 |
xilloader
Vitis Drivers API Documentation
|
|
xilloader
Vitis Drivers API Documentation
|
This file contains all common security related data.
MODIFICATION HISTORY:
Ver Who Date Changes
----- ---- -------- -------------------------------------------------------
1.00 bm 12/16/20 First release
har 01/18/21 Added macros related to P521 KAT
kpt 01/21/21 Added macro for revoke id mask
har 03/17/21 Moved macros required for Secure state out of
PLM_SECURE_EXCLUDE macro
kpt 04/14/21 Added macros required to check encrypted data
alignment
bm 05/13/21 Updated code to use common crypto instances from xilsecure
1.01 kpt 06/23/21 Added macros required to read and compare DNA
kpt 07/01/21 Added macros required to disable Jtag
har 07/15/21 Fixed doxygen warnings
har 07/18/21 Added description for all macros
bsv 08/17/21 Code clean up
kpt 09/02/21 Added support to update KAT status in RTC area
kpt 09/09/21 Fixed SW-BP-BLIND-WRITE in XLoader_AuthEncClear
kpt 09/15/21 Added error code XLOADER_PUF_HD_EFUSE
kpt 09/18/21 Updated macro value XLOADER_PDI_DPACM_ENABLED
Renamed BHSignature variable to IHTSignature
1.02 kpt 10/04/21 Removed macro XLOADER_SEC_ALL_IDS_REVOKED_ERR
kpt 10/07/21 Added function pointer ProcessPrtn in
XLoader_SecureParams
kpt 10/20/21 Removed temporal variables from XLoader_SecureParams
bsv 10/26/21 Code clean up
kpt 10/28/21 Added DmaFlags in XLoader_SecureParams
bsv 02/11/22 Code clean up to reduce size
bsv 02/13/22 Reduce stack usage of functions
har 02/17/22 Added macro XLOADER_AUTH_JTAG_LOCK_DIS_MASK and removed
macro XLOADER_AUTH_FAIL_COUNTER_RST_VALUE
bsv 03/18/22 Fix build issues when PLM_SECURE_EXCLUDE is enabled
1.03 bm 07/06/22 Refactor versal and versal_net code
kpt 07/05/2022 Added support to update KAT status
ma 07/08/22 Removed EFUSE_CACHE_MISC_CTRL as it is defined in xplmi_hw.h
kpt 07/24/22 Added XLoader_RsaPssSignVerify to support KAT for versal net
har 11/17/22 Added function declaration for XLoader_CheckNonZeroPpk
1.04 ng 11/23/22 Fixed doxygen file name error
1.8 skg 12/07/22 Added Additional PPKs related macros and enums
kal 01/05/23 Added XLoader_GetAuthPubAlgo definition
sk 02/08/23 Renamed XLoader_UpdateKatStatus to XLoader_ClearKatOnPPDI
dd 03/28/23 Updated doxygen comments
sk 07/06/23 Corrected DAP Config Mask's
dd 08/11/23 Updated doxygen comments
2.1 kpt 12/04/23 Move XLoader_AesKekInfo to platform specific file
am 03/02/24 Added XLOADER_OPTIMIZED_AUTH_CERT_MIN_SIZE macro
har 03/05/24 Fixed doxygen warnings
kpt 03/15/24 Updated RSA KAT to use 2048-bit key
obs 09/30/2024 Fixed Doxygen Warnings
obs 02/27/2025 Added XLOADER_AUTH_JTAG_IDWORD macro
kal 04/16/25 Updated XLOADER_EFUSE_MISC_CTRL_ALL_PPK_INVLD when
additional PPKs feature is enabled
2.2 har 04/21/25 Removed XLOADER_PMC_TAP_INST_MASK_ENABLE_MASK macroData Structures | |
| struct | XLoader_RsaKey |
| < RSA Key More... | |
Macros | |
| #define | XLOADER_RSA_4096_KEY_SIZE (4096U/8U) |
| RSA 4096 key size. More... | |
| #define | XLOADER_SPK_SIG_SIZE XLOADER_RSA_4096_KEY_SIZE |
| Size of SPK signature(in bytes) in Authentication Certificate. More... | |
| #define | XLOADER_BHDR_SIG_SIZE XLOADER_RSA_4096_KEY_SIZE |
| Size of Bootheader signature(in bytes) in Authentication Certificate. More... | |
| #define | XLOADER_PARTITION_SIG_SIZE XLOADER_RSA_4096_KEY_SIZE |
| Size of Partition signature(in bytes) in Authentication Certificate. More... | |
| #define | XLOADER_AUTH_HEADER_SIZE (8U) |
| Size of Authentication header(in bytes) in Authentication Certificate. More... | |
| #define | XLOADER_AUTH_CERT_USER_DATA ((u32)64U - XLOADER_AUTH_HEADER_SIZE) |
