1 #ifndef _BFLB_SEC_AES_H 2 #define _BFLB_SEC_AES_H 3 4 #include "bflb_core.h" 5 6 /** @addtogroup LHAL 7 * @{ 8 */ 9 10 /** @addtogroup SEC_AES 11 * @{ 12 */ 13 14 /** @defgroup AES_MODE aes mode definition 15 * @{ 16 */ 17 #define AES_MODE_ECB 0 18 #define AES_MODE_CTR 1 19 #define AES_MODE_CBC 2 20 #define AES_MODE_XTS 3 21 /** 22 * @} 23 */ 24 25 /** @defgroup AES_LINK_KEYBITS aes link mode keybits definition 26 * @{ 27 */ 28 #define AES_LINK_KEY_128BITS 0 29 #define AES_LINK_KEY_192BITS 2 30 #define AES_LINK_KEY_256BITS 1 31 #define AES_LINK_KEY_DOUBLE_128BITS 3 32 /** 33 * @} 34 */ 35 36 #define AES_LINK_XTS_MODE1 0 37 #define AES_LINK_XTS_MODE2 1 38 39 struct bflb_aes_link_s { 40 uint32_t : 3; /*!< [2:0]Reserved */ 41 uint32_t aes_key : 2; /*!< [4:3]128-bit/256-bit/192-bit/128-bit-double key mode select */ 42 uint32_t aes_dec_en : 1; /*!< [5]Encode or decode */ 43 uint32_t aes_newkey_dis : 1; /*!< [6]Use new key or use same key as last one */ 44 uint32_t aes_hwkey_en : 1; /*!< [7]Enable or disable using hardware hey */ 45 uint32_t : 1; /*!< [8]Reserved */ 46 uint32_t aes_intclr : 1; /*!< [9]Clear interrupt */ 47 uint32_t aes_intset : 1; /*!< [10]Set interrupt */ 48 uint32_t : 1; /*!< [11]Reserved */ 49 uint32_t aes_mode : 2; /*!< [13:12]ECB/CTR/CBC mode select */ 50 uint32_t aes_newiv_dis : 1; /*!< [14]Use new iv or use same iv as last one */ 51 uint32_t aes_xts : 1; /*!< [15]XTS mode select */ 52 uint32_t aes_msglen : 16; /*!< [31:16]Number of 128-bit block */ 53 uint32_t aes_srcaddr; /*!< Message source address */ 54 uint32_t aes_dstaddr; /*!< Message destination address */ 55 uint32_t aes_iv0; /*!< Big endian initial vector(MSB) */ 56 uint32_t aes_iv1; /*!< Big endian initial vector */ 57 uint32_t aes_iv2; /*!< Big endian initial vector */ 58 uint32_t aes_iv3; /*!< Big endian initial vector(LSB)(CTR mode:counter initial value) */ 59 uint32_t aes_key0; /*!< Big endian aes key(aes-128/256 key MSB) */ 60 uint32_t aes_key1; /*!< Big endian aes key */ 61 uint32_t aes_key2; /*!< Big endian aes key */ 62 uint32_t aes_key3; /*!< Big endian aes key(aes-128 key LSB) */ 63 uint32_t aes_key4; /*!< Big endian aes key */ 64 uint32_t aes_key5; /*!< Big endian aes key */ 65 uint32_t aes_key6; /*!< Big endian aes key */ 66 uint32_t aes_key7; /*!< Big endian aes key(aes-256 key LSB) */ 67 } __attribute__((aligned(4))); 68 69 struct bflb_aes_xts_link_s { 70 uint32_t : 3; /*!< [2:0]Reserved */ 71 uint32_t aes_key : 2; /*!< [4:3]128-bit/256-bit/192-bit/128-bit-double key mode select */ 72 uint32_t aes_dec_en : 1; /*!< [5]Encode or decode */ 73 uint32_t aes_newkey_dis : 1; /*!< [6]Use new key or use same key as last one */ 74 uint32_t aes_hwkey_en : 1; /*!< [7]Enable or disable using hardware hey */ 75 uint32_t : 1; /*!< [8]Reserved */ 76 uint32_t aes_intclr : 1; /*!< [9]Clear interrupt */ 77 uint32_t aes_intset : 1; /*!< [10]Set interrupt */ 78 uint32_t : 1; /*!< [11]Reserved */ 79 uint32_t aes_mode : 2; /*!< [13:12]ECB/CTR/CBC mode select */ 80 uint32_t aes_newiv_dis : 1; /*!< [14]Use new iv or use same iv as last one */ 81 uint32_t aes_xts : 1; /*!< [15]XTS mode select */ 82 uint32_t aes_msglen : 16; /*!< [31:16]Number of 128-bit block */ 83 uint32_t aes_srcaddr; /*!< Message source address */ 84 uint32_t aes_dstaddr; /*!< Message destination address */ 85 uint32_t aes_iv0; /*!< Big endian initial vector(MSB) */ 86 uint32_t aes_iv1; /*!< Big endian initial vector */ 87 uint32_t aes_iv2; /*!< Big endian initial vector */ 88 uint32_t aes_iv3; /*!< Big endian initial vector(LSB)(CTR mode:counter initial value) */ 89 uint32_t aes_key10; /*!< Big endian aes key(aes-128/256 key MSB) */ 90 uint32_t aes_key11; /*!< Big endian aes key1 */ 91 uint32_t aes_key12; /*!< Big endian aes key1 */ 92 uint32_t aes_key13; /*!< Big endian aes key1(aes-128 key LSB) */ 93 uint32_t aes_key14; /*!< Big endian aes key1 */ 94 uint32_t aes_key15; /*!< Big endian aes key1 */ 95 uint32_t aes_key16; /*!< Big endian aes key1 */ 96 uint32_t aes_key17; /*!< Big endian aes key1(aes-256 key LSB) */ 97 uint32_t : 16; /*!< [15:0]Reserved */ 98 uint32_t aes_unitlen : 16; /*!