 |
AM263x MCU+ SDK
11.00.00
|
|
|
AM263x MCU+ SDK
11.00.00
|
|
See HSM client for more details.
Data Structures | |
| union | HsmVer_t |
| type for reading HSMRt version. More... | |
| struct | HsmClient_t |
| This is a HSMClient type which holds the information needed by hsm client to communicate with HSM . More... | |
| struct | NvmOtpRead_t |
| This is an NvmOtpRead type which holds the information of NvmOtp row index and row data corresponding to it . For F29H85x, the rowdIdx corresponds to the Flash Offsets. For AM26x, the rowIdx corresponds to efuse row offsets. More... | |
| struct | NvmOtpRowWrite_t |
| This is an NvmOtpRowWrite type which holds the information regarding programming NvmOtp row. For F29H85x, the rowdIdx corresponds to the Flash Offsets. For AM26x, the rowIdx corresponds to efuse row offsets. More... | |
| struct | NvmOtpRowCount_t |
| This is an NvmOtpRowCount type which holds the information regarding NvmOtp row count and size of each row in bits. More... | |
| struct | NvmOtpRowProt_t |
| This is a NvmOtpRowProt type which holds the information of NvmOtp row index and protection status corresponding to the row index. This structure is not valid for f29h85x. More... | |
| struct | KeyWriterCertHeader_t |
| This is a keywriter_cert_header type which holds the information of customer key certificate and debug responce. More... | |
| struct | FirewallRegionReq_t |
| This is a FirewallRegionReq type which holds the information of Firewall region configuration. More... | |
| struct | FirewallReq_t |
| This is a FirewallReq_t type which holds the information of Firewall configuration. More... | |
| struct | FirewallIntrReq_t |
| This is a FirewallIntrReq type which holds the information of MPU Firewall request for interrupt enable, interrupt enable clear, interrupt enable status clear and fault clear. More... | |
| struct | SWRev_t |
| This is SWRev type which holds the information regarding Revision identifier and value corresponding to it . More... | |
| struct | DKEK_t |
| This is DKEK type which holds the label and context for derivation. This also holds the 256 derived KEK value which is returned by TIFS. More... | |
| struct | RNGReq_t |
| This is RNG type which holds the resultPtr for derivation which is returned by TIFS. This also holds the resultLength and DRBG Mode along with seedValue and seedSize. More... | |
| struct | SecureBoot_Stream_t_ |
| This is the SecureBoot Stream type which holds the data for a specific bootloader to HSM call. This packet is needed by HSM the to do the required operation. More... | |
| struct | FirmwareUpdateReq_t |
| This is Firmware Update request structure passed to HSM core via SIPC as argument, these parameters are required by the service handler. More... | |
| struct | OTFA_Region_t |
| This is the OTFA Region structure which holds individual region specific information to be written to corresponding OTFA registers. In AM263Px and AM261x, there are 4 OTFA regions. More... | |
| struct | OTFA_readRegion_t |
| This is the OTFA Region structure which holds individual region specific information to be read from OTFA registers. More... | |
| struct | OTFA_Config_t |
| This is the entire OTFA structure which holds all regions' information 4 regions in AM263Px and AM261x. More... | |
| struct | SecCfgValidate_t |
| This is Sec-Cfg validation request structure passed to HSM core via SIPC as argument, these parameters are required by the service handler. Valid only for F29x family of devices. More... | |