| Size of User Data(in bytes) in Authentication Certificate. More... | |
| #define | XLOADER_OPTIMIZED_AUTH_CERT_MIN_SIZE |
| Minimum Size of Optimized Authentication Certificate(in bytes) More... | |
| #define | XLOADER_AC_AH_REVOKE_ID_MASK (0xFFU) |
| Mask for Revocation ID. More... | |
| #define | XLOADER_ECDSA_P384_KEYSIZE (48U) |
| Key size(in bytes) for ECDSA P-384 curve. More... | |
| #define | XLOADER_ECDSA_P521_KEYSIZE (66U) |
| Key size(in bytes) for ECDSA P-521 curve. More... | |
| #define | XLOADER_ECDSA_MAX_KEYSIZE XLOADER_ECDSA_P521_KEYSIZE |
| ECDSA Max Key size(in bytes) More... | |
| #define | XLOADER_SECURE_HDR_SIZE (48U) |
| Secure Header Size(in bytes) More... | |
| #define | XLOADER_SECURE_GCM_TAG_SIZE (16U) |
| GCM Tag Size(in bytes) More... | |
| #define | XLOADER_SECURE_HDR_TOTAL_SIZE |
| Total size of Secure Header (in bytes) More... | |
| #define | XLOADER_128_BIT_ALIGNED_MASK (0x0FU) |
| Mask to check if data is 128-bit aligned. More... | |
| #define | XLOADER_EFUSE_KEY (0xA5C3C5A3U) |
| eFUSE Key More... | |
| #define | XLOADER_EFUSE_BLK_KEY (0xA5C3C5A5U) |
| eFUSE Black Key More... | |
| #define | XLOADER_BBRAM_KEY (0x3A5C3C5AU) |
| BBRAM Key. More... | |
| #define | XLOADER_BBRAM_BLK_KEY (0x3A5C3C59U) |
| BBRAM Black Key. More... | |
| #define | XLOADER_BH_BLK_KEY (0xA35C7C53U) |
| Boot Header Black Key. More... | |
| #define | XLOADER_EFUSE_USR_KEY0 (0x5C3CA5A3U) |
| eFUSE User Key 0 More... | |
| #define | XLOADER_EFUSE_USR_BLK_KEY0 (0x5C3CA5A5U) |
| eFUSE User key 0 Black More... | |
| #define | XLOADER_EFUSE_USR_KEY1 (0xC3A5C5A3U) |
| eFUSE User Key 1 More... | |
| #define | XLOADER_EFUSE_USR_BLK_KEY1 (0xC3A5C5A5U) |
| eFUSE User key 1 Black More... | |
| #define | XLOADER_USR_KEY0 (0xC5C3A5A3U) |
| User Key 0. More... | |
| #define | XLOADER_USR_KEY1 (0xC3A5C5B3U) |
| User Key 1. More... | |
| #define | XLOADER_USR_KEY2 (0xC5C3A5C3U) |
| User Key 2. More... | |
| #define | XLOADER_USR_KEY3 (0xC3A5C5D3U) |
| User Key 3. More... | |
| #define | XLOADER_USR_KEY4 (0xC5C3A5E3U) |
| User Key 4. More... | |
| #define | XLOADER_USR_KEY5 (0xC3A5C5F3U) |
| User Key 5. More... | |
| #define | XLOADER_USR_KEY6 (0xC5C3A563U) |
| User Key 6. More... | |
| #define | XLOADER_USR_KEY7 (0xC3A5C573U) |
| User Key 7. More... | |
| #define | XLOADER_EFUSE_MISC_CTRL_PPK0_INVLD (0x0000000CU) |
| PPK0 invalid value. More... | |
| #define | XLOADER_EFUSE_MISC_CTRL_PPK1_INVLD (0x00000030U) |
| PPK1 invalid value. More... | |
| #define | XLOADER_EFUSE_MISC_CTRL_PPK2_INVLD (0x000000C0U) |
| PPK2 invalid value. More... | |
| #define | XLOADER_EFUSE_MISC_CTRL_ALL_PPK_INVLD (0x000000FCU) |
| All PPKs invalid value for PPK0-PPK2. More... | |
| #define | XLOADER_EFUSE_PPK_HASH_LEN (32U) |
| PPK hash length stored in eFUSE. More... | |
| #define | XLOADER_SECURE_IV_LEN (4U) |
| Secure IV length in words. More... | |
| #define | XLOADER_SECURE_IV_NUM_ROWS (3U) |
| No. More... | |
| #define | XLOADER_EFUSE_IV_METAHDR_START_OFFSET (0xF1250180U) |
| Metaheader IV start register address. More... | |
| #define | XLOADER_EFUSE_IV_METAHDR_END_OFFSET (0xF1250188U) |
| Metaheader IV end register address. More... | |
| #define | XLOADER_EFUSE_IV_BLACK_OBFUS_START_OFFSET (0xF12501D0U) |
| Black IV start register address. More... | |
| #define | XLOADER_EFUSE_IV_BLACK_OBFUS_END_OFFSET (0xF12501D8U) |
| Black IV start register address. More... | |
| #define | XLOADER_EFUSE_REVOCATION_ID_0_OFFSET (0xF12500B0U) |
| Revocation ID 0 register address. More... | |
| #define | XLOADER_EFUSE_REVOCATION_ID_7_OFFSET (0xF12500CCU) |
| Revocation ID 7 register address. More... | |