< [31:16]Big endian aes unit len */ 99 uint32_t aes_key20; /*!< Big endian aes key2(aes-128/256 key MSB) */ 100 uint32_t aes_key21; /*!< Big endian aes key2 */ 101 uint32_t aes_key22; /*!< Big endian aes key2 */ 102 uint32_t aes_key23; /*!< Big endian aes key2(aes-128 key LSB) */ 103 uint32_t aes_key24; /*!< Big endian aes key2 */ 104 uint32_t aes_key25; /*!< Big endian aes key2 */ 105 uint32_t aes_key26; /*!< Big endian aes key2 */ 106 uint32_t aes_key27; /*!< Big endian aes key2(aes-256 key LSB) */ 107 } __attribute__((aligned(4))); 108 109 #ifdef __cplusplus 110 extern "C" { 111 #endif 112 113 /** 114 * @brief Enable aes. 115 * 116 * @param [in] dev 117 */ 118 void bflb_aes_init(struct bflb_device_s *dev); 119 120 /** 121 * @brief Disable aes. 122 * 123 * @param [in] dev 124 */ 125 void bflb_aes_deinit(struct bflb_device_s *dev); 126 127 /** 128 * @brief Set aes hardware key. 129 * 130 * @param [in] keysel hardware key mode in efuse table 131 */ 132 void bflb_aes_set_hwkey(uint8_t keysel); 133 134 /** 135 * @brief Set aes hardware key source. 136 * 137 * @param [in] dev device handle 138 * @param [in] source hardware key source 139 */ 140 void bflb_aes_set_hwkey_source(struct bflb_device_s *dev, uint8_t source); 141 142 /** 143 * @brief Set aes mode. 144 * 145 * @param [in] dev device handle 146 * @param [in] mode aes mode, use @ref AES_MODE 147 */ 148 void bflb_aes_set_mode(struct bflb_device_s *dev, uint8_t mode); 149 150 /** 151 * @brief Set aes key. 152 * 153 * @param [in] dev device handle 154 * @param [in] key pointer to aes key, if NULL, means use hardware key 155 * @param [in] keybits aes keybits, can be 128/192/256 156 */ 157 void bflb_aes_setkey(struct bflb_device_s *dev, const uint8_t *key, uint16_t keybits); 158 159 /** 160 * @brief Perform aes encrypt. 161 * 162 * @param [in] dev device handle 163 * @param [in] input pointer to plaintext 164 * @param [in] iv input iv, if NULL, means use last iv. 165 * @param [in] output pointer to ciphertext 166 * @param [in] len encrypt length, muse be multiple of 16 167 * @return A negated errno value on failure. 168 */ 169 int bflb_aes_encrypt(struct bflb_device_s *dev, 170 const uint8_t *input, 171 const uint8_t *iv, 172 uint8_t *output, 173 uint32_t len); 174 175 /** 176 * @brief Perform aes decrypt. 177 * 178 * @param [in] dev device handle 179 * @param [in] input pointer to ciphertext 180 * @param [in] iv input iv, if NULL, means use last iv. 181 * @param [in] output pointer to plaintext 182 * @param [in] len decrypt length, muse be multiple of 16 183 * @return A negated errno value on failure. 184 */ 185 int bflb_aes_decrypt(struct bflb_device_s *dev, 186 const uint8_t *input, 187 const uint8_t *iv, 188 uint8_t *output, 189 uint32_t len); 190 191 /** 192 * @brief Enable aes link mode. 193 * 194 * @param [in] dev device handle 195 */ 196 void bflb_aes_link_init(struct bflb_device_s *dev); 197 198 /** 199 * @brief Disable aes link mode. 200 * 201 * @param [in] dev device handle 202 */ 203 void bflb_aes_link_deinit(struct bflb_device_s *dev); 204 205 /** 206 * @brief Perform encrypt or decrypt with link mode. 207 * 208 * @param [in] dev device handle 209 * @param [in] link_addr link struct pointer address, must be located in 0x2xxxxxxx 210 * @param [in] input pointer to plaintext or ciphertext 211 * @param [in] output pointer to plaintext or ciphertext 212 * @param [in] len update length, muse be multiple of 16 213 * @return A negated errno value on failure. 214 */ 215 int bflb_aes_link_update(struct bflb_device_s *dev, 216 uint32_t link_addr, 217 const uint8_t *input, 218 uint8_t *output, 219 uint32_t len); 220 221 /** 222 * @brief Enable aes in group0. 223 * 224 * @param [in] dev device handle 225 */ 226 void bflb_group0_request_aes_access(struct bflb_device_s *dev); 227 228 /** 229 * @brief Disable aes in group0. 230 * 231 * @param [in] dev device handle 232 */ 233 void bflb_group0_release_aes_access(struct bflb_device_s *dev); 234 235 #ifdef __cplusplus 236 } 237 #endif 238 239 /** 240 * @} 241 */ 242 243 /** 244 * @} 245 */ 246 247 #endif