| struct | HsmMsg_t_ |
| HSM client / server message format struct. More... | |
Functions | |
| union HsmVer_t_ | __attribute__ ((packed)) HsmVer_t |
| type for reading HSMRt version. More... | |
| int32_t | HsmClient_checkAndWaitForBootNotification (void) |
| This API waits for HSMRT load if requested and then waits for boot notification. In case of failure in HSMRT load it returns SystemP_FAILURE. More... | |
| int32_t | HsmClient_init (SIPC_Params *params) |
| Initialize the HSM client for current core. More... | |
| void | HsmClient_deInit (void) |
| De initialize the HSM client for current core. More... | |
| void | HsmClient_SecureBootQueueInit (uint32_t configured_hsm_client_msg_queue_size) |
| Customize the size of the HSM client message queue. More... | |
| int32_t | HsmClient_getVersion (HsmClient_t *HsmClient, HsmVer_t *verId, uint32_t timeToWaitInTick) |
| populates the current HSMRT version Id by default the hsm flag is set to HSM_FLAG_AOP for this service More... | |
| int32_t | HsmClient_getUID (HsmClient_t *HsmClient, uint8_t *uid, uint32_t timeout) |
| The service issued to HSM Server populates the Device UID by default the hsm flag is set to HSM_FLAG_AOP for this service. More... | |
| int32_t | HsmClient_openDbgFirewall (HsmClient_t *HsmClient, uint8_t *cert, uint32_t cert_size, uint32_t timeout) |
| The service issued to HSM Server verifies the certificate and by default the hsm flag is set to HSM_FLAG_AOP for this service. More... | |
| int32_t | HsmClient_importKeyring (HsmClient_t *HsmClient, uint8_t *cert, uint32_t cert_size, uint32_t timeout) |
| The service issued to HSM Server verifies the certificate and imports the keys from the certificate. More... | |
| int32_t | HsmClient_readOTPRow (HsmClient_t *HsmClient, NvmOtpRead_t *readRow) |
| The service issued to HSM Server retrieves the data of GP OTP row based on row index provided as param. More... | |
| int32_t | HsmClient_writeOTPRow (HsmClient_t *HsmClient, NvmOtpRowWrite_t *writeRow) |
| The service issued to HSM Server writes the data to extended OTP efuse row based on row index provided as param. More... | |
| int32_t | HsmClient_lockOTPRow (HsmClient_t *HsmClient, NvmOtpRowProt_t *rowProt) |
| The service issued to HSM Server sets the protection status bit of the specified row to 1. This API is not valid for F29H85x. More... | |
| int32_t | HsmClient_getOTPRowCount (HsmClient_t *HsmClient, NvmOtpRowCount_t *rowCount) |
| The service issued to HSM Server retrieves the count of extended OTP rows. More... | |
| int32_t | HsmClient_getOTPRowProtection (HsmClient_t *HsmClient, NvmOtpRowProt_t *rowProt) |
| The service issued to HSM Server retrieves the extended otp efuse row protection status. This API is not valid for F29H85x. More... | |
| int32_t | HsmClient_procAuthBoot (HsmClient_t *HsmClient, uint8_t *cert, uint32_t cert_size, uint32_t timeout) |
| The service issued to HSM Server helps with extended secure boot for applications. More... | |
| int32_t | HsmClient_procAuthBootStart (HsmClient_t *HsmClient, SecureBoot_Stream_t *secureBootInfo) |
| The service issued to HSM Server helps with extended secure boot for applications. More... | |
| int32_t | HsmClient_procAuthBootUpdate (HsmClient_t *HsmClient, SecureBoot_Stream_t *secureBootInfo) |
| The service issued to HSM Server helps with extended secure boot for applications. More... | |
