WS63 SDK 文档 7021f4f@fbb_ws63
ws63 和 ws63e 解决方案的 SDK 文档
载入中...
搜索中...
未找到
crypto_security.h
浏览该文件的文档.
1
9#ifndef CRYPTO_SECURITY_H
10#define CRYPTO_SECURITY_H
11
12#ifdef __cplusplus
13#if __cplusplus
14extern "C" {
15#endif /* __cplusplus */
16#endif /* __cplusplus */
17
18/************************************************** secure enhance start************************************/
19/* here is the standard API define for cooperate with the secure enhance and no secure enhance version.
20 you can follow the hal_pke.h to define your own version.
21 eg.
22 define API: void hal_pke_get_ram(td_u32 ram_section, unsigned char *data, td_u32 data_len CIPHER_CHECK_WORD);
23 call API: hal_pke_get_ram(sec_arg_add_cs(ram_section, data, data_len));
24 inner chk_sum == check_word: check_sum_inspect(ram_section, data, data_len);
25*/
26
27/* for boot default open secure enhance */
28#ifdef SEC_ENHANCE
29#define CIPHER_CHECK_WORD , const unsigned long check_word
30#define CRYPTO_ROM_CHECK_WORD , check_word
31
32#ifndef SEC_CS_CONST
33#define SEC_CS_CONST 0x0
34#endif
35
36#define security_inner_sec_count_args(dummy, a, b, c, d, e, f, g, count, ...) count
37#define security_sec_count_args(...) security_inner_sec_count_args(dummy, ##__VA_ARGS__, 7, 6, 5, 4, 3, 2, 1, 0)
38
39#define security_sec_cs_1(a) ((unsigned long) ~((unsigned long)a) ^ SEC_CS_CONST)
40#define security_sec_cs_2(a, b) ((unsigned long)(a) ^ (unsigned long)(b) ^ SEC_CS_CONST)
41#define security_sec_cs_3(a, b, c) ((unsigned long)(a) ^ (unsigned long)(b) ^ (unsigned long)(c) ^ SEC_CS_CONST)
42#define security_sec_cs_4(a, b, c, d) \
43 ((unsigned long)(a) ^ (unsigned long)(b) ^ (unsigned long)(c) ^ (unsigned long)(d) ^ SEC_CS_CONST)
44#define security_sec_cs_5(a, b, c, d, e) ((unsigned long)(a) ^ (unsigned long)(b) ^ (unsigned long)(c) ^ \
45 (unsigned long)(d) ^ (unsigned long)(e) ^ SEC_CS_CONST)
46#define security_sec_cs_6(a, b, c, d, e, f) \
47 ((unsigned long)(a) ^ (unsigned long)(b) ^ (unsigned long)(c) ^ (unsigned long)(d) ^ (unsigned long)(e) ^ \
48 (unsigned long)(f) ^ SEC_CS_CONST)
49#define security_sec_cs_7(a, b, c, d, e, f, g) \
50 ((unsigned long)(a) ^ (unsigned long)(b) ^ (unsigned long)(c) ^ (unsigned long)(d) ^ (unsigned long)(e) ^ \
51 (unsigned long)(f) ^ (unsigned long)(g) ^ SEC_CS_CONST)
52#define security_inner_sec_cs(a, ...) security_sec_cs_##a(__VA_ARGS__)
53#define security_sec_cs(...) security_inner_sec_cs(__VA_ARGS__)
54
55#define sec_cs(...) security_sec_cs(_sec_count_args(__VA_ARGS__), __VA_ARGS__)
56
57#define check_sum_inspect(err_ret, ...) do { \
58 if (check_word != sec_cs(__VA_ARGS__)) { \
59 return err_ret; \
60 }; \
61} while (0)
62
63#define check_sum_assert(...) do { \
64 crypto_log_err("drv_assert_eq \n"); \
65 drv_assert_eq(check_word, sec_cs(__VA_ARGS__)); \
66} while (0)
67
68#define sec_arg_add_cs(...) __VA_ARGS__, sec_cs(__VA_ARGS__)
69
70/* call back for secure enhancement */
71#define reg_callback_chk(reg_micro, expect_val) do { \
72 crypto_log_err("drv_assert_eq \n"); \
73 drv_assert_eq(pke_reg_read(reg_micro), expect_val); \
74} while (0)
75#define val_enhance_chk(chk_val, expect_val) do { \
76 crypto_log_err("drv_assert_eq \n"); \
77 drv_assert_eq(chk_val, expect_val); \
78} while (0)
79#define ret_enhance_chk(chk_val, expect_val) do { \
80 crypto_log_err("drv_assert_eq \n"); \
81 drv_assert_eq(chk_val, expect_val); \
82} while (0)
83
84/* for security functions */
85#define memset_enhance_chk_return(ret, dest, destMax, c, count) do { \
86 ret = memset_ss(sec_arg_add_cs(dest, destMax, c, count)); \
87 crypto_chk_func_return(memset_ss, ret); \
88} while (0)
89#define memcpy_enhance_chk_return(ret, dest, destMax, c, count) do { \
90 ret = memcpy_ss(sec_arg_add_cs(dest, destMax, c, count)); \
91 crypto_chk_func_return(memcpy_ss, ret); \
92} while (0)
93#define memcmp_enhance_chk_return(ret, cs, ct, count) do { \
94 ret = memcmp_ss(sec_arg_add_cs(cs, ct, count)); \
95 crypto_chk_func_return(memcmp_ss, ret); \
96} while (0)
97#define memset_enhance_chk_goto(ret, dest, destMax, c, count, label) do { \
98 ret = memset_ss(sec_arg_add_cs(dest, destMax, c, count)); \
99 crypto_chk_goto(((ret) != TD_SUCCESS), label, "memset_ss failed, ret = 0x%x\r\n", ret); \
100} while (0)
101#define memcpy_enhance_chk_goto(ret, dest, destMax, c, count, label) do { \
102 ret = memcpy_ss(sec_arg_add_cs(dest, destMax, c, count)); \
103 crypto_chk_goto(((ret) != TD_SUCCESS), label, "memcpy_ss failed, ret = 0x%x\r\n", ret); \
104} while (0)
105#define memcmp_enhance_chk_goto(ret, cs, ct, count, label) do { \
106 ret = memcmp_ss(sec_arg_add_cs(cs, ct, count)); \
107 crypto_chk_goto(((ret) != TD_SUCCESS), label, "memcmp_ss failed, ret = 0x%x\r\n", ret); \
108} while (0)
109
110#else /* SEC_ENHANCE */
111#define CIPHER_CHECK_WORD
112#define CRYPTO_ROM_CHECK_WORD
113#define sec_cs(...)