| #define | XLOADER_EFUSE_SEC_MISC1_OFFSET (0xF12500E8U) |
| Security Misc1 register address. More... | |
| #define | XLOADER_EFUSE_SEC_DPA_DIS_MASK (0xFFFF0000U) |
| DPA CM disabled mask. More... | |
| #define | XLOADER_EFUSE_DNA_START_OFFSET (0xF1250020U) |
| DNA start register address. More... | |
| #define | XLOADER_EFUSE_DNA_NUM_ROWS (4U) |
| Number of eFUSE rows for DNA. More... | |
| #define | XLOADER_EFUSE_DNA_LEN_IN_BYTES |
| Size of DNA(in bytes) More... | |
| #define | XLOADER_AC_AH_DNA_MASK (0x03U) |
| Mask for DNA in Authentication Certificate. More... | |
| #define | XLOADER_REVOCATION_IDMAX (0xFFU) |
| Maximum value of Revocation ID. More... | |
| #define | XLOADER_PUF_HD_BHDR (0x3U) |
| Value of PUF HD stored in bootheader. More... | |
| #define | XLOADER_PUF_HD_EFUSE (0x0U) |
| Value of PUF HD stored in efuse. More... | |
| #define | XLOADER_BBRAM_RED_KEY (0x00000001U) |
| Decrypted key stored in BBRAM. More... | |
| #define | XLOADER_BHDR_RED_KEY (0x00000002U) |
| Decrypted key stored in Bootheader. More... | |
| #define | XLOADER_EFUSE_RED_KEY (0x00000004U) |
| Decrypted key stored in eFUSE AES key. More... | |
| #define | XLOADER_EFUSE_USR0_RED_KEY (0x00000008U) |
| Decrypted key stored in eFUSE User 0 key. More... | |
| #define | XLOADER_EFUSE_USR1_RED_KEY (0x00000010U) |
| Decrypted key stored in eFUSE User 1 key. More... | |
| #define | XLOADER_EFUSE_CACHE_SECURITY_CONTROL_OFFSET (0xF12500ACU) |
| Security Control register address. More... | |
| #define | XLOADER_PMC_TAP_AUTH_JTAG_DATA_OFFSET (0xF11B0030U) |
| Authenticated JTAG Data start register address. More... | |
| #define | XLOADER_AUTH_JTAG_IDWORD (0x58414A47U) |
| Authenticated JTAG ID word. More... | |
| #define | XLOADER_PMC_TAP_DAP_CFG_OFFSET (0xF11B0008U) |
| DAP CFG register address. More... | |
| #define | XLOADER_PMC_TAP_INST_MASK_1_OFFSET (0xF11B0004U) |
| Instruction Mask 1 register address. More... | |
| #define | XLOADER_PMC_TAP_DAP_SECURITY_OFFSET (0xF11B000CU) |
| DAP security register address. More... | |
| #define | XLOADER_PMC_TAP_AUTH_JTAG_INT_STATUS_OFFSET (0xF11B0018U) |
| Authenticated JTAG interrupt status register address. More... | |
| #define | XLOADER_CRP_RST_DBG_OFFSET (0xF1260400U) |
| CRP reset debug register address. More... | |
| #define | XLOADER_PMC_TAP_AUTH_JTAG_INT_STATUS_MASK (0x1U) |
| Mask for Authenticated JTAG interrupt status. More... | |
| #define | XLOADER_AUTH_JTAG_DIS_MASK (0x180000U) |
| Mask for disabling Authenticated JTAG. More... | |
| #define | XLOADER_AUTH_JTAG_LOCK_DIS_MASK (0x600000U) |
| Mask for disabling Authenticated JTAG after secure lockdown. More... | |
| #define | XLOADER_AUTH_JTAG_DATA_LEN_IN_WORDS (512U) |
| Authenticated JTAG data length(in words) More... | |
| #define | XLOADER_AUTH_JTAG_DATA_AH_LENGTH (104U) |
| Length of Authentication Header in Authenticated JTAG message. More... | |
| #define | XLOADER_AUTH_JTAG_MAX_ATTEMPTS (1U) |
| Maximum allowed attempts to authenticate JTAG message. More... | |
| #define | XLOADER_AUTH_JTAG_PADDING_SIZE (18U) |
| Authenticated JTAG padding size. More... | |
| #define | XLOADER_AUTH_JTAG_SHA_PADDING_SIZE (3U) |
| Authenticated SHA padding size. More... | |
| #define | XLOADER_ENABLE_AUTH_JTAG_SIGNATURE_SIZE (226U) |
| Authenticated JTAG signature size. More... | |
| #define | XLOADER_CONFIG_DAP_STATE_SECURE_DBG (0x01U) |
| DAP State enable secure Debug. More... | |
| #define | XLOADER_CONFIG_DAP_STATE_NONSECURE_DBG (0x02U) |
| DAP State enable non-secure Debug. More... | |
| #define | XLOADER_CONFIG_DAP_STATE_ALL_DBG (0x03U) |
| DAP State enable all Debug modes. More... | |
