc); + continue; + } else if (soc >= 1) { + printf("soc is: %d\n", soc); + break; + } + + voltage = fuel_gauge_get_voltage(fg); + if (voltage < 0) { + printf("get voltage failed: %d\n", voltage); + continue; + } + + ret = leds_update(dev, soc); + if (ret) + printf("update led failed: %d\n", ret); + + printf("soc is: %d voltage is :%d\n", soc, voltage); + + charging = fg_charger_get_chrg_online(dev); + if (charging <= 0) { + mcu_shutdown(); // shutdown system power + } + mdelay(100); + }; + leds_charge_off(dev, soc); + + ret = get_reboot_state(); + + charging = fg_charger_get_chrg_online(dev); + + if (!(charging <= 0) && ret != 0) + while(1){ + ret = dm_gpio_get_value(&powerkey_gpio); + if (ret == 0){ + break; + } + + charging = fg_charger_get_chrg_online(dev); + if (charging <= 0) { + mcu_shutdown(); // shutdown system power + } + + soc = fuel_gauge_update_get_soc(fg); + if (soc == 100){ + leds_charge_on(dev, soc); + }else if (soc < 100){ + leds_charge_update(dev, soc); + } + mdelay(300); + } + + leds_charge_off(dev, soc); + + ret = led_set_state(priv->led_start, LEDST_ON); + if (!ret) + printf("Found Charging-Start LED\n"); + + return 0; +} + +static int fg_charger_get_device(struct udevice **fuel_gauge, + struct udevice **charger) +{ + struct udevice *dev; + struct uclass *uc; + int ret, cap; + + *fuel_gauge = NULL, + *charger = NULL; + + ret = uclass_get(UCLASS_FG, &uc); + if (ret) + return ret; + + for (uclass_first_device(UCLASS_FG, &dev); + dev; + uclass_next_device(&dev)) { + cap = fuel_gauge_capability(dev); + if (cap == (FG_CAP_CHARGER | FG_CAP_FUEL_GAUGE)) { + *fuel_gauge = dev; + *charger = NULL; + } else if (cap == FG_CAP_FUEL_GAUGE) { + *fuel_gauge = dev; + } else if (cap == FG_CAP_CHARGER) { + *charger = dev; + } + } + + return (*fuel_gauge) ? 0 : -ENODEV; +} + +static const struct dm_charge_display_ops charge_animation_ops = { + .show = charge_animation_show, +}; + +static int charge_animation_probe(struct udevice *dev) +{ + struct charge_animation_priv *priv = dev_get_priv(dev); + int ret, soc; + /* Get PMIC: used for power off system */ + ret = uclass_get_device(UCLASS_MCU, 0, &priv->mcu); + if (ret) { + if (ret == -ENODEV) + printf("Can't find MCU\n"); + else + printf("Get UCLASS MCU failed: %d\n", ret); + } + + /* Get fuel gauge and charger(If need) */ + ret = fg_charger_get_device(&priv->fg, &priv->charger); + if (ret) { + if (ret == -ENODEV) + debug("Can't find FG\n"); + else + debug("Get UCLASS FG failed: %d\n", ret); + // return ret; + } + + +#ifdef CONFIG_LED + ret = led_get_by_label(LED_CHARGING_NAME, &priv->led_charging); + if (!ret) + printf("Found Charging LED \n"); + + ret = led_get_by_label(LED_CHARGING_FULL_NAME, &priv->led_full); + if (!ret) + printf("Found Charging-Full LED\n"); + + ret = led_get_by_label(LED_CHARGING_START_NAME, &priv->led_start); + if (!ret) + printf("Found Charging-Start LED\n"); +#endif + ret = gpio_request_by_name(dev, "powerkey-gpio", 0, &powerkey_gpio, 0); + if (dm_gpio_is_valid(&powerkey_gpio)) { + dm_gpio_set_dir_flags(&powerkey_gpio, GPIOD_IS_IN); + } + + printf("Enable charge animation display\n"); + + return 0; +} + +static const struct udevice_id charge_animation_ids[] = { + { .compatible = "rockchip,uboot-charge" }, + { }, +}; + +U_BOOT_DRIVER(charge_animation) = { + .name = "charge-animation", + .id = UCLASS_CHARGE_DISPLAY, + .probe = charge_animation_probe, + .of_match = charge_animation_ids, + .ops = &charge_animation_ops, + .ofdata_to_platdata = charge_animation_ofdata_to_platdata, + .platdata_auto_alloc_size = sizeof(struct charge_animation_pdata), + .priv_auto_alloc_size = sizeof(struct charge_animation_priv), +}; diff --git a/drivers/power/fuel_gauge/Kconfig b/drivers/power/fuel_gauge/Kconfig new file mode 100755 index 00000000..bba8e32a --- /dev/null +++ b/drivers/power/fuel_gauge/Kconfig @@ -0,0 +1,11 @@ +config DM_FUEL_GAUGE + bool "Enable driver model fuel gauge support" + depends on DM + help + This adds a simple uclass for fuel gauge. + +config POWER_FG_CW201X + bool "CW201X Fuel gauge support" + depends on DM_FUEL_GAUGE + help + This adds support for CW201X fuel gauge support. diff --git a/drivers/power/fuel_gauge/Makefile b/drivers/power/fuel_gauge/Makefile index ca2df947..7a4a58c0 100644 --- a/drivers/power/fuel_gauge/Makefile +++ b/drivers/power/fuel_gauge/Makefile @@ -2,5 +2,6 @@ # # Copyright (C) 2012 Samsung Electronics # Lukasz Majewski - +obj-$(CONFIG_$(SPL_)DM_FUEL_GAUGE) += fuel_gauge_uclass.o obj-$(CONFIG_POWER_FG_MAX17042) += fg_max17042.o +obj-$(CONFIG_POWER_FG_CW201X) += fg_cw201x.o \ No newline at end of file diff --git a/drivers/power/fuel_gauge/fg_cw201x.c b/drivers/power/fuel_gauge/fg_cw201x.c new file mode 100755 index 00000000..370c0b5b --- /dev/null +++ b/drivers/power/fuel_gauge/fg_cw201x.c @@ -0,0 +1,415 @@ +/* + * (C) Copyright 2008-2015 Fuzhou Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ +#include +#include +#include +#include +#include +#include +#include +// #include +#include +#include +#include +// #include +#include "fg_regs.h" + +DECLARE_GLOBAL_DATA_PTR; + +#define COMPAT_ROCKCHIP_CW201X "cw201x" + +#define REG_VERSION 0x0 +#define REG_VCELL 0x2 +#define REG_SOC 0x4 +#define REG_RRT_ALERT 0x6 +#define REG_CONFIG 0x8 +#define REG_MODE 0xA +#define REG_BATINFO 0x10 + +#define MODE_SLEEP_MASK (0x3 << 6) +#define MODE_SLEEP (0x3 << 6) +#define MODE_NORMAL (0x0 << 6) +#define MODE_QUICK_START (0x3 << 4) +#define MODE_RESTART (0xf << 0) + +#define CONFIG_UPDATE_FLG (0x1 << 1) +#define ATHD (0x0 << 3) + +enum charger_type { + CHARGER_TYPE_NO = 0, + CHARGER_TYPE_USB, + CHARGER_TYPE_AC, + CHARGER_TYPE_DC, + CHARGER_TYPE_UNDEF, +}; + +struct cw201x_info { + struct udevice *dev; + int capacity; + u32 *cw_bat_config_info; + int divider_res1; + int divider_res2; + int hw_id_check; + struct gpio_desc hw_id0; + struct gpio_desc hw_id1; + int support_dc_adp; + struct gpio_desc dc_det_gpio; + int dc_det_flag; + bool dual_cell; +}; + +static u8 cw201x_read(struct cw201x_info *cw201x, u8 reg) +{ + u8 val; + int ret; + + ret = dm_i2c_read(cw201x->dev, reg, &val, 1); + if (ret) { + printf("write error to device: %p register: %#x!", + cw201x->dev, reg); + return ret; + } + + return val; +} + +static int cw201x_write(struct cw201x_info *cw201x, u8 reg, u8 val) +{ + int ret; + + ret = dm_i2c_write(cw201x->dev, reg, &val, 1); + if (ret) { + printf("write error to device: %p register: %#x!", + cw201x->dev, reg); + return ret; + } + + return 0; +} + +static u16 cw201x_read_half_word(struct cw201x_info *cw201x, int reg) +{ + u8 vall, valh; + u16 val; + + valh = cw201x_read(cw201x, reg); + vall = cw201x_read(cw201x, reg + 1); + val = ((u16)valh << 8) | vall; + + return val; +} + +static int cw201x_parse_config_info(struct cw201x_info *cw201x) +{ + int ret; + int i, len, size; + const u8 *info; + struct udevice *dev = cw201x->dev; + + if (dev_read_prop(dev, "bat_config_info", &len)) { + len /= sizeof(u32); + size = sizeof(*cw201x->cw_bat_config_info) * len; + cw201x->cw_bat_config_info = calloc(size, 1); + if (!cw201x->cw_bat_config_info) { + printf("calloc cw_bat_config_info fail\n"); + return -EINVAL; + } + ret = dev_read_u32_array(dev, "bat_config_info", + cw201x->cw_bat_config_info, len); + if (ret) { + printf("fdtdec_get cw_bat_config_info fail\n"); + return -EINVAL; + } + + return 0; + } + + if (!dev_read_prop(dev, "cellwise,battery-profile", &len)) + return -EINVAL; + + size = sizeof(*cw201x->cw_bat_config_info) * len; + cw201x->cw_bat_config_info = calloc(size, 1); + if (!cw201x->cw_bat_config_info) { + printf("calloc cw_bat_config_info fail\n"); + return -EINVAL; + } + + info = dev_read_u8_array_ptr(dev, "cellwise,battery-profile", len); + if (!info) { + printf("fdtdec_get battery profile fail\n"); + return -EINVAL; + } + for (i = 0; i < len; i++) { + cw201x->cw_bat_config_info[i] = info[i]; + printf("%#x ", cw201x->cw_bat_config_info[i]); + if ((i+1) % 8 == 0) + printf("\n"); + } + + return 0; +} + +static int cw201x_ofdata_to_platdata(struct udevice *dev) +{ + struct cw201x_info *cw201x = dev_get_priv(dev); + int ret; + int hw_id0_val, hw_id1_val; + + cw201x->dev = dev; + ret = cw201x_parse_config_info(cw201x); + if (ret) + return ret; + + cw201x->dual_cell = dev_read_bool(dev, "cellwise,dual-cell"); + ret = gpio_request_by_name_nodev(dev_ofnode(dev), "dc_det_gpio", + 0, &cw201x->dc_det_gpio, GPIOD_IS_IN); + if (!ret) { + cw201x->support_dc_adp = 1; + printf("DC is valid\n"); + } else { + printf("DC is invalid, ret=%d\n", ret); + } + + cw201x->hw_id_check = dev_read_u32_default(dev, "hw_id_check", 0); + if (cw201x->hw_id_check) { + ret = gpio_request_by_name_nodev(dev_ofnode(dev), + "hw_id0_gpio", 0, + &cw201x->hw_id0, GPIOD_IS_IN); + if (ret) + return -EINVAL; + hw_id0_val = dm_gpio_get_value(&cw201x->hw_id0); + + ret = gpio_request_by_name_nodev(dev_ofnode(dev), + "hw_id1_gpio", 0, + &cw201x->hw_id1, GPIOD_IS_IN); + if (ret) + return -EINVAL; + hw_id1_val = dm_gpio_get_value(&cw201x->hw_id1); + + /* ID1 = 0, ID0 = 1 : Battery */ + if (!hw_id0_val || hw_id1_val) + return -EINVAL; + } + + cw201x->divider_res1 = dev_read_u32_default(dev, "divider_res1", 0); + cw201x->divider_res2 = dev_read_u32_default(dev, "divider_res2", 0); + + return 0; +} + +static int cw201x_get_vol(struct cw201x_info *cw201x) +{ + u16 value16, value16_1, value16_2, value16_3; + int voltage; + int res1, res2; + int retry = 0; + +__retry: + value16 = cw201x_read_half_word(cw201x, REG_VCELL); + if (value16 < 0) + return -1; + + value16_1 = cw201x_read_half_word(cw201x, REG_VCELL); + if (value16_1 < 0) + return -1; + + value16_2 = cw201x_read_half_word(cw201x, REG_VCELL); + if (value16_2 < 0) + return -1; + + if (value16 > value16_1) { + value16_3 = value16; + value16 = value16_1; + value16_1 = value16_3; + } + + if (value16_1 > value16_2) { + value16_3 = value16_1; + value16_1 = value16_2; + value16_2 = value16_3; + } + + if (value16 > value16_1) { + value16_3 = value16; + value16 = value16_1; + value16_1 = value16_3; + } + + voltage = value16_1 * 312 / 1024; + if (voltage <= 0 && retry < 10) { + retry++; + mdelay(20); + goto __retry; + } + + if (cw201x->divider_res1 && + cw201x->divider_res2) { + res1 = cw201x->divider_res1; + res2 = cw201x->divider_res2; + voltage = voltage * (res1 + res2) / res2; + } + + if (cw201x->dual_cell) + voltage *= 2; + + // printf("the cw201x voltage=%d\n", voltage); + return voltage; +} + +static int cw201x_dwc_otg_check_dpdm(void) +{ +#if defined(CONFIG_PHY_ROCKCHIP_INNO_USB2) && !defined(CONFIG_SPL_BUILD) + return rockchip_chg_get_type(); +#else + printf("rockchip_chg_get_type() is not implement\n"); + return CHARGER_TYPE_NO; +#endif +} + +static int cw201x_get_usb_state(struct cw201x_info *cw201x) +{ + int charger_type; + + switch (cw201x_dwc_otg_check_dpdm()) { + case 0: + charger_type = CHARGER_TYPE_NO; + break; + case 1: + case 3: + charger_type = CHARGER_TYPE_USB; + break; + case 2: + charger_type = CHARGER_TYPE_AC; + break; + default: + charger_type = CHARGER_TYPE_NO; + break; + } + + return charger_type; +} + +static bool cw201x_get_dc_state(struct cw201x_info *cw201x) +{ + if (dm_gpio_get_value(&cw201x->dc_det_gpio)) + return true; + + return false; +} + +static bool cw201x_check_charge(struct cw201x_info *cw201x) +{ + if (cw201x_get_usb_state(cw201x) != CHARGER_TYPE_NO) + return true; + if (cw201x_get_dc_state(cw201x)) + return true; + + return false; +} + +static int cw201x_get_soc(struct cw201x_info *cw201x) +{ + int cap, i = 0; + + while (i < 10) { + mdelay(30); + cap = cw201x_read(cw201x, REG_SOC); + if ((cap < 0) || (cap > 100)) + cap = cw201x->capacity; + i++; + if (cap) + break; + } + cw201x->capacity = cap; + + return cw201x->capacity; +} + +static int cw201x_update_get_soc(struct udevice *dev) +{ + struct cw201x_info *cw201x = dev_get_priv(dev); + + return cw201x_get_soc(cw201x); +} + +static int cw201x_update_get_voltage(struct udevice *dev) +{ + struct cw201x_info *cw201x = dev_get_priv(dev); + + return cw201x_get_vol(cw201x); +} + +static int cw201x_update_get_current(struct udevice *dev) +{ + return 0; +} + +static bool cw201x_update_get_chrg_online(struct udevice *dev) +{ + struct cw201x_info *cw201x = dev_get_priv(dev); + + return cw201x_check_charge(cw201x); +} + +static int cw201x_capability(struct udevice *dev) +{ + return FG_CAP_FUEL_GAUGE; +} + +static struct dm_fuel_gauge_ops cw201x_fg_ops = { + .capability = cw201x_capability, + .get_soc = cw201x_update_get_soc, + .get_voltage = cw201x_update_get_voltage, + .get_current = cw201x_update_get_current, + .get_chrg_online = cw201x_update_get_chrg_online, +}; + +static int cw201x_fg_cfg(struct cw201x_info *cw201x) +{ + u8 val = MODE_SLEEP; + int i; + + if ((val & MODE_SLEEP_MASK) == MODE_SLEEP) { + val = MODE_NORMAL; + cw201x_write(cw201x, REG_MODE, val); + } + + for (i = 0; i < 64; i++) { + cw201x_write(cw201x, REG_BATINFO + i, + (u8)cw201x->cw_bat_config_info[i]); + } + + return 0; +} + +static int cw201x_fg_probe(struct udevice *dev) +{ + struct cw201x_info *cw201x = dev_get_priv(dev); + + cw201x->dev = dev; + cw201x_fg_cfg(cw201x); + + printf("vol: %d, soc: %d\n", + cw201x_get_vol(cw201x), cw201x_get_soc(cw201x)); + + return 0; +} + +static const struct udevice_id cw201x_ids[] = { + { .compatible = "cw201x" }, + { .compatible = "cellwise,cw2015" }, + { } +}; + +U_BOOT_DRIVER(cw201x_fg) = { + .name = "cw201x_fg", + .id = UCLASS_FG, + .of_match = cw201x_ids, + .probe = cw201x_fg_probe, + .ofdata_to_platdata = cw201x_ofdata_to_platdata, + .ops = &cw201x_fg_ops, + .priv_auto_alloc_size = sizeof(struct cw201x_info), +}; diff --git a/drivers/power/fuel_gauge/fg_regs.h b/drivers/power/fuel_gauge/fg_regs.h new file mode 100755 index 00000000..cbbceb70 --- /dev/null +++ b/drivers/power/fuel_gauge/fg_regs.h @@ -0,0 +1,95 @@ +/* + * (C) Copyright 2017 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef _FG_RK8XX_H_ +#define _FG_RK8XX_H_ + +/* register definition */ +#define SECONDS_REG 0X00 +#define VB_MON_REG 0x21 +#define THERMAL_REG 0x22 +#define SUP_STS_REG 0xA0 +#define USB_CTRL_REG 0xA1 +#define CHRG_CTRL_REG1 0xA3 +#define CHRG_CTRL_REG2 0xA4 +#define CHRG_CTRL_REG3 0xA5 +#define BAT_CTRL_REG 0xA6 +#define BAT_HTS_TS_REG 0xA8 +#define BAT_LTS_TS_REG 0xA9 +#define TS_CTRL_REG 0xAC +#define ADC_CTRL_REG 0xAD +#define GGCON_REG 0xB0 +#define GGSTS_REG 0xB1 +#define ZERO_CUR_ADC_REGH 0xB2 +#define ZERO_CUR_ADC_REGL 0xB3 +#define GASCNT_CAL_REG3 0xB4 +#define GASCNT_CAL_REG2 0xB5 +#define GASCNT_CAL_REG1 0xB6 +#define GASCNT_CAL_REG0 0xB7 +#define GASCNT_REG3 0xB8 +#define GASCNT_REG2 0xB9 +#define GASCNT_REG1 0xBA +#define GASCNT_REG0 0xBB +#define BAT_CUR_AVG_REGH 0xBC +#define BAT_CUR_AVG_REGL 0xBD +#define TS_ADC_REGH 0xBE +#define TS_ADC_REGL 0xBF +#define RK818_TS2_ADC_REGH 0xC0 +#define RK818_TS2_ADC_REGL 0xC1 +#define RK816_USB_ADC_REGH 0xC0 +#define RK816_USB_ADC_REGL 0xC1 +#define BAT_OCV_REGH 0xC2 +#define BAT_OCV_REGL 0xC3 +#define BAT_VOL_REGH 0xC4 +#define BAT_VOL_REGL 0xC5 +#define RELAX_ENTRY_THRES_REGH 0xC6 +#define RELAX_ENTRY_THRES_REGL 0xC7 +#define RELAX_EXIT_THRES_REGH 0xC8 +#define RELAX_EXIT_THRES_REGL 0xC9 +#define RELAX_VOL1_REGH 0xCA +#define RELAX_VOL1_REGL 0xCB +#define RELAX_VOL2_REGH 0xCC +#define RELAX_VOL2_REGL 0xCD +#define RELAX_CUR1_REGH 0xCE +#define RELAX_CUR1_REGL 0xCF +#define RELAX_CUR2_REGH 0xD0 +#define RELAX_CUR2_REGL 0xD1 +#define CAL_OFFSET_REGH 0xD2 +#define CAL_OFFSET_REGL 0xD3 +#define NON_ACT_TIMER_CNT_REG 0xD4 +#define VCALIB0_REGH 0xD5 +#define VCALIB0_REGL 0xD6 +#define VCALIB1_REGH 0xD7 +#define VCALIB1_REGL 0xD8 +#define FCC_GASCNT_REG3 0xD9 +#define FCC_GASCNT_REG2 0xDA +#define FCC_GASCNT_REG1 0xDB +#define FCC_GASCNT_REG0 0xDC +#define IOFFSET_REGH 0xDD +#define IOFFSET_REGL 0xDE +#define SLEEP_CON_SAMP_CUR_REG 0xDF +#define SOC_REG 0xE0 +#define REMAIN_CAP_REG3 0xE1 +#define REMAIN_CAP_REG2 0xE2 +#define REMAIN_CAP_REG1 0xE3 +#define REMAIN_CAP_REG0 0xE4 +#define UPDAT_LEVE_REG 0xE5 +#define NEW_FCC_REG3 0xE6 +#define NEW_FCC_REG2 0xE7 +#define NEW_FCC_REG1 0xE8 +#define NEW_FCC_REG0 0xE9 +#define NON_ACT_TIMER_CNT_SAVE_REG 0xEA +#define OCV_VOL_VALID_REG 0xEB +#define REBOOT_CNT_REG 0xEC +#define POFFSET_REG 0xED +#define MISC_MARK_REG 0xEE +#define HALT_CNT_REG 0xEF +#define DATA15_REG 0xEF +#define DATA16_REG 0xF0 +#define DATA17_REG 0xF1 +#define DATA18_REG 0xF2 + +#endif diff --git a/drivers/power/fuel_gauge/fuel_gauge_uclass.c b/drivers/power/fuel_gauge/fuel_gauge_uclass.c new file mode 100755 index 00000000..9e335fcf --- /dev/null +++ b/drivers/power/fuel_gauge/fuel_gauge_uclass.c @@ -0,0 +1,136 @@ +/* + * (C) Copyright 2017 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include + +DECLARE_GLOBAL_DATA_PTR; + +int fuel_gauge_capability(struct udevice *dev) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->capability) + return (FG_CAP_CHARGER | FG_CAP_FUEL_GAUGE); + + return ops->capability(dev); +} + +int fuel_gauge_bat_is_exist(struct udevice *dev) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->bat_is_exist) + return -ENOSYS; + + return ops->bat_is_exist(dev); +} + +int fuel_gauge_get_current(struct udevice *dev) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->get_current) + return -ENOSYS; + + return ops->get_current(dev); +} + +int fuel_gauge_get_voltage(struct udevice *dev) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->get_voltage) + return -ENOSYS; + + return ops->get_voltage(dev); +} + +int fuel_gauge_update_get_soc(struct udevice *dev) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->get_soc) + return -ENOSYS; + + return ops->get_soc(dev); +} + +bool fuel_gauge_get_chrg_online(struct udevice *dev) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->get_chrg_online) + return -ENOSYS; + + return ops->get_chrg_online(dev); +} + +int fuel_gauge_get_temperature(struct udevice *dev, int *temp) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->get_temperature) + return -ENOSYS; + + return ops->get_temperature(dev, temp); +} + +int charger_set_charger_voltage(struct udevice *dev, int uV) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->set_charger_voltage) + return -ENOSYS; + + return ops->set_charger_voltage(dev, uV); +} + +int charger_set_current(struct udevice *dev, int ichrg_uA) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->set_charger_current) + return -ENOSYS; + + return ops->set_charger_current(dev, ichrg_uA); +} + +int charger_set_iprechg_current(struct udevice *dev, int iprechrg_uA) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->set_iprechg_current) + return -ENOSYS; + + return ops->set_iprechg_current(dev, iprechrg_uA); +} + +int charger_set_enable(struct udevice *dev) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->set_charger_enable) + return -ENOSYS; + + return ops->set_charger_enable(dev); +} + +int charger_set_disable(struct udevice *dev) +{ + const struct dm_fuel_gauge_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->set_charger_disable) + return -ENOSYS; + + return ops->set_charger_disable(dev); +} + +UCLASS_DRIVER(fuel_guage) = { + .id = UCLASS_FG, + .name = "fuel_gauge", +}; diff --git a/drivers/power/power_delivery/Kconfig b/drivers/power/power_delivery/Kconfig new file mode 100755 index 00000000..ad6132e9 --- /dev/null +++ b/drivers/power/power_delivery/Kconfig @@ -0,0 +1,45 @@ +# SPDX-License-Identifier: GPL-2.0 + +config DM_POWER_DELIVERY + bool "Enable driver model power delivery support" + depends on DM + help + This adds a simple uclass for power delivery. + +config TYPEC_TCPM + tristate "USB Type-C Port Controller Manager" + depends on DM && DM_POWER_DELIVERY + help + The Type-C Port Controller Manager provides a USB PD and USB Type-C + state machine for use with Type-C Port Controllers. + +config TYPEC_TCPCI + tristate "Type-C Port Controller Interface driver" + depends on DM && DM_POWER_DELIVERY && DM_I2C + help + Type-C Port Controller driver for TCPCI-compliant controller. + +config RV_BOOK + tristate "RV Book Type-C support" + help + Enable support for rvbook device's Type-C Port Controller. + +if TYPEC_TCPCI + +config TYPEC_HUSB311 + tristate "Hynetek HUSB311 Type-C chip driver" + depends on DM && DM_POWER_DELIVERY && DM_I2C + help + Hynetek HUSB311 Type-C chip driver that works with + Type-C Port Controller Manager to provide USB PD and USB + Type-C functionalities. + +endif # TYPEC_TCPCI + +config TYPEC_FUSB302 + tristate "Fairchild FUSB302 Type-C chip driver" + depends on DM && DM_POWER_DELIVERY && DM_I2C + help + The Fairchild FUSB302 Type-C chip driver that works with + Type-C Port Controller Manager to provide USB PD and USB + Type-C functionalities. diff --git a/drivers/power/power_delivery/Makefile b/drivers/power/power_delivery/Makefile new file mode 100755 index 00000000..8a065e61 --- /dev/null +++ b/drivers/power/power_delivery/Makefile @@ -0,0 +1,7 @@ +# SPDX-License-Identifier: GPL-2.0 + +obj-$(CONFIG_$(SPL_)DM_POWER_DELIVERY) += power_delivery_uclass.o +obj-$(CONFIG_TYPEC_TCPM) += tcpm.o +obj-$(CONFIG_TYPEC_FUSB302) += fusb302.o +obj-$(CONFIG_TYPEC_TCPCI) += tcpci.o +obj-$(CONFIG_TYPEC_HUSB311) += tcpci_husb311.o diff --git a/drivers/power/power_delivery/power_delivery_uclass.c b/drivers/power/power_delivery/power_delivery_uclass.c new file mode 100755 index 00000000..a6acf4c9 --- /dev/null +++ b/drivers/power/power_delivery/power_delivery_uclass.c @@ -0,0 +1,31 @@ +/* + * (C) Copyright 2022 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include + +DECLARE_GLOBAL_DATA_PTR; + +int power_delivery_get_data(struct udevice *dev, struct power_delivery_data *pd_data) +{ + const struct dm_power_delivery_ops *ops = dev_get_driver_ops(dev); + + if (!ops || !ops->get_current || !ops->get_voltage || !ops->get_online) + return -ENOSYS; + + pd_data->voltage = ops->get_voltage(dev); + pd_data->current = ops->get_current(dev); + pd_data->online = ops->get_online(dev); + + return 0; +} + +UCLASS_DRIVER(power_delivery) = { + .id = UCLASS_PD, + .name = "power_delivery", +}; diff --git a/drivers/power/power_delivery/tcpci.c b/drivers/power/power_delivery/tcpci.c new file mode 100755 index 00000000..ef666a8d --- /dev/null +++ b/drivers/power/power_delivery/tcpci.c @@ -0,0 +1,778 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2015-2017 Google, Inc + * + * USB Type-C Port Controller Interface. + */ + +#include +#include +#include +#include +#include +#include +#include + +#include "tcpci.h" + +#define PD_RETRY_COUNT 3 + +#define tcpc_presenting_cc1_rd(reg) \ + (!(TCPC_ROLE_CTRL_DRP & (reg)) && \ + (((reg) & (TCPC_ROLE_CTRL_CC1_MASK << TCPC_ROLE_CTRL_CC1_SHIFT)) == \ + (TCPC_ROLE_CTRL_CC_RD << TCPC_ROLE_CTRL_CC1_SHIFT))) +#define tcpc_presenting_cc2_rd(reg) \ + (!(TCPC_ROLE_CTRL_DRP & (reg)) && \ + (((reg) & (TCPC_ROLE_CTRL_CC2_MASK << TCPC_ROLE_CTRL_CC2_SHIFT)) == \ + (TCPC_ROLE_CTRL_CC_RD << TCPC_ROLE_CTRL_CC2_SHIFT))) + +struct tcpci { + struct udevice *dev; + + struct tcpm_port *port; + + bool controls_vbus; + bool gpio_cc_int_present; + + struct tcpc_dev tcpc; + struct tcpci_data *data; + struct gpio_desc gpio_cc_int; +}; + +struct tcpci_chip { + struct udevice *udev; + struct tcpci *tcpci; + struct tcpci_data data; +}; + +static inline struct tcpci *tcpc_to_tcpci(struct tcpc_dev *tcpc) +{ + return container_of(tcpc, struct tcpci, tcpc); +} + +static int tcpci_read16(struct tcpci *tcpci, unsigned int reg, u16 *val) +{ + int ret = 0; + u8 buffer[2]; + + ret = dm_i2c_read(tcpci->dev, reg, buffer, 2); + if (ret) { + printf("%s: cannot read %02x, ret=%d\n", + __func__, reg, ret); + return ret; + } + + *val = ((buffer[1] << 8) & 0xFF00) | (buffer[0] & 0xFF); + + return ret; +} + +static int tcpci_block_read(struct tcpci *tcpci, unsigned int reg, + u8 *data, u8 length) +{ + int ret = 0; + + ret = dm_i2c_read(tcpci->dev, reg, data, length); + if (ret) + printf("%s: cannot block read 0x%02x, len=%d, ret=%d\n", + __func__, reg, length, ret); + + return ret; +} + +static int tcpci_write16(struct tcpci *tcpci, unsigned int reg, u16 val) +{ + int ret = 0; + u8 buffer[2]; + + buffer[0] = val & 0xFF; + buffer[1] = (val >> 8) & 0xFF; + ret = dm_i2c_write(tcpci->dev, reg, buffer, 2); + if (ret) + printf("%s: cannot write 0x%02x, ret=%d\n", + __func__, reg, ret); + + return ret; +} + +static int tcpci_block_write(struct tcpci *tcpci, unsigned int reg, + u8 *data, u8 length) +{ + int ret = 0; + + ret = dm_i2c_write(tcpci->dev, reg, data, length); + if (ret) + printf("%s: cannot block write 0x%02x, len=%d, ret=%d\n", + __func__, reg, length, ret); + + return ret; +} + +static int tcpci_set_cc(struct tcpc_dev *tcpc, enum typec_cc_status cc) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int reg; + int ret; + + switch (cc) { + case TYPEC_CC_RA: + reg = (TCPC_ROLE_CTRL_CC_RA << TCPC_ROLE_CTRL_CC1_SHIFT) | + (TCPC_ROLE_CTRL_CC_RA << TCPC_ROLE_CTRL_CC2_SHIFT); + break; + case TYPEC_CC_RD: + reg = (TCPC_ROLE_CTRL_CC_RD << TCPC_ROLE_CTRL_CC1_SHIFT) | + (TCPC_ROLE_CTRL_CC_RD << TCPC_ROLE_CTRL_CC2_SHIFT); + break; + case TYPEC_CC_RP_DEF: + reg = (TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC1_SHIFT) | + (TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC2_SHIFT) | + (TCPC_ROLE_CTRL_RP_VAL_DEF << + TCPC_ROLE_CTRL_RP_VAL_SHIFT); + break; + case TYPEC_CC_RP_1_5: + reg = (TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC1_SHIFT) | + (TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC2_SHIFT) | + (TCPC_ROLE_CTRL_RP_VAL_1_5 << + TCPC_ROLE_CTRL_RP_VAL_SHIFT); + break; + case TYPEC_CC_RP_3_0: + reg = (TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC1_SHIFT) | + (TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC2_SHIFT) | + (TCPC_ROLE_CTRL_RP_VAL_3_0 << + TCPC_ROLE_CTRL_RP_VAL_SHIFT); + break; + case TYPEC_CC_OPEN: + default: + reg = (TCPC_ROLE_CTRL_CC_OPEN << TCPC_ROLE_CTRL_CC1_SHIFT) | + (TCPC_ROLE_CTRL_CC_OPEN << TCPC_ROLE_CTRL_CC2_SHIFT); + break; + } + + ret = dm_i2c_reg_write(tcpci->dev, TCPC_ROLE_CTRL, reg); + if (ret) + return ret; + + return 0; +} + +static int tcpci_start_toggling(struct tcpc_dev *tcpc, + enum typec_port_type port_type, + enum typec_cc_status cc) +{ + int ret; + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int reg = TCPC_ROLE_CTRL_DRP; + + if (port_type != TYPEC_PORT_DRP) + return -EOPNOTSUPP; + + /* Handle vendor drp toggling */ + if (tcpci->data->start_drp_toggling) { + ret = tcpci->data->start_drp_toggling(tcpci, tcpci->data, cc); + if (ret < 0) + return ret; + } + + switch (cc) { + default: + case TYPEC_CC_RP_DEF: + reg |= (TCPC_ROLE_CTRL_RP_VAL_DEF << + TCPC_ROLE_CTRL_RP_VAL_SHIFT); + break; + case TYPEC_CC_RP_1_5: + reg |= (TCPC_ROLE_CTRL_RP_VAL_1_5 << + TCPC_ROLE_CTRL_RP_VAL_SHIFT); + break; + case TYPEC_CC_RP_3_0: + reg |= (TCPC_ROLE_CTRL_RP_VAL_3_0 << + TCPC_ROLE_CTRL_RP_VAL_SHIFT); + break; + } + + if (cc == TYPEC_CC_RD) + reg |= (TCPC_ROLE_CTRL_CC_RD << TCPC_ROLE_CTRL_CC1_SHIFT) | + (TCPC_ROLE_CTRL_CC_RD << TCPC_ROLE_CTRL_CC2_SHIFT); + else + reg |= (TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC1_SHIFT) | + (TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC2_SHIFT); + ret = dm_i2c_reg_write(tcpci->dev, TCPC_ROLE_CTRL, reg); + if (ret < 0) + return ret; + return dm_i2c_reg_write(tcpci->dev, TCPC_COMMAND, + TCPC_CMD_LOOK4CONNECTION); +} + +static enum typec_cc_status tcpci_to_typec_cc(unsigned int cc, bool sink) +{ + switch (cc) { + case 0x1: + return sink ? TYPEC_CC_RP_DEF : TYPEC_CC_RA; + case 0x2: + return sink ? TYPEC_CC_RP_1_5 : TYPEC_CC_RD; + case 0x3: + if (sink) + return TYPEC_CC_RP_3_0; + /* fall through */ + case 0x0: + default: + return TYPEC_CC_OPEN; + } +} + +static int tcpci_get_cc(struct tcpc_dev *tcpc, + enum typec_cc_status *cc1, enum typec_cc_status *cc2) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int reg, role_control; + + role_control = dm_i2c_reg_read(tcpci->dev, TCPC_ROLE_CTRL); + if (role_control < 0) + return role_control; + + reg = dm_i2c_reg_read(tcpci->dev, TCPC_CC_STATUS); + if (reg < 0) + return reg; + + *cc1 = tcpci_to_typec_cc((reg >> TCPC_CC_STATUS_CC1_SHIFT) & + TCPC_CC_STATUS_CC1_MASK, + reg & TCPC_CC_STATUS_TERM || + tcpc_presenting_cc1_rd(role_control)); + *cc2 = tcpci_to_typec_cc((reg >> TCPC_CC_STATUS_CC2_SHIFT) & + TCPC_CC_STATUS_CC2_MASK, + reg & TCPC_CC_STATUS_TERM || + tcpc_presenting_cc2_rd(role_control)); + + return 0; +} + +static int tcpci_set_polarity(struct tcpc_dev *tcpc, + enum typec_cc_polarity polarity) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int reg; + int ret; + enum typec_cc_status cc1, cc2; + + /* Obtain Rp setting from role control */ + reg = dm_i2c_reg_read(tcpci->dev, TCPC_ROLE_CTRL); + if (reg < 0) + return reg; + + ret = tcpci_get_cc(tcpc, &cc1, &cc2); + if (ret < 0) + return ret; + + /* + * When port has drp toggling enabled, ROLE_CONTROL would only have the initial + * terminations for the toggling and does not indicate the final cc + * terminations when ConnectionResult is 0 i.e. drp toggling stops and + * the connection is resolbed. Infer port role from TCPC_CC_STATUS based on the + * terminations seen. The port role is then used to set the cc terminations. + */ + if (reg & TCPC_ROLE_CTRL_DRP) { + /* Disable DRP for the OPEN setting to take effect */ + reg = reg & ~TCPC_ROLE_CTRL_DRP; + + if (polarity == TYPEC_POLARITY_CC2) { + reg &= ~(TCPC_ROLE_CTRL_CC2_MASK << TCPC_ROLE_CTRL_CC2_SHIFT); + /* Local port is source */ + if (cc2 == TYPEC_CC_RD) + /* Role control would have the Rp setting when DRP was enabled */ + reg |= TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC2_SHIFT; + else + reg |= TCPC_ROLE_CTRL_CC_RD << TCPC_ROLE_CTRL_CC2_SHIFT; + } else { + reg &= ~(TCPC_ROLE_CTRL_CC1_MASK << TCPC_ROLE_CTRL_CC1_SHIFT); + /* Local port is source */ + if (cc1 == TYPEC_CC_RD) + /* Role control would have the Rp setting when DRP was enabled */ + reg |= TCPC_ROLE_CTRL_CC_RP << TCPC_ROLE_CTRL_CC1_SHIFT; + else + reg |= TCPC_ROLE_CTRL_CC_RD << TCPC_ROLE_CTRL_CC1_SHIFT; + } + } + + if (polarity == TYPEC_POLARITY_CC2) + reg |= TCPC_ROLE_CTRL_CC_OPEN << TCPC_ROLE_CTRL_CC1_SHIFT; + else + reg |= TCPC_ROLE_CTRL_CC_OPEN << TCPC_ROLE_CTRL_CC2_SHIFT; + ret = dm_i2c_reg_write(tcpci->dev, TCPC_ROLE_CTRL, reg); + if (ret < 0) + return ret; + + return dm_i2c_reg_write(tcpci->dev, TCPC_TCPC_CTRL, + (polarity == TYPEC_POLARITY_CC2) ? + TCPC_TCPC_CTRL_ORIENTATION : 0); +} + +static int tcpci_set_vconn(struct tcpc_dev *tcpc, bool enable) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + int ret; + unsigned int reg; + + /* Handle vendor set vconn */ + if (tcpci->data->set_vconn) { + ret = tcpci->data->set_vconn(tcpci, tcpci->data, enable); + if (ret < 0) + return ret; + } + + reg = dm_i2c_reg_read(tcpci->dev, TCPC_POWER_CTRL); + if (reg) + return reg; + reg &= ~TCPC_POWER_CTRL_VCONN_ENABLE; + reg |= enable ? TCPC_POWER_CTRL_VCONN_ENABLE : 0; + return dm_i2c_reg_write(tcpci->dev, TCPC_POWER_CTRL, reg); +} + +static int tcpci_set_roles(struct tcpc_dev *tcpc, bool attached, + enum typec_role role, enum typec_data_role data) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int reg; + int ret; + + reg = PD_REV20 << TCPC_MSG_HDR_INFO_REV_SHIFT; + if (role == TYPEC_SOURCE) + reg |= TCPC_MSG_HDR_INFO_PWR_ROLE; + if (data == TYPEC_HOST) + reg |= TCPC_MSG_HDR_INFO_DATA_ROLE; + ret = dm_i2c_reg_write(tcpci->dev, TCPC_MSG_HDR_INFO, reg); + if (ret < 0) + return ret; + + return 0; +} + +static int tcpci_set_pd_rx(struct tcpc_dev *tcpc, bool enable) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int reg = 0; + int ret; + + if (enable) + reg = TCPC_RX_DETECT_SOP | TCPC_RX_DETECT_HARD_RESET; + ret = dm_i2c_reg_write(tcpci->dev, TCPC_RX_DETECT, reg); + if (ret < 0) + return ret; + + return 0; +} + +static int tcpci_get_vbus(struct tcpc_dev *tcpc) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int reg; + + reg = dm_i2c_reg_read(tcpci->dev, TCPC_POWER_STATUS); + if (reg < 0) + return reg; + + return !!(reg & TCPC_POWER_STATUS_VBUS_PRES); +} + +static int tcpci_set_vbus(struct tcpc_dev *tcpc, bool source, bool sink) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + int ret; + + /* Disable both source and sink first before enabling anything */ + + if (!source) { + ret = dm_i2c_reg_write(tcpci->dev, TCPC_COMMAND, + TCPC_CMD_DISABLE_SRC_VBUS); + if (ret < 0) + return ret; + } + + if (!sink) { + ret = dm_i2c_reg_write(tcpci->dev, TCPC_COMMAND, + TCPC_CMD_DISABLE_SINK_VBUS); + if (ret < 0) + return ret; + } + + if (source) { + ret = dm_i2c_reg_write(tcpci->dev, TCPC_COMMAND, + TCPC_CMD_SRC_VBUS_DEFAULT); + if (ret < 0) + return ret; + } + + if (sink) { + ret = dm_i2c_reg_write(tcpci->dev, TCPC_COMMAND, + TCPC_CMD_SINK_VBUS); + if (ret < 0) + return ret; + } + + return 0; +} + +static int tcpci_pd_transmit(struct tcpc_dev *tcpc, + enum tcpm_transmit_type type, + const struct pd_message *msg, + unsigned int negotiated_rev) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + u16 header = msg ? le16_to_cpu(msg->header) : 0; + unsigned int reg, cnt; + int ret; + + cnt = msg ? pd_header_cnt(header) * 4 : 0; + ret = dm_i2c_reg_write(tcpci->dev, TCPC_TX_BYTE_CNT, cnt + 2); + if (ret < 0) + return ret; + + ret = tcpci_write16(tcpci, TCPC_TX_HDR, header); + if (ret < 0) + return ret; + + if (cnt > 0) { + ret = tcpci_block_write(tcpci, TCPC_TX_DATA, + (u8 *)&msg->payload, cnt); + if (ret < 0) + return ret; + } + + reg = (PD_RETRY_COUNT << TCPC_TRANSMIT_RETRY_SHIFT) | + (type << TCPC_TRANSMIT_TYPE_SHIFT); + ret = dm_i2c_reg_write(tcpci->dev, TCPC_TRANSMIT, reg); + if (ret < 0) + return ret; + + return 0; +} + +static int tcpci_init(struct tcpc_dev *tcpc) +{ + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int timeout = 0; /* XXX */ + unsigned int reg; + int ret; + + while (timeout < 100) { + reg = dm_i2c_reg_read(tcpci->dev, TCPC_POWER_STATUS); + if (reg < 0) + return reg; + if (!(reg & TCPC_POWER_STATUS_UNINIT)) + break; + timeout++; + udelay(200); + } + if (timeout >= 100) + return -ETIMEDOUT; + + /* Handle vendor init */ + if (tcpci->data->init) { + ret = tcpci->data->init(tcpci, tcpci->data); + if (ret < 0) + return ret; + } + + /* Clear all events */ + ret = tcpci_write16(tcpci, TCPC_ALERT, 0xffff); + if (ret < 0) + return ret; + + if (tcpci->controls_vbus) + reg = TCPC_POWER_STATUS_VBUS_PRES; + else + reg = 0; + ret = dm_i2c_reg_write(tcpci->dev, TCPC_POWER_STATUS_MASK, reg); + if (ret < 0) + return ret; + + /* Enable Vbus detection */ + ret = dm_i2c_reg_write(tcpci->dev, TCPC_COMMAND, + TCPC_CMD_ENABLE_VBUS_DETECT); + if (ret < 0) + return ret; + + reg = TCPC_ALERT_TX_SUCCESS | TCPC_ALERT_TX_FAILED | + TCPC_ALERT_TX_DISCARDED | TCPC_ALERT_RX_STATUS | + TCPC_ALERT_RX_HARD_RST | TCPC_ALERT_CC_STATUS; + if (tcpci->controls_vbus) + reg |= TCPC_ALERT_POWER_STATUS; + return tcpci_write16(tcpci, TCPC_ALERT_MASK, reg); +} + +static void tcpci_poll_event(struct tcpc_dev *tcpc) +{ + u16 status; + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + + tcpci_read16(tcpci, TCPC_ALERT, &status); + + /* + * Clear alert status for everything except RX_STATUS, which shouldn't + * be cleared until we have successfully retrieved message. + */ + if (status & ~TCPC_ALERT_RX_STATUS) + tcpci_write16(tcpci, TCPC_ALERT, + status & ~TCPC_ALERT_RX_STATUS); + + if (status & TCPC_ALERT_CC_STATUS) + tcpm_cc_change(tcpci->port); + + if (status & TCPC_ALERT_POWER_STATUS) { + unsigned int reg; + + reg = dm_i2c_reg_read(tcpci->dev, TCPC_POWER_STATUS_MASK); + if (reg < 0) + return; + + /* + * If power status mask has been reset, then the TCPC + * has reset. + */ + if (reg == 0xff) + tcpm_tcpc_reset(tcpci->port); + else + tcpm_vbus_change(tcpci->port); + } + + if (status & TCPC_ALERT_RX_STATUS) { + struct pd_message msg; + unsigned int cnt, payload_cnt; + u16 header; + + cnt = dm_i2c_reg_read(tcpci->dev, TCPC_RX_BYTE_CNT); + if (cnt < 0) + return; + /* + * 'cnt' corresponds to READABLE_BYTE_COUNT in section 4.4.14 + * of the TCPCI spec [Rev 2.0 Ver 1.0 October 2017] and is + * defined in table 4-36 as one greater than the number of + * bytes received. And that number includes the header. So: + */ + if (cnt > 3) + payload_cnt = cnt - (1 + sizeof(msg.header)); + else + payload_cnt = 0; + + tcpci_read16(tcpci, TCPC_RX_HDR, &header); + msg.header = cpu_to_le16(header); + + if ((payload_cnt > sizeof(msg.payload))) + payload_cnt = sizeof(msg.payload); + + if (payload_cnt > 0) + tcpci_block_read(tcpci, TCPC_RX_DATA, + (u8 *)&msg.payload, payload_cnt); + + /* Read complete, clear RX status alert bit */ + tcpci_write16(tcpci, TCPC_ALERT, TCPC_ALERT_RX_STATUS); + + tcpm_pd_receive(tcpci->port, &msg); + } + + if (status & TCPC_ALERT_RX_HARD_RST) + tcpm_pd_hard_reset(tcpci->port); + + if (status & TCPC_ALERT_TX_SUCCESS) + tcpm_pd_transmit_complete(tcpci->port, TCPC_TX_SUCCESS); + else if (status & TCPC_ALERT_TX_DISCARDED) + tcpm_pd_transmit_complete(tcpci->port, TCPC_TX_DISCARDED); + else if (status & TCPC_ALERT_TX_FAILED) + tcpm_pd_transmit_complete(tcpci->port, TCPC_TX_FAILED); +} + +static int tcpci_enter_low_power_mode(struct tcpc_dev *tcpc, + bool attached, bool pd_capable) +{ + int ret; + struct tcpci *tcpci = tcpc_to_tcpci(tcpc); + unsigned int reg; + + /* Disable chip interrupts before unregistering port */ + ret = tcpci_write16(tcpci, TCPC_ALERT_MASK, 0); + if (ret < 0) + return ret; + + reg = dm_i2c_reg_read(tcpci->dev, TCPC_BMCIO_CTRL); + if (reg < 0) + return reg; + /* + * For Type-C devices with PD capability, Only disable VBUS detect, + * do not diable 24M oscillator for BMC communication. Otherwise, + * data packets cannot be received. + */ + if (attached && pd_capable) + reg &= ~TCPC_BMCIO_VBUS_DETECT_MASK; + else + reg &= ~(TCPC_BMCIO_VBUS_DETECT_MASK | TCPC_BMCIO_24M_OSC_MASK); + return dm_i2c_reg_write(tcpci->dev, TCPC_BMCIO_CTRL, reg); +} + +static int tcpci_parse_config(struct tcpci *tcpci) +{ + tcpci->controls_vbus = true; /* XXX */ + + tcpci->tcpc.connector_node = dev_read_subnode(tcpci->dev, "connector"); + if (!ofnode_valid(tcpci->tcpc.connector_node)) { + printf("%s: 'connector' node is not found\n", __func__); + return -EINVAL; + } + + return 0; +} + +struct tcpci *tcpci_register_port(struct udevice *dev, struct tcpci_data *data) +{ + struct tcpci *tcpci; + int err; + + tcpci = devm_kzalloc(dev, sizeof(*tcpci), GFP_KERNEL); + if (!tcpci) + return ERR_PTR(-ENOMEM); + + err = gpio_request_by_name(dev, "int-n-gpios", 0, &tcpci->gpio_cc_int, GPIOD_IS_IN); + if (err) { + printf("%s: fail to get int GPIO: err=%d\n", __func__, err); + tcpci->gpio_cc_int_present = false; + } else { + printf("%s: success to get int GPIO: err=%d\n", __func__, err); + tcpci->gpio_cc_int_present = true; + } + + tcpci->dev = dev; + tcpci->data = data; + + tcpci->tcpc.init = tcpci_init; + tcpci->tcpc.get_vbus = tcpci_get_vbus; + tcpci->tcpc.set_vbus = tcpci_set_vbus; + tcpci->tcpc.set_cc = tcpci_set_cc; + tcpci->tcpc.get_cc = tcpci_get_cc; + tcpci->tcpc.set_polarity = tcpci_set_polarity; + tcpci->tcpc.set_vconn = tcpci_set_vconn; + tcpci->tcpc.start_toggling = tcpci_start_toggling; + + tcpci->tcpc.set_pd_rx = tcpci_set_pd_rx; + tcpci->tcpc.set_roles = tcpci_set_roles; + tcpci->tcpc.pd_transmit = tcpci_pd_transmit; + tcpci->tcpc.poll_event = tcpci_poll_event; + tcpci->tcpc.enter_low_power_mode = tcpci_enter_low_power_mode; + + err = tcpci_parse_config(tcpci); + if (err < 0) + return ERR_PTR(err); + + tcpci->port = tcpm_port_init(tcpci->dev, &tcpci->tcpc); + if (IS_ERR(tcpci->port)) { + printf("%s: failed to tcpm port init\n", __func__); + return ERR_CAST(tcpci->port); + } + + // tcpm_tcpc_reset(tcpci->port); + + tcpm_poll_event(tcpci->port); + + return tcpci; +} +EXPORT_SYMBOL_GPL(tcpci_register_port); + +void tcpci_unregister_port(struct tcpci *tcpci) +{ + tcpm_uninit_port(tcpci->port); +} +EXPORT_SYMBOL_GPL(tcpci_unregister_port); + +int tcpci_get_voltage_fun(struct tcpci *tcpci) +{ + return tcpm_get_voltage(tcpci->port); +} +EXPORT_SYMBOL_GPL(tcpci_get_voltage_fun); + +int tcpci_get_current_fun(struct tcpci *tcpci) +{ + return tcpm_get_current(tcpci->port); +} +EXPORT_SYMBOL_GPL(tcpci_get_current_fun); + +int tcpci_get_online_fun(struct tcpci *tcpci) +{ + return tcpm_get_online(tcpci->port); +} +EXPORT_SYMBOL_GPL(tcpci_get_online_fun); + +static int tcpci_probe(struct udevice *dev) +{ + struct tcpci_chip *chip = dev_get_priv(dev); + int err; + u16 val = 0; + + chip->udev = dev; + + /* Disable chip interrupts before requesting irq */ + err = tcpci_write16(chip->tcpci, TCPC_ALERT_MASK, val); + if (err < 0) + return err; + + chip->tcpci = tcpci_register_port(chip->udev, &chip->data); + if (IS_ERR(chip->tcpci)) + return PTR_ERR(chip->tcpci); + + return 0; +} + +static int tcpci_remove(struct udevice *dev) +{ + struct tcpci_chip *chip = dev_get_priv(dev); + int err; + + /* Disable chip interrupts before unregistering port */ + err = tcpci_write16(chip->tcpci, TCPC_ALERT_MASK, 0); + if (err < 0) + return err; + + tcpci_unregister_port(chip->tcpci); + + return 0; +} + +static int tcpci_get_voltage(struct udevice *dev) +{ + struct tcpci_chip *chip = dev_get_priv(dev); + + return tcpm_get_voltage(chip->tcpci->port); +} + +static int tcpci_get_current(struct udevice *dev) +{ + struct tcpci_chip *chip = dev_get_priv(dev); + + return tcpm_get_current(chip->tcpci->port); +} + +static int tcpci_get_online(struct udevice *dev) +{ + struct tcpci_chip *chip = dev_get_priv(dev); + + return tcpm_get_online(chip->tcpci->port); +} + +static struct dm_power_delivery_ops tcpci_ops = { + .get_voltage = tcpci_get_voltage, + .get_current = tcpci_get_current, + .get_online = tcpci_get_online, +}; + +static const struct udevice_id tcpci_ids[] = { + { .compatible = "nxp,ptn5110", }, + {}, +}; + +U_BOOT_DRIVER(tcpci) = { + .name = "tcpci", + .id = UCLASS_PD, + .of_match = tcpci_ids, + .ops = &tcpci_ops, + .probe = tcpci_probe, + .remove = tcpci_remove, + .priv_auto_alloc_size = sizeof(struct tcpci_chip), +} + +MODULE_DESCRIPTION("USB Type-C Port Controller Interface driver"); +MODULE_LICENSE("GPL"); diff --git a/drivers/power/power_delivery/tcpci.h b/drivers/power/power_delivery/tcpci.h new file mode 100755 index 00000000..ae250526 --- /dev/null +++ b/drivers/power/power_delivery/tcpci.h @@ -0,0 +1,150 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright 2015-2017 Google, Inc + * + * USB Type-C Port Controller Interface. + */ + +#ifndef __LINUX_USB_TCPCI_H +#define __LINUX_USB_TCPCI_H + +#define TCPC_VENDOR_ID 0x0 +#define TCPC_PRODUCT_ID 0x2 +#define TCPC_BCD_DEV 0x4 +#define TCPC_TC_REV 0x6 +#define TCPC_PD_REV 0x8 +#define TCPC_PD_INT_REV 0xa + +#define TCPC_ALERT 0x10 +#define TCPC_ALERT_VBUS_DISCNCT BIT(11) +#define TCPC_ALERT_RX_BUF_OVF BIT(10) +#define TCPC_ALERT_FAULT BIT(9) +#define TCPC_ALERT_V_ALARM_LO BIT(8) +#define TCPC_ALERT_V_ALARM_HI BIT(7) +#define TCPC_ALERT_TX_SUCCESS BIT(6) +#define TCPC_ALERT_TX_DISCARDED BIT(5) +#define TCPC_ALERT_TX_FAILED BIT(4) +#define TCPC_ALERT_RX_HARD_RST BIT(3) +#define TCPC_ALERT_RX_STATUS BIT(2) +#define TCPC_ALERT_POWER_STATUS BIT(1) +#define TCPC_ALERT_CC_STATUS BIT(0) + +#define TCPC_ALERT_MASK 0x12 +#define TCPC_POWER_STATUS_MASK 0x14 +#define TCPC_FAULT_STATUS_MASK 0x15 +#define TCPC_CONFIG_STD_OUTPUT 0x18 + +#define TCPC_TCPC_CTRL 0x19 +#define TCPC_TCPC_CTRL_ORIENTATION BIT(0) + +#define TCPC_ROLE_CTRL 0x1a +#define TCPC_ROLE_CTRL_DRP BIT(6) +#define TCPC_ROLE_CTRL_RP_VAL_SHIFT 4 +#define TCPC_ROLE_CTRL_RP_VAL_MASK 0x3 +#define TCPC_ROLE_CTRL_RP_VAL_DEF 0x0 +#define TCPC_ROLE_CTRL_RP_VAL_1_5 0x1 +#define TCPC_ROLE_CTRL_RP_VAL_3_0 0x2 +#define TCPC_ROLE_CTRL_CC2_SHIFT 2 +#define TCPC_ROLE_CTRL_CC2_MASK 0x3 +#define TCPC_ROLE_CTRL_CC1_SHIFT 0 +#define TCPC_ROLE_CTRL_CC1_MASK 0x3 +#define TCPC_ROLE_CTRL_CC_RA 0x0 +#define TCPC_ROLE_CTRL_CC_RP 0x1 +#define TCPC_ROLE_CTRL_CC_RD 0x2 +#define TCPC_ROLE_CTRL_CC_OPEN 0x3 + +#define TCPC_FAULT_CTRL 0x1b + +#define TCPC_POWER_CTRL 0x1c +#define TCPC_POWER_CTRL_VCONN_ENABLE BIT(0) + +#define TCPC_CC_STATUS 0x1d +#define TCPC_CC_STATUS_TOGGLING BIT(5) +#define TCPC_CC_STATUS_TERM BIT(4) +#define TCPC_CC_STATUS_CC2_SHIFT 2 +#define TCPC_CC_STATUS_CC2_MASK 0x3 +#define TCPC_CC_STATUS_CC1_SHIFT 0 +#define TCPC_CC_STATUS_CC1_MASK 0x3 + +#define TCPC_POWER_STATUS 0x1e +#define TCPC_POWER_STATUS_UNINIT BIT(6) +#define TCPC_POWER_STATUS_VBUS_DET BIT(3) +#define TCPC_POWER_STATUS_VBUS_PRES BIT(2) + +#define TCPC_FAULT_STATUS 0x1f + +#define TCPC_COMMAND 0x23 +#define TCPC_CMD_WAKE_I2C 0x11 +#define TCPC_CMD_DISABLE_VBUS_DETECT 0x22 +#define TCPC_CMD_ENABLE_VBUS_DETECT 0x33 +#define TCPC_CMD_DISABLE_SINK_VBUS 0x44 +#define TCPC_CMD_SINK_VBUS 0x55 +#define TCPC_CMD_DISABLE_SRC_VBUS 0x66 +#define TCPC_CMD_SRC_VBUS_DEFAULT 0x77 +#define TCPC_CMD_SRC_VBUS_HIGH 0x88 +#define TCPC_CMD_LOOK4CONNECTION 0x99 +#define TCPC_CMD_RXONEMORE 0xAA +#define TCPC_CMD_I2C_IDLE 0xFF + +#define TCPC_DEV_CAP_1 0x24 +#define TCPC_DEV_CAP_2 0x26 +#define TCPC_STD_INPUT_CAP 0x28 +#define TCPC_STD_OUTPUT_CAP 0x29 + +#define TCPC_MSG_HDR_INFO 0x2e +#define TCPC_MSG_HDR_INFO_DATA_ROLE BIT(3) +#define TCPC_MSG_HDR_INFO_PWR_ROLE BIT(0) +#define TCPC_MSG_HDR_INFO_REV_SHIFT 1 +#define TCPC_MSG_HDR_INFO_REV_MASK 0x3 + +#define TCPC_RX_DETECT 0x2f +#define TCPC_RX_DETECT_HARD_RESET BIT(5) +#define TCPC_RX_DETECT_SOP BIT(0) + +#define TCPC_RX_BYTE_CNT 0x30 +#define TCPC_RX_BUF_FRAME_TYPE 0x31 +#define TCPC_RX_HDR 0x32 +#define TCPC_RX_DATA 0x34 /* through 0x4f */ + +#define TCPC_TRANSMIT 0x50 +#define TCPC_TRANSMIT_RETRY_SHIFT 4 +#define TCPC_TRANSMIT_RETRY_MASK 0x3 +#define TCPC_TRANSMIT_TYPE_SHIFT 0 +#define TCPC_TRANSMIT_TYPE_MASK 0x7 + +#define TCPC_TX_BYTE_CNT 0x51 +#define TCPC_TX_HDR 0x52 +#define TCPC_TX_DATA 0x54 /* through 0x6f */ + +#define TCPC_VBUS_VOLTAGE 0x70 +#define TCPC_VBUS_SINK_DISCONNECT_THRESH 0x72 +#define TCPC_VBUS_STOP_DISCHARGE_THRESH 0x74 +#define TCPC_VBUS_VOLTAGE_ALARM_HI_CFG 0x76 +#define TCPC_VBUS_VOLTAGE_ALARM_LO_CFG 0x78 + +#define TCPC_BMCIO_CTRL 0x90 +#define TCPC_BMCIO_VBUS_DETECT_MASK BIT(1) +#define TCPC_BMCIO_VBUS_DETECT_ENABLE BIT(1) +#define TCPC_BMCIO_VBUS_DETECT_DISABLE 0 +#define TCPC_BMCIO_24M_OSC_MASK BIT(0) +#define TCPC_BMCIO_ENABLE_24M_OSC BIT(0) +#define TCPC_BMCIO_DISABLE_24M_OSC 0 + +struct tcpci; +struct tcpci_data { + struct regmap *regmap; + int (*init)(struct tcpci *tcpci, struct tcpci_data *data); + int (*set_vconn)(struct tcpci *tcpci, struct tcpci_data *data, + bool enable); + int (*start_drp_toggling)(struct tcpci *tcpci, struct tcpci_data *data, + enum typec_cc_status cc); +}; + +struct tcpci *tcpci_register_port(struct udevice *dev, struct tcpci_data *data); +void tcpci_unregister_port(struct tcpci *tcpci); +int tcpci_get_voltage_fun(struct tcpci *tcpci); +int tcpci_get_current_fun(struct tcpci *tcpci); +int tcpci_get_online_fun(struct tcpci *tcpci); +irqreturn_t tcpci_irq(struct tcpci *tcpci); + +#endif /* __LINUX_USB_TCPCI_H */ diff --git a/drivers/power/power_delivery/tcpci_husb311.c b/drivers/power/power_delivery/tcpci_husb311.c new file mode 100755 index 00000000..cb2a5145 --- /dev/null +++ b/drivers/power/power_delivery/tcpci_husb311.c @@ -0,0 +1,229 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (C) 2021 Rockchip Co.,Ltd. + * Author: Wang Jie + * + * Hynetek Husb311 Type-C Chip Driver + */ + +#include +#include +#include +#include +#include +#include "tcpci.h" + +#define HUSB311_VID 0x2E99 +#define HUSB311_PID 0x0311 +#define HUSB311_TCPC_I2C_RESET 0x9E +#define HUSB311_TCPC_SOFTRESET 0xA0 +#define HUSB311_TCPC_FILTER 0xA1 +#define HUSB311_TCPC_TDRP 0xA2 +#define HUSB311_TCPC_DCSRCDRP 0xA3 +#define HUSB311_I2C_RETRY_MAX_CNT 3 + +struct husb311_chip { + struct udevice *udev; + struct tcpci_data data; + struct tcpci *tcpci; +}; + +static int husb311_read16(struct husb311_chip *chip, unsigned int reg) +{ + int ret = 0; + u8 buffer[2]; + + ret = dm_i2c_read(chip->udev, reg, buffer, 2); + if (ret < 0) { + printf("%s: cannot read %02x, ret=%d\n", + __func__, reg, ret); + return ret; + } + ret = ((buffer[1] << 8) & 0xFF00) + (buffer[0] & 0xFF); + + return ret; +} + +static int husb311_write8(struct husb311_chip *chip, unsigned int reg, u8 val) +{ + int ret = 0; + int i; + + for (i = 0; i < HUSB311_I2C_RETRY_MAX_CNT; i++) { + ret = dm_i2c_write(chip->udev, reg, &val, 1); + if (!ret) + break; + else + udelay(200); + } + + if (ret) + printf("%s: cannot write 0x%02x to 0x%02x, ret=%d\n", + __func__, val, reg, ret); + + return ret; +} + +static int husb311_write16(struct husb311_chip *chip, unsigned int reg, u16 val) +{ + int ret = 0; + u8 buffer[2]; + + buffer[0] = val & 0xFF; + buffer[1] = (val >> 8) & 0xFF; + ret = dm_i2c_write(chip->udev, reg, buffer, 2); + if (ret) + printf("%s: cannot write 0x%02x, len=%d, ret=%d\n", + __func__, reg, 2, ret); + + return ret; +} + +static struct husb311_chip *tdata_to_husb311(struct tcpci_data *tdata) +{ + return container_of(tdata, struct husb311_chip, data); +} + +static int husb311_sw_reset(struct husb311_chip *chip) +{ + /* soft reset */ + return husb311_write8(chip, HUSB311_TCPC_SOFTRESET, 0x01); +} + +static int husb311_init(struct tcpci *tcpci, struct tcpci_data *tdata) +{ + int ret; + struct husb311_chip *chip = tdata_to_husb311(tdata); + + /* I2C reset : (val + 1) * 12.5ms */ + ret = husb311_write8(chip, HUSB311_TCPC_I2C_RESET, 0x8F); + /* tTCPCfilter : (26.7 * val) us */ + ret |= husb311_write8(chip, HUSB311_TCPC_FILTER, 0x0F); + /* tDRP : (51.2 + 6.4 * val) ms */ + ret |= husb311_write8(chip, HUSB311_TCPC_TDRP, 0x04); + /* dcSRC.DRP : 33% */ + ret |= husb311_write16(chip, HUSB311_TCPC_DCSRCDRP, 330); + + if (ret) + printf("%s: fail to init registers(%d)\n", __func__, ret); + + return ret; +} + +static int husb311_check_revision(struct husb311_chip *chip) +{ + int ret; + + ret = husb311_read16(chip, TCPC_VENDOR_ID); + if (ret < 0) { + printf("%s: fail to read Vendor id(%d)\n", __func__, ret); + return ret; + } + + if (ret != HUSB311_VID) { + printf("%s: vid is not correct, 0x%04x\n", __func__, ret); + return -ENODEV; + } + + ret = husb311_read16(chip, TCPC_PRODUCT_ID); + if (ret < 0) { + printf("%s: fail to read Product id(%d)\n", __func__, ret); + return ret; + } + + if (ret != HUSB311_PID) { + printf("%s: pid is not correct, 0x%04x\n", __func__, ret); + return -ENODEV; + } + + return 0; +} + +static int husb311_probe(struct udevice *dev) +{ + int ret; + struct husb311_chip *chip = dev_get_priv(dev); + + chip->udev = dev; + + ret = husb311_check_revision(chip); + if (ret < 0) { + printf("%s: check vid/pid fail(%d)\n", __func__, ret); + return ret; + } + + ret = husb311_sw_reset(chip); + if (ret) { + printf("%s: fail to soft reset, ret = %d\n", __func__, ret); + return ret; + } + + chip->data.init = husb311_init; + chip->tcpci = tcpci_register_port(chip->udev, &chip->data); + if (IS_ERR(chip->tcpci)) + return PTR_ERR(chip->tcpci); + + return 0; +} + +static int husb311_remove(struct udevice *dev) +{ + struct husb311_chip *chip = dev_get_priv(dev); + int ret = 0; + + printf("PD chip husb311 remove\n"); + /* Disable chip interrupts before unregistering port */ + ret = husb311_write16(chip, TCPC_ALERT_MASK, 0); + if (ret < 0) + return ret; + + tcpci_unregister_port(chip->tcpci); + + return 0; +} + +static int husb311_get_voltage(struct udevice *dev) +{ + struct husb311_chip *chip = dev_get_priv(dev); + + return tcpci_get_voltage_fun(chip->tcpci); +} + +static int husb311_get_current(struct udevice *dev) +{ + struct husb311_chip *chip = dev_get_priv(dev); + + return tcpci_get_current_fun(chip->tcpci); +} + +static int husb311_get_online(struct udevice *dev) +{ + struct husb311_chip *chip = dev_get_priv(dev); + + return tcpci_get_online_fun(chip->tcpci); +} + +static struct dm_power_delivery_ops husb311_ops = { + .get_voltage = husb311_get_voltage, + .get_current = husb311_get_current, + .get_online = husb311_get_online, +}; + +static const struct udevice_id husb311_ids[] = { + { .compatible = "hynetek,husb311" }, + {}, +}; + +U_BOOT_DRIVER(husb311) = { + .name = "husb311", + .id = UCLASS_PD, + .of_match = husb311_ids, + .ops = &husb311_ops, + .probe = husb311_probe, + .remove = husb311_remove, + .priv_auto_alloc_size = sizeof(struct husb311_chip), +}; + +MODULE_AUTHOR("Wang Jie "); +MODULE_DESCRIPTION("Husb311 USB Type-C Port Controller Interface Driver"); +MODULE_LICENSE("GPL v2"); diff --git a/drivers/power/power_delivery/tcpm.c b/drivers/power/power_delivery/tcpm.c new file mode 100755 index 00000000..38bdc0f5 --- /dev/null +++ b/drivers/power/power_delivery/tcpm.c @@ -0,0 +1,3520 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2015-2017 Google, Inc + * + * USB Power Delivery protocol stack. + */ + +#include +#include +#include +#include +#include +#include + +#define FOREACH_STATE(S) \ + S(INVALID_STATE), \ + S(TOGGLING), \ + S(SRC_UNATTACHED), \ + S(SRC_ATTACH_WAIT), \ + S(SRC_ATTACHED), \ + S(SRC_STARTUP), \ + S(SRC_SEND_CAPABILITIES), \ + S(SRC_SEND_CAPABILITIES_TIMEOUT), \ + S(SRC_NEGOTIATE_CAPABILITIES), \ + S(SRC_TRANSITION_SUPPLY), \ + S(SRC_READY), \ + S(SRC_WAIT_NEW_CAPABILITIES), \ + \ + S(SNK_UNATTACHED), \ + S(SNK_ATTACH_WAIT), \ + S(SNK_DEBOUNCED), \ + S(SNK_ATTACHED), \ + S(SNK_STARTUP), \ + S(SNK_DISCOVERY), \ + S(SNK_DISCOVERY_DEBOUNCE), \ + S(SNK_DISCOVERY_DEBOUNCE_DONE), \ + S(SNK_WAIT_CAPABILITIES), \ + S(SNK_NEGOTIATE_CAPABILITIES), \ + S(SNK_NEGOTIATE_PPS_CAPABILITIES), \ + S(SNK_TRANSITION_SINK), \ + S(SNK_TRANSITION_SINK_VBUS), \ + S(SNK_READY), \ + \ + S(ACC_UNATTACHED), \ + S(DEBUG_ACC_ATTACHED), \ + S(AUDIO_ACC_ATTACHED), \ + S(AUDIO_ACC_DEBOUNCE), \ + \ + S(HARD_RESET_SEND), \ + S(HARD_RESET_START), \ + S(SRC_HARD_RESET_VBUS_OFF), \ + S(SRC_HARD_RESET_VBUS_ON), \ + S(SNK_HARD_RESET_SINK_OFF), \ + S(SNK_HARD_RESET_WAIT_VBUS), \ + S(SNK_HARD_RESET_SINK_ON), \ + \ + S(SOFT_RESET), \ + S(SRC_SOFT_RESET_WAIT_SNK_TX), \ + S(SNK_SOFT_RESET), \ + S(SOFT_RESET_SEND), \ + \ + S(DR_SWAP_ACCEPT), \ + S(DR_SWAP_SEND), \ + S(DR_SWAP_SEND_TIMEOUT), \ + S(DR_SWAP_CANCEL), \ + S(DR_SWAP_CHANGE_DR), \ + \ + S(PR_SWAP_ACCEPT), \ + S(PR_SWAP_SEND), \ + S(PR_SWAP_SEND_TIMEOUT), \ + S(PR_SWAP_CANCEL), \ + S(PR_SWAP_START), \ + S(PR_SWAP_SRC_SNK_TRANSITION_OFF), \ + S(PR_SWAP_SRC_SNK_SOURCE_OFF), \ + S(PR_SWAP_SRC_SNK_SOURCE_OFF_CC_DEBOUNCED), \ + S(PR_SWAP_SRC_SNK_SINK_ON), \ + S(PR_SWAP_SNK_SRC_SINK_OFF), \ + S(PR_SWAP_SNK_SRC_SOURCE_ON), \ + S(PR_SWAP_SNK_SRC_SOURCE_ON_VBUS_RAMPED_UP), \ + \ + S(VCONN_SWAP_ACCEPT), \ + S(VCONN_SWAP_SEND), \ + S(VCONN_SWAP_SEND_TIMEOUT), \ + S(VCONN_SWAP_CANCEL), \ + S(VCONN_SWAP_START), \ + S(VCONN_SWAP_WAIT_FOR_VCONN), \ + S(VCONN_SWAP_TURN_ON_VCONN), \ + S(VCONN_SWAP_TURN_OFF_VCONN), \ + \ + S(FR_SWAP_SEND), \ + S(FR_SWAP_SEND_TIMEOUT), \ + S(FR_SWAP_SNK_SRC_TRANSITION_TO_OFF), \ + S(FR_SWAP_SNK_SRC_NEW_SINK_READY), \ + S(FR_SWAP_SNK_SRC_SOURCE_VBUS_APPLIED), \ + S(FR_SWAP_CANCEL), \ + \ + S(SNK_TRY), \ + S(SNK_TRY_WAIT), \ + S(SNK_TRY_WAIT_DEBOUNCE), \ + S(SNK_TRY_WAIT_DEBOUNCE_CHECK_VBUS), \ + S(SRC_TRYWAIT), \ + S(SRC_TRYWAIT_DEBOUNCE), \ + S(SRC_TRYWAIT_UNATTACHED), \ + \ + S(SRC_TRY), \ + S(SRC_TRY_WAIT), \ + S(SRC_TRY_DEBOUNCE), \ + S(SNK_TRYWAIT), \ + S(SNK_TRYWAIT_DEBOUNCE), \ + S(SNK_TRYWAIT_VBUS), \ + S(BIST_RX), \ + \ + S(GET_STATUS_SEND), \ + S(GET_STATUS_SEND_TIMEOUT), \ + S(GET_PPS_STATUS_SEND), \ + S(GET_PPS_STATUS_SEND_TIMEOUT), \ + \ + S(GET_SINK_CAP), \ + S(GET_SINK_CAP_TIMEOUT), \ + \ + S(ERROR_RECOVERY), \ + S(PORT_RESET), \ + S(PORT_RESET_WAIT_OFF), \ + \ + S(AMS_START), \ + S(CHUNK_NOT_SUPP) + +#define FOREACH_AMS(S) \ + S(NONE_AMS), \ + S(POWER_NEGOTIATION), \ + S(GOTOMIN), \ + S(SOFT_RESET_AMS), \ + S(HARD_RESET), \ + S(CABLE_RESET), \ + S(GET_SOURCE_CAPABILITIES), \ + S(GET_SINK_CAPABILITIES), \ + S(POWER_ROLE_SWAP), \ + S(FAST_ROLE_SWAP), \ + S(DATA_ROLE_SWAP), \ + S(VCONN_SWAP), \ + S(SOURCE_ALERT), \ + S(GETTING_SOURCE_EXTENDED_CAPABILITIES),\ + S(GETTING_SOURCE_SINK_STATUS), \ + S(GETTING_BATTERY_CAPABILITIES), \ + S(GETTING_BATTERY_STATUS), \ + S(GETTING_MANUFACTURER_INFORMATION), \ + S(SECURITY), \ + S(FIRMWARE_UPDATE), \ + S(DISCOVER_IDENTITY), \ + S(SOURCE_STARTUP_CABLE_PLUG_DISCOVER_IDENTITY), \ + S(DISCOVER_SVIDS), \ + S(DISCOVER_MODES), \ + S(DFP_TO_UFP_ENTER_MODE), \ + S(DFP_TO_UFP_EXIT_MODE), \ + S(DFP_TO_CABLE_PLUG_ENTER_MODE), \ + S(DFP_TO_CABLE_PLUG_EXIT_MODE), \ + S(ATTENTION), \ + S(BIST), \ + S(UNSTRUCTURED_VDMS), \ + S(STRUCTURED_VDMS), \ + S(COUNTRY_INFO), \ + S(COUNTRY_CODES) + +#define GENERATE_ENUM(e) e +#define GENERATE_STRING(s) #s +#define TCPM_POLL_EVENT_TIME_OUT 2000 + +enum tcpm_state { + FOREACH_STATE(GENERATE_ENUM) +}; + +static const char * const tcpm_states[] = { + FOREACH_STATE(GENERATE_STRING) +}; + +enum tcpm_ams { + FOREACH_AMS(GENERATE_ENUM) +}; + +static