114#define check_sum_inspect(err_ret, ...)
115#define check_sum_assert(...)
116#define sec_arg_add_cs(...) __VA_ARGS__
117#define reg_callback_chk(reg_micro, expect_val)
118#define val_enhance_chk(chk_val, expect_val)
119#define ret_enhance_chk(chk_val, expect_val) do { \
120 crypto_chk_return(((chk_val) != (expect_val)), chk_val); \
121} while (0)
122
123/* for security functions */
124#define memset_enhance_chk_return(ret, dest, destMax, c, count) do { \
125 ret = memset_s(dest, destMax, c, count); \
126 crypto_chk_return(((ret) != EOK), TD_FAILURE, "memset_s failed, ret = 0x%x\r\n", ret); \
127} while (0)
128
129#define memcpy_enhance_chk_return(ret, dest, destMax, c, count) do { \
130 ret = memcpy_s(dest, destMax, c, count); \
131 crypto_chk_return(((ret) != EOK), TD_FAILURE, "memcpy_s failed, ret = 0x%x\r\n", ret); \
132} while (0)
133
134#define memcmp_enhance_chk_return(ret, cs, ct, count) do { \
135 ret = memcmp(cs, ct, count); \
136 crypto_chk_return(((ret) != EOK), TD_FAILURE, "memcmp failed, ret = 0x%x\r\n", ret); \
137} while (0)
138
139#define memset_enhance_chk_goto(ret, dest, destMax, c, count, label) do { \
140 ret = memset_s(dest, destMax, c, count); \
141 crypto_chk_goto_with_ret(ret, ((ret) != EOK), label, TD_FAILURE, "memset_s failed, ret = 0x%x\r\n", ret); \
142} while (0)
143
144#define memcpy_enhance_chk_goto(ret, dest, destMax, c, count, label) do { \
145 ret = memcpy_s(dest, destMax, c, count); \
146 crypto_chk_goto_with_ret(ret, ((ret) != EOK), label, TD_FAILURE, "memcpy_s failed, ret = 0x%x\r\n", ret); \
147} while (0)
148
149#define memcmp_enhance_chk_goto(ret, cs, ct, count) do { \
150 ret = memcmp(cs, ct, count); \
151 crypto_chk_goto_with_ret(ret, ((ret) != EOK), label, TD_FAILURE, "memcmp failed, ret = 0x%x\r\n", ret); \
152} while (0)
153
154#endif /* SEC_ENHANCE */
155/************************************************** secure enhance end************************************/
156
157/* for secure enhance. */
158int memcmp_ss(const void *cs, const void *ct, unsigned int count, unsigned long check_word);
159
160int memset_ss(void *dest, unsigned int dest_max, unsigned char c, unsigned int count, unsigned long check_word);
161
162int memcpy_ss(void *dest, unsigned int dest_max, const void *src, unsigned int count, unsigned long check_word);
163
164int memcmp_enhance(const void *cs, const void *ct, unsigned int count);
165
166int memset_enhance(void *dest, unsigned int dest_max, unsigned char c, unsigned int count);
167
168int memcpy_enhance(void *dest, unsigned int dest_max, const void *src, unsigned int count);
169
170void drv_assert_eq(unsigned int val1, unsigned int val2);
171
172#ifdef __cplusplus
173#if __cplusplus
174}
175#endif /* __cplusplus */
176#endif /* __cplusplus */
177
178#endif
memset_enhance
int memset_enhance(void *dest, unsigned int dest_max, unsigned char c, unsigned int count)
Definition crypto_security.c:113
memcpy_ss
int memcpy_ss(void *dest, unsigned int dest_max, const void *src, unsigned int count, unsigned long check_word)
memcmp_enhance
int memcmp_enhance(const void *cs, const void *ct, unsigned int count)
Definition crypto_security.c:106
memcmp_ss
int memcmp_ss(const void *cs, const void *ct, unsigned int count, unsigned long check_word)
memcpy_enhance
int memcpy_enhance(void *dest, unsigned int dest_max, const void *src, unsigned int count)
Definition crypto_security.c:120
memset_ss
int memset_ss(void *dest, unsigned int dest_max, unsigned char c, unsigned int count, unsigned long check_word)
drv_assert_eq
void drv_assert_eq(unsigned int val1, unsigned int val2)