| #define | XLOADER_DAP_SECURITY_GATE_DISABLE_MASK (0xFFFFFFFFU) |
| MAsk to disable DAP security gate. More... | |
| #define | XLOADER_DAP_CFG_SPNIDEN_MASK (0x8U) |
| Mask to enable secure non-invasive debug. More... | |
| #define | XLOADER_DAP_CFG_SPIDEN_MASK (0x4U) |
| Mask to enable secure invasive debug. More... | |
| #define | XLOADER_DAP_CFG_NIDEN_MASK (0x2U) |
| Mask to enable non-secure non-invasive debug. More... | |
| #define | XLOADER_DAP_CFG_DBGEN_MASK (0x1U) |
| Mask to enable non-secure invasive debug. More... | |
| #define | XLOADER_DAP_CFG_ENABLE_ALL_DBG_MASK |
| Mask to enable all types of debug. More... | |
| #define | XLOADER_CRP_RST_DBG_ENABLE_MASK (0U) |
| Mask to enable debug for CRP_RST. More... | |
| #define | XLOADER_PMC_TAP_INST_DISABLE_MASK_0 (0x3DFFF8FDU) |
| Value to unmask instructions for Instruction mask 0 register. More... | |
| #define | XLOADER_PMC_TAP_INST_DISABLE_MASK_1 (0x05DBFF8FU) |
| Value to unmask instructions for Instruction mask 1 register. More... | |
| #define | XLOADER_CRP_RST_DBG_DPC_MASK (0x00000002U) |
| Value to reset DPC within the PMC only. More... | |
| #define | XLOADER_CRP_RST_DBG_RESET_MASK (0x00000001U) |
| Value to reset all debug in the LPD/FPD. More... | |
| #define | XLOADER_DAP_TIMEOUT_DISABLED (2U) |
| Timeout disabled for DAP. More... | |
| #define | XLOADER_PDI_DPACM_ENABLED (0x3U) |
| DPA counter measures are enabled in PDI. More... | |
| #define | XLOADER_PDI_DPACM_DISABLED (0U) |
| DPA counter measures are disabled in PDI. More... | |
| #define | EFUSE_CACHE_MISC_CTRL_CRYPTO_KAT_EN_MASK (0X00008000U) |
| Mask to enable running of KAT for Crypto engines. More... | |
| #define | XLOADER_KAT_DONE (0x000005F0U) |
| Value to indicate that KAT is done. More... | |
| #define | XLOADER_WORD_IN_BITS (32U) |
| Word length in bits. More... | |
| #define | XLOADER_WORD_IN_BITS_SHIFT (5U) |
| Value to shift word. More... | |
| #define | XLOADER_WORD_IN_BITS_MASK (0x1FU) |
| Value to mask word. More... | |
| #define | XLOADER_NOLOAD_VAL (0xFFFFFFFFU) |
| To indicate no load. More... | |
| #define | XLOADER_SPK_SIZE |
| Size of Secondary Public Key(in bytes) in Authentication Certificate. More... | |
| #define | XLOADER_PPK_SIZE |
| Size of Primary Public Key(in bytes) in Authentication Certificate. More... | |
| #define | XLOADER_AUTH_CERT_MIN_SIZE |
| Minimum Size of Authentication Certificate(in bytes) More... | |
| #define | XLOADER_AC_AH_PUB_STRENGTH_MASK (0xF0U) |
| Mask for Public Strength in Authentication Certificate. More... | |
| #define | XLOADER_AC_AH_PUB_STRENGTH_SHIFT (0x4U) |
| Shift for Public Strength in Authentication Certificate. More... | |
| #define | XLOADER_PUB_STRENGTH_ECDSA_P384 (0x0U) |
| Value of ECDSA P-384 as Public Strength in Authentication Certificate. More... | |
| #define | XLOADER_PUB_STRENGTH_RSA_4096 (0x1U) |
| Value of RSA 4096 as Public Strength in Authentication Certificate. More... | |
| #define | XLOADER_PUB_STRENGTH_ECDSA_P521 (0x2U) |
| Value of ECDSA P-521 as Public Strength in Authentication Certificate. More... | |
RSA PSS Padding | |
| #define | XLOADER_RSA_SIG_EXP_BYTE (0xBCU) |
| < Macro definitions related to RSA PSS padding More... | |
| #define | XLOADER_RSA_EM_MSB_EXP_BYTE (0x0U) |
| #define | XLOADER_I2OSP_INT_LIMIT (256U) |
| #define | XLOADER_RSA_PSS_SALT_LEN (XLOADER_SHA3_LEN) |
| #define | XLOADER_RSA_PSS_PADDING1 (8U) |
| #define | XLOADER_RSA_PSS_BUFFER_LEN (480U) |
Masks for KAT status | |
| #define | XLOADER_PPDI_KAT_MASK (0x03U) |
| < Masks are used to determine if KAT for the respective crypto hardware has already been run or not. More... | |