| int32_t | HsmClient_procAuthBootFinish (HsmClient_t *HsmClient, SecureBoot_Stream_t *secureBootInfo) |
| The service issued to HSM Server helps with extended secure boot for applications. More... | |
| int32_t | HsmClient_setFirewall (HsmClient_t *HsmClient, FirewallReq_t *FirewallReqObj, uint32_t timeout) |
| The service issued to HSM Server sets the firewall for the given firewall id and region. More... | |
| int32_t | HsmClient_FirewallIntr (HsmClient_t *HsmClient, FirewallIntrReq_t *FirewallIntrReqObj, uint32_t timeout) |
| The service issued to HSM Server sets the firewall interrupt request for the given firewall id. More... | |
| int32_t | HsmClient_keyWriter (HsmClient_t *HsmClient, KeyWriterCertHeader_t *certHeader, uint32_t timeout) |
| The service issued to HSM Server verifies the certificate and process the keywriter operations,. More... | |
| int32_t | HsmClient_readSWRev (HsmClient_t *HsmClient, SWRev_t *readSWRev) |
| The service issued to HSM Server retrieves the SWRevision value based on identifier as param. More... | |
| int32_t | HsmClient_writeSWRev (HsmClient_t *HsmClient, SWRev_t *writeSWRev) |
| The service issued to HSM Server writes the SWRevision value based on identifier as param. More... | |
| int32_t | HsmClient_getDKEK (HsmClient_t *HsmClient, DKEK_t *getDKEK, uint32_t timeout) |
| The service issued to HSM Server retrieves the derived KEK based on identifier as param. More... | |
| int32_t | HsmClient_register (HsmClient_t *HsmClient, uint8_t clientId) |
| register a client to a particular ClientId More... | |
| void | HsmClient_unregister (HsmClient_t *HsmClient, uint8_t clientId) |
| unregister a client to a particular ClientId More... | |
| int32_t | HsmClient_waitForBootNotify (HsmClient_t *HsmClient, uint32_t timeToWaitInTicks) |
| Current core will wait for bootnotify message from HSM core. More... | |
| int32_t | Hsmclient_loadHSMRtFirmware (HsmClient_t *gHSMClient, const uint8_t *pHSMRt_firmware) |
| Loads the HSMRt firmware. This is typically called by SBL. More... | |
| int32_t | Hsmclient_loadHSMRtFirmwareNonBlocking (const uint8_t *pHSMRt_firmware) |
| Loads the HSMRt firmware but does wait for ROM response and boot notification. This is typically called by SBL. More... | |
| int32_t | HsmClient_getRandomNum (HsmClient_t *HsmClient, RNGReq_t *getRandomNum) |
| Returns the Random Number Generated. More... | |
| int32_t | HsmClient_firmwareUpdate_CertProcess (HsmClient_t *HsmClient, FirmwareUpdateReq_t *pFirmwareUpdateObject) |
| service request issued to HSM server to parse the certificate to validate authenticity and identify the firmware component undergoing update This service is valid only for F29H85x SOC More... | |
| int32_t | HsmClient_firmwareUpdate_CodeProgram (HsmClient_t *HsmClient, FirmwareUpdateReq_t *pFirmwareUpdateObject) |
| service request issued to HSM server to program the incoming firmware to device dormant banks This service is valid only for F29H85x SOC More... | |
| int32_t | HsmClient_firmwareUpdate_CodeVerify (HsmClient_t *HsmClient, FirmwareUpdateReq_t *pFirmwareUpdateObject) |
| service request issued to HSM server to decrypt the firmware programmed in dormant flash bank in place, perform integrity checks on the decrypted firmware and program the certificate in flash memory This service is valid only for F29H85x SOC More... | |
| int32_t | HsmClient_VerifyROTSwitchingCertificate (HsmClient_t *HsmClient, uint8_t *cert, uint32_t cert_size, uint32_t timeout) |