const char * const tcpm_ams_str[] = { + FOREACH_AMS(GENERATE_STRING) +}; + +enum vdm_states { + VDM_STATE_ERR_BUSY = -3, + VDM_STATE_ERR_SEND = -2, + VDM_STATE_ERR_TMOUT = -1, + VDM_STATE_DONE = 0, + /* Anything >0 represents an active state */ + VDM_STATE_READY = 1, + VDM_STATE_BUSY = 2, + VDM_STATE_WAIT_RSP_BUSY = 3, + VDM_STATE_SEND_MESSAGE = 4, +}; + +enum pd_msg_request { + PD_MSG_NONE = 0, + PD_MSG_CTRL_REJECT, + PD_MSG_CTRL_WAIT, + PD_MSG_CTRL_NOT_SUPP, + PD_MSG_DATA_SINK_CAP, + PD_MSG_DATA_SOURCE_CAP, +}; + +enum adev_actions { + ADEV_NONE = 0, + ADEV_NOTIFY_USB_AND_QUEUE_VDM, + ADEV_QUEUE_VDM, + ADEV_QUEUE_VDM_SEND_EXIT_MODE_ON_FAIL, + ADEV_ATTENTION, +}; + +/* + * Initial current capability of the new source when vSafe5V is applied during PD3.0 Fast Role Swap. + * Based on "Table 6-14 Fixed Supply PDO - Sink" of "USB Power Delivery Specification Revision 3.0, + * Version 1.2" + */ +enum frs_typec_current { + FRS_NOT_SUPPORTED, + FRS_DEFAULT_POWER, + FRS_5V_1P5A, + FRS_5V_3A, +}; + +/* Events from low level driver */ + +#define TCPM_CC_EVENT BIT(0) +#define TCPM_VBUS_EVENT BIT(1) +#define TCPM_RESET_EVENT BIT(2) +#define TCPM_FRS_EVENT BIT(3) +#define TCPM_SOURCING_VBUS BIT(4) + +#define LOG_BUFFER_ENTRIES 1024 +#define LOG_BUFFER_ENTRY_SIZE 128 + +/* Alternate mode support */ + +#define SVID_DISCOVERY_MAX 16 +#define ALTMODE_DISCOVERY_MAX (SVID_DISCOVERY_MAX * MODE_DISCOVERY_MAX) + +#define GET_SINK_CAP_RETRY_MS 100 +#define SEND_DISCOVER_RETRY_MS 100 + +/* + * @min_volt: Actual min voltage at the local port + * @req_min_volt: Requested min voltage to the port partner + * @max_volt: Actual max voltage at the local port + * @req_max_volt: Requested max voltage to the port partner + * @max_curr: Actual max current at the local port + * @req_max_curr: Requested max current of the port partner + * @req_out_volt: Requested output voltage to the port partner + * @req_op_curr: Requested operating current to the port partner + * @supported: Parter has atleast one APDO hence supports PPS + * @active: PPS mode is active + */ +struct pd_pps_data { + u32 min_volt; + u32 req_min_volt; + u32 max_volt; + u32 req_max_volt; + u32 max_curr; + u32 req_max_curr; + u32 req_out_volt; + u32 req_op_curr; + bool supported; + bool active; +}; + +enum power_supply_usb_type { + POWER_SUPPLY_USB_TYPE_UNKNOWN = 0, + POWER_SUPPLY_USB_TYPE_SDP, /* Standard Downstream Port */ + POWER_SUPPLY_USB_TYPE_DCP, /* Dedicated Charging Port */ + POWER_SUPPLY_USB_TYPE_CDP, /* Charging Downstream Port */ + POWER_SUPPLY_USB_TYPE_ACA, /* Accessory Charger Adapters */ + POWER_SUPPLY_USB_TYPE_C, /* Type C Port */ + POWER_SUPPLY_USB_TYPE_PD, /* Power Delivery Port */ + POWER_SUPPLY_USB_TYPE_PD_DRP, /* PD Dual Role Port */ + POWER_SUPPLY_USB_TYPE_PD_PPS, /* PD Programmable Power Supply */ + POWER_SUPPLY_USB_TYPE_APPLE_BRICK_ID, /* Apple Charging Method */ +}; + +struct tcpm_port { + struct udevice *dev; + struct typec_capability typec_caps; + struct tcpc_dev *tcpc; + + enum typec_role vconn_role; + enum typec_role pwr_role; + enum typec_data_role data_role; + enum typec_pwr_opmode pwr_opmode; + + struct usb_pd_identity partner_ident; + struct typec_partner_desc partner_desc; + struct typec_partner *partner; + + enum typec_cc_status cc_req; + + enum typec_cc_status cc1; + enum typec_cc_status cc2; + enum typec_cc_polarity polarity; + + bool attached; + bool connected; + int poll_event_cnt; + enum typec_port_type port_type; + + /* + * Set to true when vbus is greater than VSAFE5V min. + * Set to false when vbus falls below vSinkDisconnect max threshold. + */ + bool vbus_present; + + /* + * Set to true when vbus is less than VSAFE0V max. + * Set to false when vbus is greater than VSAFE0V max. + */ + bool vbus_vsafe0v; + + bool vbus_never_low; + bool vbus_source; + bool vbus_charge; + + /* Set to true when Discover_Identity Command is expected to be sent in Ready states. */ + bool send_discover; + bool op_vsafe5v; + + int try_role; + int try_snk_count; + int try_src_count; + + enum pd_msg_request queued_message; + + enum tcpm_state enter_state; + enum tcpm_state prev_state; + enum tcpm_state state; + enum tcpm_state delayed_state; + unsigned long delay_ms; + + spinlock_t pd_event_lock; + u32 pd_events; + + bool state_machine_running; + /* Set to true when VDM State Machine has following actions. */ + bool vdm_sm_running; + + bool tx_complete; + enum tcpm_transmit_status tx_status; + + struct mutex swap_lock; /* swap command lock */ + bool swap_pending; + bool non_pd_role_swap; + int swap_status; + + unsigned int negotiated_rev; + unsigned int message_id; + unsigned int caps_count; + unsigned int hard_reset_count; + bool pd_capable; + bool explicit_contract; + unsigned int rx_msgid; + + /* Partner capabilities/requests */ + u32 sink_request; + u32 source_caps[PDO_MAX_OBJECTS]; + unsigned int nr_source_caps; + u32 sink_caps[PDO_MAX_OBJECTS]; + unsigned int nr_sink_caps; + + /* + * whether to wait for the Type-C device to send the DR_SWAP Message flag + * For Type-C device with Dual-Role Power and Dual-Role Data, the port side + * is used as sink + ufp, then the tcpm framework needs to wait for Type-C + * device to initiate DR_swap Message. + */ + bool wait_dr_swap_Message; + + /* Local capabilities */ + u32 src_pdo[PDO_MAX_OBJECTS]; + unsigned int nr_src_pdo; + u32 snk_pdo[PDO_MAX_OBJECTS]; + unsigned int nr_snk_pdo; + u32 snk_vdo_v1[VDO_MAX_OBJECTS]; + unsigned int nr_snk_vdo_v1; + u32 snk_vdo[VDO_MAX_OBJECTS]; + unsigned int nr_snk_vdo; + + unsigned int operating_snk_mw; + bool update_sink_caps; + + /* Requested current / voltage to the port partner */ + u32 req_current_limit; + u32 req_supply_voltage; + /* Actual current / voltage limit of the local port */ + u32 current_limit; + u32 supply_voltage; + + enum power_supply_usb_type usb_type; + + u32 bist_request; + + /* PD state for Vendor Defined Messages */ + enum vdm_states vdm_state; + u32 vdm_retries; + /* next Vendor Defined Message to send */ + u32 vdo_data[VDO_MAX_SIZE]; + u8 vdo_count; + /* VDO to retry if UFP responder replied busy */ + u32 vdo_retry; + + /* PPS */ + struct pd_pps_data pps_data; + bool pps_pending; + int pps_status; + + /* Deadline in jiffies to exit src_try_wait state */ + unsigned long max_wait; + + /* port belongs to a self powered device */ + bool self_powered; + + /* Sink FRS */ + enum frs_typec_current new_source_frs_current; + + /* Sink caps have been queried */ + bool sink_cap_done; + + /* Port is still in tCCDebounce */ + bool debouncing; + + /* Collision Avoidance and Atomic Message Sequence */ + enum tcpm_state upcoming_state; + enum tcpm_ams ams; + enum tcpm_ams next_ams; + bool in_ams; + + /* Auto vbus discharge status */ + bool auto_vbus_discharge_enabled; + + /* + * When set, port requests PD_P_SNK_STDBY_MW upon entering SNK_DISCOVERY and + * the actual currrent limit after RX of PD_CTRL_PSRDY for PD link, + * SNK_READY for non-pd link. + */ + bool slow_charger_loop; +#ifdef CONFIG_DEBUG_FS + struct dentry *dentry; + struct mutex logbuffer_lock; /* log buffer access lock */ + int logbuffer_head; + int logbuffer_tail; + u8 *logbuffer[LOG_BUFFER_ENTRIES]; +#endif +}; + +struct pd_rx_event { + struct tcpm_port *port; + struct pd_message msg; +}; + +static const char * const pd_rev[] = { + [PD_REV10] = "rev1", + [PD_REV20] = "rev2", + [PD_REV30] = "rev3", +}; + +#define tcpm_cc_is_sink(cc) \ + ((cc) == TYPEC_CC_RP_DEF || (cc) == TYPEC_CC_RP_1_5 || \ + (cc) == TYPEC_CC_RP_3_0) + +#define tcpm_port_is_sink(port) \ + ((tcpm_cc_is_sink((port)->cc1) && !tcpm_cc_is_sink((port)->cc2)) || \ + (tcpm_cc_is_sink((port)->cc2) && !tcpm_cc_is_sink((port)->cc1))) + +#define tcpm_cc_is_source(cc) ((cc) == TYPEC_CC_RD) +#define tcpm_cc_is_audio(cc) ((cc) == TYPEC_CC_RA) +#define tcpm_cc_is_open(cc) ((cc) == TYPEC_CC_OPEN) + +#define tcpm_port_is_source(port) \ + ((tcpm_cc_is_source((port)->cc1) && \ + !tcpm_cc_is_source((port)->cc2)) || \ + (tcpm_cc_is_source((port)->cc2) && \ + !tcpm_cc_is_source((port)->cc1))) + +#define tcpm_port_is_debug(port) \ + (tcpm_cc_is_source((port)->cc1) && tcpm_cc_is_source((port)->cc2)) + +#define tcpm_port_is_audio(port) \ + (tcpm_cc_is_audio((port)->cc1) && tcpm_cc_is_audio((port)->cc2)) + +#define tcpm_port_is_audio_detached(port) \ + ((tcpm_cc_is_audio((port)->cc1) && tcpm_cc_is_open((port)->cc2)) || \ + (tcpm_cc_is_audio((port)->cc2) && tcpm_cc_is_open((port)->cc1))) + +#define tcpm_try_snk(port) \ + ((port)->try_snk_count == 0 && (port)->try_role == TYPEC_SINK && \ + (port)->port_type == TYPEC_PORT_DRP) + +#define tcpm_try_src(port) \ + ((port)->try_src_count == 0 && (port)->try_role == TYPEC_SOURCE && \ + (port)->port_type == TYPEC_PORT_DRP) + +#define tcpm_data_role_for_source(port) \ + ((port)->typec_caps.data == TYPEC_PORT_UFP ? \ + TYPEC_DEVICE : TYPEC_HOST) + +#define tcpm_data_role_for_sink(port) \ + ((port)->typec_caps.data == TYPEC_PORT_DFP ? \ + TYPEC_HOST : TYPEC_DEVICE) + +static enum tcpm_state tcpm_default_state(struct tcpm_port *port) +{ + if (port->port_type == TYPEC_PORT_DRP) { + if (port->try_role == TYPEC_SINK) + return SNK_UNATTACHED; + else if (port->try_role == TYPEC_SOURCE) + return SRC_UNATTACHED; + /* Fall through to return SRC_UNATTACHED */ + } else if (port->port_type == TYPEC_PORT_SNK) { + return SNK_UNATTACHED; + } + return SRC_UNATTACHED; +} + +static bool tcpm_port_is_disconnected(struct tcpm_port *port) +{ + return (!port->attached && port->cc1 == TYPEC_CC_OPEN && + port->cc2 == TYPEC_CC_OPEN) || + (port->attached && ((port->polarity == TYPEC_POLARITY_CC1 && + port->cc1 == TYPEC_CC_OPEN) || + (port->polarity == TYPEC_POLARITY_CC2 && + port->cc2 == TYPEC_CC_OPEN))); +} + +static void tcpm_set_cc(struct tcpm_port *port, enum typec_cc_status cc) +{ + debug("%s: cc = %d", __func__, cc); + port->cc_req = cc; + port->tcpc->set_cc(port->tcpc, cc); +} + +/* + * Determine RP value to set based on maximum current supported + * by a port if configured as source. + * Returns CC value to report to link partner. + */ +static enum typec_cc_status tcpm_rp_cc(struct tcpm_port *port) +{ + const u32 *src_pdo = port->src_pdo; + int nr_pdo = port->nr_src_pdo; + int i; + + /* + * Search for first entry with matching voltage. + * It should report the maximum supported current. + */ + for (i = 0; i < nr_pdo; i++) { + const u32 pdo = src_pdo[i]; + + if (pdo_type(pdo) == PDO_TYPE_FIXED && + pdo_fixed_voltage(pdo) == 5000) { + unsigned int curr = pdo_max_current(pdo); + + if (curr >= 3000) + return TYPEC_CC_RP_3_0; + else if (curr >= 1500) + return TYPEC_CC_RP_1_5; + return TYPEC_CC_RP_DEF; + } + } + + return TYPEC_CC_RP_DEF; +} + +static int tcpm_pd_transmit(struct tcpm_port *port, + enum tcpm_transmit_type type, + const struct pd_message *msg) +{ + int ret; + int timeout = PD_T_TCPC_TX_TIMEOUT; + + if (msg) + debug("PD TX, header: %#x\n", le16_to_cpu(msg->header)); + else + debug("PD TX, type: %#x\n", type); + + port->tx_complete = false; + ret = port->tcpc->pd_transmit(port->tcpc, type, msg, port->negotiated_rev); + if (ret < 0) + return ret; + + while ((timeout > 0) && (!port->tx_complete)) { + port->tcpc->poll_event(port->tcpc); + udelay(1000); + timeout--; + } + + if (!timeout) { + printf("%s: pd transmit data timeout\n", __func__); + return -ETIMEDOUT; + } + + switch (port->tx_status) { + case TCPC_TX_SUCCESS: + port->message_id = (port->message_id + 1) & PD_HEADER_ID_MASK; + break; + case TCPC_TX_DISCARDED: + ret = -EAGAIN; + break; + case TCPC_TX_FAILED: + default: + ret = -EIO; + break; + } + + return ret; +} + +void tcpm_pd_transmit_complete(struct tcpm_port *port, + enum tcpm_transmit_status status) +{ + debug("%s: PD TX complete, status: %u\n", __func__, status); + port->poll_event_cnt = 0; + port->tx_status = status; + port->tx_complete = true; +} +EXPORT_SYMBOL_GPL(tcpm_pd_transmit_complete); + +static int tcpm_set_polarity(struct tcpm_port *port, + enum typec_cc_polarity polarity) +{ + int ret; + + debug("%s: polarity %d\n", __func__, polarity); + + ret = port->tcpc->set_polarity(port->tcpc, polarity); + if (ret < 0) + return ret; + + port->polarity = polarity; + + return 0; +} + +static int tcpm_set_vconn(struct tcpm_port *port, bool enable) +{ + int ret; + + debug("%s: vconn = %d\n", __func__, enable); + + ret = port->tcpc->set_vconn(port->tcpc, enable); + if (!ret) + port->vconn_role = enable ? TYPEC_SOURCE : TYPEC_SINK; + + return ret; +} + +static u32 tcpm_get_current_limit(struct tcpm_port *port) +{ + enum typec_cc_status cc; + u32 limit; + + cc = port->polarity ? port->cc2 : port->cc1; + switch (cc) { + case TYPEC_CC_RP_1_5: + limit = 1500; + break; + case TYPEC_CC_RP_3_0: + limit = 3000; + break; + case TYPEC_CC_RP_DEF: + default: + if (port->tcpc->get_current_limit) + limit = port->tcpc->get_current_limit(port->tcpc); + else + limit = 0; + break; + } + + return limit; +} + +static int tcpm_set_current_limit(struct tcpm_port *port, u32 max_ma, u32 mv) +{ + int ret = -EOPNOTSUPP; + + debug("Setting voltage/current limit %u mV %u mA\n", mv, max_ma); + + port->supply_voltage = mv; + port->current_limit = max_ma; + + if (port->tcpc->set_current_limit) + ret = port->tcpc->set_current_limit(port->tcpc, max_ma, mv); + + return ret; +} + +static int tcpm_set_attached_state(struct tcpm_port *port, bool attached) +{ + return port->tcpc->set_roles(port->tcpc, attached, port->pwr_role, + port->data_role); +} + +static int tcpm_set_roles(struct tcpm_port *port, bool attached, + enum typec_role role, enum typec_data_role data) +{ +#if 0 + enum typec_orientation orientation; + enum usb_role usb_role; +#endif + int ret; + +#if 0 + if (port->polarity == TYPEC_POLARITY_CC1) + orientation = TYPEC_ORIENTATION_NORMAL; + else + orientation = TYPEC_ORIENTATION_REVERSE; + + if (data == TYPEC_HOST) + usb_role = USB_ROLE_HOST; + else + usb_role = USB_ROLE_DEVICE; + + ret = tcpm_mux_set(port, TYPEC_STATE_USB, usb_role, orientation); + if (ret < 0) + return ret; +#endif + + ret = port->tcpc->set_roles(port->tcpc, attached, role, data); + if (ret < 0) + return ret; + + port->pwr_role = role; + port->data_role = data; +#if 0 + typec_set_data_role(port->typec_port, data); + typec_set_pwr_role(port->typec_port, role); +#endif + + return 0; +} + +static int tcpm_pd_send_source_caps(struct tcpm_port *port) +{ + struct pd_message msg; + int i; + + memset(&msg, 0, sizeof(msg)); + + if (!port->nr_src_pdo) { + /* No source capabilities defined, sink only */ + msg.header = PD_HEADER_LE(PD_CTRL_REJECT, + port->pwr_role, + port->data_role, + port->negotiated_rev, + port->message_id, 0); + } else { + msg.header = PD_HEADER_LE(PD_DATA_SOURCE_CAP, + port->pwr_role, + port->data_role, + port->negotiated_rev, + port->message_id, + port->nr_src_pdo); + } + + for (i = 0; i < port->nr_src_pdo; i++) + msg.payload[i] = cpu_to_le32(port->src_pdo[i]); + + return tcpm_pd_transmit(port, TCPC_TX_SOP, &msg); +} + +static int tcpm_pd_send_sink_caps(struct tcpm_port *port) +{ + struct pd_message msg; + unsigned int i; + + memset(&msg, 0, sizeof(msg)); + + if (!port->nr_snk_pdo) { + /* No sink capabilities defined, source only */ + msg.header = PD_HEADER_LE(PD_CTRL_REJECT, + port->pwr_role, + port->data_role, + port->negotiated_rev, + port->message_id, 0); + } else { + msg.header = PD_HEADER_LE(PD_DATA_SINK_CAP, + port->pwr_role, + port->data_role, + port->negotiated_rev, + port->message_id, + port->nr_snk_pdo); + } + + for (i = 0; i < port->nr_snk_pdo; i++) + msg.payload[i] = cpu_to_le32(port->snk_pdo[i]); + + return tcpm_pd_transmit(port, TCPC_TX_SOP, &msg); +} + +static void tcpm_state_machine(struct tcpm_port *port); +static void tcpm_timer_uninit(struct tcpm_port *port); +static void tcpm_timer_irq(void *data) +{ + struct tcpm_port *port = data; + + tcpm_timer_uninit(port); + tcpm_state_machine(port); +} + +static void tcpm_timer_init(struct tcpm_port *port, uint32_t ms) +{ + if(200 == ms) { + mdelay(ms); + tcpm_timer_irq(port); + } +} + +static void tcpm_timer_uninit(struct tcpm_port *port) +{ + return; +} + +static void mod_tcpm_delayed_work(struct tcpm_port *port, unsigned int delay_ms) +{ + if (delay_ms) { + tcpm_timer_init(port, delay_ms); + } else { + tcpm_timer_uninit(port); + tcpm_state_machine(port); + } +} + +static void tcpm_set_state(struct tcpm_port *port, enum tcpm_state state, + unsigned int delay_ms) +{ + debug("%s: line = %d, delay_ms = %d, set state = %s\n", + __func__, __LINE__, delay_ms, tcpm_states[state]); + + if (delay_ms) { + debug("pending state change %s -> %s @ %u ms [%s]\n", + tcpm_states[port->state], tcpm_states[state], delay_ms, + pd_rev[port->negotiated_rev]); + port->delayed_state = state; + mod_tcpm_delayed_work(port, delay_ms); + port->delay_ms = delay_ms; + } else { + debug("state change %s -> %s\n", + tcpm_states[port->state], tcpm_states[state]); + port->delayed_state = INVALID_STATE; + port->prev_state = port->state; + port->state = state; + /* + * Don't re-queue the state machine work item if we're currently + * in the state machine and we're immediately changing states. + * tcpm_state_machine_work() will continue running the state + * machine. + */ + if (!port->state_machine_running) + mod_tcpm_delayed_work(port, 0); + } +} + +static void tcpm_set_state_cond(struct tcpm_port *port, enum tcpm_state state, + unsigned int delay_ms) +{ + if (port->enter_state == port->state) + tcpm_set_state(port, state, delay_ms); + else + debug("skipped %sstate change %s -> %s [%u ms], context state %s [%s %s]\n", + delay_ms ? "delayed " : "", + tcpm_states[port->state], tcpm_states[state], + delay_ms, tcpm_states[port->enter_state], + pd_rev[port->negotiated_rev], tcpm_ams_str[port->ams]); +} + +static void tcpm_queue_message(struct tcpm_port *port, + enum pd_msg_request message) +{ + port->queued_message = message; + mod_tcpm_delayed_work(port, 0); +} + +#if 0 +static void tcpm_pd_handle_msg(struct tcpm_port *port, + enum pd_msg_request message, + enum tcpm_ams ams); +#endif + +enum pdo_err { + PDO_NO_ERR, + PDO_ERR_NO_VSAFE5V, + PDO_ERR_VSAFE5V_NOT_FIRST, + PDO_ERR_PDO_TYPE_NOT_IN_ORDER, + PDO_ERR_FIXED_NOT_SORTED, + PDO_ERR_VARIABLE_BATT_NOT_SORTED, + PDO_ERR_DUPE_PDO, + PDO_ERR_PPS_APDO_NOT_SORTED, + PDO_ERR_DUPE_PPS_APDO, +}; + +static const char * const pdo_err_msg[] = { + [PDO_ERR_NO_VSAFE5V] = + " err: source/sink caps should atleast have vSafe5V", + [PDO_ERR_VSAFE5V_NOT_FIRST] = + " err: vSafe5V Fixed Supply Object Shall always be the first object", + [PDO_ERR_PDO_TYPE_NOT_IN_ORDER] = + " err: PDOs should be in the following order: Fixed; Battery; Variable", + [PDO_ERR_FIXED_NOT_SORTED] = + " err: Fixed supply pdos should be in increasing order of their fixed voltage", + [PDO_ERR_VARIABLE_BATT_NOT_SORTED] = + " err: Variable/Battery supply pdos should be in increasing order of their minimum voltage", + [PDO_ERR_DUPE_PDO] = + " err: Variable/Batt supply pdos cannot have same min/max voltage", + [PDO_ERR_PPS_APDO_NOT_SORTED] = + " err: Programmable power supply apdos should be in increasing order of their maximum voltage", + [PDO_ERR_DUPE_PPS_APDO] = + " err: Programmable power supply apdos cannot have same min/max voltage and max current", +}; + +static enum pdo_err tcpm_caps_err(struct tcpm_port *port, const u32 *pdo, + unsigned int nr_pdo) +{ + unsigned int i; + + /* Should at least contain vSafe5v */ + if (nr_pdo < 1) + return PDO_ERR_NO_VSAFE5V; + + /* The vSafe5V Fixed Supply Object Shall always be the first object */ + if (pdo_type(pdo[0]) != PDO_TYPE_FIXED || + pdo_fixed_voltage(pdo[0]) != VSAFE5V) + return PDO_ERR_VSAFE5V_NOT_FIRST; + + for (i = 1; i < nr_pdo; i++) { + if (pdo_type(pdo[i]) < pdo_type(pdo[i - 1])) { + return PDO_ERR_PDO_TYPE_NOT_IN_ORDER; + } else if (pdo_type(pdo[i]) == pdo_type(pdo[i - 1])) { + enum pd_pdo_type type = pdo_type(pdo[i]); + + switch (type) { + /* + * The remaining Fixed Supply Objects, if + * present, shall be sent in voltage order; + * lowest to highest. + */ + case PDO_TYPE_FIXED: + if (pdo_fixed_voltage(pdo[i]) <= + pdo_fixed_voltage(pdo[i - 1])) + return PDO_ERR_FIXED_NOT_SORTED; + break; + /* + * The Battery Supply Objects and Variable + * supply, if present shall be sent in Minimum + * Voltage order; lowest to highest. + */ + case PDO_TYPE_VAR: + case PDO_TYPE_BATT: + if (pdo_min_voltage(pdo[i]) < + pdo_min_voltage(pdo[i - 1])) + return PDO_ERR_VARIABLE_BATT_NOT_SORTED; + else if ((pdo_min_voltage(pdo[i]) == + pdo_min_voltage(pdo[i - 1])) && + (pdo_max_voltage(pdo[i]) == + pdo_max_voltage(pdo[i - 1]))) + return PDO_ERR_DUPE_PDO; + break; + /* + * The Programmable Power Supply APDOs, if present, + * shall be sent in Maximum Voltage order; + * lowest to highest. + */ + case PDO_TYPE_APDO: + if (pdo_apdo_type(pdo[i]) != APDO_TYPE_PPS) + break; + + if (pdo_pps_apdo_max_voltage(pdo[i]) < + pdo_pps_apdo_max_voltage(pdo[i - 1])) + return PDO_ERR_PPS_APDO_NOT_SORTED; + else if (pdo_pps_apdo_min_voltage(pdo[i]) == + pdo_pps_apdo_min_voltage(pdo[i - 1]) && + pdo_pps_apdo_max_voltage(pdo[i]) == + pdo_pps_apdo_max_voltage(pdo[i - 1]) && + pdo_pps_apdo_max_current(pdo[i]) == + pdo_pps_apdo_max_current(pdo[i - 1])) + return PDO_ERR_DUPE_PPS_APDO; + break; + default: + printf("%s: Unknown pdo type\n", __func__); + } + } + } + + return PDO_NO_ERR; +} + +static int tcpm_validate_caps(struct tcpm_port *port, const u32 *pdo, + unsigned int nr_pdo) +{ + enum pdo_err err_index = tcpm_caps_err(port, pdo, nr_pdo); + + if (err_index != PDO_NO_ERR) { + printf("%s", pdo_err_msg[err_index]); + return -EINVAL; + } + + return 0; +} + +/* + * PD (data, control) command handling functions + */ +static inline enum tcpm_state ready_state(struct tcpm_port *port) +{ + if (port->pwr_role == TYPEC_SOURCE) + return SRC_READY; + else + return SNK_READY; +} + +static int tcpm_pd_send_control(struct tcpm_port *port, + enum pd_ctrl_msg_type type); + +#if 0 +static void tcpm_pd_handle_msg(struct tcpm_port *port, + enum pd_msg_request message, + enum tcpm_ams ams) +{ + switch (port->state) { + case SRC_READY: + case SNK_READY: + port->ams = ams; + tcpm_queue_message(port, message); + break; + /* PD 3.0 Spec 8.3.3.4.1.1 and 6.8.1 */ + case SNK_TRANSITION_SINK: + case SNK_TRANSITION_SINK_VBUS: + case SRC_TRANSITION_SUPPLY: + tcpm_set_state(port, HARD_RESET_SEND, 0); + break; + default: + if (!tcpm_ams_interruptible(port)) { + tcpm_set_state(port, port->pwr_role == TYPEC_SOURCE ? + SRC_SOFT_RESET_WAIT_SNK_TX : + SNK_SOFT_RESET, + 0); + } else { + port->next_ams = ams; + tcpm_set_state(port, ready_state(port), 0); + /* 6.8.1 process the Message */ + tcpm_queue_message(port, message); + } + break; + } +} +#endif + +static void tcpm_pd_data_request(struct tcpm_port *port, + const struct pd_message *msg) +{ + enum pd_data_msg_type type = pd_header_type_le(msg->header); + unsigned int cnt = pd_header_cnt_le(msg->header); + unsigned int rev = pd_header_rev_le(msg->header); + unsigned int i; + + switch (type) { + case PD_DATA_SOURCE_CAP: + for (i = 0; i < cnt; i++) + port->source_caps[i] = le32_to_cpu(msg->payload[i]); + + port->nr_source_caps = cnt; + + tcpm_validate_caps(port, port->source_caps, + port->nr_source_caps); + + /* + * Adjust revision in subsequent message headers, as required, + * to comply with 6.2.1.1.5 of the USB PD 3.0 spec. We don't + * support Rev 1.0 so just do nothing in that scenario. + */ + if (rev == PD_REV10) { + break; + } + + if (rev < PD_MAX_REV) + port->negotiated_rev = rev; + + if ((pdo_type(port->source_caps[0]) == PDO_TYPE_FIXED) && + (port->source_caps[0] & PDO_FIXED_DUAL_ROLE) && + (port->source_caps[0] & PDO_FIXED_DATA_SWAP)) { + /* Dual role power and data, eg: self-powered Type-C */ + port->wait_dr_swap_Message = true; + } else { + /* Non-Dual role power, eg: adapter */ + port->wait_dr_swap_Message = false; + } + + /* + * This message may be received even if VBUS is not + * present. This is quite unexpected; see USB PD + * specification, sections 8.3.3.6.3.1 and 8.3.3.6.3.2. + * However, at the same time, we must be ready to + * receive this message and respond to it 15ms after + * receiving PS_RDY during power swap operations, no matter + * if VBUS is available or not (USB PD specification, + * section 6.5.9.2). + * So we need to accept the message either way, + * but be prepared to keep waiting for VBUS after it was + * handled. + */ + tcpm_set_state(port, SNK_NEGOTIATE_CAPABILITIES, 0); + break; + case PD_DATA_REQUEST: + /* + * Adjust revision in subsequent message headers, as required, + * to comply with 6.2.1.1.5 of the USB PD 3.0 spec. We don't + * support Rev 1.0 so just reject in that scenario. + */ + if (rev == PD_REV10) { + tcpm_queue_message(port, PD_MSG_CTRL_REJECT); + break; + } + + if (rev < PD_MAX_REV) + port->negotiated_rev = rev; + + port->sink_request = le32_to_cpu(msg->payload[0]); + + tcpm_set_state(port, SRC_NEGOTIATE_CAPABILITIES, 0); + break; + case PD_DATA_SINK_CAP: + /* We don't do anything with this at the moment... */ + for (i = 0; i < cnt; i++) + port->sink_caps[i] = le32_to_cpu(msg->payload[i]); + + port->nr_sink_caps = cnt; + break; + default: + break; + } +} + +static void tcpm_pd_ctrl_request(struct tcpm_port *port, + const struct pd_message *msg) +{ + enum pd_ctrl_msg_type type = pd_header_type_le(msg->header); + enum tcpm_state next_state; + + switch (type) { + case PD_CTRL_GOOD_CRC: + case PD_CTRL_PING: + break; + case PD_CTRL_GET_SOURCE_CAP: + switch (port->state) { + case SRC_READY: + case SNK_READY: + tcpm_queue_message(port, PD_MSG_DATA_SOURCE_CAP); + break; + default: + tcpm_queue_message(port, PD_MSG_CTRL_REJECT); + break; + } + break; + case PD_CTRL_GET_SINK_CAP: + switch (port->state) { + case SRC_READY: + case SNK_READY: + tcpm_queue_message(port, PD_MSG_DATA_SINK_CAP); + break; + default: + tcpm_queue_message(port, PD_MSG_CTRL_REJECT); + break; + } + break; + case PD_CTRL_GOTO_MIN: + break; + case PD_CTRL_PS_RDY: + switch (port->state) { + case SNK_TRANSITION_SINK: + if (port->vbus_present) { + tcpm_set_current_limit(port, + port->req_current_limit, + port->req_supply_voltage); + port->explicit_contract = true; + tcpm_set_state(port, SNK_READY, 0); + } else { + /* + * Seen after power swap. Keep waiting for VBUS + * in a transitional state. + */ + tcpm_set_state(port, + SNK_TRANSITION_SINK_VBUS, 0); + } + break; + default: + break; + } + break; + case PD_CTRL_REJECT: + case PD_CTRL_WAIT: + case PD_CTRL_NOT_SUPP: + switch (port->state) { + case SNK_NEGOTIATE_CAPABILITIES: + /* USB PD specification, Figure 8-43 */ + if (port->explicit_contract) + next_state = SNK_READY; + else + next_state = SNK_WAIT_CAPABILITIES; + + tcpm_set_state(port, next_state, 0); + break; + case SNK_NEGOTIATE_PPS_CAPABILITIES: + /* Revert data back from any requested PPS updates */ + port->pps_data.req_out_volt = port->supply_voltage; + port->pps_data.req_op_curr = port->current_limit; + port->pps_status = (type == PD_CTRL_WAIT ? + -EAGAIN : -EOPNOTSUPP); + tcpm_set_state(port, SNK_READY, 0); + break; + default: + break; + } + break; + case PD_CTRL_ACCEPT: + switch (port->state) { + case SNK_NEGOTIATE_CAPABILITIES: + port->pps_data.active = false; + tcpm_set_state(port, SNK_TRANSITION_SINK, 0); + break; + case SNK_NEGOTIATE_PPS_CAPABILITIES: + port->pps_data.active = true; + /* ???? */ + port->pps_data.min_volt = port->pps_data.req_min_volt; + port->pps_data.max_volt = port->pps_data.req_max_volt; + port->pps_data.max_curr = port->pps_data.req_max_curr; + port->req_supply_voltage = port->pps_data.req_out_volt; + port->req_current_limit = port->pps_data.req_op_curr; + tcpm_set_state(port, SNK_TRANSITION_SINK, 0); + break; + case SOFT_RESET_SEND: + port->message_id = 0; + port->rx_msgid = -1; + if (port->pwr_role == TYPEC_SOURCE) + next_state = SRC_SEND_CAPABILITIES; + else + next_state = SNK_WAIT_CAPABILITIES; + tcpm_set_state(port, next_state, 0); + break; + default: + break; + } + break; + case PD_CTRL_SOFT_RESET: + tcpm_set_state(port, SOFT_RESET, 0); + break; + case PD_CTRL_DR_SWAP: + if (port->port_type != TYPEC_PORT_DRP) { + tcpm_queue_message(port, PD_MSG_CTRL_REJECT); + break; + } + /* + * XXX + * 6.3.9: If an alternate mode is active, a request to swap + * alternate modes shall trigger a port reset. + */ + switch (port->state) { + case SRC_READY: + case SNK_READY: +#if 0 + if (port->vdm_sm_running) { + tcpm_queue_message(port, PD_MSG_CTRL_WAIT); + break; + } +#endif + tcpm_set_state(port, DR_SWAP_ACCEPT, 0); + break; + default: + tcpm_queue_message(port, PD_MSG_CTRL_WAIT); + break; + } + break; + case PD_CTRL_PR_SWAP: + case PD_CTRL_VCONN_SWAP: + case PD_CTRL_GET_SOURCE_CAP_EXT: + case PD_CTRL_GET_STATUS: + case PD_CTRL_FR_SWAP: + case PD_CTRL_GET_PPS_STATUS: + case PD_CTRL_GET_COUNTRY_CODES: + /* Currently not supported */ + printf("Currently not supported type %#x \n", type); + tcpm_queue_message(port, PD_MSG_CTRL_NOT_SUPP); + break; + default: + printf("Unrecognized ctrl message type %#x\n", type); + break; + } +} + +#if 0 +static void tcpm_pd_ext_msg_request(struct tcpm_port *port, + const struct pd_message *msg) +{ + enum pd_ext_msg_type type = pd_header_type_le(msg->header); + unsigned int data_size = pd_ext_header_data_size_le(msg->ext_msg.header); + + if (!(le16_to_cpu(msg->ext_msg.header) & PD_EXT_HDR_CHUNKED)) { + tcpm_pd_handle_msg(port, PD_MSG_CTRL_NOT_SUPP, NONE_AMS); + printf("Unchunked extended messages unsupported\n"); + return; + } + + if (data_size > PD_EXT_MAX_CHUNK_DATA) { + tcpm_pd_handle_state(port, CHUNK_NOT_SUPP, NONE_AMS, PD_T_CHUNK_NOT_SUPP); + printf("Chunk handling not yet supported\n"); + return; + } + + switch (type) { + case PD_EXT_STATUS: + case PD_EXT_PPS_STATUS: + tcpm_set_state(port, ready_state(port), 0); + } + break; + case PD_EXT_SOURCE_CAP_EXT: + case PD_EXT_GET_BATT_CAP: + case PD_EXT_GET_BATT_STATUS: + case PD_EXT_BATT_CAP: + case PD_EXT_GET_MANUFACTURER_INFO: + case PD_EXT_MANUFACTURER_INFO: + case PD_EXT_SECURITY_REQUEST: + case PD_EXT_SECURITY_RESPONSE: + case PD_EXT_FW_UPDATE_REQUEST: + case PD_EXT_FW_UPDATE_RESPONSE: + case PD_EXT_COUNTRY_INFO: + case PD_EXT_COUNTRY_CODES: + tcpm_pd_handle_msg(port, PD_MSG_CTRL_NOT_SUPP, NONE_AMS); + break; + default: + tcpm_pd_handle_msg(port, PD_MSG_CTRL_NOT_SUPP, NONE_AMS); + printf("Unrecognized extended message type %#x\n", type); + break; + } +} +#endif + +static void tcpm_pd_rx_handler(struct tcpm_port *port, + struct pd_rx_event *event) +{ + const struct pd_message *msg = &event->msg; + unsigned int cnt = pd_header_cnt_le(msg->header); + + debug("PD RX, header: %#x [%d]\n", le16_to_cpu(msg->header), + port->attached); + + if (port->attached) { + enum pd_ctrl_msg_type type = pd_header_type_le(msg->header); + unsigned int msgid = pd_header_msgid_le(msg->header); + + /* + * USB PD standard, 6.6.1.2: + * "... if MessageID value in a received Message is the + * same as the stored value, the receiver shall return a + * GoodCRC Message with that MessageID value and drop + * the Message (this is a retry of an already received + * Message). Note: this shall not apply to the Soft_Reset + * Message which always has a MessageID value of zero." + */ + if (msgid == port->rx_msgid && type != PD_CTRL_SOFT_RESET) + goto done; + port->rx_msgid = msgid; + + /* + * If both ends believe to be DFP/host, we have a data role + * mismatch. + */ + if (!!(le16_to_cpu(msg->header) & PD_HEADER_DATA_ROLE) == + (port->data_role == TYPEC_HOST)) { + printf("Data role mismatch, initiating error recovery\n"); + tcpm_set_state(port, ERROR_RECOVERY, 0); + } else { + if (cnt) + tcpm_pd_data_request(port, msg); + else + tcpm_pd_ctrl_request(port, msg); + } + } + +done: + kfree(event); +} + +void tcpm_pd_receive(struct tcpm_port *port, const struct pd_message *msg) +{ + struct pd_rx_event *event; + + port->poll_event_cnt = 0; + event = kzalloc(sizeof(*event), GFP_ATOMIC); + if (!event) + return; + + event->port = port; + memcpy(&event->msg, msg, sizeof(*msg)); + tcpm_pd_rx_handler(port, event); +} +EXPORT_SYMBOL_GPL(tcpm_pd_receive); + +static int tcpm_pd_send_control(struct tcpm_port *port, + enum pd_ctrl_msg_type type) +{ + struct pd_message msg; + + memset(&msg, 0, sizeof(msg)); + msg.header = PD_HEADER_LE(type, port->pwr_role, + port->data_role, + port->negotiated_rev, + port->message_id, 0); + + return tcpm_pd_transmit(port, TCPC_TX_SOP, &msg); +} + +/* + * Send queued message without affecting state. + * Return true if state machine should go back to sleep, + * false otherwise. + */ +static bool tcpm_send_queued_message(struct tcpm_port *port) +{ + enum pd_msg_request queued_message; + + do { + queued_message = port->queued_message; + port->queued_message = PD_MSG_NONE; + + switch (queued_message) { + case PD_MSG_CTRL_WAIT: + tcpm_pd_send_control(port, PD_CTRL_WAIT); + break; + case PD_MSG_CTRL_REJECT: + tcpm_pd_send_control(port, PD_CTRL_REJECT); + break; + case PD_MSG_CTRL_NOT_SUPP: + tcpm_pd_send_control(port, PD_CTRL_NOT_SUPP); + break; + case PD_MSG_DATA_SINK_CAP: + tcpm_pd_send_sink_caps(port); + break; + case PD_MSG_DATA_SOURCE_CAP: + tcpm_pd_send_source_caps(port); + break; + default: + break; + } + } while (port->queued_message != PD_MSG_NONE); + +#if 0 + /* ??? */ + if (port->delayed_state != INVALID_STATE) { + if (ktime_after(port->delayed_runtime, ktime_get())) { + mod_tcpm_delayed_work(port, ktime_to_ms(ktime_sub(port->delayed_runtime, + ktime_get()))); + return true; + } + port->delayed_state = INVALID_STATE; + } +#endif + return false; +} + +static int tcpm_pd_check_request(struct tcpm_port *port) +{ + u32 pdo, rdo = port->sink_request; + unsigned int max, op, pdo_max, index; + enum pd_pdo_type type; + + index = rdo_index(rdo); + if (!index || index > port->nr_src_pdo) + return -EINVAL; + + pdo = port->src_pdo[index - 1]; + type = pdo_type(pdo); + switch (type) { + case PDO_TYPE_FIXED: + case PDO_TYPE_VAR: + max = rdo_max_current(rdo); + op = rdo_op_current(rdo); + pdo_max = pdo_max_current(pdo); + + if (op > pdo_max) + return -EINVAL; + if (max > pdo_max && !(rdo & RDO_CAP_MISMATCH)) + return -EINVAL; + + if (type == PDO_TYPE_FIXED) + debug("Requested %u mV, %u mA for %u / %u mA\n", + pdo_fixed_voltage(pdo), pdo_max, op, max); + else + debug("Requested %u -> %u mV, %u mA for %u / %u mA\n", + pdo_min_voltage(pdo), pdo_max_voltage(pdo), + pdo_max, op, max); + break; + case PDO_TYPE_BATT: + max = rdo_max_power(rdo); + op = rdo_op_power(rdo); + pdo_max = pdo_max_power(pdo); + + if (op > pdo_max) + return -EINVAL; + if (max > pdo_max && !(rdo & RDO_CAP_MISMATCH)) + return -EINVAL; + printf("Requested %u -> %u mV, %u mW for %u / %u mW\n", + pdo_min_voltage(pdo), pdo_max_voltage(pdo), + pdo_max, op, max); + break; + default: + return -EINVAL; + } + + port->op_vsafe5v = index == 1; + + return 0; +} + +#define min_power(x, y) min(pdo_max_power(x), pdo_max_power(y)) +#define min_current(x, y) min(pdo_max_current(x), pdo_max_current(y)) + +static int tcpm_pd_select_pdo(struct tcpm_port *port, int *sink_pdo, + int *src_pdo) +{ + unsigned int i, j, max_src_mv = 0, min_src_mv = 0, max_mw = 0, + max_mv = 0, src_mw = 0, src_ma = 0, max_snk_mv = 0, + min_snk_mv = 0; + int ret = -EINVAL; + + port->pps_data.supported = false; + port->usb_type = POWER_SUPPLY_USB_TYPE_PD; + + /* + * Select the source PDO providing the most power which has a + * matchig sink cap. + */ + for (i = 0; i < port->nr_source_caps; i++) { + u32 pdo = port->source_caps[i]; + enum pd_pdo_type type = pdo_type(pdo); + + switch (type) { + case PDO_TYPE_FIXED: + max_src_mv = pdo_fixed_voltage(pdo); + min_src_mv = max_src_mv; + break; + case PDO_TYPE_BATT: + case PDO_TYPE_VAR: + max_src_mv = pdo_max_voltage(pdo); + min_src_mv = pdo_min_voltage(pdo); + break; + case PDO_TYPE_APDO: + if (pdo_apdo_type(pdo) == APDO_TYPE_PPS) { + port->pps_data.supported = true; + port->usb_type = + POWER_SUPPLY_USB_TYPE_PD_PPS; + } + continue; + default: + printf("Invalid source PDO type, ignoring\n"); + continue; + } + + switch (type) { + case PDO_TYPE_FIXED: + case PDO_TYPE_VAR: + src_ma = pdo_max_current(pdo); + src_mw = src_ma * min_src_mv / 1000; + break; + case PDO_TYPE_BATT: + src_mw = pdo_max_power(pdo); + break; + case PDO_TYPE_APDO: + continue; + default: + printf("Invalid source PDO type, ignoring\n"); + continue; + } + + for (j = 0; j < port->nr_snk_pdo; j++) { + pdo = port->snk_pdo[j]; + + switch (pdo_type(pdo)) { + case PDO_TYPE_FIXED: + max_snk_mv = pdo_fixed_voltage(pdo); + min_snk_mv = max_snk_mv; + break; + case PDO_TYPE_BATT: + case PDO_TYPE_VAR: + max_snk_mv = pdo_max_voltage(pdo); + min_snk_mv = pdo_min_voltage(pdo); + break; + case PDO_TYPE_APDO: + continue; + default: + printf("Invalid sink PDO type, ignoring\n"); + continue; + } + + if (max_src_mv <= max_snk_mv && + min_src_mv >= min_snk_mv) { + /* Prefer higher voltages if available */ + if ((src_mw == max_mw && min_src_mv > max_mv) || + src_mw > max_mw) { + *src_pdo = i; + *sink_pdo = j; + max_mw = src_mw; + max_mv = min_src_mv; + ret = 0; + } + } + } + } + + return ret; +} + +#define min_pps_apdo_current(x, y) \ + min(pdo_pps_apdo_max_current(x), pdo_pps_apdo_max_current(y)) + +static unsigned int tcpm_pd_select_pps_apdo(struct tcpm_port *port) +{ + unsigned int i, j, max_mw = 0, max_mv = 0; + unsigned int min_src_mv, max_src_mv, src_ma, src_mw; + unsigned int min_snk_mv, max_snk_mv; + unsigned int max_op_mv; + u32 pdo, src, snk; + unsigned int src_pdo = 0, snk_pdo = 0; + + /* + * Select the source PPS APDO providing the most power while staying + * within the board's limits. We skip the first PDO as this is always + * 5V 3A. + */ + for (i = 1; i < port->nr_source_caps; ++i) { + pdo = port->source_caps[i]; + + switch (pdo_type(pdo)) { + case PDO_TYPE_APDO: + if (pdo_apdo_type(pdo) != APDO_TYPE_PPS) { + printf("Not PPS APDO (source), ignoring\n"); + continue; + } + + min_src_mv = pdo_pps_apdo_min_voltage(pdo); + max_src_mv = pdo_pps_apdo_max_voltage(pdo); + src_ma = pdo_pps_apdo_max_current(pdo); + src_mw = (src_ma * max_src_mv) / 1000; + + /* + * Now search through the sink PDOs to find a matching + * PPS APDO. Again skip the first sink PDO as this will + * always be 5V 3A. + */ + for (j = 1; j < port->nr_snk_pdo; j++) { + pdo = port->snk_pdo[j]; + + switch (pdo_type(pdo)) { + case PDO_TYPE_APDO: + if (pdo_apdo_type(pdo) != APDO_TYPE_PPS) { + printf("Not PPS APDO (sink), ignoring\n"); + continue; + } + + min_snk_mv = + pdo_pps_apdo_min_voltage(pdo); + max_snk_mv = + pdo_pps_apdo_max_voltage(pdo); + break; + default: + printf("Not APDO type (sink), ignoring\n"); + continue; + } + + if (min_src_mv <= max_snk_mv && + max_src_mv >= min_snk_mv) { + max_op_mv = min(max_src_mv, max_snk_mv); + src_mw = (max_op_mv * src_ma) / 1000; + /* Prefer higher voltages if available */ + if ((src_mw == max_mw && + max_op_mv > max_mv) || + src_mw > max_mw) { + src_pdo = i; + snk_pdo = j; + max_mw = src_mw; + max_mv = max_op_mv; + } + } + } + + break; + default: + printf("Not APDO type (source), ignoring\n"); + continue; + } + } + + if (src_pdo) { + src = port->source_caps[src_pdo]; + snk = port->snk_pdo[snk_pdo]; + + port->pps_data.req_min_volt = max(pdo_pps_apdo_min_voltage(src), + pdo_pps_apdo_min_voltage(snk)); + port->pps_data.req_max_volt = min(pdo_pps_apdo_max_voltage(src), + pdo_pps_apdo_max_voltage(snk)); + port->pps_data.req_max_curr = min_pps_apdo_current(src, snk); + port->pps_data.req_out_volt = min(port->pps_data.req_max_volt, + max(port->pps_data.req_min_volt, + port->pps_data.req_out_volt)); + port->pps_data.req_op_curr = min(port->pps_data.req_max_curr, + port->pps_data.req_op_curr); + } + + return src_pdo; +} + +static int tcpm_pd_build_request(struct tcpm_port *port, u32 *rdo) +{ + unsigned int mv, ma, mw, flags; + unsigned int max_ma, max_mw; + enum pd_pdo_type type; + u32 pdo, matching_snk_pdo; + int src_pdo_index = 0; + int snk_pdo_index = 0; + int ret; + + ret = tcpm_pd_select_pdo(port, &snk_pdo_index, &src_pdo_index); + if (ret < 0) + return ret; + + pdo = port->source_caps[src_pdo_index]; + matching_snk_pdo = port->snk_pdo[snk_pdo_index]; + type = pdo_type(pdo); + + switch (type) { + case PDO_TYPE_FIXED: + mv = pdo_fixed_voltage(pdo); + break; + case PDO_TYPE_BATT: + case PDO_TYPE_VAR: + mv = pdo_min_voltage(pdo); + break; + default: + printf("Invalid PDO selected!\n"); + return -EINVAL; + } + + /* Select maximum available current within the sink pdo's limit */ + if (type == PDO_TYPE_BATT) { + mw = min_power(pdo, matching_snk_pdo); + ma = 1000 * mw / mv; + } else { + ma = min_current(pdo, matching_snk_pdo); + mw = ma * mv / 1000; + } + + flags = RDO_USB_COMM | RDO_NO_SUSPEND; + + /* Set mismatch bit if offered power is less than operating power */ + max_ma = ma; + max_mw = mw; + if (mw < port->operating_snk_mw) { + flags |= RDO_CAP_MISMATCH; + if (type == PDO_TYPE_BATT && + (pdo_max_power(matching_snk_pdo) > pdo_max_power(pdo))) + max_mw = pdo_max_power(matching_snk_pdo); + else if (pdo_max_current(matching_snk_pdo) > + pdo_max_current(pdo)) + max_ma = pdo_max_current(matching_snk_pdo); + } + + debug("cc=%d cc1=%d cc2=%d vbus=%d vconn=%s polarity=%d\n", + port->cc_req, port->cc1, port->cc2, port->vbus_source, + port->vconn_role == TYPEC_SOURCE ? "source" : "sink", + port->polarity); + + if (type == PDO_TYPE_BATT) { + *rdo = RDO_BATT(src_pdo_index + 1, mw, max_mw, flags); + + printf("Requesting PDO %d: %u mV, %u mW%s\n", + src_pdo_index, mv, mw, + flags & RDO_CAP_MISMATCH ? " [mismatch]" : ""); + } else { + *rdo = RDO_FIXED(src_pdo_index + 1, ma, max_ma, flags); + + printf("Requesting PDO %d: %u mV, %u mA%s\n", + src_pdo_index, mv, ma, + flags & RDO_CAP_MISMATCH ? " [mismatch]" : ""); + } + + port->req_current_limit = ma; + port->req_supply_voltage = mv; + + return 0; +} + +static int tcpm_pd_send_request(struct tcpm_port *port) +{ + struct pd_message msg; + int ret; + u32 rdo; + + ret = tcpm_pd_build_request(port, &rdo); + if (ret < 0) + return ret; + + memset(&msg, 0, sizeof(msg)); + msg.header = PD_HEADER_LE(PD_DATA_REQUEST, + port->pwr_role, + port->data_role, + port->negotiated_rev, + port->message_id, 1); + msg.payload[0] = cpu_to_le32(rdo); + + return tcpm_pd_transmit(port, TCPC_TX_SOP, &msg); +} + +static int tcpm_pd_build_pps_request(struct tcpm_port *port, u32 *rdo) +{ + unsigned int out_mv, op_ma, op_mw, max_mv, max_ma, flags; + enum pd_pdo_type type; + unsigned int src_pdo_index; + u32 pdo; + + src_pdo_index = tcpm_pd_select_pps_apdo(port); + if (!src_pdo_index) + return -EOPNOTSUPP; + + pdo = port->source_caps[src_pdo_index]; + type = pdo_type(pdo); + + switch (type) { + case PDO_TYPE_APDO: + if (pdo_apdo_type(pdo) != APDO_TYPE_PPS) { + printf("Invalid APDO selected!\n"); + return -EINVAL; + } + max_mv = port->pps_data.req_max_volt; + max_ma = port->pps_data.req_max_curr; + out_mv = port->pps_data.req_out_volt; + op_ma = port->pps_data.req_op_curr; + break; + default: + printf("Invalid PDO selected!\n"); + return -EINVAL; + } + + flags = RDO_USB_COMM | RDO_NO_SUSPEND; + + op_mw = (op_ma * out_mv) / 1000; + if (op_mw < port->operating_snk_mw) { + /* + * Try raising current to meet power needs. If that's not enough + * then try upping the voltage. If that's still not enough + * then we've obviously chosen a PPS APDO which really isn't + * suitable so abandon ship. + */ + op_ma = (port->operating_snk_mw * 1000) / out_mv; + if ((port->operating_snk_mw * 1000) % out_mv) + ++op_ma; + op_ma += RDO_PROG_CURR_MA_STEP - (op_ma % RDO_PROG_CURR_MA_STEP); + + if (op_ma > max_ma) { + op_ma = max_ma; + out_mv = (port->operating_snk_mw * 1000) / op_ma; + if ((port->operating_snk_mw * 1000) % op_ma) + ++out_mv; + out_mv += RDO_PROG_VOLT_MV_STEP - + (out_mv % RDO_PROG_VOLT_MV_STEP); + + if (out_mv > max_mv) { + printf("Invalid PPS APDO selected!\n"); + return -EINVAL; + } + } + } + + debug("cc=%d cc1=%d cc2=%d vbus=%d vconn=%s polarity=%d\n", + port->cc_req, port->cc1, port->cc2, port->vbus_source, + port->vconn_role == TYPEC_SOURCE ? "source" : "sink", + port->polarity); + + *rdo = RDO_PROG(src_pdo_index + 1, out_mv, op_ma, flags); + + printf("Requesting APDO %d: %u mV, %u mA\n", + src_pdo_index, out_mv, op_ma); + + port->pps_data.req_op_curr = op_ma; + port->pps_data.req_out_volt = out_mv; + + return 0; +} + +static int tcpm_pd_send_pps_request(struct tcpm_port *port) +{ + struct pd_message msg; + int ret; + u32 rdo; + + ret = tcpm_pd_build_pps_request(port, &rdo); + if (ret < 0) + return ret; + + memset(&msg, 0, sizeof(msg)); + msg.header = PD_HEADER_LE(PD_DATA_REQUEST, + port->pwr_role, + port->data_role, + port->negotiated_rev, + port->message_id, 1); + msg.payload[0] = cpu_to_le32(rdo); + + return tcpm_pd_transmit(port, TCPC_TX_SOP, &msg); +} + +static int tcpm_set_vbus(struct tcpm_port *port, bool enable) +{ + int ret; + + if (enable && port->vbus_charge) + return -EINVAL; + + debug("vbus = %d charge = %d\n", enable, port->vbus_charge); + + ret = port->tcpc->set_vbus(port->tcpc, enable, port->vbus_charge); + if (ret < 0) + return ret; + + port->vbus_source = enable; + return 0; +} + +static int tcpm_set_charge(struct tcpm_port *port, bool charge) +{ + int ret; + + if (charge && port->vbus_source) + return -EINVAL; + + if (charge != port->vbus_charge) { + debug("vbus = %d charge = %d\n", port->vbus_source, charge); + ret = port->tcpc->set_vbus(port->tcpc, port->vbus_source, + charge); + if (ret < 0) + return ret; + } + port->vbus_charge = charge; + return 0; +} + +static bool tcpm_start_toggling(struct tcpm_port *port, enum typec_cc_status cc) +{ + int ret; + + if (!port->tcpc->start_toggling) + return false; + + printf("Start toggling\n"); + ret = port->tcpc->start_toggling(port->tcpc, port->port_type, cc); + return ret == 0; +} + +static int tcpm_init_vbus(struct tcpm_port *port) +{ + int ret; + + ret = port->tcpc->set_vbus(port->tcpc, false, false); + port->vbus_source = false; + port->vbus_charge = false; + return ret; +} + +static int tcpm_init_vconn(struct tcpm_port *port) +{ + int ret; + + ret = port->tcpc->set_vconn(port->tcpc, false); + port->vconn_role = TYPEC_SINK; + return ret; +} + +static void tcpm_typec_connect(struct tcpm_port *port) +{ + if (!port->connected) { + port->connected = true; + } +} + +static int tcpm_src_attach(struct tcpm_port *port) +{ + enum typec_cc_polarity polarity = + port->cc2 == TYPEC_CC_RD ? TYPEC_POLARITY_CC2 + : TYPEC_POLARITY_CC1; + int ret; + + if (port->attached) + return 0; + + ret = tcpm_set_polarity(port, polarity); + if (ret < 0) + return ret; + + ret = tcpm_set_roles(port, true, TYPEC_SOURCE, TYPEC_HOST); + if (ret < 0) + return ret; + + ret = port->tcpc->set_pd_rx(port->tcpc, true); + if (ret < 0) + goto out_disable_mux; + + /* + * USB Type-C specification, version 1.2, + * chapter 4.5.2.2.8.1 (Attached.SRC Requirements) + * Enable VCONN only if the non-RD port is set to RA. + */ + if ((polarity == TYPEC_POLARITY_CC1 && port->cc2 == TYPEC_CC_RA) || + (polarity == TYPEC_POLARITY_CC2 && port->cc1 == TYPEC_CC_RA)) { + ret = tcpm_set_vconn(port, true); + if (ret < 0) + goto out_disable_pd; + } + + ret = tcpm_set_vbus(port, true); + if (ret < 0) + goto out_disable_vconn; + + port->pd_capable = false; + + port->partner = NULL; + + port->attached = true; + port->debouncing = false; + //port->send_discover = true; + + return 0; + +out_disable_vconn: + tcpm_set_vconn(port, false); +out_disable_pd: + port->tcpc->set_pd_rx(port->tcpc, false); +out_disable_mux: + printf("CC connected in %s as DFP\n", + polarity ? "CC2" : "CC1"); + return 0; +} + +static void tcpm_typec_disconnect(struct tcpm_port *port) +{ + if (port->connected) { + port->partner = NULL; + port->connected = false; + } +} + +static void tcpm_reset_port(struct tcpm_port *port) +{ + tcpm_timer_uninit(port); + tcpm_typec_disconnect(port); + port->poll_event_cnt = 0; + port->wait_dr_swap_Message = false; + port->attached = false; + port->pd_capable = false; + port->pps_data.supported = false; + + /* + * First Rx ID should be 0; set this to a sentinel of -1 so that + * we can check tcpm_pd_rx_handler() if we had seen it before. + */ + port->rx_msgid = -1; + + port->tcpc->set_pd_rx(port->tcpc, false); + tcpm_init_vbus(port); /* also disables charging */ + tcpm_init_vconn(port); + tcpm_set_current_limit(port, 0, 0); + tcpm_set_polarity(port, TYPEC_POLARITY_CC1); + tcpm_set_attached_state(port, false); + port->usb_type = POWER_SUPPLY_USB_TYPE_C; + port->nr_sink_caps = 0; + port->sink_cap_done = false; +} + +static void tcpm_detach(struct tcpm_port *port) +{ + if (tcpm_port_is_disconnected(port)) + port->hard_reset_count = 0; + + if (!port->attached) + return; + + tcpm_reset_port(port); +} + +static void tcpm_src_detach(struct tcpm_port *port) +{ + tcpm_detach(port); +} + +static int tcpm_snk_attach(struct tcpm_port *port) +{ + int ret; + + if (port->attached) + return 0; + + ret = tcpm_set_polarity(port, port->cc2 != TYPEC_CC_OPEN ? + TYPEC_POLARITY_CC2 : TYPEC_POLARITY_CC1); + if (ret < 0) + return ret; + + ret = tcpm_set_roles(port, true, TYPEC_SINK, TYPEC_DEVICE); + if (ret < 0) + return ret; + + port->pd_capable = false; + + port->partner = NULL; + + port->attached = true; + port->debouncing = false; + printf("CC connected in %s as UFP\n", + port->cc1 != TYPEC_CC_OPEN ? "CC1" : "CC2"); + + return 0; +} + +static void tcpm_snk_detach(struct tcpm_port *port) +{ + tcpm_detach(port); +} + +static int tcpm_acc_attach(struct tcpm_port *port) +{ + int ret; + + if (port->attached) + return 0; + + ret = tcpm_set_roles(port, true, TYPEC_SOURCE, TYPEC_HOST); + if (ret < 0) + return ret; + + port->partner = NULL; + + tcpm_typec_connect(port); + + port->attached = true; + + dev_info(port->dev, "CC connected as Audio Accessory\n"); + + return 0; +} + +static void tcpm_acc_detach(struct tcpm_port *port) +{ + tcpm_detach(port); +} + +static inline enum tcpm_state hard_reset_state(struct tcpm_port *port) +{ + if (port->hard_reset_count < PD_N_HARD_RESET_COUNT) + return HARD_RESET_SEND; + if (port->pd_capable) + return ERROR_RECOVERY; + if (port->pwr_role == TYPEC_SOURCE) + return SRC_UNATTACHED; + if (port->state == SNK_WAIT_CAPABILITIES) + return SNK_READY; + return SNK_UNATTACHED; +} + +static inline enum tcpm_state unattached_state(struct tcpm_port *port) +{ + if (port->port_type == TYPEC_PORT_DRP) { + if (port->pwr_role == TYPEC_SOURCE) + return SRC_UNATTACHED; + else + return SNK_UNATTACHED; + } else if (port->port_type == TYPEC_PORT_SRC) { + return SRC_UNATTACHED; + } + + return SNK_UNATTACHED; +} + +bool tcpm_is_toggling(struct tcpm_port *port) +{ + if (port->port_type == TYPEC_PORT_DRP) + return port->state == SRC_UNATTACHED || port->state == SNK_UNATTACHED || + port->state == TOGGLING; + + return false; +} +EXPORT_SYMBOL_GPL(tcpm_is_toggling); + +static void run_state_machine(struct tcpm_port *port) +{ + int ret; + + port->enter_state = port->state; + switch (port->state) { + case TOGGLING: + break; + /* SRC states */ + case SRC_UNATTACHED: + tcpm_src_detach(port); + if (tcpm_start_toggling(port, tcpm_rp_cc(port))) { + tcpm_set_state(port, TOGGLING, 0); + break; + } + tcpm_set_cc(port, tcpm_rp_cc(port)); + if (port->port_type == TYPEC_PORT_DRP) + tcpm_set_state(port, SNK_UNATTACHED, PD_T_DRP_SNK); + break; + case SRC_ATTACH_WAIT: + if (tcpm_port_is_debug(port)) + tcpm_set_state(port, DEBUG_ACC_ATTACHED, + PD_T_CC_DEBOUNCE); + else if (tcpm_port_is_audio(port)) + tcpm_set_state(port, AUDIO_ACC_ATTACHED, + PD_T_CC_DEBOUNCE); + else if (tcpm_port_is_source(port)) + tcpm_set_state(port, SRC_ATTACHED, PD_T_CC_DEBOUNCE); + break; + + case SRC_ATTACHED: + ret = tcpm_src_attach(port); + /* + * Currently, vbus control is not implemented, + * and the SRC detection process cannot be fully implemented. + */ + tcpm_set_state(port, SRC_READY, 0); +#if 0 + tcpm_set_state(port, SRC_UNATTACHED, + ret < 0 ? 