| #define | XLOADER_PPDI_RED_KEY_CLR_MASK (0x0CU) |
| Red key clear mask. More... | |
Enumerations | |
| enum | XLoader_AuthType { XLOADER_ECDSA, XLOADER_RSA } |
| enum | XLoader_PpkSel { XLOADER_PPK_SEL_0, XLOADER_PPK_SEL_1, XLOADER_PPK_SEL_2 } |
Functions | |
| int | XLoader_ReadAndVerifySecureHdrs (XLoader_SecureParams *SecurePtr, XilPdi_MetaHdr *MetaHdr) |
| This function authenticates and/or decrypts the image headers and partition headers and copies the contents to the corresponding structures. More... | |
| int | XLoader_SecureValidations (const XLoader_SecureParams *SecurePtr) |
| This function checks if authentication/encryption is compulsory. More... | |
| int | XLoader_SecureAuthInit (XLoader_SecureParams *SecurePtr, const XilPdi_PrtnHdr *PrtnHdr) |
| This function initializes authentication parameters of XLoader_SecureParams's instance. More... | |
| int | XLoader_SecureEncInit (XLoader_SecureParams *SecurePtr, const XilPdi_PrtnHdr *PrtnHdr) |
| This function initializes encryption parameters of XLoader_SecureParams's instance. More... | |
| int | XLoader_AuthEncClear (void) |
| This function is called to clear secure critical data related to authentication and encryption in case of exceptions. More... | |
| int | XLoader_ProcessAuthEncPrtn (XLoader_SecureParams *SecurePtr, u64 DestAddr, u32 BlockSize, u8 Last) |
| This function performs authentication and decryption of the partition. More... | |
| int | XLoader_RsaPssSignVerify (u8 *MsgHash, XSecure_Rsa *RsaInstPtr, u8 *Signature, u32 KeySize) |
| This function encrypts the RSA signature provided and performs required PSS operations to extract salt and calculates M prime hash and compares with hash obtained from EM. More... | |
| void | XLoader_ClearKatOnPPDI (XilPdi *PdiPtr, u32 PlmKatMask) |
| This function updates the KAT status. More... | |
| int | XLoader_AddAuthJtagToScheduler (void) |
| This function adds periodic checks of the status of Auth JTAG interrupt status to the scheduler. More... | |
| int | XLoader_CheckAuthJtagIntStatus (void *Arg) |
| This function checks the status of Auth JTAG interrupt status and it disables the Jtag as per the timeout set by user. More... | |
| int | XLoader_IsPpkValid (XLoader_PpkSel PpkSelect, const u8 *PpkHash) |
| The function reads PPK invalid bits. More... | |
| int | XLoader_IsAdditionalPpkValid (const u8 *PpkHash) |
| This function verifies whether the additional PPK is valid. More... | |
| int | XLoader_AdditionalPpkSelect (XLoader_PpkSel PpkSelect, u32 *InvalidMask, u32 *PpkOffset) |
| This function checks for the additional PPK select and returns the PPK invalid mask and PPK efuse cache start offset if PPK is valid. More... | |
| int | XLoader_ClearAesKey (u32 *DecKeySrc) |
| This function clears the AES keys when RedKeyClear is set in PMC RAM. More... | |
| int | XLoader_CheckSecureStateAuth (volatile u32 *AHWRoT) |
| This function checks Secure State for Authentication. More... | |
| int | XLoader_CheckSecureState (u32 RegVal, u32 Var, u32 ExpectedValue) |
| This function checks if the secure state of boot matches the expected value or not. More... | |
| int | XLoader_ImgHdrTblAuth (XLoader_SecureParams *SecurePtr) |
| This function authenticates the image header table. More... | |
| int | XLoader_DataAuth (XLoader_SecureParams *SecurePtr, u8 *Hash, u8 *Signature) |
| This function authenticates the data with SPK. More... | |
| #define EFUSE_CACHE_MISC_CTRL_CRYPTO_KAT_EN_MASK (0X00008000U) |
Mask to enable running of KAT for Crypto engines.
| #define XLOADER_128_BIT_ALIGNED_MASK (0x0FU) |
Mask to check if data is 128-bit aligned.