| service request issued to HSM server to validate RoT Switching Certificate More... | |
| int32_t | HsmClient_UpdateKeyRevsion (HsmClient_t *HsmClient, uint32_t timeout) |
| service request issued to HSM server to update key revision to 0x2 which changes the root of trust key from secondary keys to back up keys. More... | |
| int32_t | HsmClient_configOTFARegions (HsmClient_t *HsmClient, OTFA_Config_t *OTFA_ConfigInfo, uint32_t timeout) |
| Client request to configure the OTFA regions. More... | |
| int32_t | HsmClient_readOTFARegions (HsmClient_t *HsmClient, OTFA_readRegion_t *OTFA_readRegion, uint32_t timeout) |
| Client request to read the OTFA regions. More... | |
| int32_t | HsmClient_secCfgValidate (HsmClient_t *HsmClient, SecCfgValidate_t *pSecCfgParams, uint32_t timeout) |
| Client request to validate sec-cfg Valid only for F29x family of devices. More... | |
Enumerations | |
| enum | HSM_ClientIds_t { HSM_BOOT_NOTIFY_CLIENT_ID = 0, HSM_CLIENT_ID_1, HSM_CLIENT_ID_2, HSM_CLIENT_ID_3, HSM_CLIENT_ID_4 } |
Macros | |
| #define | LABEL_AND_CONTEXT_LEN_MAX 48U |
| #define | HSMRT_LOAD_NOT_REQUESTED (0U) |
| HSMRT load has not been requested. More... | |
| #define | HSMRT_LOAD_REQUESTED (1U) |
| HSMRT load has been requested. More... | |
| #define | HSMRT_LOAD_FAILED (2U) |
| HSMRT load has failed. More... | |
| #define | HSMRT_LOAD_SUCCEEDED (3U) |
| HSMRT load has succeeded. More... | |
| #define | HSM_MSG_GET_VERSION (0x0002) |
| GetVersion service type ID. More... | |
| #define | HSM_MSG_BOOT_NOTIFY (0x000A) |
| Boot Notify service type ID. More... | |
| #define | HSM_MSG_GET_UID (0x9021) |
| Get UID service type ID. More... | |
| #define | HSM_MSG_OPEN_DBG_FIREWALLS (0x900C) |
| Open Debug Firewalls service type ID. More... | |
| #define | HSM_MSG_READ_OTP_ROW (0x9022) |
| Read Extended otp row type ID. More... | |
| #define | HSM_MSG_WRITE_OTP_ROW (0x9023) |
| Write Extended otp row type ID. More... | |
| #define | HSM_MSG_PROT_OTP_ROW (0x9024) |
| Protect Extended otp row type ID. More... | |
| #define | HSM_MSG_GET_OTP_ROW_PROT (0x9026) |
| Get Extended otp row protection type ID. More... | |
| #define | HSM_MSG_GET_OTP_ROW_COUNT (0x9027) |
| Get Extended otp row count service type ID. More... | |
| #define | HSM_MSG_PROC_AUTH_BOOT (0xC120) |
| Secure Boot service type ID. More... | |
| #define | HSM_MSG_PROC_AUTH_BOOT_START (0xC12A) |
| Secure Boot Streaming Start service type ID. More... | |
| #define | HSM_MSG_PROC_AUTH_BOOT_UPDATE (0xC12B) |
| Secure Boot Streaming Update service type ID. More... | |
| #define | HSM_MSG_PROC_AUTH_BOOT_FINISH (0xC12C) |
| Secure Boot Streaming Finish service type ID. More... | |
| #define | HSM_MSG_SET_FIREWALL (0x9000U) |
| Set Firewall service type ID. More... | |
| #define | HSM_MSG_SET_FIREWALL_INTR (0x9002) |
| Set Firewall Interrupt service type ID. More... | |
| #define | HSM_KEYWRITER_SEND_CUST_KEY_CERT (0x9028) |
| send KeyWriter customer key certificate More... | |
| #define | HSM_MSG_READ_SWREV (0x9033) |
| Read Software Revision service type ID. More... | |
| #define | HSM_MSG_WRITE_SWREV (0x9032) |
| Write Software Revision service type ID. More... | |
| #define | HSM_MSG_GET_DKEK (0x9029) |
| Get DKEK service type ID. More... | |
| #define | HSM_MSG_GET_RAND (0x9001) |
| Get RNG service type ID. More... | |
| #define | HSM_MSG_KEYRING_IMPORT (0x9039) |
