 |
AM263x MCU+ SDK
09.02.00
|
|
|
AM263x MCU+ SDK
09.02.00
|
|
See HSM client for more details.
Data Structures | |
| union | HsmVer_t |
| type for reading HSMRt version. More... | |
| struct | HsmClient_t |
| This is a HSMClient type which holds the information needed by hsm client to communicate with HSM . More... | |
| struct | EfuseRead_t |
| This is a EfuseRead type which holds the information of eFuse row index and row data corresponding to it . More... | |
| struct | EfuseRowWrite_t |
| This is a EfuseRowWrite type which holds the information regarding programming eFuse row. More... | |
| struct | EfuseRowCount_t |
| This is a EfuseRowCount type which holds the information regarding eFuse row count and size of each row in bits. More... | |
| struct | EfuseRowProt_t |
| This is a EfuseRowProt type which holds the information of eFuse row index and protection status corresponding to the row index. More... | |
| struct | KeyWriterCertHeader_t |
| This is a keywriter_cert_header type which holds the information of customer key certificate and debug responce. More... | |
| struct | FirewallRegionReq_t |
| This is a FirewallRegionReq type which holds the information of Firewall region configuration. More... | |
| struct | FirewallReq_t |
| This is a FirewallReq_t type which holds the information of Firewall configuration. More... | |
| struct | FirewallIntrReq_t |
| This is a FirewallIntrReq type which holds the information of MPU Firewall request for interrupt enable, interrupt enable clear, interrupt enable status clear and fault clear. More... | |
| struct | SWRev_t |
| This is SWRev type which holds the information regarding Revision identifier and value corresponding to it . More... | |
| struct | DKEK_t |
| This is DKEK type which holds the label and context for derivation. This also holds the 256 derived KEK value which is returned by TIFS. More... | |
| struct | RNGReq_t |
| This is RNG type which holds the resultPtr for derivation which is returned by TIFS. This also holds the resultLengthPtr and DRBG Mode along with seedValue and seedSize. More... | |
| struct | HsmMsg_t_ |
| HSM client / server message format struct. More... | |
Functions | |
| union HsmVer_t_ | __attribute__ ((packed)) HsmVer_t |
| type for reading HSMRt version. More... | |
| int32_t | HsmClient_init (SIPC_Params *params) |
| Initialize the HSM client for current core. More... | |
| void | HsmClient_deInit (void) |
| De initialize the HSM client for current core. More... | |
| int32_t | HsmClient_getVersion (HsmClient_t *HsmClient, HsmVer_t *verId, uint32_t timeToWaitInTick) |
| populates the current HSMRT version Id by default the hsm flag is set to HSM_FLAG_AOP for this service More... | |
| int32_t | HsmClient_getUID (HsmClient_t *HsmClient, uint8_t *uid, uint32_t timeout) |
| The service issued to HSM Server populates the Device UID by default the hsm flag is set to HSM_FLAG_AOP for this service. More... | |
| int32_t | HsmClient_openDbgFirewall (HsmClient_t *HsmClient, uint8_t *cert, uint32_t cert_size, uint32_t timeout) |
| The service issued to HSM Server verifies the certificate and by default the hsm flag is set to HSM_FLAG_AOP for this service. More... | |
| int32_t | HsmClient_importKeyring (HsmClient_t *HsmClient, uint8_t *cert, uint32_t cert_size, uint32_t timeout) |
| The service issued to HSM Server verifies the certificate and imports the keys from the certificate. More... | |
| int32_t | HsmClient_readOTPRow (HsmClient_t *HsmClient, EfuseRead_t *readRow) |
| The service issued to HSM Server retrieves the data of GP OTP row based on row index provided as param. More... | |
| int32_t | HsmClient_writeOTPRow (HsmClient_t *HsmClient, EfuseRowWrite_t *writeRow) |
