 |
PSoC64 Secure Boot Utilities Middleware Library 1.0
|
|
PSoC64 Secure Boot Utilities Middleware Library 1.0
|
Functions | |
| cy_p64_error_codes_t | cy_p64_get_provisioning_details (uint32_t id, char **ptr, uint32_t *len) |
| Reads the provisioning packet (JWT), policy templates or public keys strings in the JSON format. More... | |
| cy_p64_error_codes_t | cy_p64_access_port_control (cy_p64_ap_name_t ap, cy_p64_ap_control_t control) |
| Allows the user to control DAP access during run-time. More... | |
| cy_p64_error_codes_t | cy_p64_acquire_response (void) |
| Call this function only when TEST_MODE bit is set in the SRSS_TST_MODE register, use CY_P64_IS_TEST_MODE_SET() macro to check. More... | |
| CY_RAMFUNC_BEGIN CY_NOINLINE void | cy_p64_acquire_test_bit_loop (void) |
| This function should be called after cy_p64_acquire_response(). More... | |
| CY_RAMFUNC_END cy_p64_error_codes_t | cy_p64_get_rollback_counter (uint32_t number, uint32_t *value) |
| This function reads the rollback counter. More... | |
| cy_p64_error_codes_t | cy_p64_update_rollback_counter (uint32_t number, uint32_t value) |
| Updates the rollback counter to a higher value only. More... | |
| cy_p64_error_codes_t | cy_p64_attestation (uint32_t sign_alg, uint32_t rnd, uint32_t mem_count, const uint32_t *mem_start_addr, const uint32_t *mem_sizes, const uint32_t *hash_addr, uint32_t hash_size, uint32_t *rnd_out, uint32_t *mem_hash_size, uint32_t *sign_size, uint32_t *sign_addr) |
| Calculates hashes of memory regions provided in an input array. More... | |
| cy_p64_error_codes_t cy_p64_get_provisioning_details | ( | uint32_t | id, |
| char ** | ptr, | ||
| uint32_t * | len | ||
| ) |
Reads the provisioning packet (JWT), policy templates or public keys strings in the JSON format.
| [in] | id | Item id (provisioning packet, templates or public keys):
|
| [out] | ptr | The pointer to the response string. Can be NULL to read 'len' only. |
| [out] | len | The length of the response string. |
| cy_p64_error_codes_t cy_p64_access_port_control | ( | cy_p64_ap_name_t | ap, |
| cy_p64_ap_control_t | control | ||
| ) |
Allows the user to control DAP access during run-time.
It works only when particular Debug Access Port has permission set to "allowed" and control field is set to "open" in Debug policy.
| [in] | ap | Access port name |
| [in] | control | Control value. |
| cy_p64_error_codes_t cy_p64_acquire_response | ( | void | ) |
Call this function only when TEST_MODE bit is set in the SRSS_TST_MODE register, use CY_P64_IS_TEST_MODE_SET() macro to check.
It sends acquire response, i.e. sets a magic number in the protected RAM by calling a syscall. The code after this function should wait until TEST_MODE is cleared by the debugger, call cy_p64_acquire_test_bit_loop(). Acquire procedure is described in PSoC 64 Programming Specification 002-31353 rev** section 5.3.
| CY_RAMFUNC_BEGIN CY_NOINLINE void cy_p64_acquire_test_bit_loop | ( | void | ) |
This function should be called after cy_p64_acquire_response().
It is executed from SRAM and waits until TEST_MODE bit is cleared in the SRSS_TST_MODE register by the debugger. The acquire procedure is described in PSoC 64 Programming Specification 002-31353 rev** section 5.3.
| CY_RAMFUNC_END cy_p64_error_codes_t cy_p64_get_rollback_counter | ( | uint32_t | number, |
| uint32_t * | value | ||
| ) |
This function reads the rollback counter.
| [in] | number | Rollback counter number (0-15). |
| [out] | *value | The pointer to the read value. |
| cy_p64_error_codes_t cy_p64_update_rollback_counter | ( | uint32_t | number, |
| uint32_t | value | ||
| ) |
Updates the rollback counter to a higher value only.
This syscall is used by Bootloader to prevent firmware reversion during firmware update.
| [in] | number | Rollback counter number (0-15). |
| [in] | value | A new value. |
| cy_p64_error_codes_t cy_p64_attestation | ( | uint32_t | sign_alg, |
| uint32_t | rnd, | ||
| uint32_t | mem_count, | ||
| const uint32_t * | mem_start_addr, | ||
| const uint32_t * | mem_sizes, | ||
| const uint32_t * | hash_addr, | ||
| uint32_t | hash_size, | ||
| uint32_t * | rnd_out, | ||
| uint32_t * | mem_hash_size, | ||
| uint32_t * | sign_size, | ||
| uint32_t * | sign_addr | ||
| ) |
Calculates hashes of memory regions provided in an input array.
Calculates the signature of a certificate that attests the device state at the moment of signing. Signature is calculated for the following data structure:
The signature is calculated without any additional padding / aligning between different certificate fields. Memory regions can be from SRAM, Flash, WFlash, SFlash. SMIF and peripheral address space is not supported. AttestationSysCall algorithm: Generate syscall random number. Init signature hash calculation. Update signature hash with Server/Syscall random numbers, DevUID, Dev public key, policy package. Update signature hash with Number of regions. Check whether the array with memory regions has at least read access allowed for the caller (to avoid side channel attacks) for (each specified memory region) { Start region hash calculation with the syscall random number. Update signature and region hash with a region content (in parallel using the same data). Update signature hash with the region hash. Verify writing rights of the caller and sufficient memory size. Output the region hash to corresponding memory. } Signs the signature hash with a device private key. Clears Crypto Block internal memories and used stack.
An example of real life usage: There is a server which knows information about all connected devices in the field, their IDs, Public keys, available versions of FW. The server wants to know exact state of one of the devices - whether it is hacked or not, which FW versions it has, which configuration. The server sends a request to the device and asks to send back a signed certificate with hashes and content of specific memory regions. The application (through SPM service) calls the SysCall which calculates hashes of the specified regions and create a signature of a data certificate with specific structure. SPM code creates a package with all needed data, includes their calculated hashes and signature, and returns it to Application. Application sends it back to server.
This syscall is not available for PSoC64_512K device
| [in] | sign_alg | PSA signing algorithm (contains hash algorithm type used both for signature and memory region hashes). Only PSA_ALG_ECDSA(PSA_ALG_SHA_256) is allowed at the moment |
| [in] | rnd | A random number from server |
| [in] | mem_count | The number of memory regions in the array. |
| [in] | mem_start_addr | The pointer to array of memory region start addresses |
| [in] | mem_sizes | The pointer to array of memory region sizes |
| [in] | hash_addr | The pointer to array for hashes of the memory regions |
| [in] | hash_size | The size in bytes of the array for hashes |
| [out] | rnd_out | A random number from syscall. |
| [out] | mem_hash_size | The size in bytes of each memory region Hash. |
| [out] | sign_size | The size in bytes of the signature. |
| [out] | sign_addr | The address where the signature is stored. |