| Get KEYRING import service type ID. More... | |
| #define | HSM_MSG_FW_UPDATE_CERT_PROCESS (0x9040) |
| Process certificate during firmware update/code provisioning. More... | |
| #define | HSM_MSG_FW_UPDATE_CODE_PROGRAM (0x9041) |
| Program firmware during firmware update/code provisioning. More... | |
| #define | HSM_MSG_FW_UPDATE_CODE_VERIFY (0x9043) |
| Program firmware during firmware update/code provisioning. More... | |
| #define | HSM_MSG_VERIFY_ROT_CERT (0x9044) |
| Veriy RoT Switching Certificate Service type ID. More... | |
| #define | HSM_MSG_UPDATE_KEY_REV (0x9045) |
| Update Key Revision Service type ID. More... | |
| #define | HSM_MSG_CONFIGURE_OTFA (0x9056) |
| Configure OTFA service ID. More... | |
| #define | HSM_MSG_READ_OTFA (0x9057) |
| Read OTFA service ID. More... | |
| #define | HSM_MSG_PROC_AUTH_BOOT_SEC_CFG (0x9058) |
| Validate Sec-Cfg service ID. More... | |
| #define | HSM_FLAG_AOP (0x11) |
| HSM FLAG used by HSM client to indicate that it expects ACK messasge from HSM and will wait for a response message. More... | |
| #define | HSM_FLAG_NAOP (0x22) |
| HSM FLAG used by HSM client to indicate that it does not expects an ACK messasge from HSM and will not wait for a response message. More... | |
| #define | HSM_FLAG_ACK (0xAA) |
| HSM FLAG used by HSM server to indicate that the request has been processed. More... | |
| #define | HSM_FLAG_NACK (0x55) |
| HSM FLAG used by HSM server to indicate that the request has not been processed. More... | |
| #define | HSM_CLIENT_ID (0x01) |
| HSM server SIPC client Id. More... | |
| #define | HSM_UID_SIZE (64U) |
| UID or Unique ID is a device specific ID of 64 bytes. More... | |
| #define | HSM_DBG_CERT_SIZE (4096U) |
| Maximum Certificate Size allowed for Debug Open. More... | |
| #define | HSM_KEYRING_CERT_SIZE (10280U) |
| Maximum Certificate Size allowed for Keyring Import. More... | |
| #define | HSM_FIRMWARE_CHUNK_SIZE (16384U) |
| Maximum firmware Size allowed for code provisioning. More... | |
| #define | CERT_TYPE_SECCFG_CPU1 (0x3U) |
| Certificate type for C29 CPU1 Sec-cfg. More... | |
| #define | CERT_TYPE_SECCFG_CPU2 (0x5U) |
| Certificate type for C29 CPU2 Sec-cfg. More... | |
| #define | CERT_TYPE_SECCFG_CPU3 (0x6U) |
| Certificate type for C29 CPU3 Sec-cfg. More... | |
| #define LABEL_AND_CONTEXT_LEN_MAX 48U |
| #define HSMRT_LOAD_NOT_REQUESTED (0U) |
HSMRT load has not been requested.
| #define HSMRT_LOAD_REQUESTED (1U) |
HSMRT load has been requested.
| #define HSMRT_LOAD_FAILED (2U) |
HSMRT load has failed.
| #define HSMRT_LOAD_SUCCEEDED (3U) |
HSMRT load has succeeded.
| #define HSM_MSG_GET_VERSION (0x0002) |
GetVersion service type ID.
| #define HSM_MSG_BOOT_NOTIFY (0x000A) |
Boot Notify service type ID.
| #define HSM_MSG_GET_UID (0x9021) |
Get UID service type ID.
| #define HSM_MSG_OPEN_DBG_FIREWALLS (0x900C) |
Open Debug Firewalls service type ID.
| #define HSM_MSG_READ_OTP_ROW (0x9022) |
Read Extended otp row type ID.
| #define HSM_MSG_WRITE_OTP_ROW (0x9023) |
Write Extended otp row type ID.
| #define HSM_MSG_PROT_OTP_ROW (0x9024) |
Protect Extended otp row type ID.
| #define HSM_MSG_GET_OTP_ROW_PROT (0x9026) |
Get Extended otp row protection type ID.
| #define HSM_MSG_GET_OTP_ROW_COUNT (0x9027) |
Get Extended otp row count service type ID.
| #define HSM_MSG_PROC_AUTH_BOOT (0xC120) |
Secure Boot service type ID.
| #define HSM_MSG_PROC_AUTH_BOOT_START (0xC12A) |
Secure Boot Streaming Start service type ID.
