18 #ifndef SECURITY_PAL_H_
19 #define SECURITY_PAL_H_
30 #include "security_pal_cfg.h"
77 #if (defined(SECURITY_OVER_HSM))
78 SECURITY_RAM_KEY = 0xEU,
79 #elif (defined(SECURITY_OVER_CSEC))
80 SECURITY_RAM_KEY = 0xFU,
89 #if (defined(SECURITY_OVER_HSM))
113 #if (defined(SECURITY_OVER_HSM))
114 SECURITY_CMD_NONE = 0U,
128 #if (defined(SECURITY_OVER_CSEC))
129 SECURITY_CMD_RESERVED_1,
130 #elif (defined(SECURITY_OVER_HSM))
131 SECURITY_CMD_SECURE_BOOT,
136 #if (defined(SECURITY_OVER_CSEC))
137 SECURITY_CMD_BOOT_DEFINE,
138 #elif (defined(SECURITY_OVER_HSM))
139 SECURITY_CMD_BOOT_CANCEL,
143 #if (defined(SECURITY_OVER_CSEC))
144 SECURITY_CMD_RESERVED_2,
145 SECURITY_CMD_RESERVED_3,
146 SECURITY_CMD_MP_COMPRESS
147 #elif (defined(SECURITY_OVER_HSM))
148 SECURITY_CMD_TRNG_RND,
149 SECURITY_CMD_GET_VER,
150 SECURITY_CMD_CHANGE_TRNG_CLK_SOURCE
168 #if defined(__cplusplus)
212 const uint8_t *plainText,
236 const uint8_t *cipherText,
261 const uint8_t *plainText,
287 const uint8_t *cipherText,
393 const uint8_t *plainKey,
436 const uint8_t *entropy,
488 const uint8_t *challenge,
509 uint32_t bootImageSize,
510 const uint8_t *bootImagePtr,
592 const uint8_t *authorization,
679 const uint8_t *plainText,
681 uint8_t *cipherText);
703 const uint8_t *cipherText,
728 const uint8_t *plainText,
731 uint8_t *cipherText);
754 const uint8_t *cipherText,
813 #if defined(__cplusplus)
status_t SECURITY_CancelCommand(security_instance_t instance)
Cancel Command.
status_t SECURITY_LoadKey(security_instance_t instance, security_key_id_t keyId, const uint8_t *m1, const uint8_t *m2, const uint8_t *m3, uint8_t *m4, uint8_t *m5, uint32_t timeout)
Load Key.
status_t SECURITY_ExtendSeed(security_instance_t instance, const uint8_t *entropy, uint32_t timeout)
Initialize Random Number Generator.
Define user configuration Implements : security_user_config_t_Class.
status_t SECURITY_DecryptEcb(security_instance_t instance, security_key_id_t keyId, const uint8_t *cipherText, uint32_t msgLen, uint8_t *plainText)
Decrypt ECB.
status_t SECURITY_GenerateMacBlocking(security_instance_t instance, security_key_id_t keyId, const uint8_t *msg, uint64_t msgLen, uint8_t *cmac, uint32_t timeout)
MAC Generation.
status_t SECURITY_GenerateMac(security_instance_t instance, security_key_id_t keyId, const uint8_t *msg, uint64_t msgLen, uint8_t *cmac)
Generate MAC.
status_t SECURITY_EncryptCbc(security_instance_t instance, security_key_id_t keyId, const uint8_t *plainText, uint32_t msgLen, const uint8_t *iv, uint8_t *cipherText)
Encrypt CBC.
status_t SECURITY_DbgChal(security_instance_t instance, uint8_t *challenge, uint32_t timeout)
Debug Challenge.
status_t SECURITY_BootFailure(security_instance_t instance, uint32_t timeout)
Boot Failure.
security_boot_flavor_t
Defines the security boot flavor Implements : security_boot_flavor_t_Class.
status_t SECURITY_EncryptEcb(security_instance_t instance, security_key_id_t keyId, const uint8_t *plainText, uint32_t msgLen, uint8_t *cipherText)
Encrypt ECB.