| The service issued to HSM Server writes the data to extended OTP efuse row based on row index provided as param. More... | |
| int32_t | HsmClient_lockOTPRow (HsmClient_t *HsmClient, EfuseRowProt_t *rowProt) |
| The service issued to HSM Server sets the protection status bit of the specified row to 1. More... | |
| int32_t | HsmClient_getOTPRowCount (HsmClient_t *HsmClient, EfuseRowCount_t *rowCount) |
| The service issued to HSM Server retrieves the count of extended OTP rows. More... | |
| int32_t | HsmClient_getOTPRowProtection (HsmClient_t *HsmClient, EfuseRowProt_t *rowProt) |
| The service issued to HSM Server retrieves the extended otp efuse row protection status. More... | |
| int32_t | HsmClient_procAuthBoot (HsmClient_t *HsmClient, uint8_t *cert, uint32_t cert_size, uint32_t timeout) |
| The service issued to HSM Server helps with extended secure boot for applications. More... | |
| int32_t | HsmClient_setFirewall (HsmClient_t *HsmClient, FirewallReq_t *FirewallReqObj, uint32_t timeout) |
| The service issued to HSM Server sets the firewall for the given firewall id and region. More... | |
| int32_t | HsmClient_FirewallIntr (HsmClient_t *HsmClient, FirewallIntrReq_t *FirewallIntrReqObj, uint32_t timeout) |
| The service issued to HSM Server sets the firewall interrupt request for the given firewall id. More... | |
| int32_t | HsmClient_keyWriter (HsmClient_t *HsmClient, KeyWriterCertHeader_t *certHeader, uint32_t timeout) |
| The service issued to HSM Server verifies the certificate and process the keywriter operations,. More... | |
| int32_t | HsmClient_readSWRev (HsmClient_t *HsmClient, SWRev_t *readSWRev) |
| The service issued to HSM Server retrieves the SWRevision value based on identifier as param. More... | |
| int32_t | HsmClient_writeSWRev (HsmClient_t *HsmClient, SWRev_t *writeSWRev) |
| The service issued to HSM Server writes the SWRevision value based on identifier as param. More... | |
| int32_t | HsmClient_getDKEK (HsmClient_t *HsmClient, DKEK_t *getDKEK, uint32_t timeout) |
| The service issued to HSM Server retrieves the derived KEK based on identifier as param. More... | |
| int32_t | HsmClient_register (HsmClient_t *HsmClient, uint8_t clientId) |
| register a client to a particular ClientId More... | |
| void | HsmClient_unregister (HsmClient_t *HsmClient, uint8_t clientId) |
| unregister a client to a particular ClientId More... | |
| int32_t | HsmClient_waitForBootNotify (HsmClient_t *HsmClient, uint32_t timeToWaitInTicks) |
| Current core will wait for bootnotify message from HSM core. More... | |
| int32_t | Hsmclient_loadHSMRtFirmware (HsmClient_t *gHSMClient, const uint8_t *pHSMRt_firmware) |
| Loads the HSMRt firmware. This is typically called by SBL. More... | |
| int32_t | HsmClient_getRandomNum (HsmClient_t *HsmClient, RNGReq_t *getRandomNum) |
| Returns the Random Number Generated. More... | |
Enumerations | |
| enum | HSM_ClientIds_t { HSM_BOOT_NOTIFY_CLIENT_ID = 0, HSM_CLIENT_ID_1, HSM_CLIENT_ID_2, HSM_CLIENT_ID_3, HSM_CLIENT_ID_4 } |
Macros | |
| #define | LABEL_AND_CONTEXT_LEN_MAX 48U |
| #define | HSM_MSG_GET_VERSION (0x0002) |
| GetVersion service type ID. More... | |
| #define | HSM_MSG_BOOT_NOTIFY (0x000A) |
| Boot Notify service type ID. More... | |
| #define | HSM_MSG_GET_UID (0x9021) |
| Get UID service type ID. More... | |
| #define | HSM_MSG_OPEN_DBG_FIREWALLS (0x900C) |
| Open Debug Firewalls service type ID. More... | |
| #define | HSM_MSG_READ_OTP_ROW (0x9022) |
| Read Extended otp row type ID. More... | |
| #define | HSM_MSG_WRITE_OTP_ROW (0x9023) |
| Write Extended otp row type ID. More... | |
| #define | HSM_MSG_PROT_OTP_ROW (0x9024) |
| Protect Extended otp row type ID. More... | |
| #define | HSM_MSG_GET_OTP_ROW_PROT (0x9026) |