AES key source
| #define XLOADER_AC_AH_DNA_MASK (0x03U) |
Mask for DNA in Authentication Certificate.
| #define XLOADER_AC_AH_PUB_STRENGTH_MASK (0xF0U) |
Mask for Public Strength in Authentication Certificate.
| #define XLOADER_AC_AH_PUB_STRENGTH_SHIFT (0x4U) |
Shift for Public Strength in Authentication Certificate.
| #define XLOADER_AC_AH_REVOKE_ID_MASK (0xFFU) |
Mask for Revocation ID.
| #define XLOADER_AUTH_CERT_MIN_SIZE |
Minimum Size of Authentication Certificate(in bytes)
Referenced by XLoader_ReadAndVerifySecureHdrs(), and XLoader_SecureAuthInit().
| #define XLOADER_AUTH_CERT_USER_DATA ((u32)64U - XLOADER_AUTH_HEADER_SIZE) |
Size of User Data(in bytes) in Authentication Certificate.
| #define XLOADER_AUTH_HEADER_SIZE (8U) |
Size of Authentication header(in bytes) in Authentication Certificate.
| #define XLOADER_AUTH_JTAG_DATA_AH_LENGTH (104U) |
Length of Authentication Header in Authenticated JTAG message.
| #define XLOADER_AUTH_JTAG_DATA_LEN_IN_WORDS (512U) |
Authenticated JTAG data length(in words)
| #define XLOADER_AUTH_JTAG_DIS_MASK (0x180000U) |
Mask for disabling Authenticated JTAG.
| #define XLOADER_AUTH_JTAG_IDWORD (0x58414A47U) |
Authenticated JTAG ID word.
| #define XLOADER_AUTH_JTAG_LOCK_DIS_MASK (0x600000U) |
Mask for disabling Authenticated JTAG after secure lockdown.
Referenced by XLoader_CheckAuthJtagIntStatus().
| #define XLOADER_AUTH_JTAG_MAX_ATTEMPTS (1U) |
Maximum allowed attempts to authenticate JTAG message.
Referenced by XLoader_CheckAuthJtagIntStatus().
| #define XLOADER_AUTH_JTAG_PADDING_SIZE (18U) |
Authenticated JTAG padding size.
| #define XLOADER_AUTH_JTAG_SHA_PADDING_SIZE (3U) |
Authenticated SHA padding size.
| #define XLOADER_BBRAM_BLK_KEY (0x3A5C3C59U) |
BBRAM Black Key.
Referenced by XLoader_GetKekSrc().
| #define XLOADER_BBRAM_KEY (0x3A5C3C5AU) |
BBRAM Key.
Referenced by XLoader_SecureEncInit().
| #define XLOADER_BBRAM_RED_KEY (0x00000001U) |
Decrypted key stored in BBRAM.
Referenced by XLoader_GetKekSrc().
| #define XLOADER_BH_BLK_KEY (0xA35C7C53U) |
Boot Header Black Key.
Referenced by XLoader_GetKekSrc().
| #define XLOADER_BHDR_RED_KEY (0x00000002U) |
Decrypted key stored in Bootheader.
Referenced by XLoader_GetKekSrc().
| #define XLOADER_BHDR_SIG_SIZE XLOADER_RSA_4096_KEY_SIZE |
Size of Bootheader signature(in bytes) in Authentication Certificate.
| #define XLOADER_CONFIG_DAP_STATE_ALL_DBG (0x03U) |
DAP State enable all Debug modes.
| #define XLOADER_CONFIG_DAP_STATE_NONSECURE_DBG (0x02U) |
DAP State enable non-secure Debug.
Referenced by XLoader_ConfigureJtagState().
| #define XLOADER_CONFIG_DAP_STATE_SECURE_DBG (0x01U) |
DAP State enable secure Debug.
| #define XLOADER_CRP_RST_DBG_DPC_MASK (0x00000002U) |
Value to reset DPC within the PMC only.
| #define XLOADER_CRP_RST_DBG_ENABLE_MASK (0U) |
Mask to enable debug for CRP_RST.
| #define XLOADER_CRP_RST_DBG_OFFSET (0xF1260400U) |
CRP reset debug register address.
| #define XLOADER_CRP_RST_DBG_RESET_MASK (0x00000001U) |
Value to reset all debug in the LPD/FPD.
| #define XLOADER_DAP_CFG_DBGEN_MASK (0x1U) |
Mask to enable non-secure invasive debug.
| #define XLOADER_DAP_CFG_ENABLE_ALL_DBG_MASK |
Mask to enable all types of debug.
Referenced by XLoader_EnableJtag().
| #define XLOADER_DAP_CFG_NIDEN_MASK (0x2U) |
Mask to enable non-secure non-invasive debug.
| #define XLOADER_DAP_CFG_SPIDEN_MASK (0x4U) |
Mask to enable secure invasive debug.
| #define XLOADER_DAP_CFG_SPNIDEN_MASK (0x8U) |
Mask to enable secure non-invasive debug.
| #define XLOADER_DAP_SECURITY_GATE_DISABLE_MASK (0xFFFFFFFFU) |
MAsk to disable DAP security gate.
| #define XLOADER_DAP_TIMEOUT_DISABLED (2U) |
Timeout disabled for DAP.
| #define XLOADER_ECDSA_MAX_KEYSIZE XLOADER_ECDSA_P521_KEYSIZE |
ECDSA Max Key size(in bytes)
| #define XLOADER_ECDSA_P384_KEYSIZE (48U) |
Key size(in bytes) for ECDSA P-384 curve.
| #define XLOADER_ECDSA_P521_KEYSIZE (66U) |
Key size(in bytes) for ECDSA P-521 curve.
| #define XLOADER_EFUSE_BLK_KEY (0xA5C3C5A5U) |
eFUSE Black Key
Referenced by XLoader_GetKekSrc().
| #define XLOADER_EFUSE_CACHE_SECURITY_CONTROL_OFFSET (0xF12500ACU) |
Security Control register address.