0 : PD_T_PS_SOURCE_ON); +#endif + break; + case SRC_STARTUP: + port->caps_count = 0; + port->negotiated_rev = PD_MAX_REV; + port->message_id = 0; + port->rx_msgid = -1; + port->explicit_contract = false; + tcpm_set_state(port, SRC_SEND_CAPABILITIES, 0); + break; + case SRC_SEND_CAPABILITIES: + port->caps_count++; + if (port->caps_count > PD_N_CAPS_COUNT) { + tcpm_set_state(port, SRC_READY, 0); + break; + } + ret = tcpm_pd_send_source_caps(port); + if (ret < 0) { + tcpm_set_state(port, SRC_SEND_CAPABILITIES, + PD_T_SEND_SOURCE_CAP); + } else { + /* + * Per standard, we should clear the reset counter here. + * However, that can result in state machine hang-ups. + * Reset it only in READY state to improve stability. + */ + /* port->hard_reset_count = 0; */ + port->caps_count = 0; + port->pd_capable = true; + tcpm_set_state_cond(port, SRC_SEND_CAPABILITIES_TIMEOUT, + PD_T_SEND_SOURCE_CAP); + } + break; + case SRC_SEND_CAPABILITIES_TIMEOUT: + /* + * Error recovery for a PD_DATA_SOURCE_CAP reply timeout. + * + * PD 2.0 sinks are supposed to accept src-capabilities with a + * 3.0 header and simply ignore any src PDOs which the sink does + * not understand such as PPS but some 2.0 sinks instead ignore + * the entire PD_DATA_SOURCE_CAP message, causing contract + * negotiation to fail. + * + * After PD_N_HARD_RESET_COUNT hard-reset attempts, we try + * sending src-capabilities with a lower PD revision to + * make these broken sinks work. + */ + if (port->hard_reset_count < PD_N_HARD_RESET_COUNT) { + tcpm_set_state(port, HARD_RESET_SEND, 0); + } else if (port->negotiated_rev > PD_REV20) { + port->negotiated_rev--; + port->hard_reset_count = 0; + tcpm_set_state(port, SRC_SEND_CAPABILITIES, 0); + } else { + tcpm_set_state(port, hard_reset_state(port), 0); + } + break; + case SRC_NEGOTIATE_CAPABILITIES: + ret = tcpm_pd_check_request(port); + if (ret < 0) { + tcpm_pd_send_control(port, PD_CTRL_REJECT); + if (!port->explicit_contract) { + tcpm_set_state(port, + SRC_WAIT_NEW_CAPABILITIES, 0); + } else { + tcpm_set_state(port, SRC_READY, 0); + } + } else { + tcpm_pd_send_control(port, PD_CTRL_ACCEPT); + tcpm_set_state(port, SRC_TRANSITION_SUPPLY, + PD_T_SRC_TRANSITION); + } + break; + case SRC_TRANSITION_SUPPLY: + /* XXX: regulator_set_voltage(vbus, ...) */ + tcpm_pd_send_control(port, PD_CTRL_PS_RDY); + port->explicit_contract = true; + tcpm_set_state_cond(port, SRC_READY, 0); + break; + case SRC_READY: +#if 1 + port->hard_reset_count = 0; +#endif + port->try_src_count = 0; + + tcpm_typec_connect(port); + break; + case SRC_WAIT_NEW_CAPABILITIES: + /* Nothing to do... */ + break; + + /* SNK states */ + case SNK_UNATTACHED: + tcpm_snk_detach(port); + if (tcpm_start_toggling(port, TYPEC_CC_RD)) { + tcpm_set_state(port, TOGGLING, 0); + break; + } + tcpm_set_cc(port, TYPEC_CC_RD); + if (port->port_type == TYPEC_PORT_DRP) + tcpm_set_state(port, SRC_UNATTACHED, PD_T_DRP_SRC); + break; + case SNK_ATTACH_WAIT: + if ((port->cc1 == TYPEC_CC_OPEN && + port->cc2 != TYPEC_CC_OPEN) || + (port->cc1 != TYPEC_CC_OPEN && + port->cc2 == TYPEC_CC_OPEN)) + tcpm_set_state(port, SNK_DEBOUNCED, + PD_T_CC_DEBOUNCE); + else if (tcpm_port_is_disconnected(port)) + tcpm_set_state(port, SNK_UNATTACHED, + PD_T_CC_DEBOUNCE); + break; + case SNK_DEBOUNCED: + if (tcpm_port_is_disconnected(port)) { + tcpm_set_state(port, SNK_UNATTACHED, + PD_T_PD_DEBOUNCE); + } else if (port->vbus_present) + tcpm_set_state(port, SNK_ATTACHED, 0); + else + /* Wait for VBUS, but not forever */ + tcpm_set_state(port, PORT_RESET, PD_T_PS_SOURCE_ON); + break; + + case SNK_ATTACHED: + ret = tcpm_snk_attach(port); + if (ret < 0) + tcpm_set_state(port, SNK_UNATTACHED, 0); + else + tcpm_set_state(port, SNK_STARTUP, 0); + break; + case SNK_STARTUP: + port->negotiated_rev = PD_MAX_REV; + port->message_id = 0; + port->rx_msgid = -1; + port->explicit_contract = false; + tcpm_set_state(port, SNK_DISCOVERY, 0); + break; + case SNK_DISCOVERY: + if (port->vbus_present) { + tcpm_set_current_limit(port, + tcpm_get_current_limit(port), + 5000); + tcpm_set_charge(port, true); + tcpm_set_state(port, SNK_WAIT_CAPABILITIES, 0); + break; + } + /* + * For DRP, timeouts differ. Also, handling is supposed to be + * different and much more complex (dead battery detection; + * see USB power delivery specification, section 8.3.3.6.1.5.1). + */ + tcpm_set_state(port, hard_reset_state(port), + port->port_type == TYPEC_PORT_DRP ? + PD_T_DB_DETECT : PD_T_NO_RESPONSE); + break; + case SNK_DISCOVERY_DEBOUNCE: + tcpm_set_state(port, SNK_DISCOVERY_DEBOUNCE_DONE, + PD_T_CC_DEBOUNCE); + break; + case SNK_DISCOVERY_DEBOUNCE_DONE: +#if 0 + if (!tcpm_port_is_disconnected(port) && + tcpm_port_is_sink(port) && + ktime_after(port->delayed_runtime, ktime_get())) { + tcpm_set_state(port, SNK_DISCOVERY, + ktime_to_ms(ktime_sub(port->delayed_runtime, ktime_get()))); + break; + } +#endif + tcpm_set_state(port, unattached_state(port), 0); + break; + case SNK_WAIT_CAPABILITIES: + ret = port->tcpc->set_pd_rx(port->tcpc, true); + if (ret < 0) { + tcpm_set_state(port, SNK_READY, 0); + break; + } + /* + * If VBUS has never been low, and we time out waiting + * for source cap, try a soft reset first, in case we + * were already in a stable contract before this boot. + * Do this only once. + */ + if (port->vbus_never_low) { + port->vbus_never_low = false; + tcpm_set_state(port, SOFT_RESET_SEND, + PD_T_SINK_WAIT_CAP); + } else { + tcpm_set_state(port, hard_reset_state(port), + PD_T_SINK_WAIT_CAP); + } + break; + case SNK_NEGOTIATE_CAPABILITIES: + port->pd_capable = true; + port->hard_reset_count = 0; + ret = tcpm_pd_send_request(port); + if (ret < 0) { + /* Let the Source send capabilities again. */ + tcpm_set_state(port, SNK_WAIT_CAPABILITIES, 0); + } else { + tcpm_set_state_cond(port, hard_reset_state(port), + PD_T_SENDER_RESPONSE); + } + break; + case SNK_NEGOTIATE_PPS_CAPABILITIES: + ret = tcpm_pd_send_pps_request(port); + if (ret < 0) { + port->pps_status = ret; + /* + * If this was called due to updates to sink + * capabilities, and pps is no longer valid, we should + * safely fall back to a standard PDO. + */ + if (port->update_sink_caps) + tcpm_set_state(port, SNK_NEGOTIATE_CAPABILITIES, 0); + else + tcpm_set_state(port, SNK_READY, 0); + } else { + tcpm_set_state_cond(port, hard_reset_state(port), + PD_T_SENDER_RESPONSE); + } + break; + case SNK_TRANSITION_SINK: + case SNK_TRANSITION_SINK_VBUS: + tcpm_set_state(port, hard_reset_state(port), + PD_T_PS_TRANSITION); + break; + case SNK_READY: + port->try_snk_count = 0; + port->update_sink_caps = false; + tcpm_typec_connect(port); + /* + * Here poll_event_cnt is cleared, waiting for self-powered Type-C devices + * to send DR_swap Messge until 1s (TCPM_POLL_EVENT_TIME_OUT * 500us)timeout + */ + if (port->wait_dr_swap_Message) + port->poll_event_cnt = 0; + + break; + + /* Accessory states */ + case ACC_UNATTACHED: + tcpm_acc_detach(port); + tcpm_set_state(port, SRC_UNATTACHED, 0); + break; + case DEBUG_ACC_ATTACHED: + case AUDIO_ACC_ATTACHED: + ret = tcpm_acc_attach(port); + if (ret < 0) + tcpm_set_state(port, ACC_UNATTACHED, 0); + break; + case AUDIO_ACC_DEBOUNCE: + tcpm_set_state(port, ACC_UNATTACHED, PD_T_CC_DEBOUNCE); + break; + + /* Hard_Reset states */ + case HARD_RESET_SEND: + tcpm_pd_transmit(port, TCPC_TX_HARD_RESET, NULL); + tcpm_set_state(port, HARD_RESET_START, 0); + port->wait_dr_swap_Message = false; + break; + case HARD_RESET_START: + port->hard_reset_count++; + port->tcpc->set_pd_rx(port->tcpc, false); + port->nr_sink_caps = 0; + port->send_discover = true; + if (port->pwr_role == TYPEC_SOURCE) + tcpm_set_state(port, SRC_HARD_RESET_VBUS_OFF, + PD_T_PS_HARD_RESET); + else + tcpm_set_state(port, SNK_HARD_RESET_SINK_OFF, 0); + break; + case SRC_HARD_RESET_VBUS_OFF: + tcpm_set_vconn(port, true); + tcpm_set_vbus(port, false); + tcpm_set_roles(port, port->self_powered, TYPEC_SOURCE, + TYPEC_HOST); + tcpm_set_state(port, SRC_HARD_RESET_VBUS_ON, PD_T_SRC_RECOVER); + break; + case SRC_HARD_RESET_VBUS_ON: + tcpm_set_vconn(port, true); + tcpm_set_vbus(port, true); + port->tcpc->set_pd_rx(port->tcpc, true); + tcpm_set_attached_state(port, true); + tcpm_set_state(port, SRC_UNATTACHED, PD_T_PS_SOURCE_ON); + break; + case SNK_HARD_RESET_SINK_OFF: + memset(&port->pps_data, 0, sizeof(port->pps_data)); + tcpm_set_vconn(port, false); + if (port->pd_capable) + tcpm_set_charge(port, false); + tcpm_set_roles(port, port->self_powered, TYPEC_SINK, + TYPEC_DEVICE); + /* + * VBUS may or may not toggle, depending on the adapter. + * If it doesn't toggle, transition to SNK_HARD_RESET_SINK_ON + * directly after timeout. + */ + tcpm_set_state(port, SNK_HARD_RESET_SINK_ON, PD_T_SAFE_0V); + break; + case SNK_HARD_RESET_WAIT_VBUS: + /* Assume we're disconnected if VBUS doesn't come back. */ + tcpm_set_state(port, SNK_UNATTACHED, + PD_T_SRC_RECOVER_MAX + PD_T_SRC_TURN_ON); + break; + case SNK_HARD_RESET_SINK_ON: + /* Note: There is no guarantee that VBUS is on in this state */ + /* + * XXX: + * The specification suggests that dual mode ports in sink + * mode should transition to state PE_SRC_Transition_to_default. + * See USB power delivery specification chapter 8.3.3.6.1.3. + * This would mean to to + * - turn off VCONN, reset power supply + * - request hardware reset + * - turn on VCONN + * - Transition to state PE_Src_Startup + * SNK only ports shall transition to state Snk_Startup + * (see chapter 8.3.3.3.8). + * Similar, dual-mode ports in source mode should transition + * to PE_SNK_Transition_to_default. + */ + if (port->pd_capable) { + tcpm_set_current_limit(port, + tcpm_get_current_limit(port), + 5000); + tcpm_set_charge(port, true); + } + tcpm_set_attached_state(port, true); + tcpm_set_state(port, SNK_STARTUP, 0); + break; + + /* Soft_Reset states */ + case SOFT_RESET: + port->message_id = 0; + port->rx_msgid = -1; + tcpm_pd_send_control(port, PD_CTRL_ACCEPT); + if (port->pwr_role == TYPEC_SOURCE) { + tcpm_set_state(port, SRC_SEND_CAPABILITIES, 0); + } else { + tcpm_set_state(port, SNK_WAIT_CAPABILITIES, 0); + } + break; + case SOFT_RESET_SEND: + port->message_id = 0; + port->rx_msgid = -1; + if (tcpm_pd_send_control(port, PD_CTRL_SOFT_RESET)) + tcpm_set_state_cond(port, hard_reset_state(port), 0); + else + tcpm_set_state_cond(port, hard_reset_state(port), + PD_T_SENDER_RESPONSE); + break; + + /* DR_Swap states */ + case DR_SWAP_SEND: + tcpm_pd_send_control(port, PD_CTRL_DR_SWAP); + tcpm_set_state_cond(port, DR_SWAP_SEND_TIMEOUT, + PD_T_SENDER_RESPONSE); + break; + case DR_SWAP_ACCEPT: + tcpm_pd_send_control(port, PD_CTRL_ACCEPT); +#if 0 + /* Set VDM state machine running flag ASAP */ + if (port->data_role == TYPEC_DEVICE && port->send_discover) + port->vdm_sm_running = true; +#endif + tcpm_set_state_cond(port, DR_SWAP_CHANGE_DR, 0); + break; + case DR_SWAP_SEND_TIMEOUT: + //tcpm_swap_complete(port, -ETIMEDOUT); + tcpm_set_state(port, ready_state(port), 0); + break; + case DR_SWAP_CHANGE_DR: + if (port->data_role == TYPEC_HOST) { + //tcpm_unregister_altmodes(port); + tcpm_set_roles(port, true, port->pwr_role, + TYPEC_DEVICE); + } else { + tcpm_set_roles(port, true, port->pwr_role, + TYPEC_HOST); + //port->send_discover = true; + } + /* DR_swap process complete, wait_dr_swap_Message is cleared */ + port->wait_dr_swap_Message = false; + tcpm_set_state(port, ready_state(port), 0); + break; + +#if 0 + + /* PR_Swap states */ + case PR_SWAP_ACCEPT: + tcpm_pd_send_control(port, PD_CTRL_ACCEPT); + tcpm_set_state(port, PR_SWAP_START, 0); + break; + case PR_SWAP_SEND: + tcpm_pd_send_control(port, PD_CTRL_PR_SWAP); + tcpm_set_state_cond(port, PR_SWAP_SEND_TIMEOUT, + PD_T_SENDER_RESPONSE); + break; + case PR_SWAP_SEND_TIMEOUT: + tcpm_set_state(port, ready_state(port), 0); + break; + case PR_SWAP_START: + tcpm_apply_rc(port); + if (port->pwr_role == TYPEC_SOURCE) + tcpm_set_state(port, PR_SWAP_SRC_SNK_TRANSITION_OFF, + PD_T_SRC_TRANSITION); + else + tcpm_set_state(port, PR_SWAP_SNK_SRC_SINK_OFF, 0); + break; + case PR_SWAP_SRC_SNK_TRANSITION_OFF: + /* + * Prevent vbus discharge circuit from turning on during PR_SWAP + * as this is not a disconnect. + */ + tcpm_set_vbus(port, false); + port->explicit_contract = false; + /* allow time for Vbus discharge, must be < tSrcSwapStdby */ + tcpm_set_state(port, PR_SWAP_SRC_SNK_SOURCE_OFF, + PD_T_SRCSWAPSTDBY); + break; + case PR_SWAP_SRC_SNK_SOURCE_OFF: + timer_val_msecs = PD_T_CC_DEBOUNCE; + trace_android_vh_typec_tcpm_get_timer(tcpm_states[PR_SWAP_SRC_SNK_SOURCE_OFF], + CC_DEBOUNCE, &timer_val_msecs); + tcpm_set_cc(port, TYPEC_CC_RD); + /* allow CC debounce */ + tcpm_set_state(port, PR_SWAP_SRC_SNK_SOURCE_OFF_CC_DEBOUNCED, + timer_val_msecs); + break; + case PR_SWAP_SRC_SNK_SOURCE_OFF_CC_DEBOUNCED: + /* + * USB-PD standard, 6.2.1.4, Port Power Role: + * "During the Power Role Swap Sequence, for the initial Source + * Port, the Port Power Role field shall be set to Sink in the + * PS_RDY Message indicating that the initial Source’s power + * supply is turned off" + */ + tcpm_set_pwr_role(port, TYPEC_SINK); + if (tcpm_pd_send_control(port, PD_CTRL_PS_RDY)) { + tcpm_set_state(port, ERROR_RECOVERY, 0); + break; + } + tcpm_set_state(port, ERROR_RECOVERY, PD_T_PS_SOURCE_ON_PRS); + break; + case PR_SWAP_SRC_SNK_SINK_ON: + tcpm_enable_auto_vbus_discharge(port, true); + /* Set the vbus disconnect threshold for implicit contract */ + tcpm_set_auto_vbus_discharge_threshold(port, TYPEC_PWR_MODE_USB, false, VSAFE5V); + tcpm_set_state(port, SNK_STARTUP, 0); + break; + case PR_SWAP_SNK_SRC_SINK_OFF: + timer_val_msecs = PD_T_PS_SOURCE_OFF; + trace_android_vh_typec_tcpm_get_timer(tcpm_states[PR_SWAP_SNK_SRC_SINK_OFF], + SOURCE_OFF, &timer_val_msecs); + /* + * Prevent vbus discharge circuit from turning on during PR_SWAP + * as this is not a disconnect. + */ + tcpm_set_auto_vbus_discharge_threshold(port, TYPEC_PWR_MODE_USB, + port->pps_data.active, 0); + tcpm_set_charge(port, false); + tcpm_set_state(port, hard_reset_state(port), timer_val_msecs); + break; + case PR_SWAP_SNK_SRC_SOURCE_ON: + tcpm_enable_auto_vbus_discharge(port, true); + tcpm_set_cc(port, tcpm_rp_cc(port)); + tcpm_set_vbus(port, true); + /* + * allow time VBUS ramp-up, must be < tNewSrc + * Also, this window overlaps with CC debounce as well. + * So, Wait for the max of two which is PD_T_NEWSRC + */ + tcpm_set_state(port, PR_SWAP_SNK_SRC_SOURCE_ON_VBUS_RAMPED_UP, + PD_T_NEWSRC); + break; + case PR_SWAP_SNK_SRC_SOURCE_ON_VBUS_RAMPED_UP: + /* + * USB PD standard, 6.2.1.4: + * "Subsequent Messages initiated by the Policy Engine, + * such as the PS_RDY Message sent to indicate that Vbus + * is ready, will have the Port Power Role field set to + * Source." + */ + tcpm_set_pwr_role(port, TYPEC_SOURCE); + tcpm_pd_send_control(port, PD_CTRL_PS_RDY); + tcpm_set_state(port, SRC_STARTUP, PD_T_SWAP_SRC_START); + break; +#endif + case GET_STATUS_SEND: + tcpm_pd_send_control(port, PD_CTRL_GET_STATUS); + tcpm_set_state(port, GET_STATUS_SEND_TIMEOUT, + PD_T_SENDER_RESPONSE); + break; + case GET_STATUS_SEND_TIMEOUT: + tcpm_set_state(port, ready_state(port), 0); + break; + case GET_PPS_STATUS_SEND: + tcpm_pd_send_control(port, PD_CTRL_GET_PPS_STATUS); + tcpm_set_state(port, GET_PPS_STATUS_SEND_TIMEOUT, + PD_T_SENDER_RESPONSE); + break; + case GET_PPS_STATUS_SEND_TIMEOUT: + tcpm_set_state(port, ready_state(port), 0); + break; + case GET_SINK_CAP: + tcpm_pd_send_control(port, PD_CTRL_GET_SINK_CAP); + tcpm_set_state(port, GET_SINK_CAP_TIMEOUT, PD_T_SENDER_RESPONSE); + break; + case GET_SINK_CAP_TIMEOUT: + tcpm_set_state(port, ready_state(port), 0); + break; + case ERROR_RECOVERY: + tcpm_set_state(port, PORT_RESET, 0); + break; + case PORT_RESET: + tcpm_reset_port(port); + tcpm_set_cc(port, TYPEC_CC_OPEN); + tcpm_set_state(port, PORT_RESET_WAIT_OFF, + PD_T_ERROR_RECOVERY); + break; + case PORT_RESET_WAIT_OFF: + tcpm_set_state(port, + tcpm_default_state(port), + port->vbus_present ? PD_T_PS_SOURCE_OFF : 0); + break; + default: + printf("Unexpected port state %d\n", port->state); + break; + } +} + +static void tcpm_state_machine(struct tcpm_port *port) +{ + enum tcpm_state prev_state; + + mutex_lock(&port->lock); + port->state_machine_running = true; + + if (port->queued_message && tcpm_send_queued_message(port)) + goto done; + + /* If we were queued due to a delayed state change, update it now */ + if (port->delayed_state) { + debug("state change %s -> %s [delayed %ld ms]\n", + tcpm_states[port->state], + tcpm_states[port->delayed_state], port->delay_ms); + port->prev_state = port->state; + port->state = port->delayed_state; + port->delayed_state = INVALID_STATE; + } + + /* + * Continue running as long as we have (non-delayed) state changes + * to make. + */ + do { + prev_state = port->state; + run_state_machine(port); + if (port->queued_message) + tcpm_send_queued_message(port); + } while (port->state != prev_state && !port->delayed_state); + +done: + port->state_machine_running = false; + mutex_unlock(&port->lock); +} + +static void _tcpm_cc_change(struct tcpm_port *port, enum typec_cc_status cc1, + enum typec_cc_status cc2) +{ + enum typec_cc_status old_cc1, old_cc2; + enum tcpm_state new_state; + + old_cc1 = port->cc1; + old_cc2 = port->cc2; + port->cc1 = cc1; + port->cc2 = cc2; + + debug("CC1: %u -> %u, CC2: %u -> %u [state %s, polarity %d, %s]\n", + old_cc1, cc1, old_cc2, cc2, tcpm_states[port->state], + port->polarity, + tcpm_port_is_disconnected(port) ? "disconnected" : "connected"); + + switch (port->state) { + case TOGGLING: + if (tcpm_port_is_debug(port) || tcpm_port_is_audio(port) || + tcpm_port_is_source(port)) + tcpm_set_state(port, SRC_ATTACH_WAIT, 0); + else if (tcpm_port_is_sink(port)) + tcpm_set_state(port, SNK_ATTACH_WAIT, 0); + break; + case SRC_UNATTACHED: + case ACC_UNATTACHED: + if (tcpm_port_is_debug(port) || tcpm_port_is_audio(port) || + tcpm_port_is_source(port)) + tcpm_set_state(port, SRC_ATTACH_WAIT, 0); + break; + case SRC_ATTACH_WAIT: + if (tcpm_port_is_disconnected(port) || + tcpm_port_is_audio_detached(port)) + tcpm_set_state(port, SRC_UNATTACHED, 0); + else if (cc1 != old_cc1 || cc2 != old_cc2) + tcpm_set_state(port, SRC_ATTACH_WAIT, 0); + break; + case SRC_ATTACHED: + case SRC_SEND_CAPABILITIES: + case SRC_READY: + if (tcpm_port_is_disconnected(port) || + !tcpm_port_is_source(port)) + tcpm_set_state(port, SRC_UNATTACHED, 0); + break; + case SNK_UNATTACHED: + if (tcpm_port_is_sink(port)) + tcpm_set_state(port, SNK_ATTACH_WAIT, 0); + break; + case SNK_ATTACH_WAIT: + if ((port->cc1 == TYPEC_CC_OPEN && + port->cc2 != TYPEC_CC_OPEN) || + (port->cc1 != TYPEC_CC_OPEN && + port->cc2 == TYPEC_CC_OPEN)) + new_state = SNK_DEBOUNCED; + else if (tcpm_port_is_disconnected(port)) + new_state = SNK_UNATTACHED; + else + break; + if (new_state != port->delayed_state) + tcpm_set_state(port, SNK_ATTACH_WAIT, 0); + break; + case SNK_DEBOUNCED: + if (tcpm_port_is_disconnected(port)) + new_state = SNK_UNATTACHED; + else if (port->vbus_present) + new_state = tcpm_try_src(port) ? SRC_TRY : SNK_ATTACHED; + else + new_state = SNK_UNATTACHED; + if (new_state != port->delayed_state) + tcpm_set_state(port, SNK_DEBOUNCED, 0); + break; + case SNK_READY: + if (tcpm_port_is_disconnected(port)) + tcpm_set_state(port, unattached_state(port), 0); + else if (!port->pd_capable && + (cc1 != old_cc1 || cc2 != old_cc2)) + tcpm_set_current_limit(port, + tcpm_get_current_limit(port), + 5000); + break; + + case AUDIO_ACC_ATTACHED: + if (cc1 == TYPEC_CC_OPEN || cc2 == TYPEC_CC_OPEN) + tcpm_set_state(port, AUDIO_ACC_DEBOUNCE, 0); + break; + case AUDIO_ACC_DEBOUNCE: + if (tcpm_port_is_audio(port)) + tcpm_set_state(port, AUDIO_ACC_ATTACHED, 0); + break; + + case DEBUG_ACC_ATTACHED: + if (cc1 == TYPEC_CC_OPEN || cc2 == TYPEC_CC_OPEN) + tcpm_set_state(port, ACC_UNATTACHED, 0); + break; + + case SNK_TRY: + /* Do nothing, waiting for timeout */ + break; + + case SNK_DISCOVERY: + /* CC line is unstable, wait for debounce */ + if (tcpm_port_is_disconnected(port)) + tcpm_set_state(port, SNK_DISCOVERY_DEBOUNCE, 0); + break; + case SNK_DISCOVERY_DEBOUNCE: + break; + + case SRC_TRYWAIT: + /* Hand over to state machine if needed */ + if (!port->vbus_present && tcpm_port_is_source(port)) + tcpm_set_state(port, SRC_TRYWAIT_DEBOUNCE, 0); + break; + case SRC_TRYWAIT_DEBOUNCE: + if (port->vbus_present || !tcpm_port_is_source(port)) + tcpm_set_state(port, SRC_TRYWAIT, 0); + break; + case SNK_TRY_WAIT_DEBOUNCE: + if (!tcpm_port_is_sink(port)) { + port->max_wait = 0; + tcpm_set_state(port, SRC_TRYWAIT, 0); + } + break; + case SRC_TRY_WAIT: + if (tcpm_port_is_source(port)) + tcpm_set_state(port, SRC_TRY_DEBOUNCE, 0); + break; + case SRC_TRY_DEBOUNCE: + tcpm_set_state(port, SRC_TRY_WAIT, 0); + break; + case SNK_TRYWAIT_DEBOUNCE: + if (tcpm_port_is_sink(port)) + tcpm_set_state(port, SNK_TRYWAIT_VBUS, 0); + break; + case SNK_TRYWAIT_VBUS: + if (!tcpm_port_is_sink(port)) + tcpm_set_state(port, SNK_TRYWAIT_DEBOUNCE, 0); + break; + case SNK_TRYWAIT: + /* Do nothing, waiting for tCCDebounce */ + break; + case PR_SWAP_SNK_SRC_SINK_OFF: + case PR_SWAP_SRC_SNK_TRANSITION_OFF: + case PR_SWAP_SRC_SNK_SOURCE_OFF: + case PR_SWAP_SRC_SNK_SOURCE_OFF_CC_DEBOUNCED: + case PR_SWAP_SNK_SRC_SOURCE_ON: + /* + * CC state change is expected in PR_SWAP + * Ignore it. + */ + break; + + case PORT_RESET: + case PORT_RESET_WAIT_OFF: + /* + * State set back to default mode once the timer completes. + * Ignore CC changes here. + */ + break; + default: + /* + * While acting as sink and auto vbus discharge is enabled, Allow disconnect + * to be driven by vbus disconnect. + */ + if (tcpm_port_is_disconnected(port)) + tcpm_set_state(port, unattached_state(port), 0); + break; + } +} + +static void _tcpm_pd_vbus_on(struct tcpm_port *port) +{ + debug("%s: VBUS on\n", __func__); + port->vbus_present = true; + /* + * When vbus_present is true i.e. Voltage at VBUS is greater than VSAFE5V implicitly + * states that vbus is not at VSAFE0V, hence clear the vbus_vsafe0v flag here. + */ + port->vbus_vsafe0v = false; + + switch (port->state) { + case SNK_TRANSITION_SINK_VBUS: + port->explicit_contract = true; + tcpm_set_state(port, SNK_READY, 0); + break; + case SNK_DISCOVERY: + tcpm_set_state(port, SNK_DISCOVERY, 0); + break; + case SNK_DEBOUNCED: + tcpm_set_state(port, SNK_ATTACHED, 0); + break; + case SNK_HARD_RESET_WAIT_VBUS: + tcpm_set_state(port, SNK_HARD_RESET_SINK_ON, 0); + break; + case SRC_ATTACHED: + tcpm_set_state(port, SRC_STARTUP, 0); + break; + case SRC_HARD_RESET_VBUS_ON: + tcpm_set_state(port, SRC_STARTUP, 0); + break; + + case SNK_TRY: + /* Do nothing, waiting for timeout */ + break; + case SRC_TRYWAIT: + /* Do nothing, Waiting for Rd to be detected */ + break; + case SRC_TRYWAIT_DEBOUNCE: + tcpm_set_state(port, SRC_TRYWAIT, 0); + break; + case SNK_TRY_WAIT_DEBOUNCE: + /* Do nothing, waiting for PD_DEBOUNCE to do be done */ + break; + case SNK_TRYWAIT: + /* Do nothing, waiting for tCCDebounce */ + break; + case SNK_TRYWAIT_VBUS: + if (tcpm_port_is_sink(port)) + tcpm_set_state(port, SNK_ATTACHED, 0); + break; + case SNK_TRYWAIT_DEBOUNCE: + /* Do nothing, waiting for Rp */ + break; + case SRC_TRY_WAIT: + case SRC_TRY_DEBOUNCE: + /* Do nothing, waiting for sink detection */ + break; + + case PORT_RESET: + case PORT_RESET_WAIT_OFF: + /* + * State set back to default mode once the timer completes. + * Ignore vbus changes here. + */ + break; + + default: + break; + } +} + +static void _tcpm_pd_vbus_off(struct tcpm_port *port) +{ + debug("%s: VBUS off\n", __func__); + port->vbus_present = false; + port->vbus_never_low = false; + switch (port->state) { + case SNK_HARD_RESET_SINK_OFF: + tcpm_set_state(port, SNK_HARD_RESET_WAIT_VBUS, 0); + break; + case HARD_RESET_SEND: + break; + case SNK_TRY: + /* Do nothing, waiting for timeout */ + break; + case SRC_TRYWAIT: + /* Hand over to state machine if needed */ + if (tcpm_port_is_source(port)) + tcpm_set_state(port, SRC_TRYWAIT_DEBOUNCE, 0); + break; + case SNK_TRY_WAIT_DEBOUNCE: + /* Do nothing, waiting for PD_DEBOUNCE to do be done */ + break; + case SNK_TRYWAIT: + case SNK_TRYWAIT_VBUS: + case SNK_TRYWAIT_DEBOUNCE: + break; + case SNK_ATTACH_WAIT: + port->debouncing = false; + tcpm_set_state(port, SNK_UNATTACHED, 0); + break; + + case SNK_NEGOTIATE_CAPABILITIES: + break; + + case PR_SWAP_SRC_SNK_TRANSITION_OFF: + tcpm_set_state(port, PR_SWAP_SRC_SNK_SOURCE_OFF, 0); + break; + + case PR_SWAP_SNK_SRC_SINK_OFF: + /* Do nothing, expected */ + break; + + case PR_SWAP_SNK_SRC_SOURCE_ON: + /* + * Do nothing when vbus off notification is received. + * TCPM can wait for PD_T_NEWSRC in PR_SWAP_SNK_SRC_SOURCE_ON + * for the vbus source to ramp up. + */ + break; + + case PORT_RESET_WAIT_OFF: + tcpm_set_state(port, tcpm_default_state(port), 0); + break; + + case SRC_TRY_WAIT: + case SRC_TRY_DEBOUNCE: + /* Do nothing, waiting for sink detection */ + break; + + case PORT_RESET: + /* + * State set back to default mode once the timer completes. + * Ignore vbus changes here. + */ + break; + + default: + if (port->pwr_role == TYPEC_SINK && port->attached) + tcpm_set_state(port, SNK_UNATTACHED, 0); + break; + } +} + +static void _tcpm_pd_hard_reset(struct tcpm_port *port) +{ + debug("Received hard reset\n"); + port->poll_event_cnt = 0; + + /* If a hard reset message is received during the port reset process, + * we should ignore it, that is, do not set port->state to HARD_RESET_START. + */ + if (port->state == PORT_RESET || port->state == PORT_RESET_WAIT_OFF) + return ; + + /* + * If we keep receiving hard reset requests, executing the hard reset + * must have failed. Revert to error recovery if that happens. + */ + tcpm_set_state(port, + port->hard_reset_count < PD_N_HARD_RESET_COUNT ? + HARD_RESET_START : ERROR_RECOVERY, + 0); +} + +#if 0 +static void tcpm_pd_event_handler(struct tcpm_port *port) +{ + u32 events; + + while (port->pd_events) { + events = port->pd_events; + port->pd_events = 0; + if (events & TCPM_RESET_EVENT) + _tcpm_pd_hard_reset(port); + if (events & TCPM_VBUS_EVENT) { + bool vbus; + + vbus = port->tcpc->get_vbus(port->tcpc); + if (vbus) { + _tcpm_pd_vbus_on(port); + } else { + _tcpm_pd_vbus_off(port); + /* + * When TCPC does not support detecting vsafe0v voltage level, + * treat vbus absent as vsafe0v. Else invoke is_vbus_vsafe0v + * to see if vbus has discharge to VSAFE0V. + */ + if (!port->tcpc->is_vbus_vsafe0v || + port->tcpc->is_vbus_vsafe0v(port->tcpc)) + _tcpm_pd_vbus_vsafe0v(port); + } + } + if (events & TCPM_CC_EVENT) { + enum typec_cc_status cc1, cc2; + + if (port->tcpc->get_cc(port->tcpc, &cc1, &cc2) == 0) + _tcpm_cc_change(port, cc1, cc2); + } + if (events & TCPM_FRS_EVENT) { + if (port->state == SNK_READY) { + int ret; + + port->upcoming_state = FR_SWAP_SEND; + ret = tcpm_ams_start(port, FAST_ROLE_SWAP); + if (ret == -EAGAIN) + port->upcoming_state = INVALID_STATE; + } else { + tcpm_log(port, "Discarding FRS_SIGNAL! Not in sink ready"); + } + } + if (events & TCPM_SOURCING_VBUS) { + tcpm_log(port, "sourcing vbus"); + /* + * In fast role swap case TCPC autonomously sources vbus. Set vbus_source + * true as TCPM wouldn't have called tcpm_set_vbus. + * + * When vbus is sourced on the command on TCPM i.e. TCPM called + * tcpm_set_vbus to source vbus, vbus_source would already be true. + */ + port->vbus_source = true; + _tcpm_pd_vbus_on(port); + } + } +} +#endif + +void tcpm_cc_change(struct tcpm_port *port) +{ + enum typec_cc_status cc1, cc2; + + port->poll_event_cnt = 0; + if (port->tcpc->get_cc(port->tcpc, &cc1, &cc2) == 0) + _tcpm_cc_change(port, cc1, cc2); +} +EXPORT_SYMBOL_GPL(tcpm_cc_change); + +void tcpm_vbus_change(struct tcpm_port *port) +{ + bool vbus; + + port->poll_event_cnt = 0; + vbus = port->tcpc->get_vbus(port->tcpc); + if (vbus) + _tcpm_pd_vbus_on(port); + else + _tcpm_pd_vbus_off(port); +} +EXPORT_SYMBOL_GPL(tcpm_vbus_change); + +void tcpm_pd_hard_reset(struct tcpm_port *port) +{ + port->poll_event_cnt = 0; + _tcpm_pd_hard_reset(port); +} +EXPORT_SYMBOL_GPL(tcpm_pd_hard_reset); + +static void tcpm_init(struct tcpm_port *port) +{ + enum typec_cc_status cc1, cc2; + + port->tcpc->init(port->tcpc); + + tcpm_reset_port(port); + + /* + * XXX + * Should possibly wait for VBUS to settle if it was enabled locally + * since tcpm_reset_port() will disable VBUS. + */ + port->vbus_present = port->tcpc->get_vbus(port->tcpc); + if (port->vbus_present) + port->vbus_never_low = true; + + /* + * 1. When vbus_present is true, voltage on VBUS is already at VSAFE5V. + * So implicitly vbus_vsafe0v = false. + * + * 2. When vbus_present is false and TCPC does NOT support querying + * vsafe0v status, then, it's best to assume vbus is at VSAFE0V i.e. + * vbus_vsafe0v is true. + * + * 3. When vbus_present is false and TCPC does support querying vsafe0v, + * then, query tcpc for vsafe0v status. + */ + if (port->vbus_present) + port->vbus_vsafe0v = false; + else if (!port->tcpc->is_vbus_vsafe0v) + port->vbus_vsafe0v = true; + else + port->vbus_vsafe0v = port->tcpc->is_vbus_vsafe0v(port->tcpc); + + tcpm_set_state(port, tcpm_default_state(port), 0); + + if (port->tcpc->get_cc(port->tcpc, &cc1, &cc2) == 0) + _tcpm_cc_change(port, cc1, cc2); +} + +void tcpm_tcpc_reset(struct tcpm_port *port) +{ + mutex_lock(&port->lock); + /* XXX: Maintain PD connection if possible? */ + tcpm_init(port); + mutex_unlock(&port->lock); +} +EXPORT_SYMBOL_GPL(tcpm_tcpc_reset); + +static int tcpm_fw_get_caps(struct tcpm_port *port) +{ + const char *cap_str; + ofnode node = port->tcpc->connector_node; + int ret; + u32 mw, frs_current; + +#if 0 + /* USB data support is optional */ + cap_str = ofnode_read_string(node, "data-role"); + if (cap_str) { + ret = typec_find_port_data_role(cap_str); + if (ret < 0) + return ret; + port->typec_caps.data = ret; + } +#endif + + cap_str = ofnode_read_string(node, "power-role"); + if (!cap_str) { + return -EINVAL; + } else { + if (!strcmp("dual", cap_str)) + port->typec_caps.type = TYPEC_PORT_DRP; + else if (!strcmp("source", cap_str)) + port->typec_caps.type = TYPEC_PORT_SRC; + else if (!strcmp("sink", cap_str)) + port->typec_caps.type = TYPEC_PORT_SNK; + else + return EINVAL; + } + + port->port_type = port->typec_caps.type; + + port->slow_charger_loop = ofnode_read_bool(node, "slow-charger-loop"); + if (port->port_type == TYPEC_PORT_SNK) + goto sink; + + /* Get source pdos */ + ret = ofnode_read_size(node, "source-pdos") / sizeof(u32); + if (ret <= 0) + return -EINVAL; + + port->nr_src_pdo = min(ret, PDO_MAX_OBJECTS); + ret = ofnode_read_u32_array(node, "source-pdos", + port->src_pdo, port->nr_src_pdo); + if (ret || tcpm_validate_caps(port, port->src_pdo, + port->nr_src_pdo)) + return -EINVAL; + + if (port->port_type == TYPEC_PORT_SRC) + return 0; + + /* Get the preferred power role for DRP */ + cap_str = ofnode_read_string(node, "try-power-role"); + if (!cap_str) { + return -EINVAL; + } else { + if (!strcmp("sink", cap_str)) + port->typec_caps.prefer_role = TYPEC_SINK; + else if (!strcmp("source", cap_str)) + port->typec_caps.prefer_role = TYPEC_SOURCE; + else + return -EINVAL; + } + if (port->typec_caps.prefer_role < 0) + return -EINVAL; +sink: + /* Get sink pdos */ + ret = ofnode_read_size(node, "sink-pdos") / sizeof(u32); + if (ret <= 0) + return -EINVAL; + + port->nr_snk_pdo = min(ret, PDO_MAX_OBJECTS); + ret = ofnode_read_u32_array(node, "sink-pdos", + port->snk_pdo, port->nr_snk_pdo); + if (ret || tcpm_validate_caps(port, port->snk_pdo, + port->nr_snk_pdo)) + return -EINVAL; + + if (ofnode_read_u32_array(node, "op-sink-microwatt", &mw, 1)) + return -EINVAL; + port->operating_snk_mw = mw / 1000; + + port->self_powered = ofnode_read_bool(node, "self-powered"); + + /* FRS can only be supported by DRP ports */ + if (port->port_type == TYPEC_PORT_DRP) { + ret = ofnode_read_u32_array(node, "new-source-frs-typec-current", + &frs_current, 1); + if (ret >= 0 && frs_current <= FRS_5V_3A) + port->new_source_frs_current = frs_current; + } + + /* sink-vdos is optional */ + ret = ofnode_read_size(node, "sink-vdos") / sizeof(u32); + if (ret < 0) + ret = 0; + + port->nr_snk_vdo = min(ret, VDO_MAX_OBJECTS); + if (port->nr_snk_vdo) { + ret = ofnode_read_u32_array(node, "sink-vdos", + port->snk_vdo, port->nr_snk_vdo); + if (ret) + return ret; + } + + /* If sink-vdos is found, sink-vdos-v1 is expected for backward compatibility. */ + if (port->nr_snk_vdo) { + ret = ofnode_read_size(node, "sink-vdos-v1") / sizeof(u32); + if (ret < 0) + return ret; + else if (ret == 0) + return -ENODATA; + + port->nr_snk_vdo_v1 = min(ret, VDO_MAX_OBJECTS); + ret = ofnode_read_u32_array(node, "sink-vdos-v1", + port->snk_vdo_v1, + port->nr_snk_vdo_v1); + if (ret) + return ret; + } + + return 0; +} + +struct tcpm_port *tcpm_port_init(struct udevice *dev, struct tcpc_dev *tcpc) +{ + struct tcpm_port *port; + int err; + + if (!dev || !tcpc || + !tcpc->get_vbus || !tcpc->set_cc || !tcpc->get_cc || + !tcpc->set_polarity || !tcpc->set_vconn || !tcpc->set_vbus || + !tcpc->set_pd_rx || !tcpc->set_roles || !tcpc->pd_transmit) + return ERR_PTR(-EINVAL); + + port = devm_kzalloc(dev, sizeof(*port), GFP_KERNEL); + if (!port) + return ERR_PTR(-ENOMEM); + + port->dev = dev; + port->tcpc = tcpc; + + err = tcpm_fw_get_caps(port); + if (err < 0) { + printf("%s: please check the dts config of %s node(%d)\n", + __func__, dev_read_name(dev), err); + return ERR_PTR(err); + } + + port->try_role = port->typec_caps.prefer_role; + + port->typec_caps.revision = 0x0120; /* Type-C spec release 1.2 */ + port->typec_caps.pd_revision = 0x0300; /* USB-PD spec release 3.0 */ + port->typec_caps.svdm_version = SVDM_VER_2_0; + port->typec_caps.driver_data = port; + port->typec_caps.orientation_aware = 1; + + port->port_type = port->typec_caps.type; + + tcpm_init(port); + + printf("%s: init finished\n", dev_read_name(dev)); + + return port; +} +EXPORT_SYMBOL_GPL(tcpm_port_init); + +void tcpm_poll_event(struct tcpm_port *port) +{ + if (!port->tcpc->get_vbus(port->tcpc)) + return ; + + while (port->poll_event_cnt < TCPM_POLL_EVENT_TIME_OUT) { + if (!port->wait_dr_swap_Message && + ((port->state == SNK_READY) || + (port->state == SRC_READY) || + (port->state == DEBUG_ACC_ATTACHED) || + (port->state == AUDIO_ACC_ATTACHED))) + break; + port->tcpc->poll_event(port->tcpc); + port->poll_event_cnt++; + udelay(500); + + if (port->delayed_state == SOFT_RESET_SEND) { + if (port->delay_ms -- == 0) { + tcpm_state_machine(port); + } + } + } + + /* + * At this time, call the callback function of the respective pd chip + * to enter the low-power mode. In order to reduce the time spent on + * the PD chip driver as much as possible, the tcpm framework does not + * fully process the communication initiated by the device,so it should + * be noted that we can disable the internal oscillator, etc., but do + * not turn off the power of the transceiver module, otherwise the + * self-powered Type-C device will initiate a Message(eg: self-powered + * Type-C hub initiates a SINK capability request(PD_CTRL_GET_SINK_CAP)) + * and the pd chip cannot reply to GoodCRC, causing the self-powered Type-C + * device to switch vbus to vSafe5v, or even turn off vbus. + */ + if (port->tcpc->enter_low_power_mode) { + if (port->tcpc->enter_low_power_mode(port->tcpc, + port->attached, + port->pd_capable)) + printf("failed to enter low power\n"); + else + printf("PD chip enter low power mode\n"); + } +} +EXPORT_SYMBOL_GPL(tcpm_poll_event); + +int tcpm_get_voltage(struct tcpm_port *port) +{ + return port->supply_voltage * 1000; +} +EXPORT_SYMBOL_GPL(tcpm_get_voltage); + +int tcpm_get_current(struct tcpm_port *port) +{ + return port->current_limit * 1000; +} +EXPORT_SYMBOL_GPL(tcpm_get_voltage); + +int tcpm_get_online(struct tcpm_port *port) +{ + if (port->state == SNK_READY) + return 1; + else + return 0; +} +EXPORT_SYMBOL_GPL(tcpm_get_online); + +void tcpm_uninit_port(struct tcpm_port *port) +{ + tcpm_reset_port(port); +} +EXPORT_SYMBOL_GPL(tcpm_unregister_port); diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig index 94629dff..1c66614b 100644 --- a/drivers/tpm/Kconfig +++ b/drivers/tpm/Kconfig @@ -145,6 +145,18 @@ config TPM2_TIS_SPI to the device using the standard TPM Interface Specification (TIS) protocol. +config TPM_Z32H330TC_SPI + bool "STMicroelectronics Z32H330TC SPI TPM" + depends on TPM_V2 && DM_SPI + ---help--- + This driver supports STMicroelectronics TPM devices connected on the SPI bus. + The usual tpm operations and the 'tpm' command can be used to talk + to the device using the standard TPM Interface Specification (TIS) + protocol + +config CMD_MEASURED_BOOT + bool "Enable support for measured_boot to bootcmd" + endif # TPM_V2 endmenu diff --git a/include/configs/light-c910.h b/include/configs/light-c910.h index 04d2ab8f..d3b87ed5 100644 --- a/include/configs/light-c910.h +++ b/include/configs/light-c910.h @@ -79,16 +79,15 @@ /* trust image name string */ -#define TF_IMG_UPD_NAME "stashtf" -#define TEE_IMG_UPD_NAME "stashtee" #define UBOOT_IMG_UPD_NAME "stashuboot" -#define SBMETA_IMG_UPD_NAME "stashsbmeta" #define TF_PART_NAME "tf" #define TEE_PART_NAME "tee" #define UBOOT_PART_NAME "uboot" #define STASH_PART_NAME "stash" #define KERNEL_PART_NAME "kernel" #define SBMETA_PART_NAME "sbmeta" +/* Define the NV partition name */ +#define NV_PARTITION_NAME "nv" #define UBOOT_STAGE_ADDR SRAM_BASE_ADDR @@ -100,10 +99,10 @@ #define CONFIG_BMP_32BPP /* security upgrade flag */ -#define TF_SEC_UPGRADE_FLAG 0x5555aaaa -#define TEE_SEC_UPGRADE_FLAG 0x5a5aa5a5 #define UBOOT_SEC_UPGRADE_FLAG 0xa5a5aa55 -#define SBMETA_SEC_UPGRADE_FLAG 0xaaaa5555 +#define SEC_IMG_UPGRADE_FLAG 0x5a5a +#define BOOT_IMG_UPGRADE_FLAG 0xa500 +#define ROOT_IMG_UPGRADE_FLAG 0xa5 /* Define secure debug log level */ #define LOG_LEVEL 1 diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index 0c563d89..8af42455 100644 --- a/include/dm/uclass-id.h +++ b/include/dm/uclass-id.h @@ -115,7 +115,12 @@ enum uclass_id { UCLASS_W1, /* Dallas 1-Wire bus */ UCLASS_W1_EEPROM, /* one-wire EEPROMs */ UCLASS_WDT, /* Watchdog Timer driver */ - + UCLASS_FG, /* Fuel gauge */ + UCLASS_CHARGE_DISPLAY, /* Charge display */ + UCLASS_MCU, /* MCU device */ + #ifdef CONFIG_RV_BOOK + UCLASS_PD, /* PD device */ + #endif UCLASS_COUNT, UCLASS_INVALID = -1, }; diff --git a/include/fastboot.h b/include/fastboot.h index bee2a320..df382565 100644 --- a/include/fastboot.h +++ b/include/fastboot.h @@ -15,8 +15,17 @@ #define FASTBOOT_VERSION "0.4" /* The 64 defined bytes plus \0 */ +#if CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION +#define FASTBOOT_COMMAND_LEN (1024 + 1) +#define FASTBOOT_RESPONSE_LEN (1024 + 1) +#else #define FASTBOOT_COMMAND_LEN (64 + 1) +#ifdef CONFIG_FASTBOOT_ECIES_AUTH +#define FASTBOOT_RESPONSE_LEN (1024 + 1) +#else #define FASTBOOT_RESPONSE_LEN (64 + 1) +#endif +#endif /** * All known commands to fastboot @@ -49,6 +58,11 @@ enum { FASTBOOT_COMMAND_UCMD, #endif FASTBOOT_COMMAND_OEM_COMMAND, +#if CONFIG_FASTBOOT_CMD_OEM_NV_OPERATION + FASTBOOT_COMMAND_OEM_NV_GET, + FASTBOOT_COMMAND_OEM_NV_SET, + FASTBOOT_COMMAND_OEM_FCTY, +#endif FASTBOOT_COMMAND_COUNT }; diff --git a/include/mcu/mcu-uclass.h b/include/mcu/mcu-uclass.h new file mode 100755 index 00000000..a90d59e8 --- /dev/null +++ b/include/mcu/mcu-uclass.h @@ -0,0 +1,23 @@ +#ifndef __MCU_H +#define __MCU_H + +struct mcu_ops { + int (*shutdown)(struct udevice *dev); + int (*poweron)(struct udevice *dev); +}; + +/** + * mcu_shutdown() - power off supplies + * + * @return 0 on success or negative value of errno. + */ +int mcu_shutdown(void); + +/** + * mcu_poweron() - power on supplies + * + * @return 0 on success or negative value of errno. + */ +int mcu_poweron(void); + +#endif diff --git a/include/power/charge_animation.h b/include/power/charge_animation.h new file mode 100755 index 00000000..00653347 --- /dev/null +++ b/include/power/charge_animation.h @@ -0,0 +1,33 @@ +/* + * (C) Copyright 2017 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef _CHARGE_ANIMATION_H_ +#define _CHARGE_ANIMATION_H_ + +struct regulator_mem { + struct udevice *dev; + bool enable; +}; + +struct charge_animation_pdata { + int android_charge; /* android charge, 1: enable, 0: disable */ + int uboot_charge; /* u-boot charge, 1: enable, 0: disable */ + + int auto_exit_charge; /* energy enough auto exit uboot charging*/ + int exit_charge_voltage;/* lowest voltage allowed to exit charging */ + int exit_charge_level; /* lowest soc level allowed to exit charging */ + int low_power_voltage; /* below this voltage, force system into charge mode anyway */ + int screen_on_voltage; /* lowest voltage allowed to turn on screen */ + + int system_suspend; /* enter ATF system suspend, 1: enable, 0: disable */ + int auto_wakeup_interval;/* timeout seconds to auto wakeup system */ + int auto_wakeup_screen_invert;/* auto wakeup system, 1: enable, 0: disable */ + int auto_off_screen_interval;/* timeout seconds to auto turn off screen */ + + struct regulator_mem *regulators_mem; /* assigned regulator suspend state */ +}; + +#endif diff --git a/include/power/charge_display.h b/include/power/charge_display.h new file mode 100755 index 00000000..3077b7b8 --- /dev/null +++ b/include/power/charge_display.h @@ -0,0 +1,17 @@ +/* + * (C) Copyright 2017 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef _CHARGE_DISPLAY_H_ +#define _CHARGE_DISPLAY_H_ + +struct dm_charge_display_ops { + int (*show)(struct udevice *dev); +}; + +int charge_display(void); +int charge_display_show(struct udevice *dev); + +#endif diff --git a/include/power/fuel_gauge.h b/include/power/fuel_gauge.h new file mode 100755 index 00000000..7f7421d7 --- /dev/null +++ b/include/power/fuel_gauge.h @@ -0,0 +1,46 @@ +/* + * (C) Copyright 2017 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef _FUEL_GAUGE_H_ +#define _FUEL_GAUGE_H_ + +#ifndef BIT +#define BIT(nr) (1 << (nr)) +#endif + +/* Capability */ +#define FG_CAP_FUEL_GAUGE BIT(0) +#define FG_CAP_CHARGER BIT(1) + +struct dm_fuel_gauge_ops { + int (*capability)(struct udevice *dev); + int (*bat_is_exist)(struct udevice *dev); + int (*get_soc)(struct udevice *dev); + int (*get_voltage)(struct udevice *dev); + int (*get_current)(struct udevice *dev); + int (*get_temperature)(struct udevice *dev, int *temp); + bool (*get_chrg_online)(struct udevice *dev); + int (*set_charger_voltage)(struct udevice *dev, int uV); + int (*set_charger_enable)(struct udevice *dev); + int (*set_charger_disable)(struct udevice *dev); + int (*set_iprechg_current)(struct udevice *dev, int iprechrg_uA); + int (*set_charger_current)(struct udevice *dev, int ichrg_uA); +}; + +int fuel_gauge_capability(struct udevice *dev); +int fuel_gauge_bat_is_exist(struct udevice *dev); +int fuel_gauge_update_get_soc(struct udevice *dev); +int fuel_gauge_get_voltage(struct udevice *dev); +int fuel_gauge_get_current(struct udevice *dev); +bool fuel_gauge_get_chrg_online(struct udevice *dev); +int fuel_gauge_get_temperature(struct udevice *dev, int *temp); +int charger_set_charger_voltage(struct udevice *dev, int uV); +int charger_set_iprechg_current(struct udevice *dev, int iprechrg_uA); +int charger_set_current(struct udevice *dev, int ichrg_uA); +int charger_set_enable(struct udevice *dev); +int charger_set_disable(struct udevice *dev); + +#endif diff --git a/include/power/power_delivery/pd.h b/include/power/power_delivery/pd.h new file mode 100755 index 00000000..3c9886b0 --- /dev/null +++ b/include/power/power_delivery/pd.h @@ -0,0 +1,498 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Copyright 2015-2017 Google, Inc + */ + +#ifndef __LINUX_USB_PD_H +#define __LINUX_USB_PD_H + +#include +#include +#include "typec.h" + +/* USB PD Messages */ +enum pd_ctrl_msg_type { + /* 0 Reserved */ + PD_CTRL_GOOD_CRC = 1, + PD_CTRL_GOTO_MIN = 2, + PD_CTRL_ACCEPT = 3, + PD_CTRL_REJECT = 4, + PD_CTRL_PING = 5, + PD_CTRL_PS_RDY = 6, + PD_CTRL_GET_SOURCE_CAP = 7, + PD_CTRL_GET_SINK_CAP = 8, + PD_CTRL_DR_SWAP = 9, + PD_CTRL_PR_SWAP = 10, + PD_CTRL_VCONN_SWAP = 11, + PD_CTRL_WAIT = 12, + PD_CTRL_SOFT_RESET = 13, + /* 14-15 Reserved */ + PD_CTRL_NOT_SUPP = 16, + PD_CTRL_GET_SOURCE_CAP_EXT = 17, + PD_CTRL_GET_STATUS = 18, + PD_CTRL_FR_SWAP = 19, + PD_CTRL_GET_PPS_STATUS = 20, + PD_CTRL_GET_COUNTRY_CODES = 21, + /* 22-31 Reserved */ +}; + +enum pd_data_msg_type { + /* 0 Reserved */ + PD_DATA_SOURCE_CAP = 1, + PD_DATA_REQUEST = 2, + PD_DATA_BIST = 3, + PD_DATA_SINK_CAP = 4, + PD_DATA_BATT_STATUS = 5, + PD_DATA_ALERT = 6, + PD_DATA_GET_COUNTRY_INFO = 7, + PD_DATA_ENTER_USB = 8, + /* 9-14 Reserved */ + PD_DATA_VENDOR_DEF = 15, + /* 16-31 Reserved */ +}; + +enum pd_ext_msg_type { + /* 0 Reserved */ + PD_EXT_SOURCE_CAP_EXT = 1, + PD_EXT_STATUS = 2, + PD_EXT_GET_BATT_CAP = 3, + PD_EXT_GET_BATT_STATUS = 4, + PD_EXT_BATT_CAP = 5, + PD_EXT_GET_MANUFACTURER_INFO = 6, + PD_EXT_MANUFACTURER_INFO = 7, + PD_EXT_SECURITY_REQUEST = 8, + PD_EXT_SECURITY_RESPONSE = 9, + PD_EXT_FW_UPDATE_REQUEST = 10, + PD_EXT_FW_UPDATE_RESPONSE = 11, + PD_EXT_PPS_STATUS = 12, + PD_EXT_COUNTRY_INFO = 13, + PD_EXT_COUNTRY_CODES = 14, + /* 15-31 Reserved */ +}; + +#define PD_REV10 0x0 +#define PD_REV20 0x1 +#define PD_REV30 0x2 +#define PD_MAX_REV PD_REV30 + +#define PD_HEADER_EXT_HDR BIT(15) +#define PD_HEADER_CNT_SHIFT 12 +#define PD_HEADER_CNT_MASK 0x7 +#define PD_HEADER_ID_SHIFT 9 +#define PD_HEADER_ID_MASK 0x7 +#define PD_HEADER_PWR_ROLE BIT(8) +#define PD_HEADER_REV_SHIFT 6 +#define PD_HEADER_REV_MASK 0x3 +#define PD_HEADER_DATA_ROLE BIT(5) +#define PD_HEADER_TYPE_SHIFT 0 +#define PD_HEADER_TYPE_MASK 0x1f + +#define PD_HEADER(type, pwr, data, rev, id, cnt, ext_hdr) \ + ((((type) & PD_HEADER_TYPE_MASK) << PD_HEADER_TYPE_SHIFT) | \ + ((pwr) == TYPEC_SOURCE ? PD_HEADER_PWR_ROLE : 0) | \ + ((data) == TYPEC_HOST ? PD_HEADER_DATA_ROLE : 0) | \ + (rev << PD_HEADER_REV_SHIFT) | \ + (((id) & PD_HEADER_ID_MASK) << PD_HEADER_ID_SHIFT) | \ + (((cnt) & PD_HEADER_CNT_MASK) << PD_HEADER_CNT_SHIFT) | \ + ((ext_hdr) ? PD_HEADER_EXT_HDR : 0)) + +#define PD_HEADER_LE(type, pwr, data, rev, id, cnt) \ + cpu_to_le16(PD_HEADER((type), (pwr), (data), (rev), (id), (cnt), (0))) + +static inline unsigned int pd_header_cnt(u16 header) +{ + return (header >> PD_HEADER_CNT_SHIFT) & PD_HEADER_CNT_MASK; +} + +static inline unsigned int pd_header_cnt_le(__le16 header) +{ + return pd_header_cnt(le16_to_cpu(header)); +} + +static inline unsigned int pd_header_type(u16 header) +{ + return (header >> PD_HEADER_TYPE_SHIFT) & PD_HEADER_TYPE_MASK; +} + +static inline unsigned int pd_header_type_le(__le16 header) +{ + return pd_header_type(le16_to_cpu(header)); +} + +static inline unsigned int pd_header_msgid(u16 header) +{ + return (header >> PD_HEADER_ID_SHIFT) & PD_HEADER_ID_MASK; +} + +static inline unsigned int pd_header_msgid_le(__le16 header) +{ + return pd_header_msgid(le16_to_cpu(header)); +} + +static inline unsigned int pd_header_rev(u16 header) +{ + return (header >> PD_HEADER_REV_SHIFT) & PD_HEADER_REV_MASK; +} + +static inline unsigned int pd_header_rev_le(__le16 header) +{ + return pd_header_rev(le16_to_cpu(header)); +} + +#define PD_EXT_HDR_CHUNKED BIT(15) +#define PD_EXT_HDR_CHUNK_NUM_SHIFT 11 +#define PD_EXT_HDR_CHUNK_NUM_MASK 0xf +#define PD_EXT_HDR_REQ_CHUNK BIT(10) +#define PD_EXT_HDR_DATA_SIZE_SHIFT 0 +#define PD_EXT_HDR_DATA_SIZE_MASK 0x1ff + +#define PD_EXT_HDR(data_size, req_chunk, chunk_num, chunked) \ + ((((data_size) & PD_EXT_HDR_DATA_SIZE_MASK) << PD_EXT_HDR_DATA_SIZE_SHIFT) | \ + ((req_chunk) ? PD_EXT_HDR_REQ_CHUNK : 0) | \ + (((chunk_num) & PD_EXT_HDR_CHUNK_NUM_MASK) << PD_EXT_HDR_CHUNK_NUM_SHIFT) | \ + ((chunked) ? PD_EXT_HDR_CHUNKED : 0)) + +#define PD_EXT_HDR_LE(data_size, req_chunk, chunk_num, chunked) \ + cpu_to_le16(PD_EXT_HDR((data_size), (req_chunk), (chunk_num), (chunked))) + +static inline unsigned int pd_ext_header_chunk_num(u16 ext_header) +{ + return (ext_header >> PD_EXT_HDR_CHUNK_NUM_SHIFT) & + PD_EXT_HDR_CHUNK_NUM_MASK; +} + +static inline unsigned int pd_ext_header_data_size(u16 ext_header) +{ + return (ext_header >> PD_EXT_HDR_DATA_SIZE_SHIFT) & + PD_EXT_HDR_DATA_SIZE_MASK; +} + +static inline unsigned int pd_ext_header_data_size_le(__le16 ext_header) +{ + return pd_ext_header_data_size(le16_to_cpu(ext_header)); +} + +#define PD_MAX_PAYLOAD 7 +#define PD_EXT_MAX_CHUNK_DATA 26 + +/** + * struct pd_chunked_ext_message_data - PD chunked extended message data as + * seen on wire + * @header: PD extended message header + * @data: PD extended message data + */ +struct pd_chunked_ext_message_data { + __le16 header; + u8 data[PD_EXT_MAX_CHUNK_DATA]; +} __packed; + +/** + * struct pd_message - PD message as seen on wire + * @header: PD message header + * @payload: PD message payload + * @ext_msg: PD message chunked extended message data + */ +struct pd_message { + __le16 header; + union { + __le32 payload[PD_MAX_PAYLOAD]; + struct pd_chunked_ext_message_data ext_msg; + }; +} __packed; + +/* PDO: Power Data Object */ +#define PDO_MAX_OBJECTS 7 + +enum pd_pdo_type { + PDO_TYPE_FIXED = 0, + PDO_TYPE_BATT = 1, + PDO_TYPE_VAR = 2, + PDO_TYPE_APDO = 3, +}; + +#define PDO_TYPE_SHIFT 30 +#define PDO_TYPE_MASK 0x3 + +#define PDO_TYPE(t) ((t) << PDO_TYPE_SHIFT) + +#define PDO_VOLT_MASK 0x3ff +#define PDO_CURR_MASK 0x3ff +#define PDO_PWR_MASK 0x3ff + +#define PDO_FIXED_DUAL_ROLE BIT(29) /* Power role swap supported */ +#define PDO_FIXED_SUSPEND BIT(28) /* USB Suspend supported (Source) */ +#define PDO_FIXED_HIGHER_CAP BIT(28) /* Requires more than vSafe5V (Sink) */ +#define PDO_FIXED_EXTPOWER BIT(27) /* Externally powered */ +#define PDO_FIXED_USB_COMM BIT(26) /* USB communications capable */ +#define PDO_FIXED_DATA_SWAP BIT(25) /* Data role swap supported */ +#define PDO_FIXED_UNCHUNK_EXT BIT(24) /* Unchunked Extended Message supported (Source) */ +#define PDO_FIXED_FRS_CURR_MASK (BIT(24) | BIT(23)) /* FR_Swap Current (Sink) */ +#define PDO_FIXED_FRS_CURR_SHIFT 23 +#define PDO_FIXED_VOLT_SHIFT 10 /* 50mV units */ +#define PDO_FIXED_CURR_SHIFT 0 /* 10mA units */ + +#define PDO_FIXED_VOLT(mv) ((((mv) / 50) & PDO_VOLT_MASK) << PDO_FIXED_VOLT_SHIFT) +#define PDO_FIXED_CURR(ma) ((((ma) / 10) & PDO_CURR_MASK) << PDO_FIXED_CURR_SHIFT) + +#define PDO_FIXED(mv, ma, flags) \ + (PDO_TYPE(PDO_TYPE_FIXED) | (flags) | \ + PDO_FIXED_VOLT(mv) | PDO_FIXED_CURR(ma)) + +#define VSAFE5V 5000 /* mv units */ + +#define PDO_BATT_MAX_VOLT_SHIFT 20 /* 50mV units */ +#define PDO_BATT_MIN_VOLT_SHIFT 10 /* 50mV units */ +#define PDO_BATT_MAX_PWR_SHIFT 0 /* 250mW units */ + +#define PDO_BATT_MIN_VOLT(mv) ((((mv) / 50) & PDO_VOLT_MASK) << PDO_BATT_MIN_VOLT_SHIFT) +#define PDO_BATT_MAX_VOLT(mv) ((((mv) / 50) & PDO_VOLT_MASK) << PDO_BATT_MAX_VOLT_SHIFT) +#define PDO_BATT_MAX_POWER(mw) ((((mw) / 250) & PDO_PWR_MASK) << PDO_BATT_MAX_PWR_SHIFT) + +#define PDO_BATT(min_mv, max_mv, max_mw) \ + (PDO_TYPE(PDO_TYPE_BATT) | PDO_BATT_MIN_VOLT(min_mv) | \ + PDO_BATT_MAX_VOLT(max_mv) | PDO_BATT_MAX_POWER(max_mw)) + +#define PDO_VAR_MAX_VOLT_SHIFT 20 /* 50mV units */ +#define PDO_VAR_MIN_VOLT_SHIFT 10 /* 50mV units */ +#define PDO_VAR_MAX_CURR_SHIFT 0 /* 10mA units */ + +#define PDO_VAR_MIN_VOLT(mv) ((((mv) / 50) & PDO_VOLT_MASK) << PDO_VAR_MIN_VOLT_SHIFT) +#define PDO_VAR_MAX_VOLT(mv) ((((mv) / 50) & PDO_VOLT_MASK) << PDO_VAR_MAX_VOLT_SHIFT) +#define PDO_VAR_MAX_CURR(ma) ((((ma) / 10) & PDO_CURR_MASK) << PDO_VAR_MAX_CURR_SHIFT) + +#define PDO_VAR(min_mv, max_mv, max_ma) \ + (PDO_TYPE(PDO_TYPE_VAR) | PDO_VAR_MIN_VOLT(min_mv) | \ + PDO_VAR_MAX_VOLT(max_mv) | PDO_VAR_MAX_CURR(max_ma)) + +enum pd_apdo_type { + APDO_TYPE_PPS = 0, +}; + +#define PDO_APDO_TYPE_SHIFT 28 /* Only valid value currently is 0x0 - PPS */ +#define PDO_APDO_TYPE_MASK 0x3 + +#define PDO_APDO_TYPE(t) ((t) << PDO_APDO_TYPE_SHIFT) + +#define PDO_PPS_APDO_MAX_VOLT_SHIFT 17 /* 100mV units */ +#define PDO_PPS_APDO_MIN_VOLT_SHIFT 8 /* 100mV units */ +#define PDO_PPS_APDO_MAX_CURR_SHIFT 0 /* 50mA units */ + +#define PDO_PPS_APDO_VOLT_MASK 0xff +#define PDO_PPS_APDO_CURR_MASK 0x7f + +#define PDO_PPS_APDO_MIN_VOLT(mv) \ + ((((mv) / 100) & PDO_PPS_APDO_VOLT_MASK) << PDO_PPS_APDO_MIN_VOLT_SHIFT) +#define PDO_PPS_APDO_MAX_VOLT(mv) \ + ((((mv) / 100) & PDO_PPS_APDO_VOLT_MASK) << PDO_PPS_APDO_MAX_VOLT_SHIFT) +#define PDO_PPS_APDO_MAX_CURR(ma) \ + ((((ma) / 50) & PDO_PPS_APDO_CURR_MASK) << PDO_PPS_APDO_MAX_CURR_SHIFT) + +#define PDO_PPS_APDO(min_mv, max_mv, max_ma) \ + (PDO_TYPE(PDO_TYPE_APDO) | PDO_APDO_TYPE(APDO_TYPE_PPS) | \ + PDO_PPS_APDO_MIN_VOLT(min_mv) | PDO_PPS_APDO_MAX_VOLT(max_mv) | \ + PDO_PPS_APDO_MAX_CURR(max_ma)) + +static inline enum pd_pdo_type pdo_type(u32 pdo) +{ + return (pdo >> PDO_TYPE_SHIFT) & PDO_TYPE_MASK; +} + +static inline unsigned int pdo_fixed_voltage(u32 pdo) +{ + return ((pdo >> PDO_FIXED_VOLT_SHIFT) & PDO_VOLT_MASK) * 50; +} + +static inline unsigned int pdo_min_voltage(u32 pdo) +{ + return ((pdo >> PDO_VAR_MIN_VOLT_SHIFT) & PDO_VOLT_MASK) * 50; +} + +static inline unsigned int pdo_max_voltage(u32 pdo) +{ + return ((pdo >> PDO_VAR_MAX_VOLT_SHIFT) & PDO_VOLT_MASK) * 50; +} + +static inline unsigned int pdo_max_current(u32 pdo) +{ + return ((pdo >> PDO_VAR_MAX_CURR_SHIFT) & PDO_CURR_MASK) * 10; +} + +static inline unsigned int pdo_max_power(u32 pdo) +{ + return ((pdo >> PDO_BATT_MAX_PWR_SHIFT) & PDO_PWR_MASK) * 250; +} + +static inline enum pd_apdo_type pdo_apdo_type(u32 pdo) +{ + return (pdo >> PDO_APDO_TYPE_SHIFT) & PDO_APDO_TYPE_MASK; +} + +static inline unsigned int pdo_pps_apdo_min_voltage(u32 pdo) +{ + return ((pdo >> PDO_PPS_APDO_MIN_VOLT_SHIFT) & + PDO_PPS_APDO_VOLT_MASK) * 100; +} + +static inline unsigned int pdo_pps_apdo_max_voltage(u32 pdo) +{ + return ((pdo >> PDO_PPS_APDO_MAX_VOLT_SHIFT) & + PDO_PPS_APDO_VOLT_MASK) * 100; +} + +static inline unsigned int pdo_pps_apdo_max_current(u32 pdo) +{ + return ((pdo >> PDO_PPS_APDO_MAX_CURR_SHIFT) & + PDO_PPS_APDO_CURR_MASK) * 50; +} + +/* RDO: Request Data Object */ +#define RDO_OBJ_POS_SHIFT 28 +#define RDO_OBJ_POS_MASK 0x7 +#define RDO_GIVE_BACK BIT(27) /* Supports reduced operating current */ +#define RDO_CAP_MISMATCH BIT(26) /* Not satisfied by source caps */ +#define RDO_USB_COMM BIT(25) /* USB communications capable */ +#define RDO_NO_SUSPEND BIT(24) /* USB Suspend not supported */ + +#define RDO_PWR_MASK 0x3ff +#define RDO_CURR_MASK 0x3ff + +#define RDO_FIXED_OP_CURR_SHIFT 10 +#define RDO_FIXED_MAX_CURR_SHIFT 0 + +#define RDO_OBJ(idx) (((idx) & RDO_OBJ_POS_MASK) << RDO_OBJ_POS_SHIFT) + +#define PDO_FIXED_OP_CURR(ma) ((((ma) / 10) & RDO_CURR_MASK) << RDO_FIXED_OP_CURR_SHIFT) +#define PDO_FIXED_MAX_CURR(ma) ((((ma) / 10) & RDO_CURR_MASK) << RDO_FIXED_MAX_CURR_SHIFT) + +#define RDO_FIXED(idx, op_ma, max_ma, flags) \ + (RDO_OBJ(idx) | (flags) | \ + PDO_FIXED_OP_CURR(op_ma) | PDO_FIXED_MAX_CURR(max_ma)) + +#define RDO_BATT_OP_PWR_SHIFT 10 /* 250mW units */ +#define RDO_BATT_MAX_PWR_SHIFT 0 /* 250mW units */ + +#define RDO_BATT_OP_PWR(mw) ((((mw) / 250) & RDO_PWR_MASK) << RDO_BATT_OP_PWR_SHIFT) +#define RDO_BATT_MAX_PWR(mw) ((((mw) / 250) & RDO_PWR_MASK) << RDO_BATT_MAX_PWR_SHIFT) + +#define RDO_BATT(idx, op_mw, max_mw, flags) \ + (RDO_OBJ(idx) | (flags) | \ + RDO_BATT_OP_PWR(op_mw) | RDO_BATT_MAX_PWR(max_mw)) + +#define RDO_PROG_VOLT_MASK 0x7ff +#define RDO_PROG_CURR_MASK 0x7f + +#define RDO_PROG_VOLT_SHIFT 9 +#define RDO_PROG_CURR_SHIFT 0 + +#define RDO_PROG_VOLT_MV_STEP 20 +#define RDO_PROG_CURR_MA_STEP 50 + +#define PDO_PROG_OUT_VOLT(mv) \ + ((((mv) / RDO_PROG_VOLT_MV_STEP) & RDO_PROG_VOLT_MASK) << RDO_PROG_VOLT_SHIFT) +#define PDO_PROG_OP_CURR(ma) \ + ((((ma) / RDO_PROG_CURR_MA_STEP) & RDO_PROG_CURR_MASK) << RDO_PROG_CURR_SHIFT) + +#define RDO_PROG(idx, out_mv, op_ma, flags) \ + (RDO_OBJ(idx) | (flags) | \ + PDO_PROG_OUT_VOLT(out_mv) | PDO_PROG_OP_CURR(op_ma)) + +static inline unsigned int rdo_index(u32 rdo) +{ + return (rdo >> RDO_OBJ_POS_SHIFT) & RDO_OBJ_POS_MASK; +} + +static inline unsigned int rdo_op_current(u32 rdo) +{ + return ((rdo >> RDO_FIXED_OP_CURR_SHIFT) & RDO_CURR_MASK) * 10; +} + +static inline unsigned int rdo_max_current(u32 rdo) +{ + return ((rdo >> RDO_FIXED_MAX_CURR_SHIFT) & + RDO_CURR_MASK) * 10; +} + +static inline unsigned int rdo_op_power(u32 rdo) +{ + return ((rdo >> RDO_BATT_OP_PWR_SHIFT) & RDO_PWR_MASK) * 250; +} + +static inline unsigned int rdo_max_power(u32 rdo) +{ + return ((rdo >> RDO_BATT_MAX_PWR_SHIFT) & RDO_PWR_MASK) * 250; +} + +/* Enter_USB Data Object */ +#define EUDO_USB_MODE_MASK GENMASK(30, 28) +#define EUDO_USB_MODE_SHIFT 28 +#define EUDO_USB_MODE_USB2 0 +#define EUDO_USB_MODE_USB3 1 +#define EUDO_USB_MODE_USB4 2 +#define EUDO_USB4_DRD BIT(26) +#define EUDO_USB3_DRD BIT(25) +#define EUDO_CABLE_SPEED_MASK GENMASK(23, 21) +#define EUDO_CABLE_SPEED_SHIFT 21 +#define EUDO_CABLE_SPEED_USB2 0 +#define EUDO_CABLE_SPEED_USB3_GEN1 1 +#define EUDO_CABLE_SPEED_USB4_GEN2 2 +#define EUDO_CABLE_SPEED_USB4_GEN3 3 +#define EUDO_CABLE_TYPE_MASK GENMASK(20, 19) +#define EUDO_CABLE_TYPE_SHIFT 19 +#define EUDO_CABLE_TYPE_PASSIVE 0 +#define EUDO_CABLE_TYPE_RE_TIMER 1 +#define EUDO_CABLE_TYPE_RE_DRIVER 2 +#define EUDO_CABLE_TYPE_OPTICAL 3 +#define EUDO_CABLE_CURRENT_MASK GENMASK(18, 17) +#define EUDO_CABLE_CURRENT_SHIFT 17 +#define EUDO_CABLE_CURRENT_NOTSUPP 0 +#define EUDO_CABLE_CURRENT_3A 2 +#define EUDO_CABLE_CURRENT_5A 3 +#define EUDO_PCIE_SUPPORT BIT(16) +#define EUDO_DP_SUPPORT BIT(15) +#define EUDO_TBT_SUPPORT BIT(14) +#define EUDO_HOST_PRESENT BIT(13) + +/* USB PD timers and counters */ +#define PD_T_NO_RESPONSE 5000 /* 4.5 - 5.5 seconds */ +#define PD_T_DB_DETECT 10000 /* 10 - 15 seconds */ +#define PD_T_SEND_SOURCE_CAP 150 /* 100 - 200 ms */ +#define PD_T_SENDER_RESPONSE 60 /* 24 - 30 ms, relaxed */ +#define PD_T_RECEIVER_RESPONSE 15 /* 15ms max */ +#define PD_T_SOURCE_ACTIVITY 45 +#define PD_T_SINK_ACTIVITY 135 +#define PD_T_SINK_WAIT_CAP 310 /* 310 - 620 ms */ +#define PD_T_PS_TRANSITION 500 +#define PD_T_SRC_TRANSITION 35 +#define PD_T_DRP_SNK 40 +#define PD_T_DRP_SRC 30 +#define PD_T_PS_SOURCE_OFF 920 +#define PD_T_PS_SOURCE_ON 480 +#define PD_T_PS_SOURCE_ON_PRS 450 /* 390 - 480ms */ +#define PD_T_PS_HARD_RESET 30 +#define PD_T_SRC_RECOVER 760 +#define PD_T_SRC_RECOVER_MAX 1000 +#define PD_T_SRC_TURN_ON 275 +#define PD_T_SAFE_0V 650 +#define PD_T_VCONN_SOURCE_ON 100 +#define PD_T_SINK_REQUEST 100 /* 100 ms minimum */ +#define PD_T_ERROR_RECOVERY 100 /* minimum 25 is insufficient */ +#define PD_T_SRCSWAPSTDBY 625 /* Maximum of 650ms */ +#define PD_T_NEWSRC 250 /* Maximum of 275ms */ +#define PD_T_SWAP_SRC_START 20 /* Minimum of 20ms */ +#define PD_T_BIST_CONT_MODE 50 /* 30 - 60 ms */ +#define PD_T_SINK_TX 16 /* 16 - 20 ms */ +#define PD_T_CHUNK_NOT_SUPP 42 /* 40 - 50 ms */ + +#define PD_T_DRP_TRY 100 /* 75 - 150 ms */ +#define PD_T_DRP_TRYWAIT 600 /* 400 - 800 ms */ + +#define PD_T_CC_DEBOUNCE 200 /* 100 - 200 ms */ +#define PD_T_PD_DEBOUNCE 20 /* 10 - 20 ms */ +#define PD_T_TRY_CC_DEBOUNCE 15 /* 10 - 20 ms */ + +#define PD_N_CAPS_COUNT (PD_T_NO_RESPONSE / PD_T_SEND_SOURCE_CAP) +#define PD_N_HARD_RESET_COUNT 1 + +#define PD_P_SNK_STDBY_MW 2500 /* 2500 mW */ + +#endif /* __LINUX_USB_PD_H */ diff --git a/include/power/power_delivery/pd_vdo.h b/include/power/power_delivery/pd_vdo.h new file mode 100755 index 00000000..7f5e330a --- /dev/null +++ b/include/power/power_delivery/pd_vdo.h @@ -0,0 +1,518 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Copyright 2015-2017 Google, Inc + */ + +#ifndef __LINUX_USB_PD_VDO_H +#define __LINUX_USB_PD_VDO_H + +#include "pd.h" + +/* + * VDO : Vendor Defined Message Object + * VDM object is minimum of VDM header + 6 additional data objects. + */ + +#define VDO_MAX_OBJECTS 6 +#define VDO_MAX_SIZE (VDO_MAX_OBJECTS + 1) + +/* + * VDM header + * ---------- + * <31:16> :: SVID + * <15> :: VDM type ( 1b == structured, 0b == unstructured ) + * <14:13> :: Structured VDM version + * <12:11> :: reserved + * <10:8> :: object position (1-7 valid ... used for enter/exit mode only) + * <7:6> :: command type (SVDM only?) + * <5> :: reserved (SVDM), command type (UVDM) + * <4:0> :: command + */ +#define VDO(vid, type, ver, custom) \ + (((vid) << 16) | \ + ((type) << 15) | \ + ((ver) << 13) | \ + ((custom) & 0x7FFF)) + +#define VDO_SVDM_TYPE (1 << 15) +#define VDO_SVDM_VERS(x) ((x) << 13) +#define VDO_OPOS(x) ((x) << 8) +#define VDO_CMDT(x) ((x) << 6) +#define VDO_SVDM_VERS_MASK VDO_SVDM_VERS(0x3) +#define VDO_OPOS_MASK VDO_OPOS(0x7) +#define VDO_CMDT_MASK VDO_CMDT(0x3) + +#define CMDT_INIT 0 +#define CMDT_RSP_ACK 1 +#define CMDT_RSP_NAK 2 +#define CMDT_RSP_BUSY 3 + +/* reserved for SVDM ... for Google UVDM */ +#define VDO_SRC_INITIATOR (0 << 5) +#define VDO_SRC_RESPONDER (1 << 5) + +#define CMD_DISCOVER_IDENT 1 +#define CMD_DISCOVER_SVID 2 +#define CMD_DISCOVER_MODES 3 +#define CMD_ENTER_MODE 4 +#define CMD_EXIT_MODE 5 +#define CMD_ATTENTION 6 + +#define VDO_CMD_VENDOR(x) (((0x10 + (x)) & 0x1f)) + +/* ChromeOS specific commands */ +#define VDO_CMD_VERSION VDO_CMD_VENDOR(0) +#define VDO_CMD_SEND_INFO VDO_CMD_VENDOR(1) +#define VDO_CMD_READ_INFO VDO_CMD_VENDOR(2) +#define VDO_CMD_REBOOT VDO_CMD_VENDOR(5) +#define VDO_CMD_FLASH_ERASE VDO_CMD_VENDOR(6) +#define VDO_CMD_FLASH_WRITE VDO_CMD_VENDOR(7) +#define VDO_CMD_ERASE_SIG VDO_CMD_VENDOR(8) +#define VDO_CMD_PING_ENABLE VDO_CMD_VENDOR(10) +#define VDO_CMD_CURRENT VDO_CMD_VENDOR(11) +#define VDO_CMD_FLIP VDO_CMD_VENDOR(12) +#define VDO_CMD_GET_LOG VDO_CMD_VENDOR(13) +#define VDO_CMD_CCD_EN VDO_CMD_VENDOR(14) + +#define PD_VDO_VID(vdo) ((vdo) >> 16) +#define PD_VDO_SVDM(vdo) (((vdo) >> 15) & 1) +#define PD_VDO_SVDM_VER(vdo) (((vdo) >> 13) & 0x3) +#define