status_t SECURITY_DecryptCbc(security_instance_t instance, security_key_id_t keyId, const uint8_t *cipherText, uint32_t msgLen, const uint8_t *iv, uint8_t *plainText)
Decrypt CBC.
status_t SECURITY_DecryptEcbBlocking(security_instance_t instance, security_key_id_t keyId, const uint8_t *cipherText, uint32_t msgLen, uint8_t *plainText, uint32_t timeout)
ECB Decryption.
status_t
Status return codes. Common error codes will be a unified enumeration (C enum) that will contain all ...
void(* security_callback_t)(uint32_t completedCmd, void *callbackParam)
Callback for security modules.
status_t SECURITY_ExportRamKey(security_instance_t instance, uint8_t *m1, uint8_t *m2, uint8_t *m3, uint8_t *m4, uint8_t *m5, uint32_t timeout)
Export RAM key.
status_t SECURITY_Deinit(security_instance_t instance)
De-initializes the SECURITY module.
status_t SECURITY_EncryptCbcBlocking(security_instance_t instance, security_key_id_t keyId, const uint8_t *plainText, uint32_t msgLen, const uint8_t *iv, uint8_t *cipherText, uint32_t timeout)
CBC Decryption.
status_t SECURITY_LoadPlainKey(security_instance_t instance, const uint8_t *plainKey, uint32_t timeout)
Load Plain Key.
status_t SECURITY_VerifyMacBlocking(security_instance_t instance, security_key_id_t keyId, const uint8_t *msg, uint64_t msgLen, const uint8_t *mac, uint16_t macLen, bool *verifStatus, uint32_t timeout)
MAC Verification.
security_callback_t callback
security_key_id_t
Defines the security keys Implements : security_key_id_t_Class.
security_cmd_t
Defines the security command Implements : security_cmd_t_Class.
status_t SECURITY_VerifyMac(security_instance_t instance, security_key_id_t keyId, const uint8_t *msg, uint64_t msgLen, const uint8_t *mac, uint16_t macLen, bool *verifStatus)
Verify MAC.
status_t SECURITY_SecureBoot(security_instance_t instance, uint32_t bootImageSize, const uint8_t *bootImagePtr, uint32_t timeout)
Secure boot.
status_t SECURITY_MPCompress(security_instance_t instance, const uint8_t *msg, uint32_t msgLen, uint8_t *mpCompress, uint32_t timeout)
Miyaguchi-Prenell Compression.
status_t SECURITY_Init(security_instance_t instance, const security_user_config_t *config)
Initializes the SECURITY module.
status_t SECURITY_GenerateTrnd(security_instance_t instance, uint8_t *trnd, uint32_t timeout)
Generate True Random Number.
status_t SECURITY_BootDefine(security_instance_t instance, uint32_t bootSize, security_boot_flavor_t bootFlavor, uint32_t timeout)
Boot Define.
status_t SECURITY_EncryptEcbBlocking(security_instance_t instance, security_key_id_t keyId, const uint8_t *plainText, uint32_t msgLen, uint8_t *cipherText, uint32_t timeout)
ECB Encryption.
status_t SECURITY_DecryptCbcBlocking(security_instance_t instance, security_key_id_t keyId, const uint8_t *cipherText, uint32_t msgLen, const uint8_t *iv, uint8_t *plainText, uint32_t timeout)
CBC Decryption.
status_t SECURITY_GenerateRnd(security_instance_t instance, uint8_t *rnd, uint32_t timeout)
Generate RND.
status_t SECURITY_GetAsyncCmdStatus(security_instance_t instance)
Get asynchronous command status.
status_t SECURITY_DbgAuth(security_instance_t instance, const uint8_t *authorization, uint32_t timeout)
Debug Authentification.
security_instance_t
Define instances for SECURITY PAL Implements : security_instance_t_Class.
status_t SECURITY_BootOk(security_instance_t instance, uint32_t timeout)
Boot Ok.
status_t SECURITY_GetId(security_instance_t instance, const uint8_t *challenge, uint8_t *uid, uint8_t *sreg, uint8_t *mac, uint32_t timeout)
Get ID.
status_t SECURITY_InitRng(security_instance_t instance, uint32_t timeout)
Initialize Random Number Generator.