Referenced by XLoader_AddDeviceStateChangeToScheduler(), and XLoader_CheckAuthJtagIntStatus().
| #define XLOADER_EFUSE_DNA_LEN_IN_BYTES |
Size of DNA(in bytes)
| #define XLOADER_EFUSE_DNA_NUM_ROWS (4U) |
Number of eFUSE rows for DNA.
| #define XLOADER_EFUSE_DNA_START_OFFSET (0xF1250020U) |
DNA start register address.
| #define XLOADER_EFUSE_IV_BLACK_OBFUS_END_OFFSET (0xF12501D8U) |
Black IV start register address.
| #define XLOADER_EFUSE_IV_BLACK_OBFUS_START_OFFSET (0xF12501D0U) |
Black IV start register address.
| #define XLOADER_EFUSE_IV_METAHDR_END_OFFSET (0xF1250188U) |
Metaheader IV end register address.
| #define XLOADER_EFUSE_IV_METAHDR_START_OFFSET (0xF1250180U) |
Metaheader IV start register address.
| #define XLOADER_EFUSE_KEY (0xA5C3C5A3U) |
eFUSE Key
Referenced by XLoader_SecureEncInit().
| #define XLOADER_EFUSE_MISC_CTRL_ALL_PPK_INVLD (0x000000FCU) |
All PPKs invalid value for PPK0-PPK2.
| #define XLOADER_EFUSE_MISC_CTRL_PPK0_INVLD (0x0000000CU) |
PPK0 invalid value.
| #define XLOADER_EFUSE_MISC_CTRL_PPK1_INVLD (0x00000030U) |
PPK1 invalid value.
| #define XLOADER_EFUSE_MISC_CTRL_PPK2_INVLD (0x000000C0U) |
PPK2 invalid value.
| #define XLOADER_EFUSE_PPK_HASH_LEN (32U) |
PPK hash length stored in eFUSE.
| #define XLOADER_EFUSE_RED_KEY (0x00000004U) |
Decrypted key stored in eFUSE AES key.
Referenced by XLoader_GetKekSrc().
| #define XLOADER_EFUSE_REVOCATION_ID_0_OFFSET (0xF12500B0U) |
Revocation ID 0 register address.
| #define XLOADER_EFUSE_REVOCATION_ID_7_OFFSET (0xF12500CCU) |
Revocation ID 7 register address.
| #define XLOADER_EFUSE_SEC_DPA_DIS_MASK (0xFFFF0000U) |
DPA CM disabled mask.
| #define XLOADER_EFUSE_SEC_MISC1_OFFSET (0xF12500E8U) |
Security Misc1 register address.
| #define XLOADER_EFUSE_USR0_RED_KEY (0x00000008U) |
Decrypted key stored in eFUSE User 0 key.
| #define XLOADER_EFUSE_USR1_RED_KEY (0x00000010U) |
Decrypted key stored in eFUSE User 1 key.
| #define XLOADER_EFUSE_USR_BLK_KEY0 (0x5C3CA5A5U) |
eFUSE User key 0 Black
| #define XLOADER_EFUSE_USR_BLK_KEY1 (0xC3A5C5A5U) |
eFUSE User key 1 Black
| #define XLOADER_EFUSE_USR_KEY0 (0x5C3CA5A3U) |
eFUSE User Key 0
| #define XLOADER_EFUSE_USR_KEY1 (0xC3A5C5A3U) |
eFUSE User Key 1
| #define XLOADER_ENABLE_AUTH_JTAG_SIGNATURE_SIZE (226U) |
Authenticated JTAG signature size.
| #define XLOADER_KAT_DONE (0x000005F0U) |
Value to indicate that KAT is done.
| #define XLOADER_NOLOAD_VAL (0xFFFFFFFFU) |
To indicate no load.
Referenced by XLoader_DataAuth().
| #define XLOADER_OPTIMIZED_AUTH_CERT_MIN_SIZE |
Minimum Size of Optimized Authentication Certificate(in bytes)
| #define XLOADER_PARTITION_SIG_SIZE XLOADER_RSA_4096_KEY_SIZE |
Size of Partition signature(in bytes) in Authentication Certificate.
| #define XLOADER_PDI_DPACM_DISABLED (0U) |
DPA counter measures are disabled in PDI.