| Get Extended otp row protection type ID. More... | |
| #define | HSM_MSG_GET_OTP_ROW_COUNT (0x9027) |
| Get Extended otp row count service type ID. More... | |
| #define | HSM_MSG_PROC_AUTH_BOOT (0xC120) |
| Secure Boot service type ID. More... | |
| #define | HSM_MSG_SET_FIREWALL (0x9000U) |
| Set Firewall service type ID. More... | |
| #define | HSM_MSG_SET_FIREWALL_INTR (0x9002) |
| Set Firewall Interrupt service type ID. More... | |
| #define | HSM_KEYWRITER_SEND_CUST_KEY_CERT (0x9028) |
| send KeyWriter customer key certificate More... | |
| #define | HSM_MSG_READ_SWREV (0x9033) |
| Read Software Revision service type ID. More... | |
| #define | HSM_MSG_WRITE_SWREV (0x9032) |
| Write Software Revision service type ID. More... | |
| #define | HSM_MSG_GET_DKEK (0x9029) |
| Get DKEK service type ID. More... | |
| #define | HSM_MSG_GET_RAND (0x9001) |
| Get RNG service type ID. More... | |
| #define | HSM_MSG_KEYRING_IMPORT (0x9039) |
| Get KEYRING import service type ID. More... | |
| #define | HSM_FLAG_AOP (0x11) |
| HSM FLAG used by HSM client to indicate that it expects ACK messasge from HSM and will wait for a response message. More... | |
| #define | HSM_FLAG_NAOP (0x22) |
| HSM FLAG used by HSM client to indicate that it does not expects an ACK messasge from HSM and will not wait for a response message. More... | |
| #define | HSM_FLAG_ACK (0xAA) |
| HSM FLAG used by HSM server to indicate that the request has been processed. More... | |
| #define | HSM_FLAG_NACK (0x55) |
| HSM FLAG used by HSM server to indicate that the request has not been processed. More... | |
| #define | HSM_CLIENT_ID (0x01) |
| HSM server SIPC client Id. More... | |
| #define | HSM_UID_SIZE (64U) |
| UID or Unique ID is a device specific ID of 64 bytes. More... | |
| #define | HSM_DBG_CERT_SIZE (4096U) |
| Maximum Certificate Size allowed for Debug Open. More... | |
| #define | HSM_KEYRING_CERT_SIZE (10280U) |
| Maximum Certificate Size allowed for Keyring Import. More... | |
| #define LABEL_AND_CONTEXT_LEN_MAX 48U |
| #define HSM_MSG_GET_VERSION (0x0002) |
GetVersion service type ID.
| #define HSM_MSG_BOOT_NOTIFY (0x000A) |
Boot Notify service type ID.
| #define HSM_MSG_GET_UID (0x9021) |
Get UID service type ID.
| #define HSM_MSG_OPEN_DBG_FIREWALLS (0x900C) |
Open Debug Firewalls service type ID.
| #define HSM_MSG_READ_OTP_ROW (0x9022) |
Read Extended otp row type ID.
| #define HSM_MSG_WRITE_OTP_ROW (0x9023) |
Write Extended otp row type ID.
| #define HSM_MSG_PROT_OTP_ROW (0x9024) |
Protect Extended otp row type ID.
| #define HSM_MSG_GET_OTP_ROW_PROT (0x9026) |
Get Extended otp row protection type ID.
| #define HSM_MSG_GET_OTP_ROW_COUNT (0x9027) |
Get Extended otp row count service type ID.
| #define HSM_MSG_PROC_AUTH_BOOT (0xC120) |
Secure Boot service type ID.
| #define HSM_MSG_SET_FIREWALL (0x9000U) |
Set Firewall service type ID.
| #define HSM_MSG_SET_FIREWALL_INTR (0x9002) |
Set Firewall Interrupt service type ID.
| #define HSM_KEYWRITER_SEND_CUST_KEY_CERT (0x9028) |
send KeyWriter customer key certificate
| #define HSM_MSG_READ_SWREV (0x9033) |
Read Software Revision service type ID.
| #define HSM_MSG_WRITE_SWREV (0x9032) |
Write Software Revision service type ID.
| #define HSM_MSG_GET_DKEK (0x9029) |
Get DKEK service type ID.
| #define HSM_MSG_GET_RAND (0x9001) |
Get RNG service type ID.
| #define HSM_MSG_KEYRING_IMPORT (0x9039) |
Get KEYRING import service type ID.
| #define HSM_FLAG_AOP (0x11) |
HSM FLAG used by HSM client to indicate that it expects ACK messasge from HSM and will wait for a response message.
| #define HSM_FLAG_NAOP (0x22) |
HSM FLAG used by HSM client to indicate that it does not expects an ACK messasge from HSM and will not wait for a response message.
