FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

ls1046ardb: manufacturing-protection authentication process

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ls1046ardb: manufacturing-protection authentication process

‎07-04-2018 11:46 PM
961 Views
andreyrafalsky
Contributor III

Hi,

I have a issue with the generation of MPPrivK and MPPubK from kernel space. The part of my code is below.  

#define STD_BUF_SZ<---->256

#define OP_TYPE_SHIFT<-><------>24
#define OP_TYPE_MP_PUB_K_GENERATON<---->(0x06 << OP_TYPE_SHIFT)
#define OP_TYPE_MP_PRIV_K_GENERATON<--->(0x07 << OP_TYPE_SHIFT)

#define OP_PCLID_SHIFT<><------>16
#define OP_PCLID_PUBLICKEYPAIR<>(0x14 << OP_PCLID_SHIFT)

#define CMD_SHIFT<-----><------>27
#define CMD_OPERATION<-><------>(0x10 << CMD_SHIFT)

#define PDB_MP_CSEL_SHIFT<----->17
#define PDB_MP_CSEL_P256<------>0x3 << PDB_MP_CSEL_SHIFT<------>/* P-256 */
#define PDB_MP_CSEL_P384<------>0x4 << PDB_MP_CSEL_SHIFT<------>/* P-384 */
#define PDB_MP_CSEL_P521<------>0x5 << PDB_MP_CSEL_SHIFT<------>/* P-521 */

struct job_result {
<------>int error;
<------>struct completion completion;
};

struct pdb_mp_pub_k {
<------>u32 <--><------>pdb_hdr;
<------>#define PDB_MP_PUB_K_SGF_SHIFT<>31
<------>dma_addr_t <--->dma_pkey;<----->/* Pointer to Wx,y (public key) */
};

struct pdb_mp_priv_k {
<------>u32 <--><------>pdb_hdr;
<------>#define PDB_MP_PRIV_K_SGF_SHIFT>31
<------>dma_addr_t <--->dma_msg;<------>/* Pointer to m */
};

static void job_done(struct device *dev, u32 *desc, u32 err, void *context)
{
<------>struct job_result *res = context;
<------>if (err)
<------><------>caam_jr_strstatus(dev, err);
<------>res->error  = err;
<------>complete(&res->completion);
}

static int get_pub_key(struct device *jr_dev, u8 *outbuf)
{
<------>u32 *desc;
<------>u8 *pkey;
<------>int ret = -ENOMEM;
<------>struct job_result testres;
<------>struct pdb_mp_pub_k *pdb;

<------>pdb = kmalloc(sizeof(struct pdb_mp_pub_k), GFP_KERNEL | GFP_DMA);
<------>if (!pdb) {
<------><------>dev_err(jr_dev, "unable to allocate pdb memory\n");
<------><------>goto out_free;
<------>}

<------>pdb->pdb_hdr |= PDB_MP_CSEL_P256;
<------>pdb->pdb_hdr |= (1<<PDB_MP_PRIV_K_SGF_SHIFT);
<------>desc = kmalloc(MAX_CAAM_DESCSIZE, GFP_KERNEL | GFP_DMA);
<------>if (!desc) {
<------><------>dev_err(jr_dev, "unable to allocate desc memory\n");
<------><------>goto out_free;
<------>}

<------>memset(desc, 0, MAX_CAAM_DESCSIZE);

<------>pkey = kmalloc((STD_BUF_SZ*2), GFP_KERNEL | GFP_DMA);
<------>if(!pkey) {
<------><------>dev_err(jr_dev, "unable to allocate memory for public key\n");
<------><------>goto out_free;
<------>}

<------>memset(pkey, 0, (STD_BUF_SZ*2));

<------>pdb->dma_pkey = dma_map_single(jr_dev, (void *)pkey, STD_BUF_SZ*2,
<------><------><------><------>     DMA_TO_DEVICE);
<------>if (dma_mapping_error(jr_dev, pdb->dma_pkey)) {
<------><------>dev_err(jr_dev, "unable to map public key output memory\n");
<------><------>goto out_free;
<------>}

<------>init_job_desc_pdb(desc, 0, sizeof(struct pdb_mp_pub_k));
<------>dma_sync_single_for_device(jr_dev, pdb->dma_pkey, STD_BUF_SZ*2, DMA_TO_DEVICE);
<------>append_cmd(desc, pdb->pdb_hdr);
<------>append_ptr(desc, pdb->dma_pkey);
<------>append_operation(desc, CMD_OPERATION | OP_TYPE_MP_PUB_K_GENERATON \
<------><------><------><------>| OP_PCLID_PUBLICKEYPAIR);

<------>testres.error = 0;
<------>init_completion(&testres.completion);
<------>ret = caam_jr_enqueue(jr_dev, desc, job_done, &testres);
<------>if (!ret) {
<------><------>// in progress
<------><------>dev_info(jr_dev, "job ring return %d\n", testres.error);
<------><------>dma_sync_single_for_cpu(jr_dev, pdb->dma_pkey, STD_BUF_SZ*2, DMA_FROM_DEVICE);
<------><------>wait_for_completion(&testres.completion);
<------><------>ret = testres.error;
<------><------>if (ret) {
<------><------><------><------>goto out_free;
<------><------><------>}
<------>}

<------>dma_unmap_single(jr_dev, pdb->dma_pkey, STD_BUF_SZ*2, DMA_FROM_DEVICE);
<------>memcpy(outbuf, pkey, STD_BUF_SZ*2);

out_free:
<------>kfree(pkey);
<------>kfree(desc);
<------>return ret;
}

It doesn't return any errors. But outbuf is empty.

Advise me please right data flow for MP keys generation.

Thanks.

Best regards,

Andrey.

0 Kudos
Reply
2 Replies

‎07-28-2018 04:24 AM
812 Views
andreyrafalsky
Contributor III

Hi All,

This issue is still actual for me. Any information about this will be extremely useful.

Thanks.

Best regards,

Andrey.

0 Kudos
Reply

‎10-28-2018 07:52 PM
812 Views
yipingwang
NXP TechSupport
NXP TechSupport

Please refer to the attached MP key generate code in u-boot.


Have a great day,
TIC

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0001-crypto-fsl-Commands-to-support-manufacturing-protect.patch.zip
0 Kudos
Reply