PD_VDO_OPOS(vdo) (((vdo) >> 8) & 0x7) +#define PD_VDO_CMD(vdo) ((vdo) & 0x1f) +#define PD_VDO_CMDT(vdo) (((vdo) >> 6) & 0x3) + +/* + * SVDM Identity request -> response + * + * Request is simply properly formatted SVDM header + * + * Response is 4 data objects: + * [0] :: SVDM header + * [1] :: Identitiy header + * [2] :: Cert Stat VDO + * [3] :: (Product | Cable) VDO + * [4] :: AMA VDO + * + */ +#define VDO_INDEX_HDR 0 +#define VDO_INDEX_IDH 1 +#define VDO_INDEX_CSTAT 2 +#define VDO_INDEX_CABLE 3 +#define VDO_INDEX_PRODUCT 3 +#define VDO_INDEX_AMA 4 + +/* + * SVDM Identity Header + * -------------------- + * <31> :: data capable as a USB host + * <30> :: data capable as a USB device + * <29:27> :: product type (UFP / Cable / VPD) + * <26> :: modal operation supported (1b == yes) + * <25:23> :: product type (DFP) (SVDM version 2.0+ only; set to zero in version 1.0) + * <22:21> :: connector type (SVDM version 2.0+ only; set to zero in version 1.0) + * <20:16> :: Reserved, Shall be set to zero + * <15:0> :: USB-IF assigned VID for this cable vendor + */ + +/* PD Rev2.0 definition */ +#define IDH_PTYPE_UNDEF 0 + +/* SOP Product Type (UFP) */ +#define IDH_PTYPE_NOT_UFP 0 +#define IDH_PTYPE_HUB 1 +#define IDH_PTYPE_PERIPH 2 +#define IDH_PTYPE_PSD 3 +#define IDH_PTYPE_AMA 5 + +/* SOP' Product Type (Cable Plug / VPD) */ +#define IDH_PTYPE_NOT_CABLE 0 +#define IDH_PTYPE_PCABLE 3 +#define IDH_PTYPE_ACABLE 4 +#define IDH_PTYPE_VPD 6 + +/* SOP Product Type (DFP) */ +#define IDH_PTYPE_NOT_DFP 0 +#define IDH_PTYPE_DFP_HUB 1 +#define IDH_PTYPE_DFP_HOST 2 +#define IDH_PTYPE_DFP_PB 3 + +/* ID Header Mask */ +#define IDH_DFP_MASK GENMASK(25, 23) +#define IDH_CONN_MASK GENMASK(22, 21) + +#define VDO_IDH(usbh, usbd, ufp_cable, is_modal, dfp, conn, vid) \ + ((usbh) << 31 | (usbd) << 30 | ((ufp_cable) & 0x7) << 27 \ + | (is_modal) << 26 | ((dfp) & 0x7) << 23 | ((conn) & 0x3) << 21 \ + | ((vid) & 0xffff)) + +#define PD_IDH_PTYPE(vdo) (((vdo) >> 27) & 0x7) +#define PD_IDH_VID(vdo) ((vdo) & 0xffff) +#define PD_IDH_MODAL_SUPP(vdo) ((vdo) & (1 << 26)) +#define PD_IDH_DFP_PTYPE(vdo) (((vdo) >> 23) & 0x7) +#define PD_IDH_CONN_TYPE(vdo) (((vdo) >> 21) & 0x3) + +/* + * Cert Stat VDO + * ------------- + * <31:0> : USB-IF assigned XID for this cable + */ +#define PD_CSTAT_XID(vdo) (vdo) +#define VDO_CERT(xid) ((xid) & 0xffffffff) + +/* + * Product VDO + * ----------- + * <31:16> : USB Product ID + * <15:0> : USB bcdDevice + */ +#define VDO_PRODUCT(pid, bcd) (((pid) & 0xffff) << 16 | ((bcd) & 0xffff)) +#define PD_PRODUCT_PID(vdo) (((vdo) >> 16) & 0xffff) + +/* + * UFP VDO (PD Revision 3.0+ only) + * -------- + * <31:29> :: UFP VDO version + * <28> :: Reserved + * <27:24> :: Device capability + * <23:22> :: Connector type (10b == receptacle, 11b == captive plug) + * <21:11> :: Reserved + * <10:8> :: Vconn power (AMA only) + * <7> :: Vconn required (AMA only, 0b == no, 1b == yes) + * <6> :: Vbus required (AMA only, 0b == yes, 1b == no) + * <5:3> :: Alternate modes + * <2:0> :: USB highest speed + */ +#define PD_VDO_UFP_DEVCAP(vdo) (((vdo) & GENMASK(27, 24)) >> 24) + +/* UFP VDO Version */ +#define UFP_VDO_VER1_2 2 + +/* Device Capability */ +#define DEV_USB2_CAPABLE BIT(0) +#define DEV_USB2_BILLBOARD BIT(1) +#define DEV_USB3_CAPABLE BIT(2) +#define DEV_USB4_CAPABLE BIT(3) + +/* Connector Type */ +#define UFP_RECEPTACLE 2 +#define UFP_CAPTIVE 3 + +/* Vconn Power (AMA only, set to AMA_VCONN_NOT_REQ if Vconn is not required) */ +#define AMA_VCONN_PWR_1W 0 +#define AMA_VCONN_PWR_1W5 1 +#define AMA_VCONN_PWR_2W 2 +#define AMA_VCONN_PWR_3W 3 +#define AMA_VCONN_PWR_4W 4 +#define AMA_VCONN_PWR_5W 5 +#define AMA_VCONN_PWR_6W 6 + +/* Vconn Required (AMA only) */ +#define AMA_VCONN_NOT_REQ 0 +#define AMA_VCONN_REQ 1 + +/* Vbus Required (AMA only) */ +#define AMA_VBUS_REQ 0 +#define AMA_VBUS_NOT_REQ 1 + +/* Alternate Modes */ +#define UFP_ALTMODE_NOT_SUPP 0 +#define UFP_ALTMODE_TBT3 BIT(0) +#define UFP_ALTMODE_RECFG BIT(1) +#define UFP_ALTMODE_NO_RECFG BIT(2) + +/* USB Highest Speed */ +#define UFP_USB2_ONLY 0 +#define UFP_USB32_GEN1 1 +#define UFP_USB32_4_GEN2 2 +#define UFP_USB4_GEN3 3 + +#define VDO_UFP(ver, cap, conn, vcpwr, vcr, vbr, alt, spd) \ + (((ver) & 0x7) << 29 | ((cap) & 0xf) << 24 | ((conn) & 0x3) << 22 \ + | ((vcpwr) & 0x7) << 8 | (vcr) << 7 | (vbr) << 6 | ((alt) & 0x7) << 3 \ + | ((spd) & 0x7)) + +/* + * DFP VDO (PD Revision 3.0+ only) + * -------- + * <31:29> :: DFP VDO version + * <28:27> :: Reserved + * <26:24> :: Host capability + * <23:22> :: Connector type (10b == receptacle, 11b == captive plug) + * <21:5> :: Reserved + * <4:0> :: Port number + */ +#define PD_VDO_DFP_HOSTCAP(vdo) (((vdo) & GENMASK(26, 24)) >> 24) + +#define DFP_VDO_VER1_1 1 +#define HOST_USB2_CAPABLE BIT(0) +#define HOST_USB3_CAPABLE BIT(1) +#define HOST_USB4_CAPABLE BIT(2) +#define DFP_RECEPTACLE 2 +#define DFP_CAPTIVE 3 + +#define VDO_DFP(ver, cap, conn, pnum) \ + (((ver) & 0x7) << 29 | ((cap) & 0x7) << 24 | ((conn) & 0x3) << 22 \ + | ((pnum) & 0x1f)) + +/* + * Cable VDO (for both Passive and Active Cable VDO in PD Rev2.0) + * --------- + * <31:28> :: Cable HW version + * <27:24> :: Cable FW version + * <23:20> :: Reserved, Shall be set to zero + * <19:18> :: type-C to Type-A/B/C/Captive (00b == A, 01 == B, 10 == C, 11 == Captive) + * <17> :: Reserved, Shall be set to zero + * <16:13> :: cable latency (0001 == <10ns(~1m length)) + * <12:11> :: cable termination type (11b == both ends active VCONN req) + * <10> :: SSTX1 Directionality support (0b == fixed, 1b == cfgable) + * <9> :: SSTX2 Directionality support + * <8> :: SSRX1 Directionality support + * <7> :: SSRX2 Directionality support + * <6:5> :: Vbus current handling capability (01b == 3A, 10b == 5A) + * <4> :: Vbus through cable (0b == no, 1b == yes) + * <3> :: SOP" controller present? (0b == no, 1b == yes) + * <2:0> :: USB SS Signaling support + * + * Passive Cable VDO (PD Rev3.0+) + * --------- + * <31:28> :: Cable HW version + * <27:24> :: Cable FW version + * <23:21> :: VDO version + * <20> :: Reserved, Shall be set to zero + * <19:18> :: Type-C to Type-C/Captive (10b == C, 11b == Captive) + * <17> :: Reserved, Shall be set to zero + * <16:13> :: cable latency (0001 == <10ns(~1m length)) + * <12:11> :: cable termination type (10b == Vconn not req, 01b == Vconn req) + * <10:9> :: Maximum Vbus voltage (00b == 20V, 01b == 30V, 10b == 40V, 11b == 50V) + * <8:7> :: Reserved, Shall be set to zero + * <6:5> :: Vbus current handling capability (01b == 3A, 10b == 5A) + * <4:3> :: Reserved, Shall be set to zero + * <2:0> :: USB highest speed + * + * Active Cable VDO 1 (PD Rev3.0+) + * --------- + * <31:28> :: Cable HW version + * <27:24> :: Cable FW version + * <23:21> :: VDO version + * <20> :: Reserved, Shall be set to zero + * <19:18> :: Connector type (10b == C, 11b == Captive) + * <17> :: Reserved, Shall be set to zero + * <16:13> :: cable latency (0001 == <10ns(~1m length)) + * <12:11> :: cable termination type (10b == one end active, 11b == both ends active VCONN req) + * <10:9> :: Maximum Vbus voltage (00b == 20V, 01b == 30V, 10b == 40V, 11b == 50V) + * <8> :: SBU supported (0b == supported, 1b == not supported) + * <7> :: SBU type (0b == passive, 1b == active) + * <6:5> :: Vbus current handling capability (01b == 3A, 10b == 5A) + * <2:0> :: USB highest speed + */ +/* Cable VDO Version */ +#define CABLE_VDO_VER1_0 0 +#define CABLE_VDO_VER1_3 3 + +/* Connector Type (_ATYPE and _BTYPE are for PD Rev2.0 only) */ +#define CABLE_ATYPE 0 +#define CABLE_BTYPE 1 +#define CABLE_CTYPE 2 +#define CABLE_CAPTIVE 3 + +/* Cable Latency */ +#define CABLE_LATENCY_1M 1 +#define CABLE_LATENCY_2M 2 +#define CABLE_LATENCY_3M 3 +#define CABLE_LATENCY_4M 4 +#define CABLE_LATENCY_5M 5 +#define CABLE_LATENCY_6M 6 +#define CABLE_LATENCY_7M 7 +#define CABLE_LATENCY_7M_PLUS 8 + +/* Cable Termination Type */ +#define PCABLE_VCONN_NOT_REQ 0 +#define PCABLE_VCONN_REQ 1 +#define ACABLE_ONE_END 2 +#define ACABLE_BOTH_END 3 + +/* Maximum Vbus Voltage */ +#define CABLE_MAX_VBUS_20V 0 +#define CABLE_MAX_VBUS_30V 1 +#define CABLE_MAX_VBUS_40V 2 +#define CABLE_MAX_VBUS_50V 3 + +/* Active Cable SBU Supported/Type */ +#define ACABLE_SBU_SUPP 0 +#define ACABLE_SBU_NOT_SUPP 1 +#define ACABLE_SBU_PASSIVE 0 +#define ACABLE_SBU_ACTIVE 1 + +/* Vbus Current Handling Capability */ +#define CABLE_CURR_DEF 0 +#define CABLE_CURR_3A 1 +#define CABLE_CURR_5A 2 + +/* USB SuperSpeed Signaling Support (PD Rev2.0) */ +#define CABLE_USBSS_U2_ONLY 0 +#define CABLE_USBSS_U31_GEN1 1 +#define CABLE_USBSS_U31_GEN2 2 + +/* USB Highest Speed */ +#define CABLE_USB2_ONLY 0 +#define CABLE_USB32_GEN1 1 +#define CABLE_USB32_4_GEN2 2 +#define CABLE_USB4_GEN3 3 + +#define VDO_CABLE(hw, fw, cbl, lat, term, tx1d, tx2d, rx1d, rx2d, cur, vps, sopp, usbss) \ + (((hw) & 0x7) << 28 | ((fw) & 0x7) << 24 | ((cbl) & 0x3) << 18 \ + | ((lat) & 0x7) << 13 | ((term) & 0x3) << 11 | (tx1d) << 10 \ + | (tx2d) << 9 | (rx1d) << 8 | (rx2d) << 7 | ((cur) & 0x3) << 5 \ + | (vps) << 4 | (sopp) << 3 | ((usbss) & 0x7)) +#define VDO_PCABLE(hw, fw, ver, conn, lat, term, vbm, cur, spd) \ + (((hw) & 0xf) << 28 | ((fw) & 0xf) << 24 | ((ver) & 0x7) << 21 \ + | ((conn) & 0x3) << 18 | ((lat) & 0xf) << 13 | ((term) & 0x3) << 11 \ + | ((vbm) & 0x3) << 9 | ((cur) & 0x3) << 5 | ((spd) & 0x7)) +#define VDO_ACABLE1(hw, fw, ver, conn, lat, term, vbm, sbu, sbut, cur, vbt, sopp, spd) \ + (((hw) & 0xf) << 28 | ((fw) & 0xf) << 24 | ((ver) & 0x7) << 21 \ + | ((conn) & 0x3) << 18 | ((lat) & 0xf) << 13 | ((term) & 0x3) << 11 \ + | ((vbm) & 0x3) << 9 | (sbu) << 8 | (sbut) << 7 | ((cur) & 0x3) << 5 \ + | (vbt) << 4 | (sopp) << 3 | ((spd) & 0x7)) + +#define VDO_TYPEC_CABLE_TYPE(vdo) (((vdo) >> 18) & 0x3) + +/* + * Active Cable VDO 2 + * --------- + * <31:24> :: Maximum operating temperature + * <23:16> :: Shutdown temperature + * <15> :: Reserved, Shall be set to zero + * <14:12> :: U3/CLd power + * <11> :: U3 to U0 transition mode (0b == direct, 1b == through U3S) + * <10> :: Physical connection (0b == copper, 1b == optical) + * <9> :: Active element (0b == redriver, 1b == retimer) + * <8> :: USB4 supported (0b == yes, 1b == no) + * <7:6> :: USB2 hub hops consumed + * <5> :: USB2 supported (0b == yes, 1b == no) + * <4> :: USB3.2 supported (0b == yes, 1b == no) + * <3> :: USB lanes supported (0b == one lane, 1b == two lanes) + * <2> :: Optically isolated active cable (0b == no, 1b == yes) + * <1> :: Reserved, Shall be set to zero + * <0> :: USB gen (0b == gen1, 1b == gen2+) + */ + +/* U3/CLd Power*/ +#define ACAB2_U3_CLD_10MW_PLUS 0 +#define ACAB2_U3_CLD_10MW 1 +#define ACAB2_U3_CLD_5MW 2 +#define ACAB2_U3_CLD_1MW 3 +#define ACAB2_U3_CLD_500UW 4 +#define ACAB2_U3_CLD_200UW 5 +#define ACAB2_U3_CLD_50UW 6 + +/* Other Active Cable VDO 2 Fields */ +#define ACAB2_U3U0_DIRECT 0 +#define ACAB2_U3U0_U3S 1 +#define ACAB2_PHY_COPPER 0 +#define ACAB2_PHY_OPTICAL 1 +#define ACAB2_REDRIVER 0 +#define ACAB2_RETIMER 1 +#define ACAB2_USB4_SUPP 0 +#define ACAB2_USB4_NOT_SUPP 1 +#define ACAB2_USB2_SUPP 0 +#define ACAB2_USB2_NOT_SUPP 1 +#define ACAB2_USB32_SUPP 0 +#define ACAB2_USB32_NOT_SUPP 1 +#define ACAB2_LANES_ONE 0 +#define ACAB2_LANES_TWO 1 +#define ACAB2_OPT_ISO_NO 0 +#define ACAB2_OPT_ISO_YES 1 +#define ACAB2_GEN_1 0 +#define ACAB2_GEN_2_PLUS 1 + +#define VDO_ACABLE2(mtemp, stemp, u3p, trans, phy, ele, u4, hops, u2, u32, lane, iso, gen) \ + (((mtemp) & 0xff) << 24 | ((stemp) & 0xff) << 16 | ((u3p) & 0x7) << 12 \ + | (trans) << 11 | (phy) << 10 | (ele) << 9 | (u4) << 8 \ + | ((hops) & 0x3) << 6 | (u2) << 5 | (u32) << 4 | (lane) << 3 \ + | (iso) << 2 | (gen)) + +/* + * AMA VDO (PD Rev2.0) + * --------- + * <31:28> :: Cable HW version + * <27:24> :: Cable FW version + * <23:12> :: Reserved, Shall be set to zero + * <11> :: SSTX1 Directionality support (0b == fixed, 1b == cfgable) + * <10> :: SSTX2 Directionality support + * <9> :: SSRX1 Directionality support + * <8> :: SSRX2 Directionality support + * <7:5> :: Vconn power + * <4> :: Vconn power required + * <3> :: Vbus power required + * <2:0> :: USB SS Signaling support + */ +#define VDO_AMA(hw, fw, tx1d, tx2d, rx1d, rx2d, vcpwr, vcr, vbr, usbss) \ + (((hw) & 0x7) << 28 | ((fw) & 0x7) << 24 \ + | (tx1d) << 11 | (tx2d) << 10 | (rx1d) << 9 | (rx2d) << 8 \ + | ((vcpwr) & 0x7) << 5 | (vcr) << 4 | (vbr) << 3 \ + | ((usbss) & 0x7)) + +#define PD_VDO_AMA_VCONN_REQ(vdo) (((vdo) >> 4) & 1) +#define PD_VDO_AMA_VBUS_REQ(vdo) (((vdo) >> 3) & 1) + +#define AMA_USBSS_U2_ONLY 0 +#define AMA_USBSS_U31_GEN1 1 +#define AMA_USBSS_U31_GEN2 2 +#define AMA_USBSS_BBONLY 3 + +/* + * VPD VDO + * --------- + * <31:28> :: HW version + * <27:24> :: FW version + * <23:21> :: VDO version + * <20:17> :: Reserved, Shall be set to zero + * <16:15> :: Maximum Vbus voltage (00b == 20V, 01b == 30V, 10b == 40V, 11b == 50V) + * <14> :: Charge through current support (0b == 3A, 1b == 5A) + * <13> :: Reserved, Shall be set to zero + * <12:7> :: Vbus impedance + * <6:1> :: Ground impedance + * <0> :: Charge through support (0b == no, 1b == yes) + */ +#define VPD_VDO_VER1_0 0 +#define VPD_MAX_VBUS_20V 0 +#define VPD_MAX_VBUS_30V 1 +#define VPD_MAX_VBUS_40V 2 +#define VPD_MAX_VBUS_50V 3 +#define VPDCT_CURR_3A 0 +#define VPDCT_CURR_5A 1 +#define VPDCT_NOT_SUPP 0 +#define VPDCT_SUPP 1 + +#define VDO_VPD(hw, fw, ver, vbm, curr, vbi, gi, ct) \ + (((hw) & 0xf) << 28 | ((fw) & 0xf) << 24 | ((ver) & 0x7) << 21 \ + | ((vbm) & 0x3) << 15 | (curr) << 14 | ((vbi) & 0x3f) << 7 \ + | ((gi) & 0x3f) << 1 | (ct)) + +/* + * SVDM Discover SVIDs request -> response + * + * Request is properly formatted VDM Header with discover SVIDs command. + * Response is a set of SVIDs of all supported SVIDs with all zero's to + * mark the end of SVIDs. If more than 12 SVIDs are supported command SHOULD be + * repeated. + */ +#define VDO_SVID(svid0, svid1) (((svid0) & 0xffff) << 16 | ((svid1) & 0xffff)) +#define PD_VDO_SVID_SVID0(vdo) ((vdo) >> 16) +#define PD_VDO_SVID_SVID1(vdo) ((vdo) & 0xffff) + +/* USB-IF SIDs */ +#define USB_SID_PD 0xff00 /* power delivery */ +#define USB_SID_DISPLAYPORT 0xff01 +#define USB_SID_MHL 0xff02 /* Mobile High-Definition Link */ + +/* VDM command timeouts (in ms) */ + +#define PD_T_VDM_UNSTRUCTURED 500 +#define PD_T_VDM_BUSY 100 +#define PD_T_VDM_WAIT_MODE_E 100 +#define PD_T_VDM_SNDR_RSP 30 +#define PD_T_VDM_E_MODE 25 +#define PD_T_VDM_RCVR_RSP 15 + +#endif /* __LINUX_USB_PD_VDO_H */ diff --git a/include/power/power_delivery/power_delivery.h b/include/power/power_delivery/power_delivery.h new file mode 100755 index 00000000..ed3df72a --- /dev/null +++ b/include/power/power_delivery/power_delivery.h @@ -0,0 +1,36 @@ +/* + * (C) Copyright 2020 Rockchip Electronics Co., Ltd + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef _power_delivery_H_ +#define _power_delivery_H_ + +/* Capability */ +#define FG_CAP_FUEL_GAUGE BIT(0) +#define FG_CAP_CHARGER BIT(1) + +struct dm_power_delivery_ops { + int (*get_voltage)(struct udevice *dev); + int (*get_current)(struct udevice *dev); + int (*get_online)(struct udevice *dev); + int (*get_vbus_power)(struct udevice *dev); +}; + +struct power_delivery_data { + int voltage; + int current; + int online; +}; +int power_delivery_get_vbus(struct udevice *dev, int *status); +#ifdef CONFIG_DM_POWER_DELIVERY +int power_delivery_get_data(struct udevice *dev, struct power_delivery_data *pd_data); +#else +inline int power_delivery_get_data(struct udevice *dev, + struct power_delivery_data *pd_data) +{ + return -ENOSYS; +} +#endif +#endif diff --git a/include/power/power_delivery/tcpm.h b/include/power/power_delivery/tcpm.h new file mode 100755 index 00000000..33a7f2d4 --- /dev/null +++ b/include/power/power_delivery/tcpm.h @@ -0,0 +1,195 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Copyright 2015-2017 Google, Inc + */ + +#ifndef __LINUX_USB_TCPM_H +#define __LINUX_USB_TCPM_H + +#include +#include "typec.h" +#include "pd.h" + +enum typec_cc_status { + TYPEC_CC_OPEN, + TYPEC_CC_RA, + TYPEC_CC_RD, + TYPEC_CC_RP_DEF, + TYPEC_CC_RP_1_5, + TYPEC_CC_RP_3_0, +}; + +/* Collision Avoidance */ +#define SINK_TX_NG TYPEC_CC_RP_1_5 +#define SINK_TX_OK TYPEC_CC_RP_3_0 + +enum typec_cc_polarity { + TYPEC_POLARITY_CC1, + TYPEC_POLARITY_CC2, +}; + +/* Time to wait for TCPC to complete transmit */ +#define PD_T_TCPC_TX_TIMEOUT 100 /* in ms */ +#define PD_ROLE_SWAP_TIMEOUT (MSEC_PER_SEC * 10) +#define PD_PPS_CTRL_TIMEOUT (MSEC_PER_SEC * 10) + +enum tcpm_transmit_status { + TCPC_TX_SUCCESS = 0, + TCPC_TX_DISCARDED = 1, + TCPC_TX_FAILED = 2, +}; + +enum tcpm_transmit_type { + TCPC_TX_SOP = 0, + TCPC_TX_SOP_PRIME = 1, + TCPC_TX_SOP_PRIME_PRIME = 2, + TCPC_TX_SOP_DEBUG_PRIME = 3, + TCPC_TX_SOP_DEBUG_PRIME_PRIME = 4, + TCPC_TX_HARD_RESET = 5, + TCPC_TX_CABLE_RESET = 6, + TCPC_TX_BIST_MODE_2 = 7 +}; + +/* Mux state attributes */ +#define TCPC_MUX_USB_ENABLED BIT(0) /* USB enabled */ +#define TCPC_MUX_DP_ENABLED BIT(1) /* DP enabled */ +#define TCPC_MUX_POLARITY_INVERTED BIT(2) /* Polarity inverted */ + +/** + * struct tcpc_dev - Port configuration and callback functions + * @fwnode: Pointer to port fwnode + * @get_vbus: Called to read current VBUS state + * @get_current_limit: + * Optional; called by the tcpm core when configured as a snk + * and cc=Rp-def. This allows the tcpm to provide a fallback + * current-limit detection method for the cc=Rp-def case. + * For example, some tcpcs may include BC1.2 charger detection + * and use that in this case. + * @set_cc: Called to set value of CC pins + * @apply_rc: Optional; Needed to move TCPCI based chipset to APPLY_RC state + * as stated by the TCPCI specification. + * @get_cc: Called to read current CC pin values + * @set_polarity: + * Called to set polarity + * @set_vconn: Called to enable or disable VCONN + * @set_vbus: Called to enable or disable VBUS + * @set_current_limit: + * Optional; called to set current limit as negotiated + * with partner. + * @set_pd_rx: Called to enable or disable reception of PD messages + * @set_roles: Called to set power and data roles + * @start_toggling: + * Optional; if supported by hardware, called to start dual-role + * toggling or single-role connection detection. Toggling stops + * automatically if a connection is established. + * @try_role: Optional; called to set a preferred role + * @pd_transmit:Called to transmit PD message + * @set_bist_data: Turn on/off bist data mode for compliance testing + * @enable_frs: + * Optional; Called to enable/disable PD 3.0 fast role swap. + * Enabling frs is accessory dependent as not all PD3.0 + * accessories support fast role swap. + * @frs_sourcing_vbus: + * Optional; Called to notify that vbus is now being sourced. + * Low level drivers can perform chip specific operations, if any. + * @enable_auto_vbus_discharge: + * Optional; TCPCI spec based TCPC implementations can optionally + * support hardware to autonomously dischrge vbus upon disconnecting + * as sink or source. TCPM signals TCPC to enable the mechanism upon + * entering connected state and signals disabling upon disconnect. + * @set_auto_vbus_discharge_threshold: + * Mandatory when enable_auto_vbus_discharge is implemented. TCPM + * calls this function to allow lower levels drivers to program the + * vbus threshold voltage below which the vbus discharge circuit + * will be turned on. requested_vbus_voltage is set to 0 when vbus + * is going to disappear knowingly i.e. during PR_SWAP and + * HARD_RESET etc. + * @is_vbus_vsafe0v: + * Optional; TCPCI spec based TCPC implementations are expected to + * detect VSAFE0V voltage level at vbus. When detection of VSAFE0V + * is supported by TCPC, set this callback for TCPM to query + * whether vbus is at VSAFE0V when needed. + * Returns true when vbus is at VSAFE0V, false otherwise. + * @set_partner_usb_comm_capable: + * Optional; The USB Communications Capable bit indicates if port + * partner is capable of communication over the USB data lines + * (e.g. D+/- or SS Tx/Rx). Called to notify the status of the bit. + * @check_contaminant: + * Optional; The callback is called when CC pins report open status + * at the end of the toggling period. Chip level drivers are + * expected to check for contaminant and re-enable toggling if + * needed. When 0 is not returned, check_contaminant is expected to + * restart toggling after checking the connector for contaminant. + * This forces the TCPM state machine to tranistion to TOGGLING state + * without calling start_toggling callback. + * @poll_event: + * After the PD chip driver is loaded, the callback function will be + * called to poll what events have been triggered. + * @enter_low_power_mode: + * Optional; the pd chip enters low power mode. + */ +struct tcpc_dev { + ofnode connector_node; + int (*init)(struct tcpc_dev *dev); + int (*get_vbus)(struct tcpc_dev *dev); + int (*get_current_limit)(struct tcpc_dev *dev); + int (*set_cc)(struct tcpc_dev *dev, enum typec_cc_status cc); + int (*apply_rc)(struct tcpc_dev *dev, enum typec_cc_status cc, + enum typec_cc_polarity polarity); + int (*get_cc)(struct tcpc_dev *dev, enum typec_cc_status *cc1, + enum typec_cc_status *cc2); + int (*set_polarity)(struct tcpc_dev *dev, + enum typec_cc_polarity polarity); + int (*set_vconn)(struct tcpc_dev *dev, bool on); + int (*set_vbus)(struct tcpc_dev *dev, bool on, bool charge); + int (*set_current_limit)(struct tcpc_dev *dev, u32 max_ma, u32 mv); + int (*set_pd_rx)(struct tcpc_dev *dev, bool on); + int (*set_roles)(struct tcpc_dev *dev, bool attached, + enum typec_role role, enum typec_data_role data); + int (*start_toggling)(struct tcpc_dev *dev, + enum typec_port_type port_type, + enum typec_cc_status cc); + int (*try_role)(struct tcpc_dev *dev, int role); + int (*pd_transmit)(struct tcpc_dev *dev, enum tcpm_transmit_type type, + const struct pd_message *msg, unsigned int negotiated_rev); + int (*set_bist_data)(struct tcpc_dev *dev, bool on); + int (*enable_frs)(struct tcpc_dev *dev, bool enable); + void (*frs_sourcing_vbus)(struct tcpc_dev *dev); + int (*enable_auto_vbus_discharge)(struct tcpc_dev *dev, bool enable); + int (*set_auto_vbus_discharge_threshold)(struct tcpc_dev *dev, enum typec_pwr_opmode mode, + bool pps_active, u32 requested_vbus_voltage); + int (*check_contaminant)(struct tcpc_dev *dev); + bool (*is_vbus_vsafe0v)(struct tcpc_dev *dev); + void (*set_partner_usb_comm_capable)(struct tcpc_dev *dev, bool enable); + void (*poll_event)(struct tcpc_dev *dev); + int (*enter_low_power_mode)(struct tcpc_dev *dev, bool attached, bool pd_capable); +}; + +struct tcpm_port; + +struct tcpm_port *tcpm_port_init(struct udevice *dev, struct tcpc_dev *tcpc); +void tcpm_poll_event(struct tcpm_port *port); +int tcpm_get_voltage(struct tcpm_port *port); +int tcpm_get_current(struct tcpm_port *port); +int tcpm_get_online(struct tcpm_port *port); +int tcpm_get_vbus(struct tcpm_port *port); +void tcpm_uninit_port(struct tcpm_port *port); + +int tcpm_update_sink_capabilities(struct tcpm_port *port, const u32 *pdo, + unsigned int nr_pdo, + unsigned int operating_snk_mw); + +void tcpm_vbus_change(struct tcpm_port *port); +void tcpm_cc_change(struct tcpm_port *port); +void tcpm_sink_frs(struct tcpm_port *port); +void tcpm_sourcing_vbus(struct tcpm_port *port); +void tcpm_pd_receive(struct tcpm_port *port, + const struct pd_message *msg); +void tcpm_pd_transmit_complete(struct tcpm_port *port, + enum tcpm_transmit_status status); +void tcpm_pd_hard_reset(struct tcpm_port *port); +void tcpm_tcpc_reset(struct tcpm_port *port); +bool tcpm_is_debouncing(struct tcpm_port *tcpm); +bool tcpm_is_toggling(struct tcpm_port *port); + +#endif /* __LINUX_USB_TCPM_H */ diff --git a/include/power/power_delivery/typec.h b/include/power/power_delivery/typec.h new file mode 100755 index 00000000..a5e685dd --- /dev/null +++ b/include/power/power_delivery/typec.h @@ -0,0 +1,315 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#ifndef __LINUX_USB_TYPEC_H +#define __LINUX_USB_TYPEC_H + +#include + +/* USB Type-C Specification releases */ +#define USB_TYPEC_REV_1_0 0x100 /* 1.0 */ +#define USB_TYPEC_REV_1_1 0x110 /* 1.1 */ +#define USB_TYPEC_REV_1_2 0x120 /* 1.2 */ +#define USB_TYPEC_REV_1_3 0x130 /* 1.3 */ +#define USB_TYPEC_REV_1_4 0x140 /* 1.4 */ +#define USB_TYPEC_REV_2_0 0x200 /* 2.0 */ + +struct typec_partner; +struct typec_cable; +struct typec_plug; +struct typec_port; +struct typec_altmode_ops; + +struct fwnode_handle; +struct device; + +enum typec_port_type { + TYPEC_PORT_SRC, + TYPEC_PORT_SNK, + TYPEC_PORT_DRP, +}; + +enum typec_port_data { + TYPEC_PORT_DFP, + TYPEC_PORT_UFP, + TYPEC_PORT_DRD, +}; + +enum typec_plug_type { + USB_PLUG_NONE, + USB_PLUG_TYPE_A, + USB_PLUG_TYPE_B, + USB_PLUG_TYPE_C, + USB_PLUG_CAPTIVE, +}; + +enum typec_data_role { + TYPEC_DEVICE, + TYPEC_HOST, +}; + +enum typec_role { + TYPEC_SINK, + TYPEC_SOURCE, +}; + +enum typec_pwr_opmode { + TYPEC_PWR_MODE_USB, + TYPEC_PWR_MODE_1_5A, + TYPEC_PWR_MODE_3_0A, + TYPEC_PWR_MODE_PD, +}; + +enum typec_accessory { + TYPEC_ACCESSORY_NONE, + TYPEC_ACCESSORY_AUDIO, + TYPEC_ACCESSORY_DEBUG, +}; + +#define TYPEC_MAX_ACCESSORY 3 + +enum typec_orientation { + TYPEC_ORIENTATION_NONE, + TYPEC_ORIENTATION_NORMAL, + TYPEC_ORIENTATION_REVERSE, +}; + +/* + * struct enter_usb_data - Enter_USB Message details + * @eudo: Enter_USB Data Object + * @active_link_training: Active Cable Plug Link Training + * + * @active_link_training is a flag that should be set with uni-directional SBRX + * communication, and left 0 with passive cables and with bi-directional SBRX + * communication. + */ +struct enter_usb_data { + u32 eudo; + unsigned char active_link_training:1; +}; + +/* + * struct usb_pd_identity - USB Power Delivery identity data + * @id_header: ID Header VDO + * @cert_stat: Cert Stat VDO + * @product: Product VDO + * @vdo: Product Type Specific VDOs + * + * USB power delivery Discover Identity command response data. + * + * REVISIT: This is USB Power Delivery specific information, so this structure + * probable belongs to USB Power Delivery header file once we have them. + */ +struct usb_pd_identity { + u32 id_header; + u32 cert_stat; + u32 product; + u32 vdo[3]; +}; + +int typec_partner_set_identity(struct typec_partner *partner); +int typec_cable_set_identity(struct typec_cable *cable); + +/* + * struct typec_altmode_desc - USB Type-C Alternate Mode Descriptor + * @svid: Standard or Vendor ID + * @mode: Index of the Mode + * @vdo: VDO returned by Discover Modes USB PD command + * @roles: Only for ports. DRP if the mode is available in both roles + * + * Description of an Alternate Mode which a connector, cable plug or partner + * supports. + */ +struct typec_altmode_desc { + u16 svid; + u8 mode; + u32 vdo; + /* Only used with ports */ + enum typec_port_data roles; +}; + +void typec_partner_set_pd_revision(struct typec_partner *partner, u16 pd_revision); +int typec_partner_set_num_altmodes(struct typec_partner *partner, int num_altmodes); +struct typec_altmode +*typec_partner_register_altmode(struct typec_partner *partner, + const struct typec_altmode_desc *desc); +int typec_plug_set_num_altmodes(struct typec_plug *plug, int num_altmodes); +struct typec_altmode +*typec_plug_register_altmode(struct typec_plug *plug, + const struct typec_altmode_desc *desc); +struct typec_altmode +*typec_port_register_altmode(struct typec_port *port, + const struct typec_altmode_desc *desc); + +#ifdef CONFIG_NO_GKI +void typec_port_register_altmodes(struct typec_port *port, + const struct typec_altmode_ops *ops, void *drvdata, + struct typec_altmode **altmodes, size_t n); +#else +static inline void typec_port_register_altmodes(struct typec_port *port, + const struct typec_altmode_ops *ops, void *drvdata, + struct typec_altmode **altmodes, size_t n) +{ +} +#endif + +void typec_unregister_altmode(struct typec_altmode *altmode); + +struct typec_port *typec_altmode2port(struct typec_altmode *alt); + +void typec_altmode_update_active(struct typec_altmode *alt, bool active); + +enum typec_plug_index { + TYPEC_PLUG_SOP_P, + TYPEC_PLUG_SOP_PP, +}; + +/* + * struct typec_plug_desc - USB Type-C Cable Plug Descriptor + * @index: SOP Prime for the plug connected to DFP and SOP Double Prime for the + * plug connected to UFP + * + * Represents USB Type-C Cable Plug. + */ +struct typec_plug_desc { + enum typec_plug_index index; +}; + +/* + * struct typec_cable_desc - USB Type-C Cable Descriptor + * @type: The plug type from USB PD Cable VDO + * @active: Is the cable active or passive + * @identity: Result of Discover Identity command + * @pd_revision: USB Power Delivery Specification revision if supported + * + * Represents USB Type-C Cable attached to USB Type-C port. + */ +struct typec_cable_desc { + enum typec_plug_type type; + unsigned int active:1; + struct usb_pd_identity *identity; + u16 pd_revision; /* 0300H = "3.0" */ + +}; + +/* + * struct typec_partner_desc - USB Type-C Partner Descriptor + * @usb_pd: USB Power Delivery support + * @accessory: Audio, Debug or none. + * @identity: Discover Identity command data + * @pd_revision: USB Power Delivery Specification Revision if supported + * + * Details about a partner that is attached to USB Type-C port. If @identity + * member exists when partner is registered, a directory named "identity" is + * created to sysfs for the partner device. + * + * @pd_revision is based on the setting of the "Specification Revision" field + * in the message header on the initial "Source Capabilities" message received + * from the partner, or a "Request" message received from the partner, depending + * on whether our port is a Sink or a Source. + */ +struct typec_partner_desc { + unsigned int usb_pd:1; + enum typec_accessory accessory; + struct usb_pd_identity *identity; + u16 pd_revision; /* 0300H = "3.0" */ +}; + +/** + * struct typec_operations - USB Type-C Port Operations + * @try_role: Set data role preference for DRP port + * @dr_set: Set Data Role + * @pr_set: Set Power Role + * @vconn_set: Source VCONN + * @port_type_set: Set port type + */ +struct typec_operations { + int (*try_role)(struct typec_port *port, int role); + int (*dr_set)(struct typec_port *port, enum typec_data_role role); + int (*pr_set)(struct typec_port *port, enum typec_role role); + int (*vconn_set)(struct typec_port *port, enum typec_role role); + int (*port_type_set)(struct typec_port *port, + enum typec_port_type type); +}; + +enum usb_pd_svdm_ver { + SVDM_VER_1_0 = 0, + SVDM_VER_2_0 = 1, + SVDM_VER_MAX = SVDM_VER_2_0, +}; + +/* + * struct typec_capability - USB Type-C Port Capabilities + * @type: Supported power role of the port + * @data: Supported data role of the port + * @revision: USB Type-C Specification release. Binary coded decimal + * @pd_revision: USB Power Delivery Specification revision if supported + * @svdm_version: USB PD Structured VDM version if supported + * @prefer_role: Initial role preference (DRP ports). + * @accessory: Supported Accessory Modes + * @fwnode: Optional fwnode of the port + * @driver_data: Private pointer for driver specific info + * @ops: Port operations vector + * + * Static capabilities of a single USB Type-C port. + */ +struct typec_capability { + enum typec_port_type type; + enum typec_port_data data; + u16 revision; /* 0120H = "1.2" */ + u16 pd_revision; /* 0300H = "3.0" */ + enum usb_pd_svdm_ver svdm_version; + int prefer_role; + enum typec_accessory accessory[TYPEC_MAX_ACCESSORY]; + unsigned int orientation_aware:1; + + struct fwnode_handle *fwnode; + void *driver_data; + + const struct typec_operations *ops; +}; + +/* Specific to try_role(). Indicates the user want's to clear the preference. */ +#define TYPEC_NO_PREFERRED_ROLE (-1) + +struct typec_port *typec_register_port(struct device *parent, + const struct typec_capability *cap); +void typec_unregister_port(struct typec_port *port); + +struct typec_partner *typec_register_partner(struct typec_port *port, + struct typec_partner_desc *desc); +void typec_unregister_partner(struct typec_partner *partner); + +struct typec_cable *typec_register_cable(struct typec_port *port, + struct typec_cable_desc *desc); +void typec_unregister_cable(struct typec_cable *cable); + +struct typec_cable *typec_cable_get(struct typec_port *port); +void typec_cable_put(struct typec_cable *cable); +int typec_cable_is_active(struct typec_cable *cable); + +struct typec_plug *typec_register_plug(struct typec_cable *cable, + struct typec_plug_desc *desc); +void typec_unregister_plug(struct typec_plug *plug); + +void typec_set_data_role(struct typec_port *port, enum typec_data_role role); +void typec_set_pwr_role(struct typec_port *port, enum typec_role role); +void typec_set_vconn_role(struct typec_port *port, enum typec_role role); +void typec_set_pwr_opmode(struct typec_port *port, enum typec_pwr_opmode mode); + +int typec_set_orientation(struct typec_port *port, + enum typec_orientation orientation); +enum typec_orientation typec_get_orientation(struct typec_port *port); +int typec_set_mode(struct typec_port *port, int mode); + +void *typec_get_drvdata(struct typec_port *port); + +int typec_find_pwr_opmode(const char *name); +int typec_find_orientation(const char *name); +int typec_find_port_power_role(const char *name); +int typec_find_power_role(const char *name); +int typec_find_port_data_role(const char *name); + +void typec_partner_set_svdm_version(struct typec_partner *partner, + enum usb_pd_svdm_ver svdm_version); +int typec_get_negotiated_svdm_version(struct typec_port *port); +#endif /* __LINUX_USB_TYPEC_H */ diff --git a/lib/sec_library/include/aes.h b/lib/sec_library/include/aes.h index 069767f3..b502f423 100644 --- a/lib/sec_library/include/aes.h +++ b/lib/sec_library/include/aes.h @@ -64,9 +64,11 @@ typedef enum{ AES_MODE_CBC = 0x20000020, AES_MODE_CTR = 0x200001c0, AES_MODE_CFB = 0x20000400, - AES_MODE_GCM = 0x20030040, - AES_MODE_CCM = 0x21D40040, + AES_MODE_GCM = 0x20020040, + AES_MODE_CCM = 0x207C0040, AES_MODE_OFB = 0x24000000, + AES_MODE_XTS = 0x20001800, + AES_MODE_CBC_MAC = 0x2000800C, } csi_aes_mode_t; /** @@ -82,10 +84,16 @@ typedef struct { */ typedef struct { uint32_t key_len_byte; - uint8_t key[32]; /*Data block being processed*/ + uint8_t key[32]; /*Data block being processed*/ uint32_t sca; uint32_t is_kdf; uint32_t is_dma; + uint64_t HH[16]; + uint64_t HL[16]; + uint8_t ctr[16]; + uint8_t buf[16]; + uint32_t origin_add_len; + uint32_t origin_len; } csi_aes_context_t; /** @@ -294,7 +302,7 @@ csi_error_t csi_aes_ctr_decrypt(csi_aes_t *aes,void *in,void *out,uint32_t size, \param[in] iv init vector \return error code \ref csi_error_t */ -csi_error_t csi_aes_gcm_encrypt(csi_aes_t *aes, void *in, void *out,uint32_t size, uint32_t add_len, void *iv); +csi_error_t csi_aes_gcm_encrypt(csi_aes_t *aes, void *in, void *out, uint32_t size, uint32_t add_len, void *iv, void *tag); /** \brief Aes gcm decrypt @@ -305,7 +313,7 @@ csi_error_t csi_aes_gcm_encrypt(csi_aes_t *aes, void *in, void *out,uint32_t siz \param[in] iv init vecotr \return error code \ref csi_error_t */ -csi_error_t csi_aes_gcm_decrypt(csi_aes_t *aes, void *in, void *out,uint32_t size, uint32_t add_len, void *iv); +csi_error_t csi_aes_gcm_decrypt(csi_aes_t *aes, void *in, void *out, uint32_t size, uint32_t add_len, void *iv, void *tag); /** \brief Aes ccm encrypt @@ -317,7 +325,7 @@ csi_error_t csi_aes_gcm_decrypt(csi_aes_t *aes, void *in, void *out,uint32_t siz \param[in] tag_out tag output \return error code \ref csi_error_t */ -csi_error_t csi_aes_ccm_encrypt(csi_aes_t *aes, void *in, void *out,uint32_t size, uint32_t add_len, void *iv, uint8_t *tag_out); +csi_error_t csi_aes_ccm_encrypt(csi_aes_t *aes, void *in, void *out, uint32_t size, uint32_t add_len, void *iv, void *tag); /** \brief Aes ccm decrypt @@ -329,7 +337,7 @@ csi_error_t csi_aes_ccm_encrypt(csi_aes_t *aes, void *in, void *out,uint32_t siz \param[in] tag_out tag output \return error code \ref csi_error_t */ -csi_error_t csi_aes_ccm_decrypt(csi_aes_t *aes, void *in, void *out,uint32_t size, uint32_t add_len, void *iv, uint8_t *tag_out); +csi_error_t csi_aes_ccm_decrypt(csi_aes_t *aes, void *in, void *out, uint32_t size, uint32_t add_len, void *iv, void *tag); /** \brief Enable AES power manage @@ -347,11 +355,55 @@ void csi_aes_disable_pm(csi_aes_t *aes); /** \brief Config AES data transfer mode - \param[in] mode \ref csi_des_trans_mode_t + \param[in] mode \ref csi_des_trans_mode_t \return None */ csi_error_t csi_aes_trans_config(csi_aes_t *aes, csi_aes_trans_mode_t mode); +/** + \brief Aes xts encrypt + \param[in] dev_aes dev_aes handle to operate + \param[in] in Pointer to the Source data + \param[out] out Pointer to the Result data + \param[in] size the Source data size + \param[in] iv init vector + \param[in] key2 XTS second key + \return error code \ref csi_error_t +*/ +csi_error_t csi_aes_xts_encrypt(csi_aes_t *aes, void *in, void *out, uint32_t size, void *iv, void *key2); + +/** + \brief Aes xts decrypt + \param[in] dev_aes dev_aes handle to operate + \param[in] in Pointer to the Source data + \param[out] out Pointer to the Result data + \param[in] size the Source data size + \param[in] iv init vecotr + \param[in] key2 XTS second key + \return error code \ref csi_error_t +*/ +csi_error_t csi_aes_xts_decrypt(csi_aes_t *aes, void *in, void *out, uint32_t size, void *iv, void *key2); + +/** + \brief Aes cbc mac encrypt + \param[in] dev_aes dev_aes handle to operate + \param[in] in Pointer to the Source data + \param[in] size the Source data size + \param[out] tag tag output + \return error code \ref csi_error_t +*/ +csi_error_t csi_aes_cbc_mac_encrypt(csi_aes_t *aes, void *in, uint32_t size, void *tag); + +/** + \brief Aes cbc mac decrypt + \param[in] dev_aes dev_aes handle to operate + \param[in] in Pointer to the Source data + \param[in] size the Source data size + \param[in] tag tag authen + \return error code \ref csi_error_t +*/ +csi_error_t csi_aes_cbc_mac_decrypt(csi_aes_t *aes, void *in, uint32_t size, void *tag); + #ifdef __cplusplus } #endif diff --git a/lib/sec_library/include/sec_crypto_aes.h b/lib/sec_library/include/sec_crypto_aes.h index a4b4f2c0..7e49289c 100755 --- a/lib/sec_library/include/sec_crypto_aes.h +++ b/lib/sec_library/include/sec_crypto_aes.h @@ -27,6 +27,10 @@ #include "crypto_aes.h" #endif +#ifdef CONFIG_SEC_CRYPTO_GCM_SW +#include "crypto_gcm.h" +#endif + #ifdef __cplusplus extern "C" { #endif @@ -69,6 +73,9 @@ typedef struct { #if defined(CONFIG_SEC_CRYPTO_AES_SW) sc_mbedtls_aes_context aes_ctx; #endif +#if defined(CONFIG_SEC_CRYPTO_GCM_SW) + mbedtls_gcm_context gcm_ctx; +#endif } sc_aes_t; /*Function documentation*/ @@ -87,6 +94,14 @@ uint32_t sc_aes_init(sc_aes_t *aes, uint32_t idx); */ void sc_aes_uninit(sc_aes_t *aes); +/** + \brief Aes data transfer config + \param[in] aes handle to operate + \param[in] mode \ref sc_aes_trans_mode_t + \return error code \ref uint32_t +*/ +uint32_t sc_aes_trans_config(sc_aes_t *aes, sc_aes_trans_mode_t mode); + /** \brief Set encrypt key \param[in] aes handle to operate @@ -263,53 +278,104 @@ uint32_t sc_aes_ctr_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size,vo /** \brief Aes gcm encrypt \param[in] dev_aes dev_aes handle to operate - \param[in] in Pointer to the Source data. + \param[in] in Pointer to the Source data(add + plaintext, Add can be null, + Add and plaintext must be to an integer multiple of 16Byte) \param[out] out Pointer to the Result data - \param[in] size the Source data size - \param[in] iv init vector + \param[in] size the Source data true size + \param[in] add_len the Additional authenticated data true size + \param[in] iv Nonce(12Byte) + \param[out] tag tag output(16byte), parse null if not needed \return error code \ref csi_error_t */ -uint32_t sc_aes_gcm_encrypt(sc_aes_t *aes, void *in, void *out,uint32_t size, uint32_t add_len, void *iv); +uint32_t sc_aes_gcm_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, uint32_t add_len, void *iv, void* tag); /** \brief Aes gcm decrypt \param[in] dev_aes dev_aes handle to operate - \param[in] in Pointer to the Source data. - \param[out] out Pointer to the Result data - \param[in] size the Source data size - \param[in] iv init vecotr + \param[in] in Pointer to the Source data + \param[in] in Pointer to the Source data(add + cipher, Add can be null, + Add and plaintext must be to an integer multiple of 16Byte) + \param[in] size the Source data true size + \param[in] add_len the Additional authenticated data true size + \param[in] iv Nonce(12Byte) + \param[in] tag tag authenticated(16byte), parse null if not needed \return error code \ref csi_error_t */ -uint32_t sc_aes_gcm_decrypt(sc_aes_t *aes, void *in, void *out,uint32_t size, uint32_t add_len, void *iv); +uint32_t sc_aes_gcm_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, uint32_t add_len, void *iv, void* tag); /** \brief Aes gcm encrypt \param[in] dev_aes dev_aes handle to operate - \param[in] in Pointer to the Source data. + \param[in] in Pointer to the Source data(add + padding + plaintext + padding, Add can be null, + Add and plaintext must fill to an integer multiple of 16Byte with zero, + ignore this if the value is a multiple of 16) \param[out] out Pointer to the Result data - \param[in] size the Source data size - \param[in] iv init vector - \param[in] tag_out tag output ,parse null if not needed + \param[in] size the Source data true size + \param[in] add_len the Additional authenticated data true size + \param[in] iv Nonce(only support 7Byte) + \param[out] tag tag authenticated(onlt support 4Byte), parse null if not needed \return error code \ref csi_error_t */ -uint32_t sc_aes_ccm_encrypt(sc_aes_t *aes, void *in, void *out,uint32_t size, uint32_t add_len, void *iv, uint8_t* tag_out); +uint32_t sc_aes_ccm_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, uint32_t add_len, void *iv, void* tag); /** \brief Aes gcm decrypt \param[in] dev_aes dev_aes handle to operate - \param[in] in Pointer to the Source data. + \param[in] in Pointer to the Source data(add + padding + cipher + padding, Add can be null, + Add and cipher must fill to an integer multiple of 16 with zero, + ignore this if the value is a multiple of 16) + \param[out] out Pointer to the decrypted data + \param[in] size the Source data true size + \param[in] add_len the Additional authenticated data true size + \param[in] iv Nonce(only support 7Byte) + \param[in] tag tag authenticated(onlt support 4Byte), parse null if not needed + \return error code \ref csi_error_t +*/ +uint32_t sc_aes_ccm_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, uint32_t add_len, void *iv, void* tag); + +/** + \brief Aes xts encrypt + \param[in] aes handle to operate + \param[in] in Pointer to the Source data \param[out] out Pointer to the Result data \param[in] size the Source data size \param[in] iv init vecotr - \param[in] tag_out tag output,parse null if not needed - \return error code \ref csi_error_t + \param[in] key2 XTS Second key + \return error code \ref uint32_t */ -uint32_t sc_aes_ccm_decrypt(sc_aes_t *aes, void *in, void *out,uint32_t size, uint32_t add_len, void *iv, uint8_t* tag_out); +uint32_t sc_aes_xts_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv, void *key2); /** - \brief Aes data transfer config + \brief Aes xts decrypt + \param[in] aes handle to operate + \param[in] in Pointer to the Source data + \param[out] out Pointer to the Result data + \param[in] size the Source data size + \param[in] iv init vecotr + \param[in] key2 XTS Second key + \return error code \ref uint32_t */ -uint32_t sc_aes_trans_config(sc_aes_t *aes, sc_aes_trans_mode_t mode) ; +uint32_t sc_aes_xts_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv, void *key2); + +/** + \brief Aes cbc mac encrypt + \param[in] aes handle to operate + \param[in] in Pointer to the Source data + \param[in] size the Source data size + \param[out] tag tag output + \return error code \ref uint32_t +*/ +uint32_t sc_aes_cbc_mac_encrypt(sc_aes_t *aes, void *in, uint32_t size, void *tag); + +/** + \brief Aes cbc mac decrypt + \param[in] aes handle to operate + \param[in] in Pointer to the Source data + \param[in] size the Source data size + \param[in] tag tag authen + \return error code \ref uint32_t +*/ +uint32_t sc_aes_cbc_mac_decrypt(sc_aes_t *aes, void *in, uint32_t size, void *tag); #ifdef __cplusplus } diff --git a/lib/sec_library/include/sec_crypto_ecc.h b/lib/sec_library/include/sec_crypto_ecc.h index 30d90531..76f0134d 100644 --- a/lib/sec_library/include/sec_crypto_ecc.h +++ b/lib/sec_library/include/sec_crypto_ecc.h @@ -99,7 +99,7 @@ void sc_ecc_uninit(sc_ecc_t *ecc); \return \ref uint32_t */ uint32_t sc_ecc_config(sc_ecc_t *ecc, sc_ecc_cipher_order_e co, - sc_ecc_endian_mode_e endian); + sc_ecc_endian_mode_e endian); /** \brief Attach the callback handler to ECC @@ -124,7 +124,7 @@ uint32_t sc_ecc_detach_callback(sc_ecc_t *ecc); */ uint32_t sc_ecc_get_capabilities(sc_ecc_t *ecc, sc_ecc_capabilities_t *cap); -uint32_t sc_ecc_check_keypair(sc_ecc_t *ecc, uint8_t pubkey[65], +uint32_t sc_ecc_check_keypair(sc_ecc_t *ecc, uint8_t pubkey[64], uint8_t prikey[32]); /** @@ -134,7 +134,7 @@ uint32_t sc_ecc_check_keypair(sc_ecc_t *ecc, uint8_t pubkey[65], \param[out] public Pointer to the ecc public key, alloc by caller. \return \ref uint32_t */ -uint32_t sc_ecc_gen_key(sc_ecc_t *ecc, uint8_t pubkey[65], uint8_t prikey[32]); +uint32_t sc_ecc_gen_key(sc_ecc_t *ecc, uint8_t pubkey[64], uint8_t prikey[32]); /** @@ -144,7 +144,7 @@ uint32_t sc_ecc_gen_key(sc_ecc_t *ecc, uint8_t pubkey[65], uint8_t prikey[32]); \param[out] pubkey Pointer to the ecc public key, alloc by caller. \return \ref uint32_t */ -uint32_t sc_ecc_gen_pubkey(sc_ecc_t *ecc, uint8_t pubkey[65], +uint32_t sc_ecc_gen_pubkey(sc_ecc_t *ecc, uint8_t pubkey[64], uint8_t prikey[32], sc_ecc_curve_type type); /** @@ -156,7 +156,7 @@ uint32_t sc_ecc_gen_pubkey(sc_ecc_t *ecc, uint8_t pubkey[65], \return \ref uint32_t */ uint32_t sc_ecc_sign(sc_ecc_t *ecc, uint8_t d[32], uint8_t prikey[32], - uint8_t s[64], sc_ecc_curve_type type); + uint8_t s[64], sc_ecc_curve_type type); /** \brief ecc sign @@ -167,7 +167,7 @@ uint32_t sc_ecc_sign(sc_ecc_t *ecc, uint8_t d[32], uint8_t prikey[32], \return \ref uint32_t */ uint32_t sc_ecc_sign_async(sc_ecc_t *ecc, uint8_t d[32], uint8_t prikey[32], - uint8_t s[64], sc_ecc_curve_type type); + uint8_t s[64], sc_ecc_curve_type type); /* TODO */ /** @@ -178,8 +178,8 @@ uint32_t sc_ecc_sign_async(sc_ecc_t *ecc, uint8_t d[32], uint8_t prikey[32], \param[out] s Pointer to the signature \return verify result */ -bool sc_ecc_verify(sc_ecc_t *ecc, uint8_t d[32], uint8_t pubkey[65], - uint8_t s[64], sc_ecc_curve_type type); +bool sc_ecc_verify(sc_ecc_t *ecc, uint8_t d[32], uint8_t pubkey[64], + uint8_t s[64], sc_ecc_curve_type type); /** \brief ecc verify @@ -189,8 +189,8 @@ bool sc_ecc_verify(sc_ecc_t *ecc, uint8_t d[32], uint8_t pubkey[65], \param[out] s Pointer to the signature \return verify result */ -bool sc_ecc_verify_async(sc_ecc_t *ecc, uint8_t d[32], uint8_t pubkey[65], - uint8_t s[64], sc_ecc_curve_type type); +bool sc_ecc_verify_async(sc_ecc_t *ecc, uint8_t d[32], uint8_t pubkey[64], + uint8_t s[64], sc_ecc_curve_type type); /** \brief ecc encrypto @@ -203,7 +203,7 @@ bool sc_ecc_verify_async(sc_ecc_t *ecc, uint8_t d[32], uint8_t pubkey[65], \return uint32_t */ uint32_t sc_ecc_encrypt(sc_ecc_t *ecc, uint8_t *plain, uint32_t plain_len, - uint8_t pubKey[65], uint8_t *cipher, + uint8_t pubKey[64], uint8_t *cipher, uint32_t *cipher_len); /** @@ -237,7 +237,7 @@ uint32_t sc_ecc_exchangekey(sc_ecc_t *ecc, sc_ecc_exchange_role_e role, \return uint32_t */ uint32_t sc_ecc_getZ(sc_ecc_t *ecc, uint8_t *id, uint32_t id_len, - uint8_t pubkey[65], uint8_t z[32]); + uint8_t pubkey[65], uint8_t z[32]); /** \brief ecc key exchange get E @@ -245,7 +245,7 @@ uint32_t sc_ecc_getZ(sc_ecc_t *ecc, uint8_t *id, uint32_t id_len, \return uint32_t */ uint32_t sc_ecc_getE(sc_ecc_t *ecc, uint8_t *m, uint32_t len, uint8_t z[32], - uint8_t e[32]); + uint8_t e[32]); /** \brief Get ECC state. diff --git a/lib/sec_library/include/sec_crypto_ecdh.h b/lib/sec_library/include/sec_crypto_ecdh.h index 73020250..085139d1 100644 --- a/lib/sec_library/include/sec_crypto_ecdh.h +++ b/lib/sec_library/include/sec_crypto_ecdh.h @@ -1,53 +1,104 @@ /* - * Copyright (C) 2017-2022 Alibaba Group Holding Limited + * Copyright (C) 2017-2023 Alibaba Group Holding Limited */ /****************************************************************************** - * @file sec_crypto_ecdh.h - * @brief Header File for curve25519( a state-of-the-art Diffie-Hellman function) - * @version V3.3 - * @date 10. June 2022 + * @file sec_crypt_ecdh.h + * @brief Header File for ECDH + * @version V1.0 + * @date 12. May 2023 * @model ecdh ******************************************************************************/ #ifndef _SC_ECDH_H_ #define _SC_ECDH_H_ -#include "sec_include_config.h" -#define CONFIG_SEC_CRYPTO_ECC +#include +#include +#include -#ifdef CONFIG_SEC_CRYPTO_ECC +#ifdef CONFIG_SYSTEM_SECURE +#ifdef SEC_LIB_VERSION +#include +#else +#include "ecc.h" +#endif +#endif + +#ifdef CONFIG_SEC_CRYPTO_ECC_SW +#include "crypto_ecc_dsa.h" +#endif #ifdef __cplusplus extern "C" { #endif -#ifdef SEC_LIB_VERSION -#include "drv/ecdh.h" -#include "drv/ecc.h" -#include "sec_crypto_ecc.h" -#else -#include "ecdh.h" -#include "ecc.h" -#include "sec_crypto_ecc.h" -#endif +#define EC_SECP521R1_SECRET_KEY_LEN 32 /** - \brief ecdh calc secret - \param[in] ecc ecc handle to operate. - \param[in] pubkey Pointer to the A(or B) public key. - \param[out] privkey Pointer to the B(or A) private key. - \param[out] out Pointer to the share secret. - \param[out] len length of the share secret. - \return \ref uint32_t. +\brief ECDH Ctrl Block */ +typedef struct { +#ifdef CONFIG_SYSTEM_SECURE +#ifdef CONFIG_CSI_V1 + aes_handle_t handle; +#endif +#ifdef CONFIG_CSI_V2 + // csi_ecdh_t csi_ecdh; + csi_ecc_t csi_ecdh; +#endif +#endif +#if defined(CONFIG_TEE_CA) +#endif +#if defined(CONFIG_SEC_CRYPTO_ECC_SW) + uECC_Curve ecdh_ctx; +#endif +} sc_ecdh_t; -uint32_t sc_ecdh_calc_secret(sc_ecc_t *ecc, uint8_t privkey[32], - uint8_t pubkey[65], uint8_t out[32], - uint32_t *len, sc_ecc_curve_type type) ; +// Function documentation +/** + \brief Initialize ECDH interface. Initializes the resources needed for the ECDH interface + \param[in] ecdh Handle to operate + \param[in] idx Device id + \return Error code +*/ +uint32_t sc_ecdh_init(sc_ecdh_t *ecdh, uint32_t idx); + +/** + \brief De-initialize ECDH interface. Stops operation and releases the software resources used by the interface + \param[in] ecdh Dandle to operate + \return None +*/ +void sc_ecdh_uninit(sc_ecdh_t *ecdh); + +/** + \brief Load curve param to engin + \param[in] ecdh Handle to operate + \param[in] type Pointer to \ref sc_curve_type_t + \return Error code +*/ +uint32_t sc_ecdh_load_curve(sc_ecdh_t *ecdh, sc_curve_type_t type); + +/** + \brief ECDH generate key pairs + \param[in] ecdh Handle to operate + \param[out] privkey Pointer to the private key buf + \param[out] pubkey Pointer to the public key buf + \return Error code +*/ +uint32_t sc_ecdh_gen_keypair(sc_ecdh_t *ecdh, uint8_t *prikey, uint8_t *pubkey); + +/** + \brief ECDH ECDH generate secret key + \param[in] ecdh Handle to operate + \param[in] privkey Pointer to the private key buf of Alice + \param[in] pubkey Pointer to the public key buf of Bob + \param[out] sk Pointer to the secret key buf + \param[out] sk_len The secret key length + \return Error code +*/ +uint32_t sc_ecdh_calc_secret(sc_ecdh_t *ecdh, const uint8_t *privkey, const uint8_t *pubkey, + uint8_t *sk, uint32_t *sk_len); #ifdef __cplusplus } #endif - -#endif - -#endif /* _SC_CURVE15519_H_ */ +#endif /* _SC_ECDH_H_ */ diff --git a/lib/sec_library/include/sec_crypto_ecdsa.h b/lib/sec_library/include/sec_crypto_ecdsa.h new file mode 100755 index 00000000..37a42553 --- /dev/null +++ b/lib/sec_library/include/sec_crypto_ecdsa.h @@ -0,0 +1,120 @@ +/* + * Copyright (C) 2017-2023 Alibaba Group Holding Limited + */ +/****************************************************************************** + * @file seccrypt_ecdsa.h + * @brief Header File for ECDSA + * @version V1.0 + * @date 11. May 2023 + * @model ecdsa + ******************************************************************************/ +#ifndef _SC_ECDSA_H_ +#define _SC_ECDSA_H_ + +#include +#include + + +#ifdef CONFIG_SYSTEM_SECURE +// #include "drv/ecdsa.h" +#endif + +#ifdef CONFIG_SEC_CRYPTO_ECC_SW +#include "crypto_ecc_dsa.h" +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +typedef enum { + SC_CURVES_SECP256K1 = 0U, /* SECG curve over a 256 bit prime field */ + SC_CURVES_SECP384R1, /* NIST/SECG curve over a 384 bit prime field */ + SC_CURVES_SECP521R1, /* NIST/SECG curve over a 521 bit prime field */ + SC_CURVES_BRAINPOOL256R1, /* RFC 5639 curve over a 256 prime field */ + SC_CURVES_BRAINPOOL256T1, /* RFC 5639 curve over a 256 prime field */ + SC_CURVES_BRAINPOOL512R1, /* RFC 5639 curve over a 512 prime field */ + SC_CURVES_BRAINPOOL512T1, /* RFC 5639 curve over a 512 prime field */ +} sc_curve_type_t; + +#define EC_SECP521R1_PRIVATE_KEY_LEN 32 +#define EC_SECP521R1_PUBLIC_KEY_LEN 64 +#define EC_SECP521R1_DIGEST_LEN 32 +#define EC_SECP521R1_SIGNATURE_LEN 64 + +/** +\brief ECDSA Ctrl Block +*/ +typedef struct { +#ifdef CONFIG_SYSTEM_SECURE +#ifdef CONFIG_CSI_V1 + aes_handle_t handle; +#endif +#ifdef CONFIG_CSI_V2 + // csi_ecdsa_t csi_ecdsa; +#endif +#endif +#if defined(CONFIG_TEE_CA) +#endif +#if defined(CONFIG_SEC_CRYPTO_ECC_SW) + uECC_Curve ecdsa_ctx; +#endif +} sc_ecdsa_t; + +// Function documentation +/** + \brief Initialize ECDSA interface. Initializes the resources needed for the ECDSA interface + \param[in] ecdsa Handle to operate + \param[in] idx Device id + \return Error code +*/ +uint32_t sc_ecdsa_init(sc_ecdsa_t *ecdsa, uint32_t idx); + +/** + \brief De-initialize ECDSA interface. Stops operation and releases the software resources used by the interface + \param[in] ecdsa Dandle to operate + \return None +*/ +void sc_ecdsa_uninit(sc_ecdsa_t *ecdsa); + +/** + \brief Load curve param to engin + \param[in] ecdsa Handle to operate + \param[in] type Pointer to \ref csi_curve_type_t + \return Error code +*/ +uint32_t sc_ecdsa_load_curve(sc_ecdsa_t *ecdsa, sc_curve_type_t type); + +/** + \brief Ecdsa Sign + \param[in] ecdsa Handle to operate + \param[in] prikey Pointer to the private key buf + \param[in] prikey_len The private key length + \param[in] dgst Pointer to the digest buf + \param[in] dgst_len The digest length + \param[out] sig Pointer to the signature buf + \param[out] sig_len The signature length + \return Error code +*/ +uint32_t sc_ecdsa_sign(sc_ecdsa_t *ecdsa, const uint8_t *prikey, uint32_t prikey_len, + const uint8_t *dgst, uint32_t dgst_len, uint8_t *sig, uint32_t *sig_len); + +/** + \brief Ecdsa Verify + \param[in] ecdsa Handle to operate + \param[in] pubkey Pointer to the public key buf + \param[in] prikey_len The public key length + \param[in] dgst Pointer to the digest buf + \param[in] dgst_len The digest length + \param[in] sig Pointer to the signature buf + \param[in] sig_len The signature length + \return Error code +*/ +uint32_t sc_ecdsa_verify(sc_ecdsa_t *ecdsa, const uint8_t *pubkey, uint32_t pubkey_len, + const uint8_t *dgst, uint32_t gst_len, const uint8_t *sig, uint32_t sig_len); + + +#ifdef __cplusplus +} +#endif +#endif /* _SC_ECDSA_H_ */ diff --git a/lib/sec_library/include/sec_crypto_gcm.h b/lib/sec_library/include/sec_crypto_gcm.h new file mode 100644 index 00000000..6e417e17 --- /dev/null +++ b/lib/sec_library/include/sec_crypto_gcm.h @@ -0,0 +1,117 @@ +/* + * Copyright (C) 2017-2020 Alibaba Group Holding Limited + */ +/****************************************************************************** + * @file seccrypt_aes.h + * @brief Header File for AES + * @version V1.0 + * @date 20. Jul 2020 + * @model aes + ******************************************************************************/ +#ifndef _SC_GCM_H_ +#define _SC_GCM_H_ + +#include "sec_include_config.h" +#include +#include "sec_crypto_errcode.h" + +#ifdef CONFIG_SEC_CRYPTO_AES_SW +#include "crypto_aes.h" +#include +#endif + +#ifdef CONFIG_SEC_CRYPTO_GCM_SW +#include "crypto_gcm.h" +#endif + +#ifdef __cplusplus +extern "C" { +#endif + + +/*Function documentation*/ +/** + \brief Initialize AES Interface. Initializes the resources needed for the AES interface + \param[in] aes operate handle + \param[in] idx device id + \return error code \ref uint32_t +*/ +uint32_t sc_gcm_init(sc_aes_t *aes, uint32_t idx); + +/** + \brief De-initialize AES Interface. stops operation and releases the software resources used by the interface + \param[in] aes handle to operate + \return None +*/ +void sc_gcm_uninit(sc_aes_t *aes); + +/** + \brief Set encrypt key + \param[in] aes handle to operate + \param[in] key Pointer to the key buf + \param[in] key_len Pointer to \ref sc_aes_key_bits_t + \return error code \ref uint32_t +*/ +uint32_t sc_gcm_set_encrypt_key(sc_aes_t *aes, void *key, sc_aes_key_bits_t key_len); + +/** + \brief Set decrypt key + \param[in] aes handle to operate + \param[in] key Pointer to the key buf + \param[in] key_len Pointer to \ref sc_aes_key_bits_t + \return error code \ref uint32_t +*/ +uint32_t sc_gcm_set_decrypt_key(sc_aes_t *aes, void *key, sc_aes_key_bits_t key_len); + +/** + \brief gcm encrypt data + \param[in] aes aes handle to operate + \param[in] length Length of plaintext buffer + \param[in] iv_len Length of iv buffer + \param[in] add Pointer to the add buf, can be NULL + \param[in] add_len Length of add buffer, can ben zero + \param[in] input Pointer to the plaintext buf + \param[in] output Pointer to the cipher buf + \param[in] tag_len Length of tag buffer + \param[in] tag Pointer to the tag buf + \return error code \ref uint32_t +*/ +uint32_t sc_gcm_encrypt_and_tag(sc_aes_t *aes, uint32_t length, + const void *iv, + uint32_t iv_len, + const void *add, + uint32_t add_len, + const void *input, + void *output, + uint32_t tag_len, + void *tag); + +/** + \brief Aes gcm decrypt + \param[in] aes aes handle to operate + \param[in] length Length of cipher buffer + \param[in] iv Pointer to the iv buf + \param[in] iv_len Length of iv buffer + \param[in] add Pointer to the add buf, can be NULL + \param[in] add_len Length of add buffer, can ben zero + \param[in] input Pointer to the cipher buf + \param[in] output Pointer to the plaintext buf + \param[in] tag_len Length of tag buffer + \param[in] tag Pointer to the tag buf + \return error code \ref uint32_t +*/ +uint32_t sc_gcm_auth_decrypt(sc_aes_t *aes, uint32_t length, + const void *iv, + uint32_t iv_len, + const void *add, + uint32_t add_len, + const void *tag, + uint32_t tag_len, + const void *input, + void *output); + +#ifdef __cplusplus +} +#endif + +#endif /* _SC_AES_H_ */ diff --git a/lib/sec_library/include/sec_ecies_crypto.h b/lib/sec_library/include/sec_ecies_crypto.h new file mode 100644 index 00000000..1f392af9 --- /dev/null +++ b/lib/sec_library/include/sec_ecies_crypto.h @@ -0,0 +1,100 @@ +#ifndef __SEC_ECIES_CRYPTO_H__ +#define __SEC_ECIES_CRYPTO_H__ +#ifdef _WIN32 +#include "win_ctypes.h" +#else +#include +#endif +/** + \brief Ecies malloc + \param[in] size + \return error code \ref int +*/ +void *csi_ecies_malloc(uint32_t size); + +/** + \brief Ecies free + \param[in] buffer + \return error code \ref int +*/ +void csi_ecies_free(void *buffer); + +/** + \brief Ecies transmit apdu command message + \param[in] ss session handle to operate + \param[in] apdu Pointer to the apdu buf + \param[in] apduLen Length of apdu buffer + \param[out] apduResponse Pointer to the apduResponse buf + \param[out] apduResponseLen Length of apduResponse buffer + \return error code \ref int +*/ +int csi_ecies_transmit_apdu(void *ss, const uint8_t *apdu, + uint32_t apduLen, uint8_t *apduResponse, uint32_t *apduResponseLen); + +/** + \brief Ecies generate ec key pair + \param[in] ss session handle to operate + \param[out] privateKey Pointer to the private key buf + \param[out] privateKeyLen Length of private key + \param[out] publicKey Pointer to the public key buf + \param[out] publicKeyLen Length of public key + \return error code \ref int +*/ +int csi_ecies_generate_keypair(void *ss, uint8_t *privateKey, uint32_t *privateKeyLen, + uint8_t *publicKey, uint32_t *publicKeyLen); + +/** + \brief Ecies generate ec share key + \param[in] ss session handle to operate + \param[in] privateKey Pointer to the private key buf + \param[in] privateKeyLen Length of private key + \param[in] publicKey Pointer to the public key buf + \param[in] publicKeyLen Length of public key + \param[out] shareKey Pointer to the share key buf + \param[out] shareKeyLen Length of share key + \return error code \ref int +*/ +int csi_ecies_generate_share_key(void *ss, const uint8_t *privateKey, uint32_t privateKeyLen, + const uint8_t *publicKey, uint32_t publicKeyLen, uint8_t *shareKey, uint32_t *shareKeyLen); + +/** + \brief Ecies kdf ec share key + \param[in] ss session handle to operate + \param[in] shareKey Pointer to the share key buf + \param[in] shareKeyLen Length of share key + \param[in] encKeyLen Length of encrypt key + \param[out] encKey Pointer to the encrypt key buf + \param[in] macKeyLen Length of mac key + \param[out] macKey Pointer to the mac key buf + \return error code \ref int +*/ +int csi_ecies_kdf_key(void *ss, const uint8_t *shareKey, uint32_t shareKeyLen, + uint32_t encKeyLen, uint8_t *encKey, uint32_t macKeyLen, uint8_t *macKey); + +/** + \brief Ecies encrypt and generate tag + \param[in] ss session handle to operate + \param[in] length Length of input buffer + \param[in] input Pointer to the input buf + \param[out] output Pointer to the output buf + \param[in] tagLen Length of tag + \param[out] tag Pointer to the tag buf + \return error code \ref int +*/ +int csi_ecies_encrypt_and_tag(void *ss, uint32_t length, const uint8_t *input, uint8_t *output, + uint32_t tagLen, uint8_t *tag); + +/** + \brief Ecies auth tag and decrypt + \param[in] ss session handle to operate + \param[in] length Length of input buffer + \param[in] tag Pointer to the tag buf + \param[in] tagLen Length of tag + \param[in] input Pointer to the input buf + \param[out] output Pointer to the output buf + \return error code \ref int +*/ +int csi_ecies_auth_decrypt(void *ss, uint32_t length, const uint8_t *tag, uint32_t tagLen, + const uint8_t *input, uint8_t *output); + +#endif /* __SEC_ECIES_CRYPTO_H__ */ diff --git a/lib/sec_library/include/sec_ecies_session.h b/lib/sec_library/include/sec_ecies_session.h new file mode 100644 index 00000000..2c96747c --- /dev/null +++ b/lib/sec_library/include/sec_ecies_session.h @@ -0,0 +1,170 @@ +#ifndef __SEC_ECIES_SESSION_H__ +#define __SEC_ECIES_SESSION_H__ + +#ifdef _WIN32 +#include "win_ctypes.h" +#else +#include +#endif + +#include + +#define ECIES_SDATA_MAX_LEN (1024*1024*16) +#define ECIES_SDATA_RESPONSE_LEN 256 +#define ECIES_INIT_COMMAND_LEN 256 +#define ECIES_INIT_RESPONSE_LEN 256 +#define ECIES_CLOSE_COMMAND_LEN 32 +#define ECIES_CLOSE_RESPONSE_LEN 32 +#define ECIES_FIXED_COMMAND_LEN 16 +#define ECIES_KEY_LEN 128 +#define ECIES_TAG_LEN 16 +#define ECIES_TAG_LEN 16 +#define ECIES_DID_LEN 16 + +#define ECIES_SEQ_DEFAULT 0x8000E000 +#define ECIES_TIMEOUT_TIME 5 /* seconds */ + +#define ECIES_CLA_INITIALIZE_UPDATE 0x10 +#define ECIES_CLA_INITIALIZE_UPDATE_RESPONSE 0x20 +#define ECIES_CLA_SDATA_SEND 0x30 +#define ECIES_CLA_SDATA_SEND_RESPONSE 0x40 +#define ECIES_CLA_SESSION_CLOSE 0x50 +#define ECIES_CLA_SESSION_CLOSE_RESPONSE 0x60 + +#define ECIES_RESPONSE_OK 0x90 +#define ECIES_RESPONSE_SESSION_OPENED_ERROR 0x91 +#define ECIES_RESPONSE_GEN_KEY_PAIR_ERROR 0x92 +#define ECIES_RESPONSE_GEN_SHARE_KEY_ERROR 0x93 +#define ECIES_RESPONSE_GEN_AUTH_DECRYPT_ERROR 0x94 +#define ECIES_RESPONSE_SESSION_MEM_ERROR 0x95 +#define ECIES_RESPONSE_SESSION_SEQ_ERROR 0x96 +#define ECIES_RESPONSE_SESSION_SID_ERROR 0x97 + +#define ECIES_CLA_LEN 0x01 +#define ECIES_INS_LEN 0x01 +#define ECIES_P0_LEN 0x04 +#define ECIES_P1_LEN 0x04 +#define ECIES_P2_LEN 0x01 +#define ECIES_LC_LEN 0x04 +#define ECIES_LE_LEN 0x01 + +#define ECIES_CLA_OFFSET 0x00 +#define ECIES_INS_OFFSET (ECIES_CLA_OFFSET + ECIES_CLA_LEN) +#define ECIES_P0_OFFSET (ECIES_INS_OFFSET + ECIES_INS_LEN) +#define ECIES_P1_OFFSET (ECIES_P0_OFFSET + ECIES_P0_LEN) +#define ECIES_P2_OFFSET (ECIES_P1_OFFSET + ECIES_P1_LEN) +#define ECIES_LC_OFFSET (ECIES_P2_OFFSET + ECIES_P2_LEN) +#define ECIES_DATA_OFFSET (ECIES_LC_OFFSET + ECIES_LC_LEN) + +enum { + ECIES_SS_CLOSE = 0, + ECIES_SS_OPEN, +}; + +typedef struct _ecies_dev { + void *context; + void *transmit; + uint8_t DID[ECIES_DID_LEN]; + uint8_t DIDLen; +} ecies_dev; + +typedef struct _ecies_session_t { + ecies_dev dev; + uint8_t schemeType; + uint8_t shareKeyLen; + uint8_t encKeyLen; + uint8_t macKeyLen; + uint8_t shareKey[ECIES_KEY_LEN]; + uint8_t encKey[ECIES_KEY_LEN]; + uint8_t macKey[ECIES_KEY_LEN]; + uint32_t sequenceNumber; + uint32_t SID; + uint32_t timeout; + uint32_t isOpen; +} ecies_session_t; + +typedef enum { + EC_PRIME256V1_AES_GCM_256 = 0, +}scheme_type; + +/** + \brief Ecies host initialization session + \param[in] session session handle to operate + \param[in] context Pointer to the user-defined context + \param[in] transmit Pointer to the user-implemented transfer + \param[in] schemeType Security scheme selection + \param[in] DID Pointer to the device ID buf + \param[in] DIDLen Length of the device ID + \return error code \ref int +*/ +int hal_ecies_host_init(ecies_session_t *session, void *context, void *transmit, uint8_t schemeType, uint8_t *DID, uint32_t DIDLen); + +/** + \brief Ecies host session + \param[in] session session handle to operate + \return error code \ref int +*/ +int hal_ecies_host_session_open(ecies_session_t *session); + +/** + \brief Ecies host comm session + \param[in] session session handle to operate + \param[in] data Pointer to the data to be encrypted + \param[in] data_len Length of the data + \return error code \ref int +*/ +int hal_ecies_host_session_comm(ecies_session_t *session, uint8_t *data, uint32_t dataLen); + +/** + \brief Ecies host close session + \param[in] session session handle to operate + \return error code \ref int +*/ +int hal_ecies_host_session_close(ecies_session_t *session); + +/** + \brief Ecies host uninitiated session + \param[in] session session handle to operate + \return error code \ref int +*/ +int hal_ecies_host_uninit(ecies_session_t *session); + +/** + \brief Ecies slave initialization session + \param[in] session session handle to operate + \return error code \ref int +*/ +int hal_ecies_slave_init(ecies_session_t *session); + +/** + \brief Ecies slave comm session + \param[in] session session handle to operate + \param[in] apdu Pointer to the apdu buf + \param[in] apduLen Length of the apdu buffer + \param[out] apduResponse Pointer to the apduResponse buf + \param[out] apduResponseLen Length of the apduResponseLen buffer + \param[out] out Pointer to the out buf to be decrypted + \param[out] outLen Length of the out buffer + \return error code \ref int +*/ +int hal_ecies_slave_session_comm(ecies_session_t *session, uint8_t *apdu, uint32_t apduLen, + uint8_t *apduResponse, uint32_t *apduResponseLen, uint8_t *out, uint32_t *outLen); + +/** + \brief Ecies slave uninitiated session + \param[in] session session handle to operate + \return error code \ref int +*/ +int hal_ecies_slave_uninit(ecies_session_t *session); + +/** + \brief Ecies host get CLA and errcode + \param[in] apduResponse Pointer to the apduResponse buf + \param[in] apduResponseLen Length of the apduResponseLen buffer + \param[out] CLA CLA one byte len + \param[out] errcode Error code one byte len + \return error code \ref int +*/ +int hal_ecies_status_get(uint8_t *apduResponse, uint32_t apduResponseLen, uint8_t *CLA, uint8_t *status); + +#endif /* __SEC_ECIES_SESSION_H__ */ diff --git a/lib/sec_library/include/sec_library.h b/lib/sec_library/include/sec_library.h index 0f4ad615..3728a0f6 100755 --- a/lib/sec_library/include/sec_library.h +++ b/lib/sec_library/include/sec_library.h @@ -28,6 +28,8 @@ #include "sec_crypto_ecc.h" #include "sec_crypto_ecdh.h" #include "csi_sec_img_verify.h" +#include "sec_ecies_crypto.h" +#include "sec_ecies_session.h" /* NOTE add more header */ #endif /* _SL_H_ */ diff --git a/lib/sec_library/include/soft_crypto/crypto_aes.h b/lib/sec_library/include/soft_crypto/crypto_aes.h new file mode 100755 index 00000000..788c4ba5 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_aes.h @@ -0,0 +1,320 @@ +/** + * \file aes.h + * + * \brief AES block cipher + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_MBEDTLS_AES_H +#define SC_MBEDTLS_AES_H + +#include "crypto_config.h" + +#include +#include +#include "sec_crypto_errcode.h" + +/* padlock.c and aesni.c rely on these values! */ +#define MBEDTLS_AES_ENCRYPT 1 +#define MBEDTLS_AES_DECRYPT 0 + +#define SC_MBEDTLS_ERR_AES_INVALID_KEY_LENGTH SC_INVALID_KEY_LENGTH /**< Invalid key length. */ +#define SC_MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH SC_INVALID_INPUT_LENGTH /**< Invalid data input length. */ + + +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief AES context structure + * + * \note buf is able to hold 32 extra bytes, which can be used: + * - for alignment purposes if VIA padlock is used, and/or + * - to simplify key expansion in the 256-bit case by + * generating an extra round key + */ +typedef struct +{ + int nr; /*!< number of rounds */ + uint32_t *rk; /*!< AES round keys */ + uint32_t buf[68]; /*!< unaligned data */ +} +sc_mbedtls_aes_context; + +/** + * \brief Initialize AES context + * + * \param ctx AES context to be initialized + */ +void sc_mbedtls_aes_init( sc_mbedtls_aes_context *ctx ); + +/** + * \brief Clear AES context + * + * \param ctx AES context to be cleared + */ +void sc_mbedtls_aes_free( sc_mbedtls_aes_context *ctx ); + +/** + * \brief AES key schedule (encryption) + * + * \param ctx AES context to be initialized + * \param key encryption key + * \param keybits must be 128, 192 or 256 + * + * \return 0 if successful, or SC_MBEDTLS_ERR_AES_INVALID_KEY_LENGTH + */ +int sc_mbedtls_aes_setkey_enc( sc_mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits ); + +/** + * \brief AES key schedule (decryption) + * + * \param ctx AES context to be initialized + * \param key decryption key + * \param keybits must be 128, 192 or 256 + * + * \return 0 if successful, or SC_MBEDTLS_ERR_AES_INVALID_KEY_LENGTH + */ +int sc_mbedtls_aes_setkey_dec( sc_mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits ); + +/** + * \brief AES-ECB block encryption/decryption + * + * \param ctx AES context + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT + * \param input 16-byte input block + * \param output 16-byte output block + * + * \return 0 if successful + */ +int sc_mbedtls_aes_crypt_ecb( sc_mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ); + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +/** + * \brief AES-CBC buffer encryption/decryption + * Length should be a multiple of the block + * size (16 bytes) + * + * \note Upon exit, the content of the IV is updated so that you can + * call the function same function again on the following + * block(s) of data and get the same result as if it was + * encrypted in one call. This allows a "streaming" usage. + * If on the other hand you need to retain the contents of the + * IV, you should either save it manually or use the cipher + * module instead. + * + * \param ctx AES context + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful, or SC_MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH + */ +int sc_mbedtls_aes_crypt_cbc( sc_mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_CIPHER_MODE_CFB) +/** + * \brief AES-CFB128 buffer encryption/decryption. + * + * Note: Due to the nature of CFB you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * sc_mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. + * + * \note Upon exit, the content of the IV is updated so that you can + * call the function same function again on the following + * block(s) of data and get the same result as if it was + * encrypted in one call. This allows a "streaming" usage. + * If on the other hand you need to retain the contents of the + * IV, you should either save it manually or use the cipher + * module instead. + * + * \param ctx AES context + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT + * \param length length of the input data + * \param iv_off offset in IV (updated after use) + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful + */ +int sc_mbedtls_aes_crypt_cfb128( sc_mbedtls_aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief AES-CFB8 buffer encryption/decryption. + * + * Note: Due to the nature of CFB you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * sc_mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. + * + * \note Upon exit, the content of the IV is updated so that you can + * call the function same function again on the following + * block(s) of data and get the same result as if it was + * encrypted in one call. This allows a "streaming" usage. + * If on the other hand you need to retain the contents of the + * IV, you should either save it manually or use the cipher + * module instead. + * + * \param ctx AES context + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful + */ +int sc_mbedtls_aes_crypt_cfb8( sc_mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); +#endif /*MBEDTLS_CIPHER_MODE_CFB */ + +#if defined(MBEDTLS_CIPHER_MODE_CTR) +/** + * \brief AES-CTR buffer encryption/decryption + * + * Warning: You have to keep the maximum use of your counter in mind! + * + * Note: Due to the nature of CTR you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * sc_mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. + * + * \param ctx AES context + * \param length The length of the data + * \param nc_off The offset in the current stream_block (for resuming + * within current cipher stream). The offset pointer to + * should be 0 at the start of a stream. + * \param nonce_counter The 128-bit nonce and counter. + * \param stream_block The saved stream-block for resuming. Is overwritten + * by the function. + * \param input The input data stream + * \param output The output data stream + * + * \return 0 if successful + */ +int sc_mbedtls_aes_crypt_ctr( sc_mbedtls_aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output ); +#endif /* MBEDTLS_CIPHER_MODE_CTR */ + +/** + * \brief Internal AES block encryption function + * (Only exposed to allow overriding it, + * see MBEDTLS_AES_ENCRYPT_ALT) + * + * \param ctx AES context + * \param input Plaintext block + * \param output Output (ciphertext) block + * + * \return 0 if successful + */ +int sc_mbedtls_internal_aes_encrypt( sc_mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ); + +/** + * \brief Internal AES block decryption function + * (Only exposed to allow overriding it, + * see MBEDTLS_AES_DECRYPT_ALT) + * + * \param ctx AES context + * \param input Ciphertext block + * \param output Output (plaintext) block + * + * \return 0 if successful + */ +int sc_mbedtls_internal_aes_decrypt( sc_mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ); + + +/** + * \brief Internal AES block encryption function + * (Only exposed to allow overriding it, + * see MBEDTLS_AES_ENCRYPT_ALT) + * + * \deprecated Superseded by sc_mbedtls_aes_encrypt_ext() in 2.5.0 + * + * \param ctx AES context + * \param input Plaintext block + * \param output Output (ciphertext) block + */ +static inline void sc_mbedtls_aes_encrypt( + sc_mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ) +{ + sc_mbedtls_internal_aes_encrypt( ctx, input, output ); +} + +/** + * \brief Internal AES block decryption function + * (Only exposed to allow overriding it, + * see MBEDTLS_AES_DECRYPT_ALT) + * + * \deprecated Superseded by sc_mbedtls_aes_decrypt_ext() in 2.5.0 + * + * \param ctx AES context + * \param input Ciphertext block + * \param output Output (plaintext) block + */ +static inline void sc_mbedtls_aes_decrypt( + sc_mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ) +{ + sc_mbedtls_internal_aes_decrypt( ctx, input, output ); +} + + +#ifdef __cplusplus +} +#endif + + +#endif /* aes.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_asn1.h b/lib/sec_library/include/soft_crypto/crypto_asn1.h new file mode 100755 index 00000000..d15e29af --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_asn1.h @@ -0,0 +1,336 @@ +/** + * \file asn1.h + * + * \brief Generic ASN.1 parsing + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_MBEDTLS_ASN1_H +#define SC_MBEDTLS_ASN1_H + +#include "crypto_config.h" + +#include + +#include "crypto_bignum.h" + +/** + * \addtogroup asn1_module + * \{ + */ + +/** + * \name ASN1 Error codes + * These error codes are OR'ed to X509 error codes for + * higher error granularity. + * ASN1 is a standard to specify data structures. + * \{ + */ +#define SC_MBEDTLS_ERR_ASN1_OUT_OF_DATA SC_INVALID_FORMAT /**< Out of data when parsing an ASN1 data structure. */ +#define SC_MBEDTLS_ERR_ASN1_UNEXPECTED_TAG SC_INVALID_FORMAT /**< ASN1 tag was of an unexpected value. */ +#define SC_MBEDTLS_ERR_ASN1_INVALID_LENGTH SC_INVALID_FORMAT /**< Error when trying to determine the length or invalid length. */ +#define SC_MBEDTLS_ERR_ASN1_LENGTH_MISMATCH SC_INVALID_FORMAT /**< Actual length differs from expected length. */ +#define SC_MBEDTLS_ERR_ASN1_INVALID_DATA SC_INVALID_FORMAT /**< Data is invalid. (not used) */ +#define SC_MBEDTLS_ERR_ASN1_ALLOC_FAILED SC_INVALID_FORMAT /**< Memory allocation failed */ +#define SC_MBEDTLS_ERR_ASN1_BUF_TOO_SMALL SC_INVALID_FORMAT /**< Buffer too small when writing ASN.1 data structure. */ + +/* \} name */ + +/** + * \name DER constants + * These constants comply with DER encoded the ANS1 type tags. + * DER encoding uses hexadecimal representation. + * An example DER sequence is:\n + * - 0x02 -- tag indicating INTEGER + * - 0x01 -- length in octets + * - 0x05 -- value + * Such sequences are typically read into \c ::mbedtls_x509_buf. + * \{ + */ +#define MBEDTLS_ASN1_BOOLEAN 0x01 +#define MBEDTLS_ASN1_INTEGER 0x02 +#define MBEDTLS_ASN1_BIT_STRING 0x03 +#define MBEDTLS_ASN1_OCTET_STRING 0x04 +#define MBEDTLS_ASN1_NULL 0x05 +#define MBEDTLS_ASN1_OID 0x06 +#define MBEDTLS_ASN1_UTF8_STRING 0x0C +#define MBEDTLS_ASN1_SEQUENCE 0x10 +#define MBEDTLS_ASN1_SET 0x11 +#define MBEDTLS_ASN1_PRINTABLE_STRING 0x13 +#define MBEDTLS_ASN1_T61_STRING 0x14 +#define MBEDTLS_ASN1_IA5_STRING 0x16 +#define MBEDTLS_ASN1_UTC_TIME 0x17 +#define MBEDTLS_ASN1_GENERALIZED_TIME 0x18 +#define MBEDTLS_ASN1_UNIVERSAL_STRING 0x1C +#define MBEDTLS_ASN1_BMP_STRING 0x1E +#define MBEDTLS_ASN1_PRIMITIVE 0x00 +#define MBEDTLS_ASN1_CONSTRUCTED 0x20 +#define MBEDTLS_ASN1_CONTEXT_SPECIFIC 0x80 +/* \} name */ +/* \} addtogroup asn1_module */ + +/** Returns the size of the binary string, without the trailing \\0 */ +#define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1) + +/** + * Compares an sc_mbedtls_asn1_buf structure to a reference OID. + * + * Only works for 'defined' oid_str values (MBEDTLS_OID_HMAC_SHA1), you cannot use a + * 'unsigned char *oid' here! + */ +#define MBEDTLS_OID_CMP(oid_str, oid_buf) \ + ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \ + memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \name Functions to parse ASN.1 data structures + * \{ + */ + +/** + * Type-length-value structure that allows for ASN1 using DER. + */ +typedef struct sc_mbedtls_asn1_buf +{ + int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ + size_t len; /**< ASN1 length, in octets. */ + unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ +} +sc_mbedtls_asn1_buf; + +/** + * Container for ASN1 bit strings. + */ +typedef struct sc_mbedtls_asn1_bitstring +{ + size_t len; /**< ASN1 length, in octets. */ + unsigned char unused_bits; /**< Number of unused bits at the end of the string */ + unsigned char *p; /**< Raw ASN1 data for the bit string */ +} +sc_mbedtls_asn1_bitstring; + +/** + * Container for a sequence of ASN.1 items + */ +typedef struct sc_mbedtls_asn1_sequence +{ + sc_mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ + struct sc_mbedtls_asn1_sequence *next; /**< The next entry in the sequence. */ +} +sc_mbedtls_asn1_sequence; + +/** + * Container for a sequence or list of 'named' ASN.1 data items + */ +typedef struct sc_mbedtls_asn1_named_data +{ + sc_mbedtls_asn1_buf oid; /**< The object identifier. */ + sc_mbedtls_asn1_buf val; /**< The named value. */ + struct sc_mbedtls_asn1_named_data *next; /**< The next entry in the sequence. */ + unsigned char next_merged; /**< Merge next item into the current one? */ +} +sc_mbedtls_asn1_named_data; + +/** + * \brief Get the length of an ASN.1 element. + * Updates the pointer to immediately behind the length. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param len The variable that will receive the value + * + * \return 0 if successful, SC_MBEDTLS_ERR_ASN1_OUT_OF_DATA on reaching + * end of data, SC_MBEDTLS_ERR_ASN1_INVALID_LENGTH if length is + * unparseable. + */ +int sc_mbedtls_asn1_get_len( unsigned char **p, + const unsigned char *end, + size_t *len ); + +/** + * \brief Get the tag and length of the tag. Check for the requested tag. + * Updates the pointer to immediately behind the tag and length. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param len The variable that will receive the length + * \param tag The expected tag + * + * \return 0 if successful, SC_MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if tag did + * not match requested tag, or another specific ASN.1 error code. + */ +int sc_mbedtls_asn1_get_tag( unsigned char **p, + const unsigned char *end, + size_t *len, int tag ); + +/** + * \brief Retrieve a boolean ASN.1 tag and its value. + * Updates the pointer to immediately behind the full tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param val The variable that will receive the value + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int sc_mbedtls_asn1_get_bool( unsigned char **p, + const unsigned char *end, + int *val ); + +/** + * \brief Retrieve an integer ASN.1 tag and its value. + * Updates the pointer to immediately behind the full tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param val The variable that will receive the value + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int sc_mbedtls_asn1_get_int( unsigned char **p, + const unsigned char *end, + int *val ); + +/** + * \brief Retrieve a bitstring ASN.1 tag and its value. + * Updates the pointer to immediately behind the full tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param bs The variable that will receive the value + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int sc_mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, + sc_mbedtls_asn1_bitstring *bs); + +/** + * \brief Retrieve a bitstring ASN.1 tag without unused bits and its + * value. + * Updates the pointer to the beginning of the bit/octet string. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param len Length of the actual bit/octect string in bytes + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int sc_mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, + size_t *len ); + +/** + * \brief Parses and splits an ASN.1 "SEQUENCE OF " + * Updated the pointer to immediately behind the full sequence tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param cur First variable in the chain to fill + * \param tag Type of sequence + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int sc_mbedtls_asn1_get_sequence_of( unsigned char **p, + const unsigned char *end, + sc_mbedtls_asn1_sequence *cur, + int tag); + +#if defined(MBEDTLS_BIGNUM_C) +/** + * \brief Retrieve a MPI value from an integer ASN.1 tag. + * Updates the pointer to immediately behind the full tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param X The MPI that will receive the value + * + * \return 0 if successful or a specific ASN.1 or MPI error code. + */ +int sc_mbedtls_asn1_get_mpi( unsigned char **p, + const unsigned char *end, + sc_mbedtls_mpi *X ); +#endif /* MBEDTLS_BIGNUM_C */ + +/** + * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence. + * Updates the pointer to immediately behind the full + * AlgorithmIdentifier. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param alg The buffer to receive the OID + * \param params The buffer to receive the params (if any) + * + * \return 0 if successful or a specific ASN.1 or MPI error code. + */ +int sc_mbedtls_asn1_get_alg( unsigned char **p, + const unsigned char *end, + sc_mbedtls_asn1_buf *alg, sc_mbedtls_asn1_buf *params ); + +/** + * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no + * params. + * Updates the pointer to immediately behind the full + * AlgorithmIdentifier. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param alg The buffer to receive the OID + * + * \return 0 if successful or a specific ASN.1 or MPI error code. + */ +int sc_mbedtls_asn1_get_alg_null( unsigned char **p, + const unsigned char *end, + sc_mbedtls_asn1_buf *alg ); + +/** + * \brief Find a specific named_data entry in a sequence or list based on + * the OID. + * + * \param list The list to seek through + * \param oid The OID to look for + * \param len Size of the OID + * + * \return NULL if not found, or a pointer to the existing entry. + */ +sc_mbedtls_asn1_named_data *sc_mbedtls_asn1_find_named_data( sc_mbedtls_asn1_named_data *list, + const char *oid, size_t len ); + +/** + * \brief Free a sc_mbedtls_asn1_named_data entry + * + * \param entry The named data entry to free + */ +void sc_mbedtls_asn1_free_named_data( sc_mbedtls_asn1_named_data *entry ); + +/** + * \brief Free all entries in a sc_mbedtls_asn1_named_data list + * Head will be set to NULL + * + * \param head Pointer to the head of the list of named data entries to free + */ +void sc_mbedtls_asn1_free_named_data_list( sc_mbedtls_asn1_named_data **head ); + +#ifdef __cplusplus +} +#endif + +#endif /* asn1.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_base64.h b/lib/sec_library/include/soft_crypto/crypto_base64.h new file mode 100644 index 00000000..ed4ba36c --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_base64.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: BSD-2-Clause */ +/* + * Copyright (c) 2014, STMicroelectronics International N.V. + */ +#ifndef BASE64_H +#define BASE64_H + +#include +#include +#include + +bool _base64_enc(const void *data, size_t size, char *buf, size_t *blen); +bool _base64_dec(const char *data, size_t size, void *buf, size_t *blen); +size_t _base64_enc_len(size_t size); + +#endif /* BASE64_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_bignum.h b/lib/sec_library/include/soft_crypto/crypto_bignum.h new file mode 100755 index 00000000..0dc75228 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_bignum.h @@ -0,0 +1,670 @@ +/** + * \file bignum.h + * + * \brief Multi-precision integer library + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_MBEDTLS_BIGNUM_H +#define SC_MBEDTLS_BIGNUM_H + +#include "crypto_config.h" + +#include +#include +#include "sec_crypto_errcode.h" + + +#define SC_MBEDTLS_ERR_MPI_BAD_INPUT_DATA SC_PARAM_INV /**< Bad input parameters to function. */ +#define SC_MBEDTLS_ERR_MPI_INVALID_CHARACTER \ + SC_PARAM_INV /**< There is an invalid character in the digit string. */ +#define SC_MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL SC_BUFFER_TOO_SMALL /**< The buffer is too small to write to. */ +#define SC_MBEDTLS_ERR_MPI_NEGATIVE_VALUE \ + SC_PARAM_INV /**< The input arguments are negative or result in illegal output. */ +#define SC_MBEDTLS_ERR_MPI_DIVISION_BY_ZERO \ + SC_PARAM_INV /**< The input argument for division is zero, which is not allowed. */ +#define SC_MBEDTLS_ERR_MPI_NOT_ACCEPTABLE SC_PARAM_INV /**< The input arguments are not acceptable. */ +#define SC_MBEDTLS_ERR_MPI_ALLOC_FAILED SC_ALLOC_FAILED /**< Memory allocation failed. */ + +#define SC_MBEDTLS_MPI_CHK(f) \ + do { \ + if ((ret = f) != 0) \ + goto cleanup; \ + } while (0) + +/* + * Maximum size MPIs are allowed to grow to in number of limbs. + */ +#define SC_MBEDTLS_MPI_MAX_LIMBS 10000 + +#if !defined(SC_MBEDTLS_MPI_WINDOW_SIZE) +/* + * Maximum window size used for modular exponentiation. Default: 6 + * Minimum value: 1. Maximum value: 6. + * + * Result is an array of ( 2 << SC_MBEDTLS_MPI_WINDOW_SIZE ) MPIs used + * for the sliding window calculation. (So 64 by default) + * + * Reduction in size, reduces speed. + */ +#define SC_MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ +#endif /* !SC_MBEDTLS_MPI_WINDOW_SIZE */ + +#if !defined(SC_MBEDTLS_MPI_MAX_SIZE) +/* + * Maximum size of MPIs allowed in bits and bytes for user-MPIs. + * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits ) + * + * Note: Calculations can results temporarily in larger MPIs. So the number + * of limbs required (SC_MBEDTLS_MPI_MAX_LIMBS) is higher. + */ +#define SC_MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ +#endif /* !SC_MBEDTLS_MPI_MAX_SIZE */ + +#define SC_MBEDTLS_MPI_MAX_BITS \ + (8 * SC_MBEDTLS_MPI_MAX_SIZE) /**< Maximum number of bits for usable MPIs. */ + +/* + * When reading from files with sc_mbedtls_mpi_read_file() and writing to files with + * sc_mbedtls_mpi_write_file() the buffer should have space + * for a (short) label, the MPI (in the provided radix), the newline + * characters and the '\0'. + * + * By default we assume at least a 10 char label, a minimum radix of 10 + * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars). + * Autosized at compile time for at least a 10 char label, a minimum radix + * of 10 (decimal) for a number of SC_MBEDTLS_MPI_MAX_BITS size. + * + * This used to be statically sized to 1250 for a maximum of 4096 bit + * numbers (1234 decimal chars). + * + * Calculate using the formula: + * SC_MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(SC_MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) + + * LabelSize + 6 + */ +#define SC_SC_MBEDTLS_MPI_MAX_BITS_SCALE100 (100 * SC_MBEDTLS_MPI_MAX_BITS) +#define SC_MBEDTLS_LN_2_DIV_LN_10_SCALE100 332 +#define SC_MBEDTLS_MPI_RW_BUFFER_SIZE \ + (((SC_SC_MBEDTLS_MPI_MAX_BITS_SCALE100 + SC_MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \ + SC_MBEDTLS_LN_2_DIV_LN_10_SCALE100) + \ + 10 + 6) + +/* + * Define the base integer type, architecture-wise. + * + * 32-bit integers can be forced on 64-bit arches (eg. for testing purposes) + * by defining SC_MBEDTLS_HAVE_INT32 and undefining MBEDTLS_HAVE_ASM + */ + +#define SC_MBEDTLS_HAVE_INT32 +typedef int32_t sc_mbedtls_mpi_sint; +typedef uint32_t sc_mbedtls_mpi_uint; +//typedef uint64_t mbedtls_t_udbl; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief MPI structure + */ +typedef struct { + int s; /*!< integer sign */ + size_t n; /*!< total # of limbs */ + sc_mbedtls_mpi_uint *p; /*!< pointer to limbs */ +} sc_mbedtls_mpi; + +/** + * \brief Initialize one MPI (make internal references valid) + * This just makes it ready to be set or freed, + * but does not define a value for the MPI. + * + * \param X One MPI to initialize. + */ +void sc_mbedtls_mpi_init(sc_mbedtls_mpi *X); + +/** + * \brief Unallocate one MPI + * + * \param X One MPI to unallocate. + */ +void sc_mbedtls_mpi_free(sc_mbedtls_mpi *X); + +/** + * \brief Enlarge to the specified number of limbs + * + * \param X MPI to grow + * \param nblimbs The target number of limbs + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_grow(sc_mbedtls_mpi *X, size_t nblimbs); + +/** + * \brief Resize down, keeping at least the specified number of limbs + * + * \param X MPI to shrink + * \param nblimbs The minimum number of limbs to keep + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_shrink(sc_mbedtls_mpi *X, size_t nblimbs); + +/** + * \brief Copy the contents of Y into X + * + * \param X Destination MPI + * \param Y Source MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_copy(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *Y); + +/** + * \brief Swap the contents of X and Y + * + * \param X First MPI value + * \param Y Second MPI value + */ +void sc_mbedtls_mpi_swap(sc_mbedtls_mpi *X, sc_mbedtls_mpi *Y); + +/** + * \brief Safe conditional assignement X = Y if assign is 1 + * + * \param X MPI to conditionally assign to + * \param Y Value to be assigned + * \param assign 1: perform the assignment, 0: keep X's original value + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * + * \note This function is equivalent to + * if( assign ) sc_mbedtls_mpi_copy( X, Y ); + * except that it avoids leaking any information about whether + * the assignment was done or not (the above code may leak + * information through branch prediction and/or memory access + * patterns analysis). + */ +int sc_mbedtls_mpi_safe_cond_assign(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *Y, + unsigned char assign); + +/** + * \brief Safe conditional swap X <-> Y if swap is 1 + * + * \param X First sc_mbedtls_mpi value + * \param Y Second sc_mbedtls_mpi value + * \param assign 1: perform the swap, 0: keep X and Y's original values + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * + * \note This function is equivalent to + * if( assign ) sc_mbedtls_mpi_swap( X, Y ); + * except that it avoids leaking any information about whether + * the assignment was done or not (the above code may leak + * information through branch prediction and/or memory access + * patterns analysis). + */ +int sc_mbedtls_mpi_safe_cond_swap(sc_mbedtls_mpi *X, sc_mbedtls_mpi *Y, unsigned char assign); + +/** + * \brief Set value from integer + * + * \param X MPI to set + * \param z Value to use + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_lset(sc_mbedtls_mpi *X, sc_mbedtls_mpi_sint z); + +/** + * \brief Get a specific bit from X + * + * \param X MPI to use + * \param pos Zero-based index of the bit in X + * + * \return Either a 0 or a 1 + */ +int sc_mbedtls_mpi_get_bit(const sc_mbedtls_mpi *X, size_t pos); + +/** + * \brief Set a bit of X to a specific value of 0 or 1 + * + * \note Will grow X if necessary to set a bit to 1 in a not yet + * existing limb. Will not grow if bit should be set to 0 + * + * \param X MPI to use + * \param pos Zero-based index of the bit in X + * \param val The value to set the bit to (0 or 1) + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1 + */ +int sc_mbedtls_mpi_set_bit(sc_mbedtls_mpi *X, size_t pos, unsigned char val); + +/** + * \brief Return the number of zero-bits before the least significant + * '1' bit + * + * Note: Thus also the zero-based index of the least significant '1' bit + * + * \param X MPI to use + */ +size_t sc_mbedtls_mpi_lsb(const sc_mbedtls_mpi *X); + +/** + * \brief Return the number of bits up to and including the most + * significant '1' bit' + * + * Note: Thus also the one-based index of the most significant '1' bit + * + * \param X MPI to use + */ +size_t sc_mbedtls_mpi_bitlen(const sc_mbedtls_mpi *X); + +/** + * \brief Return the total size in bytes + * + * \param X MPI to use + */ +size_t sc_mbedtls_mpi_size(const sc_mbedtls_mpi *X); + +/** + * \brief Import from an ASCII string + * + * \param X Destination MPI + * \param radix Input numeric base + * \param s Null-terminated string buffer + * + * \return 0 if successful, or a SC_MBEDTLS_ERR_MPI_XXX error code + */ +int sc_mbedtls_mpi_read_string(sc_mbedtls_mpi *X, int radix, const char *s); + +/** + * \brief Export into an ASCII string + * + * \param X Source MPI + * \param radix Output numeric base + * \param buf Buffer to write the string to + * \param buflen Length of buf + * \param olen Length of the string written, including final NUL byte + * + * \return 0 if successful, or a SC_MBEDTLS_ERR_MPI_XXX error code. + * *olen is always updated to reflect the amount + * of data that has (or would have) been written. + * + * \note Call this function with buflen = 0 to obtain the + * minimum required buffer size in *olen. + */ +int sc_mbedtls_mpi_write_string(const sc_mbedtls_mpi *X, int radix, char *buf, size_t buflen, + size_t *olen); + +/** + * \brief Import X from unsigned binary data, big endian + * + * \param X Destination MPI + * \param buf Input buffer + * \param buflen Input buffer size + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_read_binary(sc_mbedtls_mpi *X, const unsigned char *buf, size_t buflen); + +/** + * \brief Export X into unsigned binary data, big endian. + * Always fills the whole buffer, which will start with zeros + * if the number is smaller. + * + * \param X Source MPI + * \param buf Output buffer + * \param buflen Output buffer size + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough + */ +int sc_mbedtls_mpi_write_binary(const sc_mbedtls_mpi *X, unsigned char *buf, size_t buflen); + +/** + * \brief Left-shift: X <<= count + * + * \param X MPI to shift + * \param count Amount to shift + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_shift_l(sc_mbedtls_mpi *X, size_t count); + +/** + * \brief Right-shift: X >>= count + * + * \param X MPI to shift + * \param count Amount to shift + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_shift_r(sc_mbedtls_mpi *X, size_t count); + +/** + * \brief Compare unsigned values + * + * \param X Left-hand MPI + * \param Y Right-hand MPI + * + * \return 1 if |X| is greater than |Y|, + * -1 if |X| is lesser than |Y| or + * 0 if |X| is equal to |Y| + */ +int sc_mbedtls_mpi_cmp_abs(const sc_mbedtls_mpi *X, const sc_mbedtls_mpi *Y); + +/** + * \brief Compare signed values + * + * \param X Left-hand MPI + * \param Y Right-hand MPI + * + * \return 1 if X is greater than Y, + * -1 if X is lesser than Y or + * 0 if X is equal to Y + */ +int sc_mbedtls_mpi_cmp_mpi(const sc_mbedtls_mpi *X, const sc_mbedtls_mpi *Y); + +/** + * \brief Compare signed values + * + * \param X Left-hand MPI + * \param z The integer value to compare to + * + * \return 1 if X is greater than z, + * -1 if X is lesser than z or + * 0 if X is equal to z + */ +int sc_mbedtls_mpi_cmp_int(const sc_mbedtls_mpi *X, sc_mbedtls_mpi_sint z); + +/** + * \brief Unsigned addition: X = |A| + |B| + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_add_abs(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *B); + +/** + * \brief Unsigned subtraction: X = |A| - |B| + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B is greater than A + */ +int sc_mbedtls_mpi_sub_abs(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *B); + +/** + * \brief Signed addition: X = A + B + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_add_mpi(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *B); + +/** + * \brief Signed subtraction: X = A - B + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_sub_mpi(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *B); + +/** + * \brief Signed addition: X = A + b + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param b The integer value to add + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_add_int(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, sc_mbedtls_mpi_sint b); + +/** + * \brief Signed subtraction: X = A - b + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param b The integer value to subtract + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_sub_int(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, sc_mbedtls_mpi_sint b); + +/** + * \brief Baseline multiplication: X = A * B + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_mul_mpi(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *B); + +/** + * \brief Baseline multiplication: X = A * b + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param b The unsigned integer value to multiply with + * + * \note b is unsigned + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_mul_int(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, sc_mbedtls_mpi_uint b); + +/** + * \brief Division by sc_mbedtls_mpi: A = Q * B + R + * + * \param Q Destination MPI for the quotient + * \param R Destination MPI for the rest value + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0 + * + * \note Either Q or R can be NULL. + */ +int sc_mbedtls_mpi_div_mpi(sc_mbedtls_mpi *Q, sc_mbedtls_mpi *R, const sc_mbedtls_mpi *A, + const sc_mbedtls_mpi *B); + +/** + * \brief Division by int: A = Q * b + R + * + * \param Q Destination MPI for the quotient + * \param R Destination MPI for the rest value + * \param A Left-hand MPI + * \param b Integer to divide by + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0 + * + * \note Either Q or R can be NULL. + */ +int sc_mbedtls_mpi_div_int(sc_mbedtls_mpi *Q, sc_mbedtls_mpi *R, const sc_mbedtls_mpi *A, + sc_mbedtls_mpi_sint b); + +/** + * \brief Modulo: R = A mod B + * + * \param R Destination MPI for the rest value + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0, + * SC_MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B < 0 + */ +int sc_mbedtls_mpi_mod_mpi(sc_mbedtls_mpi *R, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *B); + +/** + * \brief Modulo: r = A mod b + * + * \param r Destination sc_mbedtls_mpi_uint + * \param A Left-hand MPI + * \param b Integer to divide by + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0, + * SC_MBEDTLS_ERR_MPI_NEGATIVE_VALUE if b < 0 + */ +int sc_mbedtls_mpi_mod_int(sc_mbedtls_mpi_uint *r, const sc_mbedtls_mpi *A, + sc_mbedtls_mpi_sint b); + +/** + * \brief Sliding-window exponentiation: X = A^E mod N + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param E Exponent MPI + * \param N Modular MPI + * \param _RR Speed-up MPI used for recalculations + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is negative or even or + * if E is negative + * + * \note _RR is used to avoid re-computing R*R mod N across + * multiple calls, which speeds up things a bit. It can + * be set to NULL if the extra performance is unneeded. + */ +int sc_mbedtls_mpi_exp_mod(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *E, + const sc_mbedtls_mpi *N, sc_mbedtls_mpi *_RR); + +/** + * \brief Fill an MPI X with size bytes of random + * + * \param X Destination MPI + * \param size Size in bytes + * \param f_rng RNG function + * \param p_rng RNG parameter + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_fill_random(sc_mbedtls_mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + +/** + * \brief Greatest common divisor: G = gcd(A, B) + * + * \param G Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + */ +int sc_mbedtls_mpi_gcd(sc_mbedtls_mpi *G, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *B); + +/** + * \brief Modular inverse: X = A^-1 mod N + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param N Right-hand MPI + * + * \return 0 if successful, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is <= 1, + SC_MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N. + */ +int sc_mbedtls_mpi_inv_mod(sc_mbedtls_mpi *X, const sc_mbedtls_mpi *A, const sc_mbedtls_mpi *N); + +/** + * \brief Miller-Rabin primality test + * + * \param X MPI to check + * \param f_rng RNG function + * \param p_rng RNG parameter + * + * \return 0 if successful (probably prime), + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if X is not prime + */ +int sc_mbedtls_mpi_is_prime(const sc_mbedtls_mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + +/** + * \brief Prime number generation + * + * \param X Destination MPI + * \param nbits Required size of X in bits + * ( 3 <= nbits <= SC_MBEDTLS_MPI_MAX_BITS ) + * \param dh_flag If 1, then (X-1)/2 will be prime too + * \param f_rng RNG function + * \param p_rng RNG parameter + * + * \return 0 if successful (probably prime), + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * SC_MBEDTLS_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 + */ +int sc_mbedtls_mpi_gen_prime(sc_mbedtls_mpi *X, size_t nbits, int dh_flag, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int sc_mbedtls_mpi_self_test(int verbose); + +#ifdef __cplusplus +} +#endif + +#endif /* bignum.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_bn_mul.h b/lib/sec_library/include/soft_crypto/crypto_bn_mul.h new file mode 100755 index 00000000..484032a7 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_bn_mul.h @@ -0,0 +1,70 @@ +/** + * \file bn_mul.h + * + * \brief Multi-precision integer library + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * Multiply source vector [s] with b, add result + * to destination vector [d] and set carry c. + * + * Currently supports: + * + * . IA-32 (386+) . AMD64 / EM64T + * . IA-32 (SSE2) . Motorola 68000 + * . PowerPC, 32-bit . MicroBlaze + * . PowerPC, 64-bit . TriCore + * . SPARC v8 . ARM v3+ + * . Alpha . MIPS32 + * . C, longlong . C, generic + */ +#ifndef SC_MBEDTLS_BN_MUL_H +#define SC_MBEDTLS_BN_MUL_H + +#include "crypto_bignum.h" + +#if !defined(MULADDC_CORE) + +#define MULADDC_INIT \ +{ \ + sc_mbedtls_mpi_uint s0, s1, b0, b1; \ + sc_mbedtls_mpi_uint r0, r1, rx, ry; \ + b0 = ( b << biH ) >> biH; \ + b1 = ( b >> biH ); + +#define MULADDC_CORE \ + s0 = ( *s << biH ) >> biH; \ + s1 = ( *s >> biH ); s++; \ + rx = s0 * b1; r0 = s0 * b0; \ + ry = s1 * b0; r1 = s1 * b1; \ + r1 += ( rx >> biH ); \ + r1 += ( ry >> biH ); \ + rx <<= biH; ry <<= biH; \ + r0 += rx; r1 += (r0 < rx); \ + r0 += ry; r1 += (r0 < ry); \ + r0 += c; r1 += (r0 < c); \ + r0 += *d; r1 += (r0 < *d); \ + c = r1; *(d++) = r0; + +#define MULADDC_STOP \ +} + +#endif /* C (generic) */ + +#endif /* bn_mul.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_ccm.h b/lib/sec_library/include/soft_crypto/crypto_ccm.h new file mode 100644 index 00000000..2e3e104f --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_ccm.h @@ -0,0 +1,308 @@ +/** + * \file ccm.h + * + * \brief This file provides an API for the CCM authenticated encryption + * mode for block ciphers. + * + * CCM combines Counter mode encryption with CBC-MAC authentication + * for 128-bit block ciphers. + * + * Input to CCM includes the following elements: + *
  • Payload - data that is both authenticated and encrypted.
    • + *
  • Associated data (Adata) - data that is authenticated but not + * encrypted, For example, a header.
    • + *
  • Nonce - A unique value that is assigned to the payload and the + * associated data.