| #define HSM_FLAG_ACK (0xAA) |
HSM FLAG used by HSM server to indicate that the request has been processed.
| #define HSM_FLAG_NACK (0x55) |
HSM FLAG used by HSM server to indicate that the request has not been processed.
| #define HSM_CLIENT_ID (0x01) |
HSM server SIPC client Id.
| #define HSM_UID_SIZE (64U) |
UID or Unique ID is a device specific ID of 64 bytes.
| #define HSM_DBG_CERT_SIZE (4096U) |
Maximum Certificate Size allowed for Debug Open.
| #define HSM_KEYRING_CERT_SIZE (10280U) |
Maximum Certificate Size allowed for Keyring Import.
| enum HSM_ClientIds_t |
| union HsmVer_t_ __attribute__ | ( | (packed) | ) |
type for reading HSMRt version.
HSM client / server message format struct.
| int32_t HsmClient_init | ( | SIPC_Params * | params | ) |
Initialize the HSM client for current core.
| params | [IN] SIPC_notify params. |
| void HsmClient_deInit | ( | void | ) |
De initialize the HSM client for current core.
| int32_t HsmClient_getVersion | ( | HsmClient_t * | HsmClient, |
| HsmVer_t * | verId, | ||
| uint32_t | timeToWaitInTick | ||
| ) |
populates the current HSMRT version Id by default the hsm flag is set to HSM_FLAG_AOP for this service
| timeToWaitInTick | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this getversion API. |
| verId | [OUT] populates HsmVer_t struct which describes current version. This object's memory address needs to be cache aligned. |
| int32_t HsmClient_getUID | ( | HsmClient_t * | HsmClient, |
| uint8_t * | uid, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server populates the Device UID by default the hsm flag is set to HSM_FLAG_AOP for this service.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this getUID API. |
| uid | [OUT] populates UID value. |
| int32_t HsmClient_openDbgFirewall | ( | HsmClient_t * | HsmClient, |
| uint8_t * | cert, | ||
| uint32_t | cert_size, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server verifies the certificate and by default the hsm flag is set to HSM_FLAG_AOP for this service.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this openDbgFirewalls API. |
| cert | [IN] point to the location of certificate in the device memory. |
| cert_size | [IN] size of certificate. |
| int32_t HsmClient_importKeyring | ( | HsmClient_t * | HsmClient, |
| uint8_t * | cert, | ||
| uint32_t | cert_size, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server verifies the certificate and imports the keys from the certificate.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this importKeyring API. |
| cert | [IN] point to the location of certificate in the device memory. |
| cert_size | [IN] size of certificate. |
| int32_t HsmClient_readOTPRow | ( | HsmClient_t * | HsmClient, |
| EfuseRead_t * | readRow | ||
| ) |
The service issued to HSM Server retrieves the data of GP OTP row based on row index provided as param.
| HsmClient | [IN] HsmClient object. |
| readRow | [IN] populates EfuseRead_t struct with rowData corresponding to rowIdx. |
| int32_t HsmClient_writeOTPRow | ( | HsmClient_t * | HsmClient, |
| EfuseRowWrite_t * | writeRow | ||
| ) |
The service issued to HSM Server writes the data to extended OTP efuse row based on row index provided as param.
| HsmClient | [IN] HsmClient object. |
| writeRow | [IN] populates EfuseRowWrite_t struct with rowData corresponding to rowIdx. |
| int32_t HsmClient_lockOTPRow | ( | HsmClient_t * | HsmClient, |
| EfuseRowProt_t * | rowProt | ||
| ) |
The service issued to HSM Server sets the protection status bit of the specified row to 1.
| HsmClient | [IN] HsmClient object. |
| rowProt | [IN] Pointer to EfuseRowProt_t struct which contains the row index and row protection status |
| int32_t HsmClient_getOTPRowCount | ( | HsmClient_t * | HsmClient, |
| EfuseRowCount_t * | rowCount | ||
| ) |
The service issued to HSM Server retrieves the count of extended OTP rows.
| HsmClient | [IN] HsmClient object. |
| rowCount | [IN] Pointer to EfuseRowCount_t struct which is populated by HSM server with row count and row size |
| int32_t HsmClient_getOTPRowProtection | ( | HsmClient_t * | HsmClient, |
| EfuseRowProt_t * | rowProt | ||
| ) |
The service issued to HSM Server retrieves the extended otp efuse row protection status.
