| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 |
- /*
- * Copyright 2018-2021 NXP
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- *
- */
- #include <errno.h>
- #include <common/debug.h>
- #include <csf_hdr.h>
- #include <dcfg.h>
- #include <drivers/auth/crypto_mod.h>
- #include <snvs.h>
- #include <plat/common/platform.h>
- #include "plat_common.h"
- extern bool rotpk_not_dpld;
- extern uint8_t rotpk_hash_table[MAX_KEY_ENTRIES][SHA256_BYTES];
- extern uint32_t num_rotpk_hash_entries;
- /*
- * In case of secure boot, return ptr of rotpk_hash table in key_ptr and
- * number of hashes in key_len
- */
- int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
- unsigned int *flags)
- {
- uint32_t mode = 0U;
- *flags = ROTPK_NOT_DEPLOYED;
- /* ROTPK hash table must be available for secure boot */
- if (rotpk_not_dpld == true) {
- if (check_boot_mode_secure(&mode) == true) {
- /* Production mode, don;t continue further */
- if (mode == 1U) {
- return -EAUTH;
- }
- /* For development mode, rotpk flag false
- * indicates that SRK hash comparison might
- * have failed. This is not fatal error.
- * Continue in this case but transition SNVS
- * to non-secure state
- */
- transition_snvs_non_secure();
- return 0;
- } else {
- return 0;
- }
- }
- /*
- * We return the complete hash table and number of entries in
- * table for NXP platform specific implementation.
- * Here hash is always assume as SHA-256
- */
- *key_ptr = rotpk_hash_table;
- *key_len = num_rotpk_hash_entries;
- *flags = ROTPK_IS_HASH;
- return 0;
- }
- int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
- {
- /*
- * No support for non-volatile counter. Update the ROT key to protect
- * the system against rollback.
- */
- *nv_ctr = 0U;
- return 0;
- }
- int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
- {
- return 0;
- }
|