+ * + * Definition of CCM: + * http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf + * RFC 3610 "Counter with CBC-MAC (CCM)" + * + * Related: + * RFC 5116 "An Interface and Algorithms for Authenticated Encryption" + * + * Definition of CCM*: + * IEEE 802.15.4 - IEEE Standard for Local and metropolitan area networks + * Integer representation is fixed most-significant-octet-first order and + * the representation of octets is most-significant-bit-first order. This is + * consistent with RFC 3610. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CCM_H +#define MBEDTLS_CCM_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "mbedtls/cipher.h" + +#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ +#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ + +/* MBEDTLS_ERR_CCM_HW_ACCEL_FAILED is deprecated and should not be used. */ +#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 /**< CCM hardware accelerator failed. */ + +#ifdef __cplusplus +extern "C" { +#endif + +#if !defined(MBEDTLS_CCM_ALT) +// Regular implementation +// + +/** + * \brief The CCM context-type definition. The CCM context is passed + * to the APIs called. + */ +typedef struct mbedtls_ccm_context +{ + mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ +} +mbedtls_ccm_context; + +#else /* MBEDTLS_CCM_ALT */ +#include "ccm_alt.h" +#endif /* MBEDTLS_CCM_ALT */ + +/** + * \brief This function initializes the specified CCM context, + * to make references valid, and prepare the context + * for sc_mbedtls_ccm_setkey() or sc_mbedtls_ccm_free(). + * + * \param ctx The CCM context to initialize. This must not be \c NULL. + */ +void sc_mbedtls_ccm_init( mbedtls_ccm_context *ctx ); + +/** + * \brief This function initializes the CCM context set in the + * \p ctx parameter and sets the encryption key. + * + * \param ctx The CCM context to initialize. This must be an initialized + * context. + * \param cipher The 128-bit block cipher to use. + * \param key The encryption key. This must not be \c NULL. + * \param keybits The key size in bits. This must be acceptable by the cipher. + * + * \return \c 0 on success. + * \return A CCM or cipher-specific error code on failure. + */ +int sc_mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits ); + +/** + * \brief This function releases and clears the specified CCM context + * and underlying cipher sub-context. + * + * \param ctx The CCM context to clear. If this is \c NULL, the function + * has no effect. Otherwise, this must be initialized. + */ +void sc_mbedtls_ccm_free( mbedtls_ccm_context *ctx ); + +/** + * \brief This function encrypts a buffer using CCM. + * + * \note The tag is written to a separate buffer. To concatenate + * the \p tag with the \p output, as done in RFC-3610: + * Counter with CBC-MAC (CCM), use + * \p tag = \p output + \p length, and make sure that the + * output buffer is at least \p length + \p tag_len wide. + * + * \param ctx The CCM context to use for encryption. This must be + * initialized and bound to a key. + * \param length The length of the input data in Bytes. + * \param iv The initialization vector (nonce). This must be a readable + * buffer of at least \p iv_len Bytes. + * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, + * or 13. The length L of the message length field is + * 15 - \p iv_len. + * \param add The additional data field. If \p add_len is greater than + * zero, \p add must be a readable buffer of at least that + * length. + * \param add_len The length of additional data in Bytes. + * This must be less than `2^16 - 2^8`. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. This must be a + * writable buffer of at least \p tag_len Bytes. + * \param tag_len The length of the authentication field to generate in Bytes: + * 4, 6, 8, 10, 12, 14 or 16. + * + * \return \c 0 on success. + * \return A CCM or cipher-specific error code on failure. + */ +int sc_mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len ); + +/** + * \brief This function encrypts a buffer using CCM*. + * + * \note The tag is written to a separate buffer. To concatenate + * the \p tag with the \p output, as done in RFC-3610: + * Counter with CBC-MAC (CCM), use + * \p tag = \p output + \p length, and make sure that the + * output buffer is at least \p length + \p tag_len wide. + * + * \note When using this function in a variable tag length context, + * the tag length has to be encoded into the \p iv passed to + * this function. + * + * \param ctx The CCM context to use for encryption. This must be + * initialized and bound to a key. + * \param length The length of the input data in Bytes. + * \param iv The initialization vector (nonce). This must be a readable + * buffer of at least \p iv_len Bytes. + * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, + * or 13. The length L of the message length field is + * 15 - \p iv_len. + * \param add The additional data field. This must be a readable buffer of + * at least \p add_len Bytes. + * \param add_len The length of additional data in Bytes. + * This must be less than 2^16 - 2^8. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. This must be a + * writable buffer of at least \p tag_len Bytes. + * \param tag_len The length of the authentication field to generate in Bytes: + * 0, 4, 6, 8, 10, 12, 14 or 16. + * + * \warning Passing \c 0 as \p tag_len means that the message is no + * longer authenticated. + * + * \return \c 0 on success. + * \return A CCM or cipher-specific error code on failure. + */ +int sc_mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len ); + +/** + * \brief This function performs a CCM authenticated decryption of a + * buffer. + * + * \param ctx The CCM context to use for decryption. This must be + * initialized and bound to a key. + * \param length The length of the input data in Bytes. + * \param iv The initialization vector (nonce). This must be a readable + * buffer of at least \p iv_len Bytes. + * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, + * or 13. The length L of the message length field is + * 15 - \p iv_len. + * \param add The additional data field. This must be a readable buffer + * of at least that \p add_len Bytes.. + * \param add_len The length of additional data in Bytes. + * This must be less than 2^16 - 2^8. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. This must be a + * readable buffer of at least \p tag_len Bytes. + * \param tag_len The length of the authentication field to generate in Bytes: + * 4, 6, 8, 10, 12, 14 or 16. + * + * \return \c 0 on success. This indicates that the message is authentic. + * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. + * \return A cipher-specific error code on calculation failure. + */ +int sc_mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len ); + +/** + * \brief This function performs a CCM* authenticated decryption of a + * buffer. + * + * \note When using this function in a variable tag length context, + * the tag length has to be decoded from \p iv and passed to + * this function as \p tag_len. (\p tag needs to be adjusted + * accordingly.) + * + * \param ctx The CCM context to use for decryption. This must be + * initialized and bound to a key. + * \param length The length of the input data in Bytes. + * \param iv The initialization vector (nonce). This must be a readable + * buffer of at least \p iv_len Bytes. + * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, + * or 13. The length L of the message length field is + * 15 - \p iv_len. + * \param add The additional data field. This must be a readable buffer of + * at least that \p add_len Bytes. + * \param add_len The length of additional data in Bytes. + * This must be less than 2^16 - 2^8. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. This must be a + * readable buffer of at least \p tag_len Bytes. + * \param tag_len The length of the authentication field in Bytes. + * 0, 4, 6, 8, 10, 12, 14 or 16. + * + * \warning Passing \c 0 as \p tag_len means that the message is nos + * longer authenticated. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. + * \return A cipher-specific error code on calculation failure. + */ +int sc_mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len ); + +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) +/** + * \brief The CCM checkup routine. + * + * \return \c 0 on success. + * \return \c 1 on failure. + */ +int sc_mbedtls_ccm_self_test( int verbose ); +#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_CCM_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_cipher.h b/lib/sec_library/include/soft_crypto/crypto_cipher.h new file mode 100644 index 00000000..0fa763ef --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_cipher.h @@ -0,0 +1,1119 @@ +/** + * \file cipher.h + * + * \brief This file contains an abstraction interface for use with the cipher + * primitives provided by the library. It provides a common interface to all of + * the available cipher operations. + * + * \author Adriaan de Jong + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CIPHER_H +#define MBEDTLS_CIPHER_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "crypto_config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include "crypto_platform_util.h" + +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) +#define MBEDTLS_CIPHER_MODE_AEAD +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#define MBEDTLS_CIPHER_MODE_WITH_PADDING +#endif + +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ + defined(MBEDTLS_CHACHA20_C) +#define MBEDTLS_CIPHER_MODE_STREAM +#endif + +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + +#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ +#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters. */ +#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ +#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ +#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ +#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ +#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 /**< The context is invalid. For example, because it was freed. */ + +/* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */ +#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400 /**< Cipher hardware accelerator failed. */ + +#define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */ +#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Supported cipher types. + * + * \warning RC4 and DES are considered weak ciphers and their use + * constitutes a security risk. Arm recommends considering stronger + * ciphers instead. + */ +typedef enum { + MBEDTLS_CIPHER_ID_NONE = 0, /**< Placeholder to mark the end of cipher ID lists. */ + MBEDTLS_CIPHER_ID_NULL, /**< The identity cipher, treated as a stream cipher. */ + MBEDTLS_CIPHER_ID_AES, /**< The AES cipher. */ + MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. */ + MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. */ + MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */ + MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */ + MBEDTLS_CIPHER_ID_ARC4, /**< The RC4 cipher. */ + MBEDTLS_CIPHER_ID_ARIA, /**< The Aria cipher. */ + MBEDTLS_CIPHER_ID_CHACHA20, /**< The ChaCha20 cipher. */ +} mbedtls_cipher_id_t; + +/** + * \brief Supported {cipher type, cipher mode} pairs. + * + * \warning RC4 and DES are considered weak ciphers and their use + * constitutes a security risk. Arm recommends considering stronger + * ciphers instead. + */ +typedef enum { + MBEDTLS_CIPHER_NONE = 0, /**< Placeholder to mark the end of cipher-pair lists. */ + MBEDTLS_CIPHER_NULL, /**< The identity stream cipher. */ + MBEDTLS_CIPHER_AES_128_ECB, /**< AES cipher with 128-bit ECB mode. */ + MBEDTLS_CIPHER_AES_192_ECB, /**< AES cipher with 192-bit ECB mode. */ + MBEDTLS_CIPHER_AES_256_ECB, /**< AES cipher with 256-bit ECB mode. */ + MBEDTLS_CIPHER_AES_128_CBC, /**< AES cipher with 128-bit CBC mode. */ + MBEDTLS_CIPHER_AES_192_CBC, /**< AES cipher with 192-bit CBC mode. */ + MBEDTLS_CIPHER_AES_256_CBC, /**< AES cipher with 256-bit CBC mode. */ + MBEDTLS_CIPHER_AES_128_CFB128, /**< AES cipher with 128-bit CFB128 mode. */ + MBEDTLS_CIPHER_AES_192_CFB128, /**< AES cipher with 192-bit CFB128 mode. */ + MBEDTLS_CIPHER_AES_256_CFB128, /**< AES cipher with 256-bit CFB128 mode. */ + MBEDTLS_CIPHER_AES_128_CTR, /**< AES cipher with 128-bit CTR mode. */ + MBEDTLS_CIPHER_AES_192_CTR, /**< AES cipher with 192-bit CTR mode. */ + MBEDTLS_CIPHER_AES_256_CTR, /**< AES cipher with 256-bit CTR mode. */ + MBEDTLS_CIPHER_AES_128_GCM, /**< AES cipher with 128-bit GCM mode. */ + MBEDTLS_CIPHER_AES_192_GCM, /**< AES cipher with 192-bit GCM mode. */ + MBEDTLS_CIPHER_AES_256_GCM, /**< AES cipher with 256-bit GCM mode. */ + MBEDTLS_CIPHER_CAMELLIA_128_ECB, /**< Camellia cipher with 128-bit ECB mode. */ + MBEDTLS_CIPHER_CAMELLIA_192_ECB, /**< Camellia cipher with 192-bit ECB mode. */ + MBEDTLS_CIPHER_CAMELLIA_256_ECB, /**< Camellia cipher with 256-bit ECB mode. */ + MBEDTLS_CIPHER_CAMELLIA_128_CBC, /**< Camellia cipher with 128-bit CBC mode. */ + MBEDTLS_CIPHER_CAMELLIA_192_CBC, /**< Camellia cipher with 192-bit CBC mode. */ + MBEDTLS_CIPHER_CAMELLIA_256_CBC, /**< Camellia cipher with 256-bit CBC mode. */ + MBEDTLS_CIPHER_CAMELLIA_128_CFB128, /**< Camellia cipher with 128-bit CFB128 mode. */ + MBEDTLS_CIPHER_CAMELLIA_192_CFB128, /**< Camellia cipher with 192-bit CFB128 mode. */ + MBEDTLS_CIPHER_CAMELLIA_256_CFB128, /**< Camellia cipher with 256-bit CFB128 mode. */ + MBEDTLS_CIPHER_CAMELLIA_128_CTR, /**< Camellia cipher with 128-bit CTR mode. */ + MBEDTLS_CIPHER_CAMELLIA_192_CTR, /**< Camellia cipher with 192-bit CTR mode. */ + MBEDTLS_CIPHER_CAMELLIA_256_CTR, /**< Camellia cipher with 256-bit CTR mode. */ + MBEDTLS_CIPHER_CAMELLIA_128_GCM, /**< Camellia cipher with 128-bit GCM mode. */ + MBEDTLS_CIPHER_CAMELLIA_192_GCM, /**< Camellia cipher with 192-bit GCM mode. */ + MBEDTLS_CIPHER_CAMELLIA_256_GCM, /**< Camellia cipher with 256-bit GCM mode. */ + MBEDTLS_CIPHER_DES_ECB, /**< DES cipher with ECB mode. */ + MBEDTLS_CIPHER_DES_CBC, /**< DES cipher with CBC mode. */ + MBEDTLS_CIPHER_DES_EDE_ECB, /**< DES cipher with EDE ECB mode. */ + MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */ + MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */ + MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */ + MBEDTLS_CIPHER_BLOWFISH_ECB, /**< Blowfish cipher with ECB mode. */ + MBEDTLS_CIPHER_BLOWFISH_CBC, /**< Blowfish cipher with CBC mode. */ + MBEDTLS_CIPHER_BLOWFISH_CFB64, /**< Blowfish cipher with CFB64 mode. */ + MBEDTLS_CIPHER_BLOWFISH_CTR, /**< Blowfish cipher with CTR mode. */ + MBEDTLS_CIPHER_ARC4_128, /**< RC4 cipher with 128-bit mode. */ + MBEDTLS_CIPHER_AES_128_CCM, /**< AES cipher with 128-bit CCM mode. */ + MBEDTLS_CIPHER_AES_192_CCM, /**< AES cipher with 192-bit CCM mode. */ + MBEDTLS_CIPHER_AES_256_CCM, /**< AES cipher with 256-bit CCM mode. */ + MBEDTLS_CIPHER_CAMELLIA_128_CCM, /**< Camellia cipher with 128-bit CCM mode. */ + MBEDTLS_CIPHER_CAMELLIA_192_CCM, /**< Camellia cipher with 192-bit CCM mode. */ + MBEDTLS_CIPHER_CAMELLIA_256_CCM, /**< Camellia cipher with 256-bit CCM mode. */ + MBEDTLS_CIPHER_ARIA_128_ECB, /**< Aria cipher with 128-bit key and ECB mode. */ + MBEDTLS_CIPHER_ARIA_192_ECB, /**< Aria cipher with 192-bit key and ECB mode. */ + MBEDTLS_CIPHER_ARIA_256_ECB, /**< Aria cipher with 256-bit key and ECB mode. */ + MBEDTLS_CIPHER_ARIA_128_CBC, /**< Aria cipher with 128-bit key and CBC mode. */ + MBEDTLS_CIPHER_ARIA_192_CBC, /**< Aria cipher with 192-bit key and CBC mode. */ + MBEDTLS_CIPHER_ARIA_256_CBC, /**< Aria cipher with 256-bit key and CBC mode. */ + MBEDTLS_CIPHER_ARIA_128_CFB128, /**< Aria cipher with 128-bit key and CFB-128 mode. */ + MBEDTLS_CIPHER_ARIA_192_CFB128, /**< Aria cipher with 192-bit key and CFB-128 mode. */ + MBEDTLS_CIPHER_ARIA_256_CFB128, /**< Aria cipher with 256-bit key and CFB-128 mode. */ + MBEDTLS_CIPHER_ARIA_128_CTR, /**< Aria cipher with 128-bit key and CTR mode. */ + MBEDTLS_CIPHER_ARIA_192_CTR, /**< Aria cipher with 192-bit key and CTR mode. */ + MBEDTLS_CIPHER_ARIA_256_CTR, /**< Aria cipher with 256-bit key and CTR mode. */ + MBEDTLS_CIPHER_ARIA_128_GCM, /**< Aria cipher with 128-bit key and GCM mode. */ + MBEDTLS_CIPHER_ARIA_192_GCM, /**< Aria cipher with 192-bit key and GCM mode. */ + MBEDTLS_CIPHER_ARIA_256_GCM, /**< Aria cipher with 256-bit key and GCM mode. */ + MBEDTLS_CIPHER_ARIA_128_CCM, /**< Aria cipher with 128-bit key and CCM mode. */ + MBEDTLS_CIPHER_ARIA_192_CCM, /**< Aria cipher with 192-bit key and CCM mode. */ + MBEDTLS_CIPHER_ARIA_256_CCM, /**< Aria cipher with 256-bit key and CCM mode. */ + MBEDTLS_CIPHER_AES_128_OFB, /**< AES 128-bit cipher in OFB mode. */ + MBEDTLS_CIPHER_AES_192_OFB, /**< AES 192-bit cipher in OFB mode. */ + MBEDTLS_CIPHER_AES_256_OFB, /**< AES 256-bit cipher in OFB mode. */ + MBEDTLS_CIPHER_AES_128_XTS, /**< AES 128-bit cipher in XTS block mode. */ + MBEDTLS_CIPHER_AES_256_XTS, /**< AES 256-bit cipher in XTS block mode. */ + MBEDTLS_CIPHER_CHACHA20, /**< ChaCha20 stream cipher. */ + MBEDTLS_CIPHER_CHACHA20_POLY1305, /**< ChaCha20-Poly1305 AEAD cipher. */ + MBEDTLS_CIPHER_AES_128_KW, /**< AES cipher with 128-bit NIST KW mode. */ + MBEDTLS_CIPHER_AES_192_KW, /**< AES cipher with 192-bit NIST KW mode. */ + MBEDTLS_CIPHER_AES_256_KW, /**< AES cipher with 256-bit NIST KW mode. */ + MBEDTLS_CIPHER_AES_128_KWP, /**< AES cipher with 128-bit NIST KWP mode. */ + MBEDTLS_CIPHER_AES_192_KWP, /**< AES cipher with 192-bit NIST KWP mode. */ + MBEDTLS_CIPHER_AES_256_KWP, /**< AES cipher with 256-bit NIST KWP mode. */ +} mbedtls_cipher_type_t; + +/** Supported cipher modes. */ +typedef enum { + MBEDTLS_MODE_NONE = 0, /**< None. */ + MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */ + MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */ + MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */ + MBEDTLS_MODE_OFB, /**< The OFB cipher mode. */ + MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */ + MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */ + MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */ + MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */ + MBEDTLS_MODE_XTS, /**< The XTS cipher mode. */ + MBEDTLS_MODE_CHACHAPOLY, /**< The ChaCha-Poly cipher mode. */ + MBEDTLS_MODE_KW, /**< The SP800-38F KW mode */ + MBEDTLS_MODE_KWP, /**< The SP800-38F KWP mode */ +} mbedtls_cipher_mode_t; + +/** Supported cipher padding types. */ +typedef enum { + MBEDTLS_PADDING_PKCS7 = 0, /**< PKCS7 padding (default). */ + MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding. */ + MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding. */ + MBEDTLS_PADDING_ZEROS, /**< Zero padding (not reversible). */ + MBEDTLS_PADDING_NONE, /**< Never pad (full blocks only). */ +} mbedtls_cipher_padding_t; + +/** Type of operation. */ +typedef enum { + MBEDTLS_OPERATION_NONE = -1, + MBEDTLS_DECRYPT = 0, + MBEDTLS_ENCRYPT, +} mbedtls_operation_t; + +enum { + /** Undefined key length. */ + MBEDTLS_KEY_LENGTH_NONE = 0, + /** Key length, in bits (including parity), for DES keys. */ + MBEDTLS_KEY_LENGTH_DES = 64, + /** Key length in bits, including parity, for DES in two-key EDE. */ + MBEDTLS_KEY_LENGTH_DES_EDE = 128, + /** Key length in bits, including parity, for DES in three-key EDE. */ + MBEDTLS_KEY_LENGTH_DES_EDE3 = 192, +}; + +/** Maximum length of any IV, in Bytes. */ +/* This should ideally be derived automatically from list of ciphers. + * This should be kept in sync with MBEDTLS_SSL_MAX_IV_LENGTH defined + * in ssl_internal.h. */ +#define MBEDTLS_MAX_IV_LENGTH 16 + +/** Maximum block size of any cipher, in Bytes. */ +/* This should ideally be derived automatically from list of ciphers. + * This should be kept in sync with MBEDTLS_SSL_MAX_BLOCK_LENGTH defined + * in ssl_internal.h. */ +#define MBEDTLS_MAX_BLOCK_LENGTH 16 + +/** Maximum key length, in Bytes. */ +/* This should ideally be derived automatically from list of ciphers. + * For now, only check whether XTS is enabled which uses 64 Byte keys, + * and use 32 Bytes as an upper bound for the maximum key length otherwise. + * This should be kept in sync with MBEDTLS_SSL_MAX_BLOCK_LENGTH defined + * in ssl_internal.h, which however deliberately ignores the case of XTS + * since the latter isn't used in SSL/TLS. */ +#if defined(MBEDTLS_CIPHER_MODE_XTS) +#define MBEDTLS_MAX_KEY_LENGTH 64 +#else +#define MBEDTLS_MAX_KEY_LENGTH 32 +#endif /* MBEDTLS_CIPHER_MODE_XTS */ + +/** + * Base cipher information (opaque struct). + */ +typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t; + +/** + * CMAC context (opaque struct). + */ +typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t; + +/** + * Cipher information. Allows calling cipher functions + * in a generic way. + */ +typedef struct mbedtls_cipher_info_t +{ + /** Full cipher identifier. For example, + * MBEDTLS_CIPHER_AES_256_CBC. + */ + mbedtls_cipher_type_t type; + + /** The cipher mode. For example, MBEDTLS_MODE_CBC. */ + mbedtls_cipher_mode_t mode; + + /** The cipher key length, in bits. This is the + * default length for variable sized ciphers. + * Includes parity bits for ciphers like DES. + */ + unsigned int key_bitlen; + + /** Name of the cipher. */ + const char * name; + + /** IV or nonce size, in Bytes. + * For ciphers that accept variable IV sizes, + * this is the recommended size. + */ + unsigned int iv_size; + + /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and + * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the + * cipher supports variable IV or variable key sizes, respectively. + */ + int flags; + + /** The block size, in Bytes. */ + unsigned int block_size; + + /** Struct for base cipher information and functions. */ + const mbedtls_cipher_base_t *base; + +} mbedtls_cipher_info_t; + +/** + * Generic cipher context. + */ +typedef struct mbedtls_cipher_context_t +{ + /** Information about the associated cipher. */ + const mbedtls_cipher_info_t *cipher_info; + + /** Key length to use. */ + int key_bitlen; + + /** Operation that the key of the context has been + * initialized for. + */ + mbedtls_operation_t operation; + +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + /** Padding functions to use, if relevant for + * the specific cipher mode. + */ + void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); + int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); +#endif + + /** Buffer for input that has not been processed yet. */ + unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH]; + + /** Number of Bytes that have not been processed yet. */ + size_t unprocessed_len; + + /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number + * for XTS-mode. */ + unsigned char iv[MBEDTLS_MAX_IV_LENGTH]; + + /** IV size in Bytes, for ciphers with variable-length IVs. */ + size_t iv_size; + + /** The cipher-specific context. */ + void *cipher_ctx; + +#if defined(MBEDTLS_CMAC_C) + /** CMAC-specific context. */ + mbedtls_cmac_context_t *cmac_ctx; +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /** Indicates whether the cipher operations should be performed + * by Mbed TLS' own crypto library or an external implementation + * of the PSA Crypto API. + * This is unset if the cipher context was established through + * mbedtls_cipher_setup(), and set if it was established through + * mbedtls_cipher_setup_psa(). + */ + unsigned char psa_enabled; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +} mbedtls_cipher_context_t; + +/** + * \brief This function retrieves the list of ciphers supported + * by the generic cipher module. + * + * For any cipher identifier in the returned list, you can + * obtain the corresponding generic cipher information structure + * via mbedtls_cipher_info_from_type(), which can then be used + * to prepare a cipher context via mbedtls_cipher_setup(). + * + * + * \return A statically-allocated array of cipher identifiers + * of type cipher_type_t. The last entry is zero. + */ +const int *mbedtls_cipher_list( void ); + +/** + * \brief This function retrieves the cipher-information + * structure associated with the given cipher name. + * + * \param cipher_name Name of the cipher to search for. This must not be + * \c NULL. + * + * \return The cipher information structure associated with the + * given \p cipher_name. + * \return \c NULL if the associated cipher information is not found. + */ +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ); + +/** + * \brief This function retrieves the cipher-information + * structure associated with the given cipher type. + * + * \param cipher_type Type of the cipher to search for. + * + * \return The cipher information structure associated with the + * given \p cipher_type. + * \return \c NULL if the associated cipher information is not found. + */ +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ); + +/** + * \brief This function retrieves the cipher-information + * structure associated with the given cipher ID, + * key size and mode. + * + * \param cipher_id The ID of the cipher to search for. For example, + * #MBEDTLS_CIPHER_ID_AES. + * \param key_bitlen The length of the key in bits. + * \param mode The cipher mode. For example, #MBEDTLS_MODE_CBC. + * + * \return The cipher information structure associated with the + * given \p cipher_id. + * \return \c NULL if the associated cipher information is not found. + */ +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, + int key_bitlen, + const mbedtls_cipher_mode_t mode ); + +/** + * \brief This function initializes a \p cipher_context as NONE. + * + * \param ctx The context to be initialized. This must not be \c NULL. + */ +void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); + +/** + * \brief This function frees and clears the cipher-specific + * context of \p ctx. Freeing \p ctx itself remains the + * responsibility of the caller. + * + * \param ctx The context to be freed. If this is \c NULL, the + * function has no effect, otherwise this must point to an + * initialized context. + */ +void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); + +/** + * \brief Clone the state of an cipher context + * + * \note The two contexts must have been setup to the same type + * (cloning from AES to DES make no sense). + * + * \param dst The destination context + * \param src The context to be cloned + * + * \return \c 0 on success, + * \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on parameter failure. + */ +int mbedtls_cipher_clone( mbedtls_cipher_context_t *dst, + const mbedtls_cipher_context_t *src ); + +/** + * \brief This function initializes a cipher context for + * use with the given cipher primitive. + * + * \param ctx The context to initialize. This must be initialized. + * \param cipher_info The cipher to use. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the + * cipher-specific context fails. + * + * \internal Currently, the function also clears the structure. + * In future versions, the caller will be required to call + * mbedtls_cipher_init() on the structure first. + */ +int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info ); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/** + * \brief This function initializes a cipher context for + * PSA-based use with the given cipher primitive. + * + * \note See #MBEDTLS_USE_PSA_CRYPTO for information on PSA. + * + * \param ctx The context to initialize. May not be \c NULL. + * \param cipher_info The cipher to use. + * \param taglen For AEAD ciphers, the length in bytes of the + * authentication tag to use. Subsequent uses of + * mbedtls_cipher_auth_encrypt() or + * mbedtls_cipher_auth_decrypt() must provide + * the same tag length. + * For non-AEAD ciphers, the value must be \c 0. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the + * cipher-specific context fails. + */ +int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info, + size_t taglen ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +/** + * \brief setup the cipher info structure. + * + * \param ctx cipher's context. Must have been initialised. + * \param cipher_info cipher to use. + * + * \return 0 on success, + * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on parameter failure + */ +int mbedtls_cipher_setup_info( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ); + +/** + * \brief This function returns the block size of the given cipher. + * + * \param ctx The context of the cipher. This must be initialized. + * + * \return The block size of the underlying cipher. + * \return \c 0 if \p ctx has not been initialized. + */ +static inline unsigned int mbedtls_cipher_get_block_size( + const mbedtls_cipher_context_t *ctx ) +{ + MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); + if( ctx->cipher_info == NULL ) + return 0; + + return ctx->cipher_info->block_size; +} + +/** + * \brief This function returns the mode of operation for + * the cipher. For example, MBEDTLS_MODE_CBC. + * + * \param ctx The context of the cipher. This must be initialized. + * + * \return The mode of operation. + * \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized. + */ +static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( + const mbedtls_cipher_context_t *ctx ) +{ + MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_MODE_NONE; + + return ctx->cipher_info->mode; +} + +/** + * \brief This function returns the size of the IV or nonce + * of the cipher, in Bytes. + * + * \param ctx The context of the cipher. This must be initialized. + * + * \return The recommended IV size if no IV has been set. + * \return \c 0 for ciphers not using an IV or a nonce. + * \return The actual size if an IV has been set. + */ +static inline int mbedtls_cipher_get_iv_size( + const mbedtls_cipher_context_t *ctx ) +{ + MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); + if( ctx->cipher_info == NULL ) + return 0; + + if( ctx->iv_size != 0 ) + return (int) ctx->iv_size; + + return (int) ctx->cipher_info->iv_size; +} + +/** + * \brief This function returns the type of the given cipher. + * + * \param ctx The context of the cipher. This must be initialized. + * + * \return The type of the cipher. + * \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized. + */ +static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( + const mbedtls_cipher_context_t *ctx ) +{ + MBEDTLS_INTERNAL_VALIDATE_RET( + ctx != NULL, MBEDTLS_CIPHER_NONE ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_CIPHER_NONE; + + return ctx->cipher_info->type; +} + +/** + * \brief This function returns the name of the given cipher + * as a string. + * + * \param ctx The context of the cipher. This must be initialized. + * + * \return The name of the cipher. + * \return NULL if \p ctx has not been not initialized. + */ +static inline const char *mbedtls_cipher_get_name( + const mbedtls_cipher_context_t *ctx ) +{ + MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); + if( ctx->cipher_info == NULL ) + return 0; + + return ctx->cipher_info->name; +} + +/** + * \brief This function returns the key length of the cipher. + * + * \param ctx The context of the cipher. This must be initialized. + * + * \return The key length of the cipher in bits. + * \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been + * initialized. + */ +static inline int mbedtls_cipher_get_key_bitlen( + const mbedtls_cipher_context_t *ctx ) +{ + MBEDTLS_INTERNAL_VALIDATE_RET( + ctx != NULL, MBEDTLS_KEY_LENGTH_NONE ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_KEY_LENGTH_NONE; + + return (int) ctx->cipher_info->key_bitlen; +} + +/** + * \brief This function returns the operation of the given cipher. + * + * \param ctx The context of the cipher. This must be initialized. + * + * \return The type of operation: #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT. + * \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized. + */ +static inline mbedtls_operation_t mbedtls_cipher_get_operation( + const mbedtls_cipher_context_t *ctx ) +{ + MBEDTLS_INTERNAL_VALIDATE_RET( + ctx != NULL, MBEDTLS_OPERATION_NONE ); + if( ctx->cipher_info == NULL ) + return MBEDTLS_OPERATION_NONE; + + return ctx->operation; +} + +/** + * \brief This function sets the key to use with the given context. + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a cipher information structure. + * \param key The key to use. This must be a readable buffer of at + * least \p key_bitlen Bits. + * \param key_bitlen The key length to use, in Bits. + * \param operation The operation that the key will be used for: + * #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return A cipher-specific error code on failure. + */ +int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation ); + +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) +/** + * \brief This function sets the padding mode, for cipher modes + * that use padding. + * + * The default passing mode is PKCS7 padding. + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a cipher information structure. + * \param mode The padding mode. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE + * if the selected padding mode is not supported. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode + * does not support padding. + */ +int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode ); +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ + +/** + * \brief This function sets the initialization vector (IV) + * or nonce. + * + * \note Some ciphers do not use IVs nor nonce. For these + * ciphers, this function has no effect. + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a cipher information structure. + * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. This + * must be a readable buffer of at least \p iv_len Bytes. + * \param iv_len The IV length for ciphers with variable-size IV. + * This parameter is discarded by ciphers with fixed-size IV. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + */ +int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, + const unsigned char *iv, + size_t iv_len ); + +/** + * \brief This function resets the cipher state. + * + * \param ctx The generic cipher context. This must be initialized. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + */ +int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); + +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) +/** + * \brief This function adds additional data for AEAD ciphers. + * Currently supported with GCM and ChaCha20+Poly1305. + * This must be called exactly once, after + * mbedtls_cipher_reset(). + * + * \param ctx The generic cipher context. This must be initialized. + * \param ad The additional data to use. This must be a readable + * buffer of at least \p ad_len Bytes. + * \param ad_len The length of \p ad in Bytes. + * + * \return \c 0 on success. + * \return A specific error code on failure. + */ +int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, + const unsigned char *ad, size_t ad_len ); +#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ + +/** + * \brief The generic cipher update function. It encrypts or + * decrypts using the given cipher context. Writes as + * many block-sized blocks of data as possible to output. + * Any data that cannot be written immediately is either + * added to the next block, or flushed when + * mbedtls_cipher_finish() is called. + * Exception: For MBEDTLS_MODE_ECB, expects a single block + * in size. For example, 16 Bytes for AES. + * + * \note If the underlying cipher is used in GCM mode, all calls + * to this function, except for the last one before + * mbedtls_cipher_finish(), must have \p ilen as a + * multiple of the block size of the cipher. + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a key. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes. + * \param ilen The length of the input data. + * \param output The buffer for the output data. This must be able to + * hold at least `ilen + block_size`. This must not be the + * same buffer as \p input. + * \param olen The length of the output data, to be updated with the + * actual number of Bytes written. This must not be + * \c NULL. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an + * unsupported mode for a cipher. + * \return A cipher-specific error code on failure. + */ +int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, + const unsigned char *input, + size_t ilen, unsigned char *output, + size_t *olen ); + +/** + * \brief The generic cipher finalization function. If data still + * needs to be flushed from an incomplete block, the data + * contained in it is padded to the size of + * the last block, and written to the \p output buffer. + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a key. + * \param output The buffer to write data to. This needs to be a writable + * buffer of at least \p block_size Bytes. + * \param olen The length of the data written to the \p output buffer. + * This may not be \c NULL. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption + * expecting a full block but not receiving one. + * \return #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding + * while decrypting. + * \return A cipher-specific error code on failure. + */ +int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, + unsigned char *output, size_t *olen ); + +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) +/** + * \brief This function writes a tag for AEAD ciphers. + * Currently supported with GCM and ChaCha20+Poly1305. + * This must be called after mbedtls_cipher_finish(). + * + * \param ctx The generic cipher context. This must be initialized, + * bound to a key, and have just completed a cipher + * operation through mbedtls_cipher_finish() the tag for + * which should be written. + * \param tag The buffer to write the tag to. This must be a writable + * buffer of at least \p tag_len Bytes. + * \param tag_len The length of the tag to write. + * + * \return \c 0 on success. + * \return A specific error code on failure. + */ +int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, + unsigned char *tag, size_t tag_len ); + +/** + * \brief This function checks the tag for AEAD ciphers. + * Currently supported with GCM and ChaCha20+Poly1305. + * This must be called after mbedtls_cipher_finish(). + * + * \param ctx The generic cipher context. This must be initialized. + * \param tag The buffer holding the tag. This must be a readable + * buffer of at least \p tag_len Bytes. + * \param tag_len The length of the tag to check. + * + * \return \c 0 on success. + * \return A specific error code on failure. + */ +int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, + const unsigned char *tag, size_t tag_len ); +#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ + +/** + * \brief The generic all-in-one encryption/decryption function, + * for all ciphers except AEAD constructs. + * + * \param ctx The generic cipher context. This must be initialized. + * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. + * This must be a readable buffer of at least \p iv_len + * Bytes. + * \param iv_len The IV length for ciphers with variable-size IV. + * This parameter is discarded by ciphers with fixed-size + * IV. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes. + * \param ilen The length of the input data in Bytes. + * \param output The buffer for the output data. This must be able to + * hold at least `ilen + block_size`. This must not be the + * same buffer as \p input. + * \param olen The length of the output data, to be updated with the + * actual number of Bytes written. This must not be + * \c NULL. + * + * \note Some ciphers do not use IVs nor nonce. For these + * ciphers, use \p iv = NULL and \p iv_len = 0. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption + * expecting a full block but not receiving one. + * \return #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding + * while decrypting. + * \return A cipher-specific error code on failure. + */ +int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen ); + +#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif /* MBEDTLS_DEPRECATED_WARNING */ +/** + * \brief The generic authenticated encryption (AEAD) function. + * + * \deprecated Superseded by mbedtls_cipher_auth_encrypt_ext(). + * + * \note This function only supports AEAD algorithms, not key + * wrapping algorithms such as NIST_KW; for this, see + * mbedtls_cipher_auth_encrypt_ext(). + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a key associated with an AEAD algorithm. + * \param iv The nonce to use. This must be a readable buffer of + * at least \p iv_len Bytes and must not be \c NULL. + * \param iv_len The length of the nonce. This must satisfy the + * constraints imposed by the AEAD cipher used. + * \param ad The additional data to authenticate. This must be a + * readable buffer of at least \p ad_len Bytes, and may + * be \c NULL is \p ad_len is \c 0. + * \param ad_len The length of \p ad. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes, and may be + * \c NULL if \p ilen is \c 0. + * \param ilen The length of the input data. + * \param output The buffer for the output data. This must be a + * writable buffer of at least \p ilen Bytes, and must + * not be \c NULL. + * \param olen This will be filled with the actual number of Bytes + * written to the \p output buffer. This must point to a + * writable object of type \c size_t. + * \param tag The buffer for the authentication tag. This must be a + * writable buffer of at least \p tag_len Bytes. See note + * below regarding restrictions with PSA-based contexts. + * \param tag_len The desired length of the authentication tag. This + * must match the constraints imposed by the AEAD cipher + * used, and in particular must not be \c 0. + * + * \note If the context is based on PSA (that is, it was set up + * with mbedtls_cipher_setup_psa()), then it is required + * that \c tag == output + ilen. That is, the tag must be + * appended to the ciphertext as recommended by RFC 5116. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return A cipher-specific error code on failure. + */ +int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + unsigned char *tag, size_t tag_len ) + MBEDTLS_DEPRECATED; + +/** + * \brief The generic authenticated decryption (AEAD) function. + * + * \deprecated Superseded by mbedtls_cipher_auth_decrypt_ext(). + * + * \note This function only supports AEAD algorithms, not key + * wrapping algorithms such as NIST_KW; for this, see + * mbedtls_cipher_auth_decrypt_ext(). + * + * \note If the data is not authentic, then the output buffer + * is zeroed out to prevent the unauthentic plaintext being + * used, making this interface safer. + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a key associated with an AEAD algorithm. + * \param iv The nonce to use. This must be a readable buffer of + * at least \p iv_len Bytes and must not be \c NULL. + * \param iv_len The length of the nonce. This must satisfy the + * constraints imposed by the AEAD cipher used. + * \param ad The additional data to authenticate. This must be a + * readable buffer of at least \p ad_len Bytes, and may + * be \c NULL is \p ad_len is \c 0. + * \param ad_len The length of \p ad. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes, and may be + * \c NULL if \p ilen is \c 0. + * \param ilen The length of the input data. + * \param output The buffer for the output data. This must be a + * writable buffer of at least \p ilen Bytes, and must + * not be \c NULL. + * \param olen This will be filled with the actual number of Bytes + * written to the \p output buffer. This must point to a + * writable object of type \c size_t. + * \param tag The buffer for the authentication tag. This must be a + * readable buffer of at least \p tag_len Bytes. See note + * below regarding restrictions with PSA-based contexts. + * \param tag_len The length of the authentication tag. This must match + * the constraints imposed by the AEAD cipher used, and in + * particular must not be \c 0. + * + * \note If the context is based on PSA (that is, it was set up + * with mbedtls_cipher_setup_psa()), then it is required + * that \c tag == input + len. That is, the tag must be + * appended to the ciphertext as recommended by RFC 5116. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. + * \return A cipher-specific error code on failure. + */ +int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + const unsigned char *tag, size_t tag_len ) + MBEDTLS_DEPRECATED; +#undef MBEDTLS_DEPRECATED +#endif /* MBEDTLS_DEPRECATED_REMOVED */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ + +#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) +/** + * \brief The authenticated encryption (AEAD/NIST_KW) function. + * + * \note For AEAD modes, the tag will be appended to the + * ciphertext, as recommended by RFC 5116. + * (NIST_KW doesn't have a separate tag.) + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a key, with an AEAD algorithm or NIST_KW. + * \param iv The nonce to use. This must be a readable buffer of + * at least \p iv_len Bytes and may be \c NULL if \p + * iv_len is \c 0. + * \param iv_len The length of the nonce. For AEAD ciphers, this must + * satisfy the constraints imposed by the cipher used. + * For NIST_KW, this must be \c 0. + * \param ad The additional data to authenticate. This must be a + * readable buffer of at least \p ad_len Bytes, and may + * be \c NULL is \p ad_len is \c 0. + * \param ad_len The length of \p ad. For NIST_KW, this must be \c 0. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes, and may be + * \c NULL if \p ilen is \c 0. + * \param ilen The length of the input data. + * \param output The buffer for the output data. This must be a + * writable buffer of at least \p output_len Bytes, and + * must not be \c NULL. + * \param output_len The length of the \p output buffer in Bytes. For AEAD + * ciphers, this must be at least \p ilen + \p tag_len. + * For NIST_KW, this must be at least \p ilen + 8 + * (rounded up to a multiple of 8 if KWP is used); + * \p ilen + 15 is always a safe value. + * \param olen This will be filled with the actual number of Bytes + * written to the \p output buffer. This must point to a + * writable object of type \c size_t. + * \param tag_len The desired length of the authentication tag. For AEAD + * ciphers, this must match the constraints imposed by + * the cipher used, and in particular must not be \c 0. + * For NIST_KW, this must be \c 0. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return A cipher-specific error code on failure. + */ +int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len ); + +/** + * \brief The authenticated encryption (AEAD/NIST_KW) function. + * + * \note If the data is not authentic, then the output buffer + * is zeroed out to prevent the unauthentic plaintext being + * used, making this interface safer. + * + * \note For AEAD modes, the tag must be appended to the + * ciphertext, as recommended by RFC 5116. + * (NIST_KW doesn't have a separate tag.) + * + * \param ctx The generic cipher context. This must be initialized and + * bound to a key, with an AEAD algorithm or NIST_KW. + * \param iv The nonce to use. This must be a readable buffer of + * at least \p iv_len Bytes and may be \c NULL if \p + * iv_len is \c 0. + * \param iv_len The length of the nonce. For AEAD ciphers, this must + * satisfy the constraints imposed by the cipher used. + * For NIST_KW, this must be \c 0. + * \param ad The additional data to authenticate. This must be a + * readable buffer of at least \p ad_len Bytes, and may + * be \c NULL is \p ad_len is \c 0. + * \param ad_len The length of \p ad. For NIST_KW, this must be \c 0. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes, and may be + * \c NULL if \p ilen is \c 0. + * \param ilen The length of the input data. For AEAD ciphers this + * must be at least \p tag_len. For NIST_KW this must be + * at least \c 8. + * \param output The buffer for the output data. This must be a + * writable buffer of at least \p output_len Bytes, and + * may be \c NULL if \p output_len is \c 0. + * \param output_len The length of the \p output buffer in Bytes. For AEAD + * ciphers, this must be at least \p ilen - \p tag_len. + * For NIST_KW, this must be at least \p ilen - 8. + * \param olen This will be filled with the actual number of Bytes + * written to the \p output buffer. This must point to a + * writable object of type \c size_t. + * \param tag_len The actual length of the authentication tag. For AEAD + * ciphers, this must match the constraints imposed by + * the cipher used, and in particular must not be \c 0. + * For NIST_KW, this must be \c 0. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on + * parameter-verification failure. + * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. + * \return A cipher-specific error code on failure. + */ +int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len ); +#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_CIPHER_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_cipher_internal.h b/lib/sec_library/include/soft_crypto/crypto_cipher_internal.h new file mode 100644 index 00000000..501a9bb5 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_cipher_internal.h @@ -0,0 +1,125 @@ +/** + * \file cipher_internal.h + * + * \brief Cipher wrappers. + * + * \author Adriaan de Jong + */ +/* + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_CIPHER_WRAP_H +#define MBEDTLS_CIPHER_WRAP_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "crypto_config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "crypto_cipher.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * Base cipher information. The non-mode specific functions and values. + */ +struct mbedtls_cipher_base_t +{ + /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */ + mbedtls_cipher_id_t cipher; + + /** Encrypt using ECB */ + int (*ecb_func)( void *ctx, mbedtls_operation_t mode, + const unsigned char *input, unsigned char *output ); + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + /** Encrypt using CBC */ + int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length, + unsigned char *iv, const unsigned char *input, + unsigned char *output ); +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CFB) + /** Encrypt using CFB (Full length) */ + int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, + unsigned char *iv, const unsigned char *input, + unsigned char *output ); +#endif + +#if defined(MBEDTLS_CIPHER_MODE_OFB) + /** Encrypt using OFB (Full length) */ + int (*ofb_func)( void *ctx, size_t length, size_t *iv_off, + unsigned char *iv, + const unsigned char *input, + unsigned char *output ); +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CTR) + /** Encrypt using CTR */ + int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output ); +#endif + +#if defined(MBEDTLS_CIPHER_MODE_XTS) + /** Encrypt or decrypt using XTS. */ + int (*xts_func)( void *ctx, mbedtls_operation_t mode, size_t length, + const unsigned char data_unit[16], + const unsigned char *input, unsigned char *output ); +#endif + +#if defined(MBEDTLS_CIPHER_MODE_STREAM) + /** Encrypt using STREAM */ + int (*stream_func)( void *ctx, size_t length, + const unsigned char *input, unsigned char *output ); +#endif + + /** Set key for encryption purposes */ + int (*setkey_enc_func)( void *ctx, const unsigned char *key, + unsigned int key_bitlen ); + + /** Set key for decryption purposes */ + int (*setkey_dec_func)( void *ctx, const unsigned char *key, + unsigned int key_bitlen); + + /** Allocate a new context */ + void * (*ctx_alloc_func)( void ); + + /** Free the given context */ + void (*ctx_free_func)( void *ctx ); + +}; + +typedef struct +{ + mbedtls_cipher_type_t type; + const mbedtls_cipher_info_t *info; +} mbedtls_cipher_definition_t; + +extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]; + +extern int mbedtls_cipher_supported[]; + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_CIPHER_WRAP_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_cmac.h b/lib/sec_library/include/soft_crypto/crypto_cmac.h new file mode 100644 index 00000000..cb26f061 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_cmac.h @@ -0,0 +1,242 @@ +/** + * \file cmac.h + * + * \brief This file contains CMAC definitions and functions. + * + * The Cipher-based Message Authentication Code (CMAC) Mode for + * Authentication is defined in RFC-4493: The AES-CMAC Algorithm. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CMAC_H +#define MBEDTLS_CMAC_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "mbedtls/cipher.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED is deprecated and should not be used. */ +#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A /**< CMAC hardware accelerator failed. */ + +#define MBEDTLS_AES_BLOCK_SIZE 16 +#define MBEDTLS_DES3_BLOCK_SIZE 8 + +#if defined(MBEDTLS_AES_C) +#define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /**< The longest block used by CMAC is that of AES. */ +#else +#define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /**< The longest block used by CMAC is that of 3DES. */ +#endif + +#if !defined(MBEDTLS_CMAC_ALT) + +/** + * The CMAC context structure. + */ +struct mbedtls_cmac_context_t +{ + /** The internal state of the CMAC algorithm. */ + unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX]; + + /** Unprocessed data - either data that was not block aligned and is still + * pending processing, or the final block. */ + unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX]; + + /** The length of data pending processing. */ + size_t unprocessed_len; +}; + +#else /* !MBEDTLS_CMAC_ALT */ +#include "cmac_alt.h" +#endif /* !MBEDTLS_CMAC_ALT */ + +/** + * \brief Initialises and allocat cmac context memory + * Must be called with an initialized cipher context. + * + * \param ctx The cipher context used for the CMAC operation, initialized + * as one of the following types: MBEDTLS_CIPHER_AES_128_ECB, + * MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB, + * or MBEDTLS_CIPHER_DES_EDE3_ECB. + * \return \c 0 on success. + * \return A cipher-specific error code on failure. + */ +int sc_mbedtls_cipher_cmac_setup(mbedtls_cipher_context_t *ctx); + +/** + * \brief This function sets the CMAC key, and prepares to authenticate + * the input data. + * Must be called with an initialized cipher context. + * + * \note When the CMAC implementation is supplied by an alternate + * implementation (through #MBEDTLS_CMAC_ALT), some ciphers + * may not be supported by that implementation, and thus + * return an error. Alternate implementations must support + * AES-128 and AES-256, and may support AES-192 and 3DES. + * + * \param ctx The cipher context used for the CMAC operation, initialized + * as one of the following types: MBEDTLS_CIPHER_AES_128_ECB, + * MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB, + * or MBEDTLS_CIPHER_DES_EDE3_ECB. + * \param key The CMAC key. + * \param keybits The length of the CMAC key in bits. + * Must be supported by the cipher. + * + * \return \c 0 on success. + * \return A cipher-specific error code on failure. + */ +int sc_mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, + const unsigned char *key, size_t keybits ); + +/** + * \brief This function feeds an input buffer into an ongoing CMAC + * computation. + * + * It is called between sc_mbedtls_cipher_cmac_starts() or + * sc_mbedtls_cipher_cmac_reset(), and sc_mbedtls_cipher_cmac_finish(). + * Can be called repeatedly. + * + * \param ctx The cipher context used for the CMAC operation. + * \param input The buffer holding the input data. + * \param ilen The length of the input data. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA + * if parameter verification fails. + */ +int sc_mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, + const unsigned char *input, size_t ilen ); + +/** + * \brief This function finishes the CMAC operation, and writes + * the result to the output buffer. + * + * It is called after sc_mbedtls_cipher_cmac_update(). + * It can be followed by sc_mbedtls_cipher_cmac_reset() and + * sc_mbedtls_cipher_cmac_update(), or mbedtls_cipher_free(). + * + * \param ctx The cipher context used for the CMAC operation. + * \param output The output buffer for the CMAC checksum result. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA + * if parameter verification fails. + */ +int sc_mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, + unsigned char *output ); + +/** + * \brief This function prepares the authentication of another + * message with the same key as the previous CMAC + * operation. + * + * It is called after sc_mbedtls_cipher_cmac_finish() + * and before sc_mbedtls_cipher_cmac_update(). + * + * \param ctx The cipher context used for the CMAC operation. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA + * if parameter verification fails. + */ +int sc_mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); + +/** + * \brief This function calculates the full generic CMAC + * on the input buffer with the provided key. + * + * The function allocates the context, performs the + * calculation, and frees the context. + * + * The CMAC result is calculated as + * output = generic CMAC(cmac key, input buffer). + * + * \note When the CMAC implementation is supplied by an alternate + * implementation (through #MBEDTLS_CMAC_ALT), some ciphers + * may not be supported by that implementation, and thus + * return an error. Alternate implementations must support + * AES-128 and AES-256, and may support AES-192 and 3DES. + * + * \param cipher_info The cipher information. + * \param key The CMAC key. + * \param keylen The length of the CMAC key in bits. + * \param input The buffer holding the input data. + * \param ilen The length of the input data. + * \param output The buffer for the generic CMAC result. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA + * if parameter verification fails. + */ +int sc_mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, + const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ); + +#if defined(MBEDTLS_AES_C) +/** + * \brief This function implements the AES-CMAC-PRF-128 pseudorandom + * function, as defined in + * RFC-4615: The Advanced Encryption Standard-Cipher-based + * Message Authentication Code-Pseudo-Random Function-128 + * (AES-CMAC-PRF-128) Algorithm for the Internet Key + * Exchange Protocol (IKE). + * + * \param key The key to use. + * \param key_len The key length in Bytes. + * \param input The buffer holding the input data. + * \param in_len The length of the input data in Bytes. + * \param output The buffer holding the generated 16 Bytes of + * pseudorandom output. + * + * \return \c 0 on success. + */ +int sc_mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, + const unsigned char *input, size_t in_len, + unsigned char output[16] ); +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) ) +/** + * \brief The CMAC checkup routine. + * + * \note In case the CMAC routines are provided by an alternative + * implementation (i.e. #MBEDTLS_CMAC_ALT is defined), the + * checkup routine will succeed even if the implementation does + * not support the less widely used AES-192 or 3DES primitives. + * The self-test requires at least AES-128 and AES-256 to be + * supported by the underlying implementation. + * + * \return \c 0 on success. + * \return \c 1 on failure. + */ +int sc_mbedtls_cmac_self_test( int verbose ); +#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_CMAC_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_config.h b/lib/sec_library/include/soft_crypto/crypto_config.h new file mode 100755 index 00000000..3d2c4698 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_config.h @@ -0,0 +1,67 @@ +/* + * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +/* + * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + * Distinguishing features: + * - no bignum, no PK, no X509 + * - fully modern and secure (provided the pre-shared keys have high entropy) + * - very low record overhead with CCM-8 + * - optimized for low RAM usage + * + * See README.txt for usage instructions. + */ +#ifndef SC_MBEDTLS_CONFIG_H +#define SC_MBEDTLS_CONFIG_H + +/* System support */ + + +/* mbed TLS feature support */ +#define MBEDTLS_PKCS1_V15 + + +/* mbed TLS modules */ +#define MBEDTLS_AES_C +#define MBEDTLS_CIPHER_MODE_CBC +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_BIGNUM_C + +#define SC_MBEDTLS_MD_C + +//#define MBEDTLS_NET_C +#define MBEDTLS_OID_C +#define MBEDTLS_SHA1_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_RSA_C +#define MBEDTLS_RSA_NO_CRT + +#define MBEDTLS_GCM_C +#define MBEDTLS_SELF_TEST + +#if !defined (MBEDTLS_DEBUG_C) +/*reduce readonly date size*/ +#define CK_REMOVE_UNUSED_FUNCTION_AND_DATA +#endif + +#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO +#define MBEDTLS_PLATFORM_TIME_MACRO + +#endif /* SC_MBEDTLS_CONFIG_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_constants.h b/lib/sec_library/include/soft_crypto/crypto_constants.h new file mode 100755 index 00000000..965490e0 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_constants.h @@ -0,0 +1,61 @@ +/* constants.h - TinyCrypt interface to constants */ + +/* + * Copyright (C) 2017 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief -- Interface to constants. + * + */ + +#ifndef __TC_CONSTANTS_H__ +#define __TC_CONSTANTS_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +#include + +#ifndef NULL +#define NULL ((void *)0) +#endif + +#define TC_CRYPTO_SUCCESS 1 +#define TC_CRYPTO_FAIL 0 + +#define TC_ZERO_BYTE 0x00 + +#ifdef __cplusplus +} +#endif + +#endif /* __TC_CONSTANTS_H__ */ diff --git a/lib/sec_library/include/soft_crypto/crypto_ecc.h b/lib/sec_library/include/soft_crypto/crypto_ecc.h new file mode 100755 index 00000000..d22a5107 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_ecc.h @@ -0,0 +1,546 @@ +/* ecc.h - TinyCrypt interface to common ECC functions */ + +/* Copyright (c) 2014, Kenneth MacKay + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Copyright (C) 2017 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief -- Interface to common ECC functions. + * + * Overview: This software is an implementation of common functions + * necessary to elliptic curve cryptography. This implementation uses + * curve NIST p-256. + * + * Security: The curve NIST p-256 provides approximately 128 bits of security. + * + */ + +#ifndef __TC_UECC_H__ +#define __TC_UECC_H__ + + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* Word size (4 bytes considering 32-bits architectures) */ +#define uECC_WORD_SIZE 4 + +/* setting max number of calls to prng: */ +#ifndef uECC_RNG_MAX_TRIES +#define uECC_RNG_MAX_TRIES 64 +#endif + +/* defining data types to store word and bit counts: */ +typedef int8_t wordcount_t; +typedef int16_t bitcount_t; +/* defining data type for comparison result: */ +typedef int8_t cmpresult_t; +/* defining data type to store ECC coordinate/point in 32bits words: */ +typedef unsigned int uECC_word_t; +/* defining data type to store an ECC coordinate/point in 64bits words: */ +typedef uint64_t uECC_dword_t; + +/* defining masks useful for ecc computations: */ +#define HIGH_BIT_SET 0x80000000 +#define uECC_WORD_BITS 32 +#define uECC_WORD_BITS_SHIFT 5 +#define uECC_WORD_BITS_MASK 0x01F + +/* Number of words of 32 bits to represent an element of the the curve p-256: */ +#define NUM_ECC_WORDS 8 +/* Number of bytes to represent an element of the the curve p-256: */ +#define NUM_ECC_BYTES (uECC_WORD_SIZE*NUM_ECC_WORDS) + +/* structure that represents an elliptic curve (e.g. p256):*/ +struct uECC_Curve_t; +typedef const struct uECC_Curve_t * uECC_Curve; +struct uECC_Curve_t { + wordcount_t num_words; + wordcount_t num_bytes; + bitcount_t num_n_bits; + uECC_word_t p[NUM_ECC_WORDS]; + uECC_word_t n[NUM_ECC_WORDS]; + uECC_word_t G[NUM_ECC_WORDS * 2]; + uECC_word_t b[NUM_ECC_WORDS]; + void (*double_jacobian)(uECC_word_t * X1, uECC_word_t * Y1, uECC_word_t * Z1, uECC_Curve curve); + void (*x_side)(uECC_word_t *result, const uECC_word_t *x, uECC_Curve curve); + void (*mmod_fast)(uECC_word_t *result, uECC_word_t *product); +}; + +/* + * @brief computes doubling of point ion jacobian coordinates, in place. + * @param X1 IN/OUT -- x coordinate + * @param Y1 IN/OUT -- y coordinate + * @param Z1 IN/OUT -- z coordinate + * @param curve IN -- elliptic curve + */ +void double_jacobian_default(uECC_word_t * X1, uECC_word_t * Y1, + uECC_word_t * Z1, uECC_Curve curve); + +/* + * @brief Computes x^3 + ax + b. result must not overlap x. + * @param result OUT -- x^3 + ax + b + * @param x IN -- value of x + * @param curve IN -- elliptic curve + */ +void x_side_default(uECC_word_t *result, const uECC_word_t *x, + uECC_Curve curve); + +/* + * @brief Computes result = product % curve_p + * from http://www.nsa.gov/ia/_files/nist-routines.pdf + * @param result OUT -- product % curve_p + * @param product IN -- value to be reduced mod curve_p + */ +void vli_mmod_fast_secp256r1(unsigned int *result, unsigned int *product); + +/* Bytes to words ordering: */ +#define BYTES_TO_WORDS_8(a, b, c, d, e, f, g, h) 0x##d##c##b##a, 0x##h##g##f##e +#define BYTES_TO_WORDS_4(a, b, c, d) 0x##d##c##b##a +#define BITS_TO_WORDS(num_bits) \ + ((num_bits + ((uECC_WORD_SIZE * 8) - 1)) / (uECC_WORD_SIZE * 8)) +#define BITS_TO_BYTES(num_bits) ((num_bits + 7) / 8) + +/* definition of curve NIST p-256: */ +static const struct uECC_Curve_t curve_secp256r1 = { + NUM_ECC_WORDS, + NUM_ECC_BYTES, + 256, /* num_n_bits */ { + BYTES_TO_WORDS_8(FF, FF, FF, FF, FF, FF, FF, FF), + BYTES_TO_WORDS_8(FF, FF, FF, FF, 00, 00, 00, 00), + BYTES_TO_WORDS_8(00, 00, 00, 00, 00, 00, 00, 00), + BYTES_TO_WORDS_8(01, 00, 00, 00, FF, FF, FF, FF) + }, { + BYTES_TO_WORDS_8(51, 25, 63, FC, C2, CA, B9, F3), + BYTES_TO_WORDS_8(84, 9E, 17, A7, AD, FA, E6, BC), + BYTES_TO_WORDS_8(FF, FF, FF, FF, FF, FF, FF, FF), + BYTES_TO_WORDS_8(00, 00, 00, 00, FF, FF, FF, FF) + }, { + BYTES_TO_WORDS_8(96, C2, 98, D8, 45, 39, A1, F4), + BYTES_TO_WORDS_8(A0, 33, EB, 2D, 81, 7D, 03, 77), + BYTES_TO_WORDS_8(F2, 40, A4, 63, E5, E6, BC, F8), + BYTES_TO_WORDS_8(47, 42, 2C, E1, F2, D1, 17, 6B), + + BYTES_TO_WORDS_8(F5, 51, BF, 37, 68, 40, B6, CB), + BYTES_TO_WORDS_8(CE, 5E, 31, 6B, 57, 33, CE, 2B), + BYTES_TO_WORDS_8(16, 9E, 0F, 7C, 4A, EB, E7, 8E), + BYTES_TO_WORDS_8(9B, 7F, 1A, FE, E2, 42, E3, 4F) + }, { + BYTES_TO_WORDS_8(4B, 60, D2, 27, 3E, 3C, CE, 3B), + BYTES_TO_WORDS_8(F6, B0, 53, CC, B0, 06, 1D, 65), + BYTES_TO_WORDS_8(BC, 86, 98, 76, 55, BD, EB, B3), + BYTES_TO_WORDS_8(E7, 93, 3A, AA, D8, 35, C6, 5A) + }, + &double_jacobian_default, + &x_side_default, + &vli_mmod_fast_secp256r1 +}; + +uECC_Curve uECC_secp256r1(void); + +/* + * @brief Generates a random integer in the range 0 < random < top. + * Both random and top have num_words words. + * @param random OUT -- random integer in the range 0 < random < top + * @param top IN -- upper limit + * @param num_words IN -- number of words + * @return a random integer in the range 0 < random < top + */ +int uECC_generate_random_int(uECC_word_t *random, const uECC_word_t *top, + wordcount_t num_words); + + +/* uECC_RNG_Function type + * The RNG function should fill 'size' random bytes into 'dest'. It should + * return 1 if 'dest' was filled with random data, or 0 if the random data could + * not be generated. The filled-in values should be either truly random, or from + * a cryptographically-secure PRNG. + * + * A correctly functioning RNG function must be set (using uECC_set_rng()) + * before calling uECC_make_key() or uECC_sign(). + * + * Setting a correctly functioning RNG function improves the resistance to + * side-channel attacks for uECC_shared_secret(). + * + * A correct RNG function is set by default. If you are building on another + * POSIX-compliant system that supports /dev/random or /dev/urandom, you can + * define uECC_POSIX to use the predefined RNG. + */ +typedef int(*uECC_RNG_Function)(uint8_t *dest, unsigned int size); + +/* + * @brief Set the function that will be used to generate random bytes. The RNG + * function should return 1 if the random data was generated, or 0 if the random + * data could not be generated. + * + * @note On platforms where there is no predefined RNG function, this must be + * called before uECC_make_key() or uECC_sign() are used. + * + * @param rng_function IN -- function that will be used to generate random bytes + */ +void uECC_set_rng(uECC_RNG_Function rng_function); + +/* + * @brief provides current uECC_RNG_Function. + * @return Returns the function that will be used to generate random bytes. + */ +uECC_RNG_Function uECC_get_rng(void); + +/* + * @brief computes the size of a private key for the curve in bytes. + * @param curve IN -- elliptic curve + * @return size of a private key for the curve in bytes. + */ +int uECC_curve_private_key_size(uECC_Curve curve); + +/* + * @brief computes the size of a public key for the curve in bytes. + * @param curve IN -- elliptic curve + * @return the size of a public key for the curve in bytes. + */ +int uECC_curve_public_key_size(uECC_Curve curve); + +/* + * @brief Compute the corresponding public key for a private key. + * @param private_key IN -- The private key to compute the public key for + * @param public_key OUT -- Will be filled in with the corresponding public key + * @param curve + * @return Returns 1 if key was computed successfully, 0 if an error occurred. + */ +int uECC_compute_public_key(const uint8_t *private_key, + uint8_t *public_key, uECC_Curve curve); + +/* + * @brief Compute public-key. + * @return corresponding public-key. + * @param result OUT -- public-key + * @param private_key IN -- private-key + * @param curve IN -- elliptic curve + */ +uECC_word_t EccPoint_compute_public_key(uECC_word_t *result, + uECC_word_t *private_key, uECC_Curve curve); + +/* + * @brief Regularize the bitcount for the private key so that attackers cannot + * use a side channel attack to learn the number of leading zeros. + * @return Regularized k + * @param k IN -- private-key + * @param k0 IN/OUT -- regularized k + * @param k1 IN/OUT -- regularized k + * @param curve IN -- elliptic curve + */ +uECC_word_t regularize_k(const uECC_word_t * const k, uECC_word_t *k0, + uECC_word_t *k1, uECC_Curve curve); + +/* + * @brief Point multiplication algorithm using Montgomery's ladder with co-Z + * coordinates. See http://eprint.iacr.org/2011/338.pdf. + * @note Result may overlap point. + * @param result OUT -- returns scalar*point + * @param point IN -- elliptic curve point + * @param scalar IN -- scalar + * @param initial_Z IN -- initial value for z + * @param num_bits IN -- number of bits in scalar + * @param curve IN -- elliptic curve + */ +void EccPoint_mult(uECC_word_t * result, const uECC_word_t * point, + const uECC_word_t * scalar, const uECC_word_t * initial_Z, + bitcount_t num_bits, uECC_Curve curve); + +/* + * @brief Constant-time comparison to zero - secure way to compare long integers + * @param vli IN -- very long integer + * @param num_words IN -- number of words in the vli + * @return 1 if vli == 0, 0 otherwise. + */ +uECC_word_t uECC_vli_isZero(const uECC_word_t *vli, wordcount_t num_words); + +/* + * @brief Check if 'point' is the point at infinity + * @param point IN -- elliptic curve point + * @param curve IN -- elliptic curve + * @return if 'point' is the point at infinity, 0 otherwise. + */ +uECC_word_t EccPoint_isZero(const uECC_word_t *point, uECC_Curve curve); + +/* + * @brief computes the sign of left - right, in constant time. + * @param left IN -- left term to be compared + * @param right IN -- right term to be compared + * @param num_words IN -- number of words + * @return the sign of left - right + */ +cmpresult_t uECC_vli_cmp(const uECC_word_t *left, const uECC_word_t *right, + wordcount_t num_words); + +/* + * @brief computes sign of left - right, not in constant time. + * @note should not be used if inputs are part of a secret + * @param left IN -- left term to be compared + * @param right IN -- right term to be compared + * @param num_words IN -- number of words + * @return the sign of left - right + */ +cmpresult_t uECC_vli_cmp_unsafe(const uECC_word_t *left, const uECC_word_t *right, + wordcount_t num_words); + +/* + * @brief Computes result = (left - right) % mod. + * @note Assumes that (left < mod) and (right < mod), and that result does not + * overlap mod. + * @param result OUT -- (left - right) % mod + * @param left IN -- leftright term in modular subtraction + * @param right IN -- right term in modular subtraction + * @param mod IN -- mod + * @param num_words IN -- number of words + */ +void uECC_vli_modSub(uECC_word_t *result, const uECC_word_t *left, + const uECC_word_t *right, const uECC_word_t *mod, + wordcount_t num_words); + +/* + * @brief Computes P' = (x1', y1', Z3), P + Q = (x3, y3, Z3) or + * P => P', Q => P + Q + * @note assumes Input P = (x1, y1, Z), Q = (x2, y2, Z) + * @param X1 IN -- x coordinate of P + * @param Y1 IN -- y coordinate of P + * @param X2 IN -- x coordinate of Q + * @param Y2 IN -- y coordinate of Q + * @param curve IN -- elliptic curve + */ +void XYcZ_add(uECC_word_t * X1, uECC_word_t * Y1, uECC_word_t * X2, + uECC_word_t * Y2, uECC_Curve curve); + +/* + * @brief Computes (x1 * z^2, y1 * z^3) + * @param X1 IN -- previous x1 coordinate + * @param Y1 IN -- previous y1 coordinate + * @param Z IN -- z value + * @param curve IN -- elliptic curve + */ +void apply_z(uECC_word_t * X1, uECC_word_t * Y1, const uECC_word_t * const Z, + uECC_Curve curve); + +/* + * @brief Check if bit is set. + * @return Returns nonzero if bit 'bit' of vli is set. + * @warning It is assumed that the value provided in 'bit' is within the + * boundaries of the word-array 'vli'. + * @note The bit ordering layout assumed for vli is: {31, 30, ..., 0}, + * {63, 62, ..., 32}, {95, 94, ..., 64}, {127, 126,..., 96} for a vli consisting + * of 4 uECC_word_t elements. + */ +uECC_word_t uECC_vli_testBit(const uECC_word_t *vli, bitcount_t bit); + +/* + * @brief Computes result = product % mod, where product is 2N words long. + * @param result OUT -- product % mod + * @param mod IN -- module + * @param num_words IN -- number of words + * @warning Currently only designed to work for curve_p or curve_n. + */ +void uECC_vli_mmod(uECC_word_t *result, uECC_word_t *product, + const uECC_word_t *mod, wordcount_t num_words); + +/* + * @brief Computes modular product (using curve->mmod_fast) + * @param result OUT -- (left * right) mod % curve_p + * @param left IN -- left term in product + * @param right IN -- right term in product + * @param curve IN -- elliptic curve + */ +void uECC_vli_modMult_fast(uECC_word_t *result, const uECC_word_t *left, + const uECC_word_t *right, uECC_Curve curve); + +/* + * @brief Computes result = left - right. + * @note Can modify in place. + * @param result OUT -- left - right + * @param left IN -- left term in subtraction + * @param right IN -- right term in subtraction + * @param num_words IN -- number of words + * @return borrow + */ +uECC_word_t uECC_vli_sub(uECC_word_t *result, const uECC_word_t *left, + const uECC_word_t *right, wordcount_t num_words); + +/* + * @brief Constant-time comparison function(secure way to compare long ints) + * @param left IN -- left term in comparison + * @param right IN -- right term in comparison + * @param num_words IN -- number of words + * @return Returns 0 if left == right, 1 otherwise. + */ +uECC_word_t uECC_vli_equal(const uECC_word_t *left, const uECC_word_t *right, + wordcount_t num_words); + +/* + * @brief Computes (left * right) % mod + * @param result OUT -- (left * right) % mod + * @param left IN -- left term in product + * @param right IN -- right term in product + * @param mod IN -- mod + * @param num_words IN -- number of words + */ +void uECC_vli_modMult(uECC_word_t *result, const uECC_word_t *left, + const uECC_word_t *right, const uECC_word_t *mod, + wordcount_t num_words); + +/* + * @brief Computes (1 / input) % mod + * @note All VLIs are the same size. + * @note See "Euclid's GCD to Montgomery Multiplication to the Great Divide" + * @param result OUT -- (1 / input) % mod + * @param input IN -- value to be modular inverted + * @param mod IN -- mod + * @param num_words -- number of words + */ +void uECC_vli_modInv(uECC_word_t *result, const uECC_word_t *input, + const uECC_word_t *mod, wordcount_t num_words); + +/* + * @brief Sets dest = src. + * @param dest OUT -- destination buffer + * @param src IN -- origin buffer + * @param num_words IN -- number of words + */ +void uECC_vli_set(uECC_word_t *dest, const uECC_word_t *src, + wordcount_t num_words); + +/* + * @brief Computes (left + right) % mod. + * @note Assumes that (left < mod) and right < mod), and that result does not + * overlap mod. + * @param result OUT -- (left + right) % mod. + * @param left IN -- left term in addition + * @param right IN -- right term in addition + * @param mod IN -- mod + * @param num_words IN -- number of words + */ +void uECC_vli_modAdd(uECC_word_t *result, const uECC_word_t *left, + const uECC_word_t *right, const uECC_word_t *mod, + wordcount_t num_words); + +/* + * @brief Counts the number of bits required to represent vli. + * @param vli IN -- very long integer + * @param max_words IN -- number of words + * @return number of bits in given vli + */ +bitcount_t uECC_vli_numBits(const uECC_word_t *vli, + const wordcount_t max_words); + +/* + * @brief Erases (set to 0) vli + * @param vli IN -- very long integer + * @param num_words IN -- number of words + */ +void uECC_vli_clear(uECC_word_t *vli, wordcount_t num_words); + +/* + * @brief check if it is a valid point in the curve + * @param point IN -- point to be checked + * @param curve IN -- elliptic curve + * @return 0 if point is valid + * @exception returns -1 if it is a point at infinity + * @exception returns -2 if x or y is smaller than p, + * @exception returns -3 if y^2 != x^3 + ax + b. + */ +int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve); + +/* + * @brief Check if a public key is valid. + * @param public_key IN -- The public key to be checked. + * @return returns 0 if the public key is valid + * @exception returns -1 if it is a point at infinity + * @exception returns -2 if x or y is smaller than p, + * @exception returns -3 if y^2 != x^3 + ax + b. + * @exception returns -4 if public key is the group generator. + * + * @note Note that you are not required to check for a valid public key before + * using any other uECC functions. However, you may wish to avoid spending CPU + * time computing a shared secret or verifying a signature using an invalid + * public key. + */ +int uECC_valid_public_key(const uint8_t *public_key, uECC_Curve curve); + + /* + * @brief Converts an integer in uECC native format to big-endian bytes. + * @param bytes OUT -- bytes representation + * @param num_bytes IN -- number of bytes + * @param native IN -- uECC native representation + */ +void uECC_vli_nativeToBytes(uint8_t *bytes, int num_bytes, + const unsigned int *native); + +/* + * @brief Converts big-endian bytes to an integer in uECC native format. + * @param native OUT -- uECC native representation + * @param bytes IN -- bytes representation + * @param num_bytes IN -- number of bytes + */ +void uECC_vli_bytesToNative(unsigned int *native, const uint8_t *bytes, + int num_bytes); + +#ifdef __cplusplus +} +#endif + +#endif /* __TC_UECC_H__ */ diff --git a/lib/sec_library/include/soft_crypto/crypto_ecc_dh.h b/lib/sec_library/include/soft_crypto/crypto_ecc_dh.h new file mode 100755 index 00000000..d20a5afe --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_ecc_dh.h @@ -0,0 +1,129 @@ +/* ecc_dh.h - TinyCrypt interface to EC-DH implementation */ + +/* + * Copyright (c) 2014, Kenneth MacKay + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* Copyright (C) 2017 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief -- Interface to EC-DH implementation. + * + * Overview: This software is an implementation of EC-DH. This implementation + * uses curve NIST p-256. + * + * Security: The curve NIST p-256 provides approximately 128 bits of security. + */ + +#ifndef __TC_ECC_DH_H__ +#define __TC_ECC_DH_H__ + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Create a public/private key pair. + * @return returns TC_CRYPTO_SUCCESS (1) if the key pair was generated successfully + * returns TC_CRYPTO_FAIL (0) if error while generating key pair + * + * @param p_public_key OUT -- Will be filled in with the public key. Must be at + * least 2 * the curve size (in bytes) long. For curve secp256r1, p_public_key + * must be 64 bytes long. + * @param p_private_key OUT -- Will be filled in with the private key. Must be as + * long as the curve order (for secp256r1, p_private_key must be 32 bytes long). + * + * @note side-channel countermeasure: algorithm strengthened against timing + * attack. + * @warning A cryptographically-secure PRNG function must be set (using + * uECC_set_rng()) before calling uECC_make_key(). + */ +int uECC_make_key(uint8_t *p_public_key, uint8_t *p_private_key, uECC_Curve curve); + + +/** + * @brief Create a public/private key pair given a specific d. + * + * @note THIS FUNCTION SHOULD BE CALLED ONLY FOR TEST PURPOSES. Refer to + * uECC_make_key() function for real applications. + */ +int uECC_make_key_with_d(uint8_t *p_public_key, uint8_t *p_private_key, + unsigned int *d, uECC_Curve curve); + +/** + * @brief Compute a shared secret given your secret key and someone else's + * public key. + * @return returns TC_CRYPTO_SUCCESS (1) if the shared secret was computed successfully + * returns TC_CRYPTO_FAIL (0) otherwise + * + * @param p_secret OUT -- Will be filled in with the shared secret value. Must be + * the same size as the curve size (for curve secp256r1, secret must be 32 bytes + * long. + * @param p_public_key IN -- The public key of the remote party. + * @param p_private_key IN -- Your private key. + * + * @warning It is recommended to use the output of uECC_shared_secret() as the + * input of a recommended Key Derivation Function (see NIST SP 800-108) in + * order to produce a cryptographically secure symmetric key. + */ +int uECC_shared_secret(const uint8_t *p_public_key, const uint8_t *p_private_key, + uint8_t *p_secret, uECC_Curve curve); + +#ifdef __cplusplus +} +#endif + +#endif /* __TC_ECC_DH_H__ */ diff --git a/lib/sec_library/include/soft_crypto/crypto_ecc_dsa.h b/lib/sec_library/include/soft_crypto/crypto_ecc_dsa.h new file mode 100755 index 00000000..997a2b5d --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_ecc_dsa.h @@ -0,0 +1,137 @@ +/* ecc_dh.h - TinyCrypt interface to EC-DSA implementation */ + +/* + * Copyright (c) 2014, Kenneth MacKay + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Copyright (C) 2017 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief -- Interface to EC-DSA implementation. + * + * Overview: This software is an implementation of EC-DSA. This implementation + * uses curve NIST p-256. + * + * Security: The curve NIST p-256 provides approximately 128 bits of security. + * + * Usage: - To sign: Compute a hash of the data you wish to sign (SHA-2 is + * recommended) and pass it in to ecdsa_sign function along with your + * private key and a random number. You must use a new non-predictable + * random number to generate each new signature. + * - To verify a signature: Compute the hash of the signed data using + * the same hash as the signer and pass it to this function along with + * the signer's public key and the signature values (r and s). + */ + +#ifndef __TC_ECC_DSA_H__ +#define __TC_ECC_DSA_H__ + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Generate an ECDSA signature for a given hash value. + * @return returns TC_CRYPTO_SUCCESS (1) if the signature generated successfully + * returns TC_CRYPTO_FAIL (0) if an error occurred. + * + * @param p_private_key IN -- Your private key. + * @param p_message_hash IN -- The hash of the message to sign. + * @param p_hash_size IN -- The size of p_message_hash in bytes. + * @param p_signature OUT -- Will be filled in with the signature value. Must be + * at least 2 * curve size long (for secp256r1, signature must be 64 bytes long). + * + * @warning A cryptographically-secure PRNG function must be set (using + * uECC_set_rng()) before calling uECC_sign(). + * @note Usage: Compute a hash of the data you wish to sign (SHA-2 is + * recommended) and pass it in to this function along with your private key. + * @note side-channel countermeasure: algorithm strengthened against timing + * attack. + */ +int uECC_sign(const uint8_t *p_private_key, const uint8_t *p_message_hash, + unsigned p_hash_size, uint8_t *p_signature, uECC_Curve curve); + +/* + * THIS FUNCTION SHOULD BE CALLED FOR TEST PURPOSES ONLY. + * Refer to uECC_sign() function for real applications. + */ +int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash, + unsigned int hash_size, uECC_word_t *k, uint8_t *signature, + uECC_Curve curve); + +/** + * @brief Verify an ECDSA signature. + * @return returns TC_SUCCESS (1) if the signature is valid + * returns TC_FAIL (0) if the signature is invalid. + * + * @param p_public_key IN -- The signer's public key. + * @param p_message_hash IN -- The hash of the signed data. + * @param p_hash_size IN -- The size of p_message_hash in bytes. + * @param p_signature IN -- The signature values. + * + * @note Usage: Compute the hash of the signed data using the same hash as the + * signer and pass it to this function along with the signer's public key and + * the signature values (hash_size and signature). + */ +int uECC_verify(const uint8_t *p_public_key, const uint8_t *p_message_hash, + unsigned int p_hash_size, const uint8_t *p_signature, uECC_Curve curve); + +#ifdef __cplusplus +} +#endif + +#endif /* __TC_ECC_DSA_H__ */ diff --git a/lib/sec_library/include/soft_crypto/crypto_ecc_platform_specific.h b/lib/sec_library/include/soft_crypto/crypto_ecc_platform_specific.h new file mode 100755 index 00000000..e2c88235 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_ecc_platform_specific.h @@ -0,0 +1,81 @@ +/* uECC_platform_specific.h - Interface to platform specific functions*/ + +/* Copyright (c) 2014, Kenneth MacKay + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE.*/ + +/* + * Copyright (C) 2017 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * uECC_platform_specific.h -- Interface to platform specific functions + */ + +#ifndef __UECC_PLATFORM_SPECIFIC_H_ +#define __UECC_PLATFORM_SPECIFIC_H_ + +/* + * The RNG function should fill 'size' random bytes into 'dest'. It should + * return 1 if 'dest' was filled with random data, or 0 if the random data could + * not be generated. The filled-in values should be either truly random, or from + * a cryptographically-secure PRNG. + * + * A cryptographically-secure PRNG function must be set (using uECC_set_rng()) + * before calling uECC_make_key() or uECC_sign(). + * + * Setting a cryptographically-secure PRNG function improves the resistance to + * side-channel attacks for uECC_shared_secret(). + * + * A correct PRNG function is set by default (default_RNG_defined = 1) and works + * for some platforms, such as Unix and Linux. For other platforms, you may need + * to provide another PRNG function. +*/ +#define default_RNG_defined 1 + +int default_CSPRNG(uint8_t *dest, unsigned int size); + +#endif /* __UECC_PLATFORM_SPECIFIC_H_ */ diff --git a/lib/sec_library/include/soft_crypto/crypto_gcm.h b/lib/sec_library/include/soft_crypto/crypto_gcm.h new file mode 100644 index 00000000..a34cc122 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_gcm.h @@ -0,0 +1,324 @@ +/** + * \file gcm.h + * + * \brief This file contains GCM definitions and functions. + * + * The Galois/Counter Mode (GCM) for 128-bit block ciphers is defined + * in D. McGrew, J. Viega, The Galois/Counter Mode of Operation + * (GCM), Natl. Inst. Stand. Technol. + * + * For more information on GCM, see NIST SP 800-38D: Recommendation for + * Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. + * + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_GCM_H +#define MBEDTLS_GCM_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "crypto_config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "crypto_cipher.h" + +#include + +#define MBEDTLS_GCM_ENCRYPT 1 +#define MBEDTLS_GCM_DECRYPT 0 + +#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ + +/* MBEDTLS_ERR_GCM_HW_ACCEL_FAILED is deprecated and should not be used. */ +#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED -0x0013 /**< GCM hardware accelerator failed. */ + +#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ + +#ifdef __cplusplus +extern "C" { +#endif + +#if !defined(MBEDTLS_GCM_ALT) + +/** + * \brief The GCM context structure. + */ +typedef struct mbedtls_gcm_context +{ + mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ + uint64_t HL[16]; /*!< Precalculated HTable low. */ + uint64_t HH[16]; /*!< Precalculated HTable high. */ + uint64_t len; /*!< The total length of the encrypted data. */ + uint64_t add_len; /*!< The total length of the additional data. */ + unsigned char base_ectr[16]; /*!< The first ECTR for tag. */ + unsigned char y[16]; /*!< The Y working value. */ + unsigned char buf[16]; /*!< The buf working value. */ + int mode; /*!< The operation to perform: + #MBEDTLS_GCM_ENCRYPT or + #MBEDTLS_GCM_DECRYPT. */ +} +mbedtls_gcm_context; + +#else /* !MBEDTLS_GCM_ALT */ +#include "gcm_alt.h" +#endif /* !MBEDTLS_GCM_ALT */ + +/** + * \brief This function initializes the specified GCM context, + * to make references valid, and prepares the context + * for sc_mbedtls_gcm_setkey() or sc_mbedtls_gcm_free(). + * + * The function does not bind the GCM context to a particular + * cipher, nor set the key. For this purpose, use + * sc_mbedtls_gcm_setkey(). + * + * \param ctx The GCM context to initialize. This must not be \c NULL. + */ +void sc_mbedtls_gcm_init( mbedtls_gcm_context *ctx ); + +/** + * \brief This function associates a GCM context with a + * cipher algorithm and a key. + * + * \param ctx The GCM context. This must be initialized. + * \param cipher The 128-bit block cipher to use. + * \param key The encryption key. This must be a readable buffer of at + * least \p keybits bits. + * \param keybits The key size in bits. Valid options are: + *
  • 128 bits
    • + *
  • 192 bits
    • + *
  • 256 bits
+ * + * \return \c 0 on success. + * \return A cipher-specific error code on failure. + */ +int sc_mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits ); + +/** + * \brief This function performs GCM encryption or decryption of a buffer. + * + * \note For encryption, the output buffer can be the same as the + * input buffer. For decryption, the output buffer cannot be + * the same as input buffer. If the buffers overlap, the output + * buffer must trail at least 8 Bytes behind the input buffer. + * + * \warning When this function performs a decryption, it outputs the + * authentication tag and does not verify that the data is + * authentic. You should use this function to perform encryption + * only. For decryption, use sc_mbedtls_gcm_auth_decrypt() instead. + * + * \param ctx The GCM context to use for encryption or decryption. This + * must be initialized. + * \param mode The operation to perform: + * - #MBEDTLS_GCM_ENCRYPT to perform authenticated encryption. + * The ciphertext is written to \p output and the + * authentication tag is written to \p tag. + * - #MBEDTLS_GCM_DECRYPT to perform decryption. + * The plaintext is written to \p output and the + * authentication tag is written to \p tag. + * Note that this mode is not recommended, because it does + * not verify the authenticity of the data. For this reason, + * you should use sc_mbedtls_gcm_auth_decrypt() instead of + * calling this function in decryption mode. + * \param length The length of the input data, which is equal to the length + * of the output data. + * \param iv The initialization vector. This must be a readable buffer of + * at least \p iv_len Bytes. + * \param iv_len The length of the IV. + * \param add The buffer holding the additional data. This must be of at + * least that size in Bytes. + * \param add_len The length of the additional data. + * \param input The buffer holding the input data. If \p length is greater + * than zero, this must be a readable buffer of at least that + * size in Bytes. + * \param output The buffer for holding the output data. If \p length is greater + * than zero, this must be a writable buffer of at least that + * size in Bytes. + * \param tag_len The length of the tag to generate. + * \param tag The buffer for holding the tag. This must be a writable + * buffer of at least \p tag_len Bytes. + * + * \return \c 0 if the encryption or decryption was performed + * successfully. Note that in #MBEDTLS_GCM_DECRYPT mode, + * this does not indicate that the data is authentic. + * \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths or pointers are + * not valid or a cipher-specific error code if the encryption + * or decryption failed. + */ +int sc_mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, + int mode, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *input, + unsigned char *output, + size_t tag_len, + unsigned char *tag ); + +/** + * \brief This function performs a GCM authenticated decryption of a + * buffer. + * + * \note For decryption, the output buffer cannot be the same as + * input buffer. If the buffers overlap, the output buffer + * must trail at least 8 Bytes behind the input buffer. + * + * \param ctx The GCM context. This must be initialized. + * \param length The length of the ciphertext to decrypt, which is also + * the length of the decrypted plaintext. + * \param iv The initialization vector. This must be a readable buffer + * of at least \p iv_len Bytes. + * \param iv_len The length of the IV. + * \param add The buffer holding the additional data. This must be of at + * least that size in Bytes. + * \param add_len The length of the additional data. + * \param tag The buffer holding the tag to verify. This must be a + * readable buffer of at least \p tag_len Bytes. + * \param tag_len The length of the tag to verify. + * \param input The buffer holding the ciphertext. If \p length is greater + * than zero, this must be a readable buffer of at least that + * size. + * \param output The buffer for holding the decrypted plaintext. If \p length + * is greater than zero, this must be a writable buffer of at + * least that size. + * + * \return \c 0 if successful and authenticated. + * \return #MBEDTLS_ERR_GCM_AUTH_FAILED if the tag does not match. + * \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths or pointers are + * not valid or a cipher-specific error code if the decryption + * failed. + */ +int sc_mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *tag, + size_t tag_len, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief This function starts a GCM encryption or decryption + * operation. + * + * \param ctx The GCM context. This must be initialized. + * \param mode The operation to perform: #MBEDTLS_GCM_ENCRYPT or + * #MBEDTLS_GCM_DECRYPT. + * \param iv The initialization vector. This must be a readable buffer of + * at least \p iv_len Bytes. + * \param iv_len The length of the IV. + * \param add The buffer holding the additional data, or \c NULL + * if \p add_len is \c 0. + * \param add_len The length of the additional data. If \c 0, + * \p add may be \c NULL. + * + * \return \c 0 on success. + */ +int sc_mbedtls_gcm_starts( mbedtls_gcm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len ); + +/** + * \brief This function feeds an input buffer into an ongoing GCM + * encryption or decryption operation. + * + * ` The function expects input to be a multiple of 16 + * Bytes. Only the last call before calling + * sc_mbedtls_gcm_finish() can be less than 16 Bytes. + * + * \note For decryption, the output buffer cannot be the same as + * input buffer. If the buffers overlap, the output buffer + * must trail at least 8 Bytes behind the input buffer. + * + * \param ctx The GCM context. This must be initialized. + * \param length The length of the input data. This must be a multiple of + * 16 except in the last call before sc_mbedtls_gcm_finish(). + * \param input The buffer holding the input data. If \p length is greater + * than zero, this must be a readable buffer of at least that + * size in Bytes. + * \param output The buffer for holding the output data. If \p length is + * greater than zero, this must be a writable buffer of at + * least that size in Bytes. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. + */ +int sc_mbedtls_gcm_update( mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief This function finishes the GCM operation and generates + * the authentication tag. + * + * It wraps up the GCM stream, and generates the + * tag. The tag can have a maximum length of 16 Bytes. + * + * \param ctx The GCM context. This must be initialized. + * \param tag The buffer for holding the tag. This must be a writable + * buffer of at least \p tag_len Bytes. + * \param tag_len The length of the tag to generate. This must be at least + * four. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. + */ +int sc_mbedtls_gcm_finish( mbedtls_gcm_context *ctx, + unsigned char *tag, + size_t tag_len ); + +/** + * \brief This function clears a GCM context and the underlying + * cipher sub-context. + * + * \param ctx The GCM context to clear. If this is \c NULL, the call has + * no effect. Otherwise, this must be initialized. + */ +void sc_mbedtls_gcm_free( mbedtls_gcm_context *ctx ); + +#if defined(MBEDTLS_SELF_TEST) + +/** + * \brief The GCM checkup routine. + * + * \return \c 0 on success. + * \return \c 1 on failure. + */ +int sc_mbedtls_gcm_self_test( int verbose ); + +#endif /* MBEDTLS_SELF_TEST */ + +#ifdef __cplusplus +} +#endif + + +#endif /* gcm.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_md.h b/lib/sec_library/include/soft_crypto/crypto_md.h new file mode 100755 index 00000000..883f40ae --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_md.h @@ -0,0 +1,341 @@ +/** + * \file md.h + * + * \brief Generic message digest wrapper + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_SC_MBEDTLS_MD_H +#define SC_SC_MBEDTLS_MD_H + +#include + +#include "sec_crypto_errcode.h" + +#define SC_MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE SC_FEATURE_UNAVAILABLE /**< The selected feature is not available. */ +#define SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA SC_BAD_INPUT_DATA /**< Bad input parameters to function. */ +#define SC_MBEDTLS_ERR_MD_ALLOC_FAILED SC_ALLOC_FAILED /**< Failed to allocate memory. */ +#define SC_MBEDTLS_ERR_MD_FILE_IO_ERROR SC_FAIL /**< Opening or reading of file failed. */ + +#ifdef __cplusplus +extern "C" { +#endif + +typedef enum { + SC_MBEDTLS_MD_NONE=0, + SC_MBEDTLS_MD_MD2, + SC_MBEDTLS_MD_MD4, + SC_MBEDTLS_MD_MD5, + SC_MBEDTLS_MD_SHA1, + SC_MBEDTLS_MD_SHA224, + SC_MBEDTLS_MD_SHA256, + SC_MBEDTLS_MD_SHA384, + SC_MBEDTLS_MD_SHA512, + SC_MBEDTLS_MD_RIPEMD160, +} sc_mbedtls_md_type_t; + +#if defined(MBEDTLS_SHA512_C) +#define SC_MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ +#else +#define SC_MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */ +#endif + +/** + * Opaque struct defined in md_internal.h + */ +typedef struct sc_mbedtls_md_info_t sc_mbedtls_md_info_t; + +/** + * Generic message digest context. + */ +typedef struct { + /** Information about the associated message digest */ + const sc_mbedtls_md_info_t *md_info; + + /** Digest-specific context */ + void *md_ctx; + + /** HMAC part of the context */ + void *hmac_ctx; +} sc_mbedtls_md_context_t; + +/** + * \brief Returns the list of digests supported by the generic digest module. + * + * \return a statically allocated array of digests, the last entry + * is 0. + */ +const int *sc_mbedtls_md_list( void ); + +/** + * \brief Returns the message digest information associated with the + * given digest name. + * + * \param md_name Name of the digest to search for. + * + * \return The message digest information associated with md_name or + * NULL if not found. + */ +const sc_mbedtls_md_info_t *sc_mbedtls_md_info_from_string( const char *md_name ); + +/** + * \brief Returns the message digest information associated with the + * given digest type. + * + * \param md_type type of digest to search for. + * + * \return The message digest information associated with md_type or + * NULL if not found. + */ +const sc_mbedtls_md_info_t *sc_mbedtls_md_info_from_type( sc_mbedtls_md_type_t md_type ); + +/** + * \brief Initialize a md_context (as NONE) + * This should always be called first. + * Prepares the context for sc_mbedtls_md_setup() or sc_mbedtls_md_free(). + */ +void sc_mbedtls_md_init( sc_mbedtls_md_context_t *ctx ); + +/** + * \brief Free and clear the internal structures of ctx. + * Can be called at any time after sc_mbedtls_md_init(). + * Mandatory once sc_mbedtls_md_setup() has been called. + */ +void sc_mbedtls_md_free( sc_mbedtls_md_context_t *ctx ); + +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif +/** + * \brief Select MD to use and allocate internal structures. + * Should be called after sc_mbedtls_md_init() or sc_mbedtls_md_free(). + * Makes it necessary to call sc_mbedtls_md_free() later. + * + * \deprecated Superseded by sc_mbedtls_md_setup() in 2.0.0 + * + * \param ctx Context to set up. + * \param md_info Message digest to use. + * + * \returns \c 0 on success, + * \c SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure, + * \c SC_MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure. + */ +int sc_mbedtls_md_init_ctx( sc_mbedtls_md_context_t *ctx, const sc_mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED; +#undef MBEDTLS_DEPRECATED +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +/** + * \brief Select MD to use and allocate internal structures. + * Should be called after sc_mbedtls_md_init() or sc_mbedtls_md_free(). + * Makes it necessary to call sc_mbedtls_md_free() later. + * + * \param ctx Context to set up. + * \param md_info Message digest to use. + * \param hmac 0 to save some memory if HMAC will not be used, + * non-zero is HMAC is going to be used with this context. + * + * \returns \c 0 on success, + * \c SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure, + * \c SC_MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure. + */ +int sc_mbedtls_md_setup( sc_mbedtls_md_context_t *ctx, const sc_mbedtls_md_info_t *md_info, int hmac ); + +/** + * \brief Clone the state of an MD context + * + * \note The two contexts must have been setup to the same type + * (cloning from SHA-256 to SHA-512 make no sense). + * + * \warning Only clones the MD state, not the HMAC state! (for now) + * + * \param dst The destination context + * \param src The context to be cloned + * + * \return \c 0 on success, + * \c SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure. + */ +int sc_mbedtls_md_clone( sc_mbedtls_md_context_t *dst, + const sc_mbedtls_md_context_t *src ); + +/** + * \brief Returns the size of the message digest output. + * + * \param md_info message digest info + * + * \return size of the message digest output in bytes. + */ +unsigned char sc_mbedtls_md_get_size( const sc_mbedtls_md_info_t *md_info ); + +/** + * \brief Returns the type of the message digest output. + * + * \param md_info message digest info + * + * \return type of the message digest output. + */ +sc_mbedtls_md_type_t sc_mbedtls_md_get_type( const sc_mbedtls_md_info_t *md_info ); + +/** + * \brief Returns the name of the message digest output. + * + * \param md_info message digest info + * + * \return name of the message digest output. + */ +const char *sc_mbedtls_md_get_name( const sc_mbedtls_md_info_t *md_info ); + +/** + * \brief Prepare the context to digest a new message. + * Generally called after sc_mbedtls_md_setup() or sc_mbedtls_md_finish(). + * Followed by sc_mbedtls_md_update(). + * + * \param ctx generic message digest context. + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md_starts( sc_mbedtls_md_context_t *ctx ); + +/** + * \brief Generic message digest process buffer + * Called between sc_mbedtls_md_starts() and sc_mbedtls_md_finish(). + * May be called repeatedly. + * + * \param ctx Generic message digest context + * \param input buffer holding the datal + * \param ilen length of the input data + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md_update( sc_mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief Generic message digest final digest + * Called after sc_mbedtls_md_update(). + * Usually followed by sc_mbedtls_md_free() or sc_mbedtls_md_starts(). + * + * \param ctx Generic message digest context + * \param output Generic message digest checksum result + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md_finish( sc_mbedtls_md_context_t *ctx, unsigned char *output ); + +/** + * \brief Output = message_digest( input buffer ) + * + * \param md_info message digest info + * \param input buffer holding the data + * \param ilen length of the input data + * \param output Generic message digest checksum result + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md( const sc_mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, + unsigned char *output ); + + +/** + * \brief Set HMAC key and prepare to authenticate a new message. + * Usually called after sc_mbedtls_md_setup() or sc_mbedtls_md_hmac_finish(). + * + * \param ctx HMAC context + * \param key HMAC secret key + * \param keylen length of the HMAC key in bytes + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md_hmac_starts( sc_mbedtls_md_context_t *ctx, const unsigned char *key, + size_t keylen ); + +/** + * \brief Generic HMAC process buffer. + * Called between sc_mbedtls_md_hmac_starts() or sc_mbedtls_md_hmac_reset() + * and sc_mbedtls_md_hmac_finish(). + * May be called repeatedly. + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md_hmac_update( sc_mbedtls_md_context_t *ctx, const unsigned char *input, + size_t ilen ); + +/** + * \brief Output HMAC. + * Called after sc_mbedtls_md_hmac_update(). + * Usually followed by sc_mbedtls_md_hmac_reset(), + * sc_mbedtls_md_hmac_starts(), or sc_mbedtls_md_free(). + * + * \param ctx HMAC context + * \param output Generic HMAC checksum result + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md_hmac_finish( sc_mbedtls_md_context_t *ctx, unsigned char *output); + +/** + * \brief Prepare to authenticate a new message with the same key. + * Called after sc_mbedtls_md_hmac_finish() and before + * sc_mbedtls_md_hmac_update(). + * + * \param ctx HMAC context to be reset + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md_hmac_reset( sc_mbedtls_md_context_t *ctx ); + +/** + * \brief Output = Generic_HMAC( hmac key, input buffer ) + * + * \param md_info message digest info + * \param key HMAC secret key + * \param keylen length of the HMAC key in bytes + * \param input buffer holding the data + * \param ilen length of the input data + * \param output Generic HMAC-result + * + * \returns 0 on success, SC_MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int sc_mbedtls_md_hmac( const sc_mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ); + +/* Internal use */ +int sc_mbedtls_md_process( sc_mbedtls_md_context_t *ctx, const unsigned char *data ); + +#ifdef __cplusplus +} +#endif + +#endif /* SC_SC_MBEDTLS_MD_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_md_internal.h b/lib/sec_library/include/soft_crypto/crypto_md_internal.h new file mode 100755 index 00000000..c07f9a45 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_md_internal.h @@ -0,0 +1,92 @@ +/** + * \file md_internal.h + * + * \brief Message digest wrappers. + * + * \warning This in an internal header. Do not include directly. + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_SC_MBEDTLS_MD_WRAP_H +#define SC_SC_MBEDTLS_MD_WRAP_H + +#include "crypto_config.h" +#include "crypto_md.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * Message digest information. + * Allows message digest functions to be called in a generic way. + */ +struct sc_mbedtls_md_info_t +{ + /** Digest identifier */ + sc_mbedtls_md_type_t type; + + /** Name of the message digest */ + const char * name; + + /** Output length of the digest function in bytes */ + int size; + + /** Block length of the digest function in bytes */ + int block_size; + + /** Digest initialisation function */ + void (*starts_func)( void *ctx ); + + /** Digest update function */ + void (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); + + /** Digest finalisation function */ + void (*finish_func)( void *ctx, unsigned char *output ); + + /** Generic digest function */ + void (*digest_func)( const unsigned char *input, size_t ilen, + unsigned char *output ); + + /** Allocate a new context */ + void * (*ctx_alloc_func)( void ); + + /** Free the given context */ + void (*ctx_free_func)( void *ctx ); + + /** Clone state from a context */ + void (*clone_func)( void *dst, const void *src ); + + /** Internal use only */ + void (*process_func)( void *ctx, const unsigned char *input ); +}; + +extern const sc_mbedtls_md_info_t sc_mbedtls_sha1_info; + +//#if defined(CONFIG_SEC_CRYPTO_SHA_SW) +extern const sc_mbedtls_md_info_t sc_mbedtls_sha224_info; +extern const sc_mbedtls_md_info_t sc_mbedtls_sha256_info; +//#endif + +#ifdef __cplusplus +} +#endif + +#endif /* SC_SC_MBEDTLS_MD_WRAP_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_oid.h b/lib/sec_library/include/soft_crypto/crypto_oid.h new file mode 100755 index 00000000..8f547cb5 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_oid.h @@ -0,0 +1,614 @@ +/** + * \file oid.h + * + * \brief Object Identifier (OID) database + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_MBEDTLS_OID_H +#define SC_MBEDTLS_OID_H + +#include "crypto_config.h" + +#include "crypto_asn1.h" + +#include + +#include "crypto_md.h" + +#define SC_MBEDTLS_ERR_OID_NOT_FOUND SC_INVALID_FORMAT /**< OID is not found. */ +#define SC_MBEDTLS_ERR_OID_BUF_TOO_SMALL SC_BUFFER_TOO_SMALL /**< output buffer is too small */ + +/* + * Top level OID tuples + */ +#define MBEDTLS_OID_ISO_MEMBER_BODIES "\x2a" /* {iso(1) member-body(2)} */ +#define MBEDTLS_OID_ISO_IDENTIFIED_ORG "\x2b" /* {iso(1) identified-organization(3)} */ +#define MBEDTLS_OID_ISO_CCITT_DS "\x55" /* {joint-iso-ccitt(2) ds(5)} */ +#define MBEDTLS_OID_ISO_ITU_COUNTRY "\x60" /* {joint-iso-itu-t(2) country(16)} */ + +/* + * ISO Member bodies OID parts + */ +#define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */ +#define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */ +#define MBEDTLS_OID_RSA_COMPANY \ + MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ + MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ +#define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */ +#define MBEDTLS_OID_ANSI_X9_62 \ + MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORG_ANSI_X9_62 + +/* + * ISO Identified organization OID parts + */ +#define MBEDTLS_OID_ORG_DOD "\x06" /* {dod(6)} */ +#define MBEDTLS_OID_ORG_OIW "\x0e" +#define MBEDTLS_OID_OIW_SECSIG MBEDTLS_OID_ORG_OIW "\x03" +#define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02" +#define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a" +#define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ +#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM +#define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */ +#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST + +/* + * ISO ITU OID parts + */ +#define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */ +#define MBEDTLS_OID_ISO_ITU_US_ORG \ + MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \ + MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ + +#define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */ +#define MBEDTLS_OID_GOV \ + MBEDTLS_OID_ISO_ITU_US_ORG \ + MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */ + +#define MBEDTLS_OID_ORG_NETSCAPE "\x86\xF8\x42" /* {netscape(113730)} */ +#define MBEDTLS_OID_NETSCAPE \ + MBEDTLS_OID_ISO_ITU_US_ORG \ + MBEDTLS_OID_ORG_NETSCAPE /* Netscape OID {joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730)} */ + +/* ISO arc for standard certificate and CRL extensions */ +#define MBEDTLS_OID_ID_CE \ + MBEDTLS_OID_ISO_CCITT_DS \ + "\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */ + +/** + * Private Internet Extensions + * { iso(1) identified-organization(3) dod(6) internet(1) + * security(5) mechanisms(5) pkix(7) } + */ +#define MBEDTLS_OID_PKIX MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01\x05\x05\x07" + +/* + * Arc for standard naming attributes + */ +#define MBEDTLS_OID_AT \ + MBEDTLS_OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */ +#define MBEDTLS_OID_AT_CN MBEDTLS_OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */ +#define MBEDTLS_OID_AT_SUR_NAME \ + MBEDTLS_OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */ +#define MBEDTLS_OID_AT_SERIAL_NUMBER \ + MBEDTLS_OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */ +#define MBEDTLS_OID_AT_COUNTRY \ + MBEDTLS_OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */ +#define MBEDTLS_OID_AT_LOCALITY \ + MBEDTLS_OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */ +#define MBEDTLS_OID_AT_STATE MBEDTLS_OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */ +#define MBEDTLS_OID_AT_ORGANIZATION \ + MBEDTLS_OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */ +#define MBEDTLS_OID_AT_ORG_UNIT \ + MBEDTLS_OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */ +#define MBEDTLS_OID_AT_TITLE MBEDTLS_OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */ +#define MBEDTLS_OID_AT_POSTAL_ADDRESS \ + MBEDTLS_OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */ +#define MBEDTLS_OID_AT_POSTAL_CODE \ + MBEDTLS_OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */ +#define MBEDTLS_OID_AT_GIVEN_NAME \ + MBEDTLS_OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */ +#define MBEDTLS_OID_AT_INITIALS \ + MBEDTLS_OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */ +#define MBEDTLS_OID_AT_GENERATION_QUALIFIER \ + MBEDTLS_OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */ +#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER \ + MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */ +#define MBEDTLS_OID_AT_DN_QUALIFIER \ + MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */ +#define MBEDTLS_OID_AT_PSEUDONYM \ + MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */ + +#define MBEDTLS_OID_DOMAIN_COMPONENT \ + "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */ + +/* + * OIDs for standard certificate extensions + */ +#define MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER \ + MBEDTLS_OID_ID_CE \ + "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */ +#define MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER \ + MBEDTLS_OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */ +#define MBEDTLS_OID_KEY_USAGE \ + MBEDTLS_OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */ +#define MBEDTLS_OID_CERTIFICATE_POLICIES \ + MBEDTLS_OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */ +#define MBEDTLS_OID_POLICY_MAPPINGS \ + MBEDTLS_OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */ +#define MBEDTLS_OID_SUBJECT_ALT_NAME \ + MBEDTLS_OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */ +#define MBEDTLS_OID_ISSUER_ALT_NAME \ + MBEDTLS_OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */ +#define MBEDTLS_OID_SUBJECT_DIRECTORY_ATTRS \ + MBEDTLS_OID_ID_CE \ + "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */ +#define MBEDTLS_OID_BASIC_CONSTRAINTS \ + MBEDTLS_OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */ +#define MBEDTLS_OID_NAME_CONSTRAINTS \ + MBEDTLS_OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */ +#define MBEDTLS_OID_POLICY_CONSTRAINTS \ + MBEDTLS_OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */ +#define MBEDTLS_OID_EXTENDED_KEY_USAGE \ + MBEDTLS_OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */ +#define MBEDTLS_OID_CRL_DISTRIBUTION_POINTS \ + MBEDTLS_OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */ +#define MBEDTLS_OID_INIHIBIT_ANYPOLICY \ + MBEDTLS_OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */ +#define MBEDTLS_OID_FRESHEST_CRL \ + MBEDTLS_OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */ + +/* + * Netscape certificate extensions + */ +#define MBEDTLS_OID_NS_CERT MBEDTLS_OID_NETSCAPE "\x01" +#define MBEDTLS_OID_NS_CERT_TYPE MBEDTLS_OID_NS_CERT "\x01" +#define MBEDTLS_OID_NS_BASE_URL MBEDTLS_OID_NS_CERT "\x02" +#define MBEDTLS_OID_NS_REVOCATION_URL MBEDTLS_OID_NS_CERT "\x03" +#define MBEDTLS_OID_NS_CA_REVOCATION_URL MBEDTLS_OID_NS_CERT "\x04" +#define MBEDTLS_OID_NS_RENEWAL_URL MBEDTLS_OID_NS_CERT "\x07" +#define MBEDTLS_OID_NS_CA_POLICY_URL MBEDTLS_OID_NS_CERT "\x08" +#define MBEDTLS_OID_NS_SSL_SERVER_NAME MBEDTLS_OID_NS_CERT "\x0C" +#define MBEDTLS_OID_NS_COMMENT MBEDTLS_OID_NS_CERT "\x0D" +#define MBEDTLS_OID_NS_DATA_TYPE MBEDTLS_OID_NETSCAPE "\x02" +#define MBEDTLS_OID_NS_CERT_SEQUENCE MBEDTLS_OID_NS_DATA_TYPE "\x05" + +/* + * OIDs for CRL extensions + */ +#define MBEDTLS_OID_PRIVATE_KEY_USAGE_PERIOD MBEDTLS_OID_ID_CE "\x10" +#define MBEDTLS_OID_CRL_NUMBER \ + MBEDTLS_OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */ + +/* + * X.509 v3 Extended key usage OIDs + */ +#define MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE \ + MBEDTLS_OID_EXTENDED_KEY_USAGE \ + "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */ + +#define MBEDTLS_OID_KP MBEDTLS_OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */ +#define MBEDTLS_OID_SERVER_AUTH \ + MBEDTLS_OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */ +#define MBEDTLS_OID_CLIENT_AUTH \ + MBEDTLS_OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */ +#define MBEDTLS_OID_CODE_SIGNING \ + MBEDTLS_OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */ +#define MBEDTLS_OID_EMAIL_PROTECTION \ + MBEDTLS_OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */ +#define MBEDTLS_OID_TIME_STAMPING \ + MBEDTLS_OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */ +#define MBEDTLS_OID_OCSP_SIGNING \ + MBEDTLS_OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */ + +/* + * PKCS definition OIDs + */ + +#define MBEDTLS_OID_PKCS \ + MBEDTLS_OID_RSA_COMPANY \ + "\x01" /**< pkcs OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 1 } */ +#define MBEDTLS_OID_PKCS1 \ + MBEDTLS_OID_PKCS \ + "\x01" /**< pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } */ +#define MBEDTLS_OID_PKCS5 \ + MBEDTLS_OID_PKCS \ + "\x05" /**< pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } */ +#define MBEDTLS_OID_PKCS9 \ + MBEDTLS_OID_PKCS \ + "\x09" /**< pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } */ +#define MBEDTLS_OID_PKCS12 \ + MBEDTLS_OID_PKCS \ + "\x0c" /**< pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } */ + +/* + * PKCS#1 OIDs + */ +#define MBEDTLS_OID_PKCS1_RSA \ + MBEDTLS_OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */ +#define MBEDTLS_OID_PKCS1_MD2 MBEDTLS_OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */ +#define MBEDTLS_OID_PKCS1_MD4 MBEDTLS_OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */ +#define MBEDTLS_OID_PKCS1_MD5 MBEDTLS_OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */ +#define MBEDTLS_OID_PKCS1_SHA1 \ + MBEDTLS_OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */ +#define MBEDTLS_OID_PKCS1_SHA224 \ + MBEDTLS_OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */ +#define MBEDTLS_OID_PKCS1_SHA256 \ + MBEDTLS_OID_PKCS1 "\x0b" /**< sha256WithRSAEncryption ::= { pkcs-1 11 } */ +#define MBEDTLS_OID_PKCS1_SHA384 \ + MBEDTLS_OID_PKCS1 "\x0c" /**< sha384WithRSAEncryption ::= { pkcs-1 12 } */ +#define MBEDTLS_OID_PKCS1_SHA512 \ + MBEDTLS_OID_PKCS1 "\x0d" /**< sha512WithRSAEncryption ::= { pkcs-1 13 } */ + +#define MBEDTLS_OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D" + +#define MBEDTLS_OID_PKCS9_EMAIL \ + MBEDTLS_OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */ + +/* RFC 4055 */ +#define MBEDTLS_OID_RSASSA_PSS MBEDTLS_OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */ +#define MBEDTLS_OID_MGF1 MBEDTLS_OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */ + +/* + * Digest algorithms + */ +#define MBEDTLS_OID_DIGEST_ALG_MD2 \ + MBEDTLS_OID_RSA_COMPANY \ + "\x02\x02" /**< id-sc_mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */ +#define MBEDTLS_OID_DIGEST_ALG_MD4 \ + MBEDTLS_OID_RSA_COMPANY \ + "\x02\x04" /**< id-sc_mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */ +#define MBEDTLS_OID_DIGEST_ALG_MD5 \ + MBEDTLS_OID_RSA_COMPANY \ + "\x02\x05" /**< id-sc_mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA1 \ + MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-sc_mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA224 \ + MBEDTLS_OID_GOV \ + "\x03\x04\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA256 \ + MBEDTLS_OID_GOV \ + "\x03\x04\x02\x01" /**< id-sc_mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA384 \ + MBEDTLS_OID_GOV \ + "\x03\x04\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA512 \ + MBEDTLS_OID_GOV \ + "\x03\x04\x02\x03" /**< id-sc_mbedtls_sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */ + +#define SC_MBEDTLS_OID_HMAC_SHA1 \ + MBEDTLS_OID_RSA_COMPANY \ + "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */ + +/* + * Encryption algorithms + */ +#define MBEDTLS_OID_DES_CBC \ + MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG \ + "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ +#define MBEDTLS_OID_DES_EDE3_CBC \ + MBEDTLS_OID_RSA_COMPANY \ + "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ + +/* + * PKCS#5 OIDs + */ +#define MBEDTLS_OID_PKCS5_PBKDF2 \ + MBEDTLS_OID_PKCS5 "\x0c" /**< id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} */ +#define MBEDTLS_OID_PKCS5_PBES2 \ + MBEDTLS_OID_PKCS5 "\x0d" /**< id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} */ +#define MBEDTLS_OID_PKCS5_PBMAC1 \ + MBEDTLS_OID_PKCS5 "\x0e" /**< id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14} */ + +/* + * PKCS#5 PBES1 algorithms + */ +#define MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC \ + MBEDTLS_OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */ +#define MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC \ + MBEDTLS_OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */ +#define MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC \ + MBEDTLS_OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */ +#define MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC \ + MBEDTLS_OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */ +#define MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC \ + MBEDTLS_OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */ +#define MBEDTLS_OID_PKCS5_PBE_SHA1_RC2_CBC \ + MBEDTLS_OID_PKCS5 "\x0b" /**< pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11} */ + +/* + * PKCS#8 OIDs + */ +#define MBEDTLS_OID_PKCS9_CSR_EXT_REQ \ + MBEDTLS_OID_PKCS9 "\x0e" /**< extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} */ + +/* + * PKCS#12 PBE OIDs + */ +#define MBEDTLS_OID_PKCS12_PBE \ + MBEDTLS_OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */ + +#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128 \ + MBEDTLS_OID_PKCS12_PBE \ + "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40 \ + MBEDTLS_OID_PKCS12_PBE \ + "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC \ + MBEDTLS_OID_PKCS12_PBE \ + "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC \ + MBEDTLS_OID_PKCS12_PBE \ + "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC \ + MBEDTLS_OID_PKCS12_PBE \ + "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC \ + MBEDTLS_OID_PKCS12_PBE \ + "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */ + +/* + * EC key algorithms from RFC 5480 + */ + +/* id-ecPublicKey OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */ +#define MBEDTLS_OID_EC_ALG_UNRESTRICTED MBEDTLS_OID_ANSI_X9_62 "\x02\01" + +/* id-ecDH OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) + * schemes(1) ecdh(12) } */ +#define MBEDTLS_OID_EC_ALG_ECDH MBEDTLS_OID_CERTICOM "\x01\x0c" + +/* + * ECParameters namedCurve identifiers, from RFC 5480, RFC 5639, and SEC2 + */ + +/* secp192r1 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 1 } */ +#define MBEDTLS_OID_EC_GRP_SECP192R1 MBEDTLS_OID_ANSI_X9_62 "\x03\x01\x01" + +/* secp224r1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 33 } */ +#define MBEDTLS_OID_EC_GRP_SECP224R1 MBEDTLS_OID_CERTICOM "\x00\x21" + +/* secp256r1 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 7 } */ +#define MBEDTLS_OID_EC_GRP_SECP256R1 MBEDTLS_OID_ANSI_X9_62 "\x03\x01\x07" + +/* secp384r1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 34 } */ +#define MBEDTLS_OID_EC_GRP_SECP384R1 MBEDTLS_OID_CERTICOM "\x00\x22" + +/* secp521r1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 35 } */ +#define MBEDTLS_OID_EC_GRP_SECP521R1 MBEDTLS_OID_CERTICOM "\x00\x23" + +/* secp192k1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 31 } */ +#define MBEDTLS_OID_EC_GRP_SECP192K1 MBEDTLS_OID_CERTICOM "\x00\x1f" + +/* secp224k1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 32 } */ +#define MBEDTLS_OID_EC_GRP_SECP224K1 MBEDTLS_OID_CERTICOM "\x00\x20" + +/* secp256k1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 10 } */ +#define MBEDTLS_OID_EC_GRP_SECP256K1 MBEDTLS_OID_CERTICOM "\x00\x0a" + +/* RFC 5639 4.1 + * ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1) + * identified-organization(3) teletrust(36) algorithm(3) signature- + * algorithm(3) ecSign(2) 8} + * ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1} + * versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */ +#define MBEDTLS_OID_EC_BRAINPOOL_V1 MBEDTLS_OID_TELETRUST "\x03\x03\x02\x08\x01\x01" + +/* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */ +#define MBEDTLS_OID_EC_GRP_BP256R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x07" + +/* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */ +#define MBEDTLS_OID_EC_GRP_BP384R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x0B" + +/* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */ +#define MBEDTLS_OID_EC_GRP_BP512R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x0D" + +/* + * SEC1 C.1 + * + * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } + * id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1)} + */ +#define MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE MBEDTLS_OID_ANSI_X9_62 "\x01" +#define MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE "\x01" + +/* + * ECDSA signature identifiers, from RFC 5480 + */ +#define MBEDTLS_OID_ANSI_X9_62_SIG MBEDTLS_OID_ANSI_X9_62 "\x04" /* signatures(4) */ +#define MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 MBEDTLS_OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */ + +/* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } */ +#define MBEDTLS_OID_ECDSA_SHA1 MBEDTLS_OID_ANSI_X9_62_SIG "\x01" + +/* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + * ecdsa-with-SHA2(3) 1 } */ +#define MBEDTLS_OID_ECDSA_SHA224 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x01" + +/* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + * ecdsa-with-SHA2(3) 2 } */ +#define MBEDTLS_OID_ECDSA_SHA256 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x02" + +/* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + * ecdsa-with-SHA2(3) 3 } */ +#define MBEDTLS_OID_ECDSA_SHA384 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x03" + +/* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + * ecdsa-with-SHA2(3) 4 } */ +#define MBEDTLS_OID_ECDSA_SHA512 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x04" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Base OID descriptor structure + */ +typedef struct { + const char *asn1; /*!< OID ASN.1 representation */ + size_t asn1_len; /*!< length of asn1 */ + const char *name; /*!< official name (e.g. from RFC) */ + const char *description; /*!< human friendly description */ +} sc_mbedtls_oid_descriptor_t; + +/** + * \brief Translate an ASN.1 OID into its numeric representation + * (e.g. "\x2A\x86\x48\x86\xF7\x0D" into "1.2.840.113549") + * + * \param buf buffer to put representation in + * \param size size of the buffer + * \param oid OID to translate + * + * \return Length of the string written (excluding final NULL) or + * SC_MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error + */ +int sc_mbedtls_oid_get_numeric_string(char *buf, size_t size, const sc_mbedtls_asn1_buf *oid); + +/** + * \brief Translate an X.509 attribute type OID into the short name + * (e.g. the OID for an X520 Common Name into "CN") + * + * \param oid OID to use + * \param short_name place to store the string pointer + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_attr_short_name(const sc_mbedtls_asn1_buf *oid, const char **short_name); + +//TODO +//hyphon +#if 0 +/** + * \brief Translate PublicKeyAlgorithm OID into pk_type + * + * \param oid OID to use + * \param pk_alg place to store public key algorithm + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_pk_alg( const sc_mbedtls_asn1_buf *oid, sc_mbedtls_pk_type_t *pk_alg ); + +/** + * \brief Translate pk_type into PublicKeyAlgorithm OID + * + * \param pk_alg Public key type to look for + * \param oid place to store ASN.1 OID string pointer + * \param olen length of the OID + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_oid_by_pk_alg( sc_mbedtls_pk_type_t pk_alg, + const char **oid, size_t *olen ); + +#endif //hyphon +#if defined(SC_MBEDTLS_MD_C) + +/** + * \brief Translate SignatureAlgorithm OID into description + * + * \param oid OID to use + * \param desc place to store string pointer + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_sig_alg_desc(const sc_mbedtls_asn1_buf *oid, const char **desc); + +/** + * \brief Translate hash algorithm OID into md_type + * + * \param oid OID to use + * \param md_alg place to store message digest algorithm + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_md_alg(const sc_mbedtls_asn1_buf *oid, sc_mbedtls_md_type_t *md_alg); +#endif /* SC_MBEDTLS_MD_C */ + +/** + * \brief Translate Extended Key Usage OID into description + * + * \param oid OID to use + * \param desc place to store string pointer + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_extended_key_usage(const sc_mbedtls_asn1_buf *oid, const char **desc); + +/** + * \brief Translate md_type into hash algorithm OID + * + * \param md_alg message digest algorithm + * \param oid place to store ASN.1 OID string pointer + * \param olen length of the OID + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_oid_by_md(sc_mbedtls_md_type_t md_alg, const char **oid, size_t *olen); + +#if defined(MBEDTLS_CIPHER_C) +/** + * \brief Translate encryption algorithm OID into cipher_type + * + * \param oid OID to use + * \param cipher_alg place to store cipher algorithm + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_cipher_alg(const sc_mbedtls_asn1_buf *oid, + sc_mbedtls_cipher_type_t * cipher_alg); +#endif /* MBEDTLS_CIPHER_C */ + +#if defined(MBEDTLS_PKCS12_C) +/** + * \brief Translate PKCS#12 PBE algorithm OID into md_type and + * cipher_type + * + * \param oid OID to use + * \param md_alg place to store message digest algorithm + * \param cipher_alg place to store cipher algorithm + * + * \return 0 if successful, or SC_MBEDTLS_ERR_OID_NOT_FOUND + */ +int sc_mbedtls_oid_get_pkcs12_pbe_alg(const sc_mbedtls_asn1_buf *oid, + sc_mbedtls_md_type_t * md_alg, + sc_mbedtls_cipher_type_t * cipher_alg); +#endif /* MBEDTLS_PKCS12_C */ + +#ifdef __cplusplus +} +#endif + +#endif /* oid.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_platform.h b/lib/sec_library/include/soft_crypto/crypto_platform.h new file mode 100644 index 00000000..1d77cb83 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_platform.h @@ -0,0 +1,367 @@ +/** + * \file platform.h + * + * \brief This file contains the definitions and functions of the + * Mbed TLS platform abstraction layer. + * + * The platform abstraction layer removes the need for the library + * to directly link to standard C library functions or operating + * system services, making the library easier to port and embed. + * Application developers and users of the library can provide their own + * implementations of these functions, or implementations specific to + * their platform, which can be statically linked to the library or + * dynamically configured at runtime. + */ +/* + * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_PLATFORM_H +#define MBEDTLS_PLATFORM_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "crypto_config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_HAVE_TIME) +#include "crypto_platform_time.h" +#endif + +#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */ +#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ + +#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) +#include +#include +// #include +#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF) +#if defined(_WIN32) +#define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use. */ +#else +#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< The default \c snprintf function to use. */ +#endif +#endif +#if !defined(MBEDTLS_PLATFORM_STD_PRINTF) +#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< The default \c printf function to use. */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF) +#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< The default \c fprintf function to use. */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_CALLOC) +#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< The default \c calloc function to use. */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_FREE) +#define MBEDTLS_PLATFORM_STD_FREE free /**< The default \c free function to use. */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_EXIT) +#define MBEDTLS_PLATFORM_STD_EXIT exit /**< The default \c exit function to use. */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_TIME) +#define MBEDTLS_PLATFORM_STD_TIME time /**< The default \c time function to use. */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) +#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS EXIT_SUCCESS /**< The default exit value to use. */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE) +#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE EXIT_FAILURE /**< The default exit value to use. */ +#endif +#if defined(MBEDTLS_FS_IO) +#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) +#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read +#endif +#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) +#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write +#endif +#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE) +#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" +#endif +#endif /* MBEDTLS_FS_IO */ +#else /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ +#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) +#include MBEDTLS_PLATFORM_STD_MEM_HDR +#endif +#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ + + +/* \} name SECTION: Module settings */ + +/* + * The function pointers for calloc and free. + */ +#if defined(MBEDTLS_PLATFORM_MEMORY) +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \ + defined(MBEDTLS_PLATFORM_CALLOC_MACRO) +#define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO +#define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO +#else +/* For size_t */ +#include +extern void *mbedtls_calloc( size_t n, size_t size ); +extern void mbedtls_free( void *ptr ); + +/** + * \brief This function dynamically sets the memory-management + * functions used by the library, during runtime. + * + * \param calloc_func The \c calloc function implementation. + * \param free_func The \c free function implementation. + * + * \return \c 0. + */ +int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), + void (*free_func)( void * ) ); +#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ +#else /* !MBEDTLS_PLATFORM_MEMORY */ +#define mbedtls_free free +#define mbedtls_calloc calloc +#endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */ + +/* + * The function pointers for fprintf + */ +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) +/* We need FILE * */ +#include +extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... ); + +/** + * \brief This function dynamically configures the fprintf + * function that is called when the + * mbedtls_fprintf() function is invoked by the library. + * + * \param fprintf_func The \c fprintf function implementation. + * + * \return \c 0. + */ +int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, + ... ) ); +#else +#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) +#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO +#else +#define mbedtls_fprintf fprintf +#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */ +#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ + +/* + * The function pointers for printf + */ +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) +extern int (*mbedtls_printf)( const char *format, ... ); + +/** + * \brief This function dynamically configures the snprintf + * function that is called when the mbedtls_snprintf() + * function is invoked by the library. + * + * \param printf_func The \c printf function implementation. + * + * \return \c 0 on success. + */ +int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ); +#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) +#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO +#else +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */ +#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ + +/* + * The function pointers for snprintf + * + * The snprintf implementation should conform to C99: + * - it *must* always correctly zero-terminate the buffer + * (except when n == 0, then it must leave the buffer untouched) + * - however it is acceptable to return -1 instead of the required length when + * the destination buffer is too short. + */ +#if defined(_WIN32) +/* For Windows (inc. MSYS2), we provide our own fixed implementation */ +int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ); +#endif + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) +extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... ); + +/** + * \brief This function allows configuring a custom + * \c snprintf function pointer. + * + * \param snprintf_func The \c snprintf function implementation. + * + * \return \c 0 on success. + */ +int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, + const char * format, ... ) ); +#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) +#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO +#else +#define mbedtls_snprintf MBEDTLS_PLATFORM_STD_SNPRINTF +#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */ +#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ + +/* + * The function pointers for exit + */ +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) +extern void (*mbedtls_exit)( int status ); + +/** + * \brief This function dynamically configures the exit + * function that is called when the mbedtls_exit() + * function is invoked by the library. + * + * \param exit_func The \c exit function implementation. + * + * \return \c 0 on success. + */ +int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); +#else +#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) +#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO +#else +#define mbedtls_exit exit +#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */ +#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ + +/* + * The default exit values + */ +#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) +#define MBEDTLS_EXIT_SUCCESS MBEDTLS_PLATFORM_STD_EXIT_SUCCESS +#else +#define MBEDTLS_EXIT_SUCCESS 0 +#endif +#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE) +#define MBEDTLS_EXIT_FAILURE MBEDTLS_PLATFORM_STD_EXIT_FAILURE +#else +#define MBEDTLS_EXIT_FAILURE 1 +#endif + +/* + * The function pointers for reading from and writing a seed file to + * Non-Volatile storage (NV) in a platform-independent way + * + * Only enabled when the NV seed entropy source is enabled + */ +#if defined(MBEDTLS_ENTROPY_NV_SEED) +#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO) +/* Internal standard platform definitions */ +int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len ); +int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ); +#endif + +#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) +extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ); +extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ); + +/** + * \brief This function allows configuring custom seed file writing and + * reading functions. + * + * \param nv_seed_read_func The seed reading function implementation. + * \param nv_seed_write_func The seed writing function implementation. + * + * \return \c 0 on success. + */ +int mbedtls_platform_set_nv_seed( + int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ), + int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) + ); +#else +#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \ + defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) +#define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO +#define mbedtls_nv_seed_write MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO +#else +#define mbedtls_nv_seed_read mbedtls_platform_std_nv_seed_read +#define mbedtls_nv_seed_write mbedtls_platform_std_nv_seed_write +#endif +#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ +#endif /* MBEDTLS_ENTROPY_NV_SEED */ + +#if !defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) + +/** + * \brief The platform context structure. + * + * \note This structure may be used to assist platform-specific + * setup or teardown operations. + */ +typedef struct mbedtls_platform_context +{ + char dummy; /**< A placeholder member, as empty structs are not portable. */ +} +mbedtls_platform_context; + +#else +#include "platform_alt.h" +#endif /* !MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ + +/** + * \brief This function performs any platform-specific initialization + * operations. + * + * \note This function should be called before any other library functions. + * + * Its implementation is platform-specific, and unless + * platform-specific code is provided, it does nothing. + * + * \note The usage and necessity of this function is dependent on the platform. + * + * \param ctx The platform context. + * + * \return \c 0 on success. + */ +int mbedtls_platform_setup( mbedtls_platform_context *ctx ); +/** + * \brief This function performs any platform teardown operations. + * + * \note This function should be called after every other Mbed TLS module + * has been correctly freed using the appropriate free function. + * + * Its implementation is platform-specific, and unless + * platform-specific code is provided, it does nothing. + * + * \note The usage and necessity of this function is dependent on the platform. + * + * \param ctx The platform context. + * + */ +void mbedtls_platform_teardown( mbedtls_platform_context *ctx ); + +#ifdef __cplusplus +} +#endif + +#endif /* platform.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_platform_time.h b/lib/sec_library/include/soft_crypto/crypto_platform_time.h new file mode 100644 index 00000000..13640095 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_platform_time.h @@ -0,0 +1,82 @@ +/** + * \file platform_time.h + * + * \brief mbed TLS Platform time abstraction + */ +/* + * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_PLATFORM_TIME_H +#define MBEDTLS_PLATFORM_TIME_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "crypto_config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ + +/* + * The time_t datatype + */ +#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) +typedef MBEDTLS_PLATFORM_TIME_TYPE_MACRO mbedtls_time_t; +#else +/* For time_t */ +#include +typedef time_t mbedtls_time_t; +#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */ + +/* + * The function pointers for time + */ +#if defined(MBEDTLS_PLATFORM_TIME_ALT) +extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time ); + +/** + * \brief Set your own time function pointer + * + * \param time_func the time function implementation + * + * \return 0 + */ +int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) ); +#else +#if defined(MBEDTLS_PLATFORM_TIME_MACRO) +#define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO +#else +#define mbedtls_time time +#endif /* MBEDTLS_PLATFORM_TIME_MACRO */ +#endif /* MBEDTLS_PLATFORM_TIME_ALT */ + +#ifdef __cplusplus +} +#endif + +#endif /* platform_time.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_platform_util.h b/lib/sec_library/include/soft_crypto/crypto_platform_util.h new file mode 100644 index 00000000..b22c89ef --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_platform_util.h @@ -0,0 +1,185 @@ +/** + * \file platform_util.h + * + * \brief Common and shared functions used by multiple modules in the Mbed TLS + * library. + */ +/* + * Copyright (C) 2018, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_PLATFORM_UTIL_H +#define MBEDTLS_PLATFORM_UTIL_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "crypto_config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#if defined(MBEDTLS_HAVE_TIME_DATE) +#include "crypto_platform_time.h" +#include +#endif /* MBEDTLS_HAVE_TIME_DATE */ + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(MBEDTLS_CHECK_PARAMS) + +#if defined(MBEDTLS_PARAM_FAILED) +/** An alternative definition of MBEDTLS_PARAM_FAILED has been set in config.h. + * + * This flag can be used to check whether it is safe to assume that + * MBEDTLS_PARAM_FAILED() will expand to a call to mbedtls_param_failed(). + */ +#define MBEDTLS_PARAM_FAILED_ALT +#else /* MBEDTLS_PARAM_FAILED */ +#define MBEDTLS_PARAM_FAILED( cond ) \ + mbedtls_param_failed( #cond, __FILE__, __LINE__ ) + +/** + * \brief User supplied callback function for parameter validation failure. + * See #MBEDTLS_CHECK_PARAMS for context. + * + * This function will be called unless an alternative treatement + * is defined through the #MBEDTLS_PARAM_FAILED macro. + * + * This function can return, and the operation will be aborted, or + * alternatively, through use of setjmp()/longjmp() can resume + * execution in the application code. + * + * \param failure_condition The assertion that didn't hold. + * \param file The file where the assertion failed. + * \param line The line in the file where the assertion failed. + */ +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ); +#endif /* MBEDTLS_PARAM_FAILED */ + +/* Internal macro meant to be called only from within the library. */ +#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) \ + do { \ + if( !(cond) ) \ + { \ + MBEDTLS_PARAM_FAILED( cond ); \ + return( ret ); \ + } \ + } while( 0 ) + +/* Internal macro meant to be called only from within the library. */ +#define MBEDTLS_INTERNAL_VALIDATE( cond ) \ + do { \ + if( !(cond) ) \ + { \ + MBEDTLS_PARAM_FAILED( cond ); \ + return; \ + } \ + } while( 0 ) + +#else /* MBEDTLS_CHECK_PARAMS */ + +/* Internal macros meant to be called only from within the library. */ +#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 ) +#define MBEDTLS_INTERNAL_VALIDATE( cond ) do { } while( 0 ) + +#endif /* MBEDTLS_CHECK_PARAMS */ + +/* Internal helper macros for deprecating API constants. */ +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +/* Deliberately don't (yet) export MBEDTLS_DEPRECATED here + * to avoid conflict with other headers which define and use + * it, too. We might want to move all these definitions here at + * some point for uniformity. */ +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t; +#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) \ + ( (mbedtls_deprecated_string_constant_t) ( VAL ) ) +MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; +#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) \ + ( (mbedtls_deprecated_numeric_constant_t) ( VAL ) ) +#undef MBEDTLS_DEPRECATED +#else /* MBEDTLS_DEPRECATED_WARNING */ +#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL +#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL +#endif /* MBEDTLS_DEPRECATED_WARNING */ +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +/** + * \brief Securely zeroize a buffer + * + * The function is meant to wipe the data contained in a buffer so + * that it can no longer be recovered even if the program memory + * is later compromised. Call this function on sensitive data + * stored on the stack before returning from a function, and on + * sensitive data stored on the heap before freeing the heap + * object. + * + * It is extremely difficult to guarantee that calls to + * mbedtls_platform_zeroize() are not removed by aggressive + * compiler optimizations in a portable way. For this reason, Mbed + * TLS provides the configuration option + * MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure + * mbedtls_platform_zeroize() to use a suitable implementation for + * their platform and needs + * + * \param buf Buffer to be zeroized + * \param len Length of the buffer in bytes + * + */ +void mbedtls_platform_zeroize( void *buf, size_t len ); + +#if defined(MBEDTLS_HAVE_TIME_DATE) +/** + * \brief Platform-specific implementation of gmtime_r() + * + * The function is a thread-safe abstraction that behaves + * similarly to the gmtime_r() function from Unix/POSIX. + * + * Mbed TLS will try to identify the underlying platform and + * make use of an appropriate underlying implementation (e.g. + * gmtime_r() for POSIX and gmtime_s() for Windows). If this is + * not possible, then gmtime() will be used. In this case, calls + * from the library to gmtime() will be guarded by the mutex + * mbedtls_threading_gmtime_mutex if MBEDTLS_THREADING_C is + * enabled. It is recommended that calls from outside the library + * are also guarded by this mutex. + * + * If MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, then Mbed TLS will + * unconditionally use the alternative implementation for + * mbedtls_platform_gmtime_r() supplied by the user at compile time. + * + * \param tt Pointer to an object containing time (in seconds) since the + * epoch to be converted + * \param tm_buf Pointer to an object where the results will be stored + * + * \return Pointer to an object of type struct tm on success, otherwise + * NULL + */ +struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, + struct tm *tm_buf ); +#endif /* MBEDTLS_HAVE_TIME_DATE */ + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_PLATFORM_UTIL_H */ diff --git a/lib/sec_library/include/soft_crypto/crypto_rsa.h b/lib/sec_library/include/soft_crypto/crypto_rsa.h new file mode 100755 index 00000000..6f0b3750 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_rsa.h @@ -0,0 +1,645 @@ +/** + * \file rsa.h + * + * \brief The RSA public-key cryptosystem + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_MBEDTLS_RSA_H +#define SC_MBEDTLS_RSA_H + +#include "crypto_config.h" + +#include "crypto_bignum.h" +#include "crypto_md.h" +#include "sec_crypto_errcode.h" + +/* + * RSA Error codes + */ +#define SC_MBEDTLS_ERR_RSA_BAD_INPUT_DATA SC_BAD_INPUT_DATA /**< Bad input parameters to function. */ +#define SC_MBEDTLS_ERR_RSA_INVALID_PADDING SC_INVALID_PADDING /**< Input data contains invalid padding and is rejected. */ +#define SC_MBEDTLS_ERR_RSA_KEY_GEN_FAILED SC_KEY_GEN_FAILED /**< Something failed during generation of a key. */ +#define SC_MBEDTLS_ERR_RSA_KEY_CHECK_FAILED SC_KEY_CHECK_FAILED /**< Key failed to pass the library's validity check. */ +#define SC_MBEDTLS_ERR_RSA_PUBLIC_FAILED SC_PUBLIC_FAILED /**< The public key operation failed. */ +#define SC_MBEDTLS_ERR_RSA_PRIVATE_FAILED SC_PRIVATE_FAILED /**< The private key operation failed. */ +#define SC_MBEDTLS_ERR_RSA_VERIFY_FAILED SC_VERIFY_FAILED /**< The PKCS#1 verification failed. */ +#define SC_MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE SC_OUTPUT_TOO_LARGE /**< The output buffer for decryption is not large enough. */ +#define SC_MBEDTLS_ERR_RSA_RNG_FAILED SC_RNG_FAILED /**< The random generator failed to generate non-zeros. */ + +/* + * RSA constants + */ +#define SC_MBEDTLS_RSA_PUBLIC 0 +#define SC_MBEDTLS_RSA_PRIVATE 1 + +#define SC_MBEDTLS_RSA_PKCS_V15 0 +#define SC_MBEDTLS_RSA_PKCS_V21 1 + +#define SC_MBEDTLS_RSA_SIGN 1 +#define SC_MBEDTLS_RSA_CRYPT 2 + +#define SC_MBEDTLS_RSA_SALT_LEN_ANY -1 + +/* + * The above constants may be used even if the RSA module is compile out, + * eg for alternative (PKCS#11) RSA implemenations in the PK layers. + */ +#if defined(MBEDTLS_RSA_C) + +#ifdef __cplusplus +extern "C" { +#endif +/** + * \brief RSA context structure + */ +typedef struct +{ + int ver; /*!< always 0 */ + size_t len; /*!< size(N) in chars */ + + sc_mbedtls_mpi N; /*!< public modulus */ + sc_mbedtls_mpi E; /*!< public exponent */ + + sc_mbedtls_mpi D; /*!< private exponent */ + sc_mbedtls_mpi P; /*!< 1st prime factor */ + sc_mbedtls_mpi Q; /*!< 2nd prime factor */ + sc_mbedtls_mpi DP; /*!< D % (P - 1) */ + sc_mbedtls_mpi DQ; /*!< D % (Q - 1) */ + sc_mbedtls_mpi QP; /*!< 1 / (Q % P) */ + + sc_mbedtls_mpi RN; /*!< cached R^2 mod N */ + sc_mbedtls_mpi RP; /*!< cached R^2 mod P */ + sc_mbedtls_mpi RQ; /*!< cached R^2 mod Q */ + + sc_mbedtls_mpi Vi; /*!< cached blinding value */ + sc_mbedtls_mpi Vf; /*!< cached un-blinding value */ + + int padding; /*!< SC_MBEDTLS_RSA_PKCS_V15 for 1.5 padding and + MBEDTLS_RSA_PKCS_v21 for OAEP/PSS */ + int hash_id; /*!< Hash identifier of sc_mbedtls_md_type_t as + specified in the sc_mbedtls_md.h header file + for the EME-OAEP and EMSA-PSS + encoding */ +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; /*!< Thread-safety mutex */ +#endif +} +sc_mbedtls_rsa_context; + +/** + * \brief Initialize an RSA context + * + * Note: Set padding to SC_MBEDTLS_RSA_PKCS_V21 for the RSAES-OAEP + * encryption scheme and the RSASSA-PSS signature scheme. + * + * \param ctx RSA context to be initialized + * \param padding SC_MBEDTLS_RSA_PKCS_V15 or SC_MBEDTLS_RSA_PKCS_V21 + * \param hash_id SC_MBEDTLS_RSA_PKCS_V21 hash identifier + * + * \note The hash_id parameter is actually ignored + * when using SC_MBEDTLS_RSA_PKCS_V15 padding. + * + * \note Choice of padding mode is strictly enforced for private key + * operations, since there might be security concerns in + * mixing padding modes. For public key operations it's merely + * a default value, which can be overriden by calling specific + * rsa_rsaes_xxx or rsa_rsassa_xxx functions. + * + * \note The chosen hash is always used for OEAP encryption. + * For PSS signatures, it's always used for making signatures, + * but can be overriden (and always is, if set to + * SC_MBEDTLS_MD_NONE) for verifying them. + */ +void sc_mbedtls_rsa_init( sc_mbedtls_rsa_context *ctx, + int padding, + int hash_id); + +/** + * \brief Set padding for an already initialized RSA context + * See \c sc_mbedtls_rsa_init() for details. + * + * \param ctx RSA context to be set + * \param padding SC_MBEDTLS_RSA_PKCS_V15 or SC_MBEDTLS_RSA_PKCS_V21 + * \param hash_id SC_MBEDTLS_RSA_PKCS_V21 hash identifier + */ +void sc_mbedtls_rsa_set_padding( sc_mbedtls_rsa_context *ctx, int padding, int hash_id); + +/** + * \brief Generate an RSA keypair + * + * \param ctx RSA context that will hold the key + * \param f_rng RNG function + * \param p_rng RNG parameter + * \param nbits size of the public key in bits + * \param exponent public exponent (e.g., 65537) + * + * \note sc_mbedtls_rsa_init() must be called beforehand to setup + * the RSA context. + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + */ +int sc_mbedtls_rsa_gen_key( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + unsigned int nbits, int exponent ); + +/** + * \brief Check a public RSA key + * + * \param ctx RSA context to be checked + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + */ +int sc_mbedtls_rsa_check_pubkey( const sc_mbedtls_rsa_context *ctx ); + +/** + * \brief Check a private RSA key + * + * \param ctx RSA context to be checked + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + */ +int sc_mbedtls_rsa_check_privkey( const sc_mbedtls_rsa_context *ctx ); + +/** + * \brief Check a public-private RSA key pair. + * Check each of the contexts, and make sure they match. + * + * \param pub RSA context holding the public key + * \param prv RSA context holding the private key + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + */ +int sc_mbedtls_rsa_check_pub_priv( const sc_mbedtls_rsa_context *pub, const sc_mbedtls_rsa_context *prv ); + +/** + * \brief Do an RSA public key operation + * + * \param ctx RSA context + * \param input input buffer + * \param output output buffer + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note This function does NOT take care of message + * padding. Also, be sure to set input[0] = 0 or ensure that + * input is smaller than N. + * + * \note The input and output buffers must be large + * enough (eg. 128 bytes if RSA-1024 is used). + */ +int sc_mbedtls_rsa_public( sc_mbedtls_rsa_context *ctx, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Do an RSA private key operation + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for blinding) + * \param p_rng RNG parameter + * \param input input buffer + * \param output output buffer + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The input and output buffers must be large + * enough (eg. 128 bytes if RSA-1024 is used). + */ +int sc_mbedtls_rsa_private( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Generic wrapper to perform a PKCS#1 encryption using the + * mode from the context. Add the message padding, then do an + * RSA operation. + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding + * and SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param ilen contains the plaintext length + * \param input buffer holding the data to be encrypted + * \param output buffer that will hold the ciphertext + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int sc_mbedtls_rsa_pkcs1_encrypt( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT) + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for padding and SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param ilen contains the plaintext length + * \param input buffer holding the data to be encrypted + * \param output buffer that will hold the ciphertext + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int sc_mbedtls_rsa_rsaes_pkcs1_v15_encrypt( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT) + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding + * and SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param label buffer holding the custom label to use + * \param label_len contains the label length + * \param ilen contains the plaintext length + * \param input buffer holding the data to be encrypted + * \param output buffer that will hold the ciphertext + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int sc_mbedtls_rsa_rsaes_oaep_encrypt( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Generic wrapper to perform a PKCS#1 decryption using the + * mode from the context. Do an RSA operation, then remove + * the message padding + * + * \param ctx RSA context + * \param f_rng RNG function (Only needed for SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param olen will contain the plaintext length + * \param input buffer holding the encrypted data + * \param output buffer that will hold the plaintext + * \param output_max_len maximum length of the output buffer + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise + * an error is thrown. + */ +int sc_mbedtls_rsa_pkcs1_decrypt( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ); + +/** + * \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT) + * + * \param ctx RSA context + * \param f_rng RNG function (Only needed for SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param olen will contain the plaintext length + * \param input buffer holding the encrypted data + * \param output buffer that will hold the plaintext + * \param output_max_len maximum length of the output buffer + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise + * an error is thrown. + */ +int sc_mbedtls_rsa_rsaes_pkcs1_v15_decrypt( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ); + +/** + * \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT) + * + * \param ctx RSA context + * \param f_rng RNG function (Only needed for SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param label buffer holding the custom label to use + * \param label_len contains the label length + * \param olen will contain the plaintext length + * \param input buffer holding the encrypted data + * \param output buffer that will hold the plaintext + * \param output_max_len maximum length of the output buffer + * + * \return 0 if successful, or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise + * an error is thrown. + */ +int sc_mbedtls_rsa_rsaes_oaep_decrypt( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ); + +/** + * \brief Generic wrapper to perform a PKCS#1 signature using the + * mode from the context. Do a private RSA operation to sign + * a message digest + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for + * SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param md_alg a SC_MBEDTLS_MD_XXX (use SC_MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for SC_MBEDTLS_MD_NONE only) + * \param hash buffer holding the message digest + * \param sig buffer that will hold the ciphertext + * + * \return 0 if the signing operation was successful, + * or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note In case of PKCS#1 v2.1 encoding, see comments on + * \note \c sc_mbedtls_rsa_rsassa_pss_sign() for details on md_alg and hash_id. + */ +int sc_mbedtls_rsa_pkcs1_sign( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + sc_mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN) + * + * \param ctx RSA context + * \param f_rng RNG function (Only needed for SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param md_alg a SC_MBEDTLS_MD_XXX (use SC_MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for SC_MBEDTLS_MD_NONE only) + * \param hash buffer holding the message digest + * \param sig buffer that will hold the ciphertext + * + * \return 0 if the signing operation was successful, + * or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int sc_mbedtls_rsa_rsassa_pkcs1_v15_sign( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + sc_mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN) + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for + * SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param md_alg a SC_MBEDTLS_MD_XXX (use SC_MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for SC_MBEDTLS_MD_NONE only) + * \param hash buffer holding the message digest + * \param sig buffer that will hold the ciphertext + * + * \return 0 if the signing operation was successful, + * or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note The hash_id in the RSA context is the one used for the + * encoding. md_alg in the function call is the type of hash + * that is encoded. According to RFC 3447 it is advised to + * keep both hashes the same. + */ +int sc_mbedtls_rsa_rsassa_pss_sign( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + sc_mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Generic wrapper to perform a PKCS#1 verification using the + * mode from the context. Do a public RSA operation and check + * the message digest + * + * \param ctx points to an RSA public key + * \param f_rng RNG function (Only needed for SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param md_alg a SC_MBEDTLS_MD_XXX (use SC_MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for SC_MBEDTLS_MD_NONE only) + * \param hash buffer holding the message digest + * \param sig buffer holding the ciphertext + * + * \return 0 if the verify operation was successful, + * or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note In case of PKCS#1 v2.1 encoding, see comments on + * \c sc_mbedtls_rsa_rsassa_pss_verify() about md_alg and hash_id. + */ +int sc_mbedtls_rsa_pkcs1_verify( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + sc_mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY) + * + * \param ctx points to an RSA public key + * \param f_rng RNG function (Only needed for SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param md_alg a SC_MBEDTLS_MD_XXX (use SC_MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for SC_MBEDTLS_MD_NONE only) + * \param hash buffer holding the message digest + * \param sig buffer holding the ciphertext + * + * \return 0 if the verify operation was successful, + * or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int sc_mbedtls_rsa_rsassa_pkcs1_v15_verify( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + sc_mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) + * (This is the "simple" version.) + * + * \param ctx points to an RSA public key + * \param f_rng RNG function (Only needed for SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param md_alg a SC_MBEDTLS_MD_XXX (use SC_MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for SC_MBEDTLS_MD_NONE only) + * \param hash buffer holding the message digest + * \param sig buffer holding the ciphertext + * + * \return 0 if the verify operation was successful, + * or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note The hash_id in the RSA context is the one used for the + * verification. md_alg in the function call is the type of + * hash that is verified. According to RFC 3447 it is advised to + * keep both hashes the same. If hash_id in the RSA context is + * unset, the md_alg from the function call is used. + */ +int sc_mbedtls_rsa_rsassa_pss_verify( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + sc_mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) + * (This is the version with "full" options.) + * + * \param ctx points to an RSA public key + * \param f_rng RNG function (Only needed for SC_MBEDTLS_RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode SC_MBEDTLS_RSA_PUBLIC or SC_MBEDTLS_RSA_PRIVATE + * \param md_alg a SC_MBEDTLS_MD_XXX (use SC_MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for SC_MBEDTLS_MD_NONE only) + * \param hash buffer holding the message digest + * \param mgf1_hash_id message digest used for mask generation + * \param expected_salt_len Length of the salt used in padding, use + * SC_MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length + * \param sig buffer holding the ciphertext + * + * \return 0 if the verify operation was successful, + * or an SC_MBEDTLS_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note The hash_id in the RSA context is ignored. + */ +int sc_mbedtls_rsa_rsassa_pss_verify_ext( sc_mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + sc_mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + sc_mbedtls_md_type_t mgf1_hash_id, + int expected_salt_len, + const unsigned char *sig ); + +/** + * \brief Copy the components of an RSA context + * + * \param dst Destination context + * \param src Source context + * + * \return 0 on success, + * SC_MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure + */ +int sc_mbedtls_rsa_copy( sc_mbedtls_rsa_context *dst, const sc_mbedtls_rsa_context *src ); + +/** + * \brief Free the components of an RSA key + * + * \param ctx RSA Context to free + */ +void sc_mbedtls_rsa_free( sc_mbedtls_rsa_context *ctx ); +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int sc_mbedtls_rsa_self_test( int verbose ); + +int rsa_rand(void *rng_state, unsigned char *output, size_t len); + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_RSA_C */ + +#endif /* rsa.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_sha1.h b/lib/sec_library/include/soft_crypto/crypto_sha1.h new file mode 100755 index 00000000..e3b62d73 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_sha1.h @@ -0,0 +1,111 @@ +/** + * \file sha1.h + * + * \brief SHA-1 cryptographic hash function + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_MBEDTLS_SHA1_H +#define SC_MBEDTLS_SHA1_H + +#include "crypto_config.h" + +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-1 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[5]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ +} +sc_mbedtls_sha1_context; + +/** + * \brief Initialize SHA-1 context + * + * \param ctx SHA-1 context to be initialized + */ +void sc_mbedtls_sha1_init( sc_mbedtls_sha1_context *ctx ); + +/** + * \brief Clear SHA-1 context + * + * \param ctx SHA-1 context to be cleared + */ +void sc_mbedtls_sha1_free( sc_mbedtls_sha1_context *ctx ); + +/** + * \brief Clone (the state of) a SHA-1 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void sc_mbedtls_sha1_clone( sc_mbedtls_sha1_context *dst, + const sc_mbedtls_sha1_context *src ); + +/** + * \brief SHA-1 context setup + * + * \param ctx context to be initialized + */ +void sc_mbedtls_sha1_starts( sc_mbedtls_sha1_context *ctx ); + +/** + * \brief SHA-1 process buffer + * + * \param ctx SHA-1 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void sc_mbedtls_sha1_update( sc_mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief SHA-1 final digest + * + * \param ctx SHA-1 context + * \param output SHA-1 checksum result + */ +void sc_mbedtls_sha1_finish( sc_mbedtls_sha1_context *ctx, unsigned char output[20] ); + +/* Internal use */ +void sc_mbedtls_sha1_process( sc_mbedtls_sha1_context *ctx, const unsigned char data[64] ); + +/** + * \brief Output = SHA-1( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-1 checksum result + */ +void sc_mbedtls_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ); + + +#ifdef __cplusplus +} +#endif + +#endif /* sc_mbedtls_sha1.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_sha256.h b/lib/sec_library/include/soft_crypto/crypto_sha256.h new file mode 100755 index 00000000..9978ffe0 --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_sha256.h @@ -0,0 +1,113 @@ +/** + * \file sha256.h + * + * \brief SHA-224 and SHA-256 cryptographic hash function + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef SC_MBEDTLS_SHA256_H +#define SC_MBEDTLS_SHA256_H + +#include "crypto_config.h" + +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-256 context structure + */ +typedef struct { + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[8]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ + int is224; /*!< 0 => SHA-256, else SHA-224 */ +} sc_mbedtls_sha256_context; + +/** + * \brief Initialize SHA-256 context + * + * \param ctx SHA-256 context to be initialized + */ +void sc_mbedtls_sha256_init(sc_mbedtls_sha256_context *ctx); + +/** + * \brief Clear SHA-256 context + * + * \param ctx SHA-256 context to be cleared + */ +void sc_mbedtls_sha256_free(sc_mbedtls_sha256_context *ctx); + +/** + * \brief Clone (the state of) a SHA-256 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void sc_mbedtls_sha256_clone(sc_mbedtls_sha256_context * dst, + const sc_mbedtls_sha256_context *src); + +/** + * \brief SHA-256 context setup + * + * \param ctx context to be initialized + * \param is224 0 = use SHA256, 1 = use SHA224 + */ +void sc_mbedtls_sha256_starts(sc_mbedtls_sha256_context *ctx, int is224); + +/** + * \brief SHA-256 process buffer + * + * \param ctx SHA-256 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void sc_mbedtls_sha256_update(sc_mbedtls_sha256_context *ctx, const unsigned char *input, + size_t ilen); + +/** + * \brief SHA-256 final digest + * + * \param ctx SHA-256 context + * \param output SHA-224/256 checksum result + */ +void sc_mbedtls_sha256_finish(sc_mbedtls_sha256_context *ctx, unsigned char output[32]); + +/* Internal use */ +void sc_mbedtls_sha256_process(sc_mbedtls_sha256_context *ctx, const unsigned char data[64]); + +/** + * \brief Output = SHA-256( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-224/256 checksum result + * \param is224 0 = use SHA256, 1 = use SHA224 + */ +void sc_mbedtls_sha256(const unsigned char *input, size_t ilen, unsigned char output[32], + int is224); + +#ifdef __cplusplus +} +#endif + +#endif /* sc_mbedtls_sha256.h */ diff --git a/lib/sec_library/include/soft_crypto/crypto_utils.h b/lib/sec_library/include/soft_crypto/crypto_utils.h new file mode 100755 index 00000000..6b7b0abf --- /dev/null +++ b/lib/sec_library/include/soft_crypto/crypto_utils.h @@ -0,0 +1,121 @@ +/* utils.h - TinyCrypt interface to platform-dependent run-time operations */ + +/* + * Copyright (C) 2017 by Intel Corporation, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Intel Corporation nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief Interface to platform-dependent run-time operations. + * + */ + +#ifndef __TC_UTILS_H__ +#define __TC_UTILS_H__ + +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Copy the the buffer 'from' to the buffer 'to'. + * @return returns TC_CRYPTO_SUCCESS (1) + * returns TC_CRYPTO_FAIL (0) if: + * from_len > to_len. + * + * @param to OUT -- destination buffer + * @param to_len IN -- length of destination buffer + * @param from IN -- origin buffer + * @param from_len IN -- length of origin buffer + */ +unsigned int _copy(uint8_t *to, unsigned int to_len, + const uint8_t *from, unsigned int from_len); + +/** + * @brief Set the value 'val' into the buffer 'to', 'len' times. + * + * @param to OUT -- destination buffer + * @param val IN -- value to be set in 'to' + * @param len IN -- number of times the value will be copied + */ +void _set(void *to, uint8_t val, unsigned int len); + +/** + * @brief Set the value 'val' into the buffer 'to', 'len' times, in a way + * which does not risk getting optimized out by the compiler + * In cases where the compiler does not set __GNUC__ and where the + * optimization level removes the memset, it may be necessary to + * implement a _set_secure function and define the + * TINYCRYPT_ARCH_HAS_SET_SECURE, which then can ensure that the + * memset does not get optimized out. + * + * @param to OUT -- destination buffer + * @param val IN -- value to be set in 'to' + * @param len IN -- number of times the value will be copied + */ +#ifdef TINYCRYPT_ARCH_HAS_SET_SECURE +extern void _set_secure(void *to, uint8_t val, unsigned int len); +#else /* ! TINYCRYPT_ARCH_HAS_SET_SECURE */ +static inline void _set_secure(void *to, uint8_t val, unsigned int len) +{ + (void) memset(to, val, len); +#ifdef __GNUC__ + __asm__ __volatile__("" :: "g"(to) : "memory"); +#endif /* __GNUC__ */ +} +#endif /* TINYCRYPT_ARCH_HAS_SET_SECURE */ + +/* + * @brief AES specific doubling function, which utilizes + * the finite field used by AES. + * @return Returns a^2 + * + * @param a IN/OUT -- value to be doubled + */ +uint8_t _double_byte(uint8_t a); + +/* + * @brief Constant-time algorithm to compare if two sequences of bytes are equal + * @return Returns 0 if equal, and non-zero otherwise + * + * @param a IN -- sequence of bytes a + * @param b IN -- sequence of bytes b + * @param size IN -- size of sequences a and b + */ +int _compare(const uint8_t *a, const uint8_t *b, size_t size); + +#ifdef __cplusplus +} +#endif + +#endif /* __TC_UTILS_H__ */ diff --git a/lib/sec_library/libsec_library.a b/lib/sec_library/libsec_library.a index 019298c7..993dce6f 100644 Binary files a/lib/sec_library/libsec_library.a and b/lib/sec_library/libsec_library.a differ diff --git a/tools/logos/thead.bmp b/tools/logos/thead.bmp index aaf8a535..c67e73dc 100644 Binary files a/tools/logos/thead.bmp and b/tools/logos/thead.bmp differ