| HsmClient | [IN] HsmClient object. |
| rowProt | [IN] Pointer to EfuseRowProt_t struct which is populated by HSM server with row protection status |
| int32_t HsmClient_procAuthBoot | ( | HsmClient_t * | HsmClient, |
| uint8_t * | cert, | ||
| uint32_t | cert_size, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server helps with extended secure boot for applications.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this openDbgFirewalls API. |
| cert | [IN] point to the location of certificate in the device memory. |
| cert_size | [IN] size of certificate. |
| int32_t HsmClient_setFirewall | ( | HsmClient_t * | HsmClient, |
| FirewallReq_t * | FirewallReqObj, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server sets the firewall for the given firewall id and region.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] HsmClient object. |
| FirewallReqObj | [IN] Pointer to FirewallReq_t struct which contains information required for HSM to process set firewall request. |
| int32_t HsmClient_FirewallIntr | ( | HsmClient_t * | HsmClient, |
| FirewallIntrReq_t * | FirewallIntrReqObj, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server sets the firewall interrupt request for the given firewall id.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] HsmClient object. |
| FirewallIntrReqObj | [IN] Pointer to FirewallIntrReq_t struct which contains information required for HSM to process firewall interrupt request. |
| int32_t HsmClient_keyWriter | ( | HsmClient_t * | HsmClient, |
| KeyWriterCertHeader_t * | certHeader, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server verifies the certificate and process the keywriter operations,.
| HsmClient | [IN] Client object which is using this API. |
| certHeader | [IN] point to the location of certificate in the device memory. This object's memory address needs to be cache aligned. |
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| int32_t HsmClient_readSWRev | ( | HsmClient_t * | HsmClient, |
| SWRev_t * | readSWRev | ||
| ) |
The service issued to HSM Server retrieves the SWRevision value based on identifier as param.
| HsmClient | [IN] HsmClient object. |
| readSWRev | [IN] populates SWRev_t struct with SWRev value corresponding to identifier. |
| int32_t HsmClient_writeSWRev | ( | HsmClient_t * | HsmClient, |
| SWRev_t * | writeSWRev | ||
| ) |
The service issued to HSM Server writes the SWRevision value based on identifier as param.
| HsmClient | [IN] HsmClient object. |
| writeSWRev | [IN] updates the SWRev efuses with SWRev value corresponding to identifier. |
| int32_t HsmClient_getDKEK | ( | HsmClient_t * | HsmClient, |
| DKEK_t * | getDKEK, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server retrieves the derived KEK based on identifier as param.
The service issued to HSM Server retrieves the derived KEK.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] HsmClient object. |
| getDKEK | [IN] Pointer to DKEK_t which contains the request structure for Derived KEK. |
| int32_t HsmClient_register | ( | HsmClient_t * | HsmClient, |
| uint8_t | clientId | ||
| ) |
register a client to a particular ClientId
| HsmClient | [IN] HsmClient object. |
| clientId | [IN] enable HSM <--> R5 communication for given clientID |
| void HsmClient_unregister | ( | HsmClient_t * | HsmClient, |
| uint8_t | clientId | ||
| ) |
unregister a client to a particular ClientId
| HsmClient | [IN] HsmClient object |
| clientId | [IN] disable HSM <--> R5 communication for given clientId |
| int32_t HsmClient_waitForBootNotify | ( | HsmClient_t * | HsmClient, |
| uint32_t | timeToWaitInTicks | ||
| ) |
Current core will wait for bootnotify message from HSM core.
| HsmClient | [IN] HsmClient object |
| timeToWaitInTicks | [IN] amount of time to block waiting for semaphore to be available, in units of SystemP_timeout if timeout exception occours.system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| int32_t Hsmclient_loadHSMRtFirmware | ( | HsmClient_t * | gHSMClient, |
| const uint8_t * | pHSMRt_firmware | ||
| ) |
Loads the HSMRt firmware. This is typically called by SBL.
| gHSMClient | [IN] Pointer to registered HSM Client |
| pHSMRt_firmware | [IN] Pointer to signed HSMRt binary |
| int32_t HsmClient_getRandomNum | ( | HsmClient_t * | HsmClient, |
| RNGReq_t * | getRandomNum | ||
| ) |
Returns the Random Number Generated.
| HsmClient | [IN] HsmClient object |
| getRandomNum | [IN] Pointer to RNGReq_t which contains the request structure for Random Number Generated. |
1.8.20