Misc Control register address
| #define XLOADER_PDI_DPACM_ENABLED (0x3U) |
DPA counter measures are enabled in PDI.
| #define XLOADER_PMC_TAP_AUTH_JTAG_DATA_OFFSET (0xF11B0030U) |
Authenticated JTAG Data start register address.
| #define XLOADER_PMC_TAP_AUTH_JTAG_INT_STATUS_MASK (0x1U) |
Mask for Authenticated JTAG interrupt status.
Referenced by XLoader_CheckAuthJtagIntStatus().
| #define XLOADER_PMC_TAP_AUTH_JTAG_INT_STATUS_OFFSET (0xF11B0018U) |
Authenticated JTAG interrupt status register address.
Referenced by XLoader_CheckAuthJtagIntStatus().
| #define XLOADER_PMC_TAP_DAP_CFG_OFFSET (0xF11B0008U) |
DAP CFG register address.
| #define XLOADER_PMC_TAP_DAP_SECURITY_OFFSET (0xF11B000CU) |
DAP security register address.
| #define XLOADER_PMC_TAP_INST_DISABLE_MASK_0 (0x3DFFF8FDU) |
Value to unmask instructions for Instruction mask 0 register.
| #define XLOADER_PMC_TAP_INST_DISABLE_MASK_1 (0x05DBFF8FU) |
Value to unmask instructions for Instruction mask 1 register.
| #define XLOADER_PMC_TAP_INST_MASK_1_OFFSET (0xF11B0004U) |
Instruction Mask 1 register address.
| #define XLOADER_PPDI_KAT_MASK (0x03U) |
< Masks are used to determine if KAT for the respective crypto hardware has already been run or not.
PPDI KAT mask
| #define XLOADER_PPDI_RED_KEY_CLR_MASK (0x0CU) |
Red key clear mask.
| #define XLOADER_PPK_SIZE |
Size of Primary Public Key(in bytes) in Authentication Certificate.
Referenced by XLoader_DataAuth().
| #define XLOADER_PUB_STRENGTH_ECDSA_P384 (0x0U) |
Value of ECDSA P-384 as Public Strength in Authentication Certificate.
| #define XLOADER_PUB_STRENGTH_ECDSA_P521 (0x2U) |
Value of ECDSA P-521 as Public Strength in Authentication Certificate.
| #define XLOADER_PUB_STRENGTH_RSA_4096 (0x1U) |
Value of RSA 4096 as Public Strength in Authentication Certificate.
| #define XLOADER_PUF_HD_BHDR (0x3U) |
Value of PUF HD stored in bootheader.
| #define XLOADER_PUF_HD_EFUSE (0x0U) |
Value of PUF HD stored in efuse.
KEK key decryption status
| #define XLOADER_REVOCATION_IDMAX (0xFFU) |
Maximum value of Revocation ID.
| #define XLOADER_RSA_4096_KEY_SIZE (4096U/8U) |
RSA 4096 key size.
Size of Primary Public Key(in bytes) in Authentication Certificate
| #define XLOADER_RSA_SIG_EXP_BYTE (0xBCU) |
< Macro definitions related to RSA PSS padding
| #define XLOADER_SECURE_GCM_TAG_SIZE (16U) |
GCM Tag Size(in bytes)
| #define XLOADER_SECURE_HDR_SIZE (48U) |
Secure Header Size(in bytes)
| #define XLOADER_SECURE_HDR_TOTAL_SIZE |
Total size of Secure Header (in bytes)
Referenced by XLoader_ProcessAuthEncPrtn().
| #define XLOADER_SECURE_IV_LEN (4U) |
Secure IV length in words.
| #define XLOADER_SECURE_IV_NUM_ROWS (3U) |
No.
of eFUSE rows for Secure IV
| #define XLOADER_SPK_SIG_SIZE XLOADER_RSA_4096_KEY_SIZE |
Size of SPK signature(in bytes) in Authentication Certificate.
| #define XLOADER_SPK_SIZE |
Size of Secondary Public Key(in bytes) in Authentication Certificate.
| #define XLOADER_USR_KEY0 (0xC5C3A5A3U) |
User Key 0.
| #define XLOADER_USR_KEY1 (0xC3A5C5B3U) |
User Key 1.
| #define XLOADER_USR_KEY2 (0xC5C3A5C3U) |
User Key 2.
| #define XLOADER_USR_KEY3 (0xC3A5C5D3U) |
User Key 3.
| #define XLOADER_USR_KEY4 (0xC5C3A5E3U) |
User Key 4.
| #define XLOADER_USR_KEY5 (0xC3A5C5F3U) |
User Key 5.
| #define XLOADER_USR_KEY6 (0xC5C3A563U) |
User Key 6.
| #define XLOADER_USR_KEY7 (0xC3A5C573U) |
User Key 7.
eFUSE related macro definitions Misc Ctrl register address
| #define XLOADER_WORD_IN_BITS (32U) |
Word length in bits.
| #define XLOADER_WORD_IN_BITS_MASK (0x1FU) |
Value to mask word.
| #define XLOADER_WORD_IN_BITS_SHIFT (5U) |
Value to shift word.
| enum XLoader_AuthType |
| enum XLoader_PpkSel |