| #define HSM_MSG_PROC_AUTH_BOOT_UPDATE (0xC12B) |
Secure Boot Streaming Update service type ID.
| #define HSM_MSG_PROC_AUTH_BOOT_FINISH (0xC12C) |
Secure Boot Streaming Finish service type ID.
| #define HSM_MSG_SET_FIREWALL (0x9000U) |
Set Firewall service type ID.
| #define HSM_MSG_SET_FIREWALL_INTR (0x9002) |
Set Firewall Interrupt service type ID.
| #define HSM_KEYWRITER_SEND_CUST_KEY_CERT (0x9028) |
send KeyWriter customer key certificate
| #define HSM_MSG_READ_SWREV (0x9033) |
Read Software Revision service type ID.
| #define HSM_MSG_WRITE_SWREV (0x9032) |
Write Software Revision service type ID.
| #define HSM_MSG_GET_DKEK (0x9029) |
Get DKEK service type ID.
| #define HSM_MSG_GET_RAND (0x9001) |
Get RNG service type ID.
| #define HSM_MSG_KEYRING_IMPORT (0x9039) |
Get KEYRING import service type ID.
| #define HSM_MSG_FW_UPDATE_CERT_PROCESS (0x9040) |
Process certificate during firmware update/code provisioning.
| #define HSM_MSG_FW_UPDATE_CODE_PROGRAM (0x9041) |
Program firmware during firmware update/code provisioning.
| #define HSM_MSG_FW_UPDATE_CODE_VERIFY (0x9043) |
Program firmware during firmware update/code provisioning.
| #define HSM_MSG_VERIFY_ROT_CERT (0x9044) |
Veriy RoT Switching Certificate Service type ID.
| #define HSM_MSG_UPDATE_KEY_REV (0x9045) |
Update Key Revision Service type ID.
| #define HSM_MSG_CONFIGURE_OTFA (0x9056) |
Configure OTFA service ID.
| #define HSM_MSG_READ_OTFA (0x9057) |
Read OTFA service ID.
| #define HSM_MSG_PROC_AUTH_BOOT_SEC_CFG (0x9058) |
Validate Sec-Cfg service ID.
| #define HSM_FLAG_AOP (0x11) |
HSM FLAG used by HSM client to indicate that it expects ACK messasge from HSM and will wait for a response message.
| #define HSM_FLAG_NAOP (0x22) |
HSM FLAG used by HSM client to indicate that it does not expects an ACK messasge from HSM and will not wait for a response message.
| #define HSM_FLAG_ACK (0xAA) |
HSM FLAG used by HSM server to indicate that the request has been processed.
| #define HSM_FLAG_NACK (0x55) |
HSM FLAG used by HSM server to indicate that the request has not been processed.
| #define HSM_CLIENT_ID (0x01) |
HSM server SIPC client Id.
| #define HSM_UID_SIZE (64U) |
UID or Unique ID is a device specific ID of 64 bytes.
| #define HSM_DBG_CERT_SIZE (4096U) |
Maximum Certificate Size allowed for Debug Open.
| #define HSM_KEYRING_CERT_SIZE (10280U) |
Maximum Certificate Size allowed for Keyring Import.
| #define HSM_FIRMWARE_CHUNK_SIZE (16384U) |
Maximum firmware Size allowed for code provisioning.
| #define CERT_TYPE_SECCFG_CPU1 (0x3U) |
Certificate type for C29 CPU1 Sec-cfg.
| #define CERT_TYPE_SECCFG_CPU2 (0x5U) |
Certificate type for C29 CPU2 Sec-cfg.
| #define CERT_TYPE_SECCFG_CPU3 (0x6U) |
Certificate type for C29 CPU3 Sec-cfg.
| enum HSM_ClientIds_t |
| union HsmVer_t_ __attribute__ | ( | (packed) | ) |
type for reading HSMRt version.
HSM client / server message format struct.
This is the SecureBoot Stream type which holds the data for a specific bootloader to HSM call. This packet is needed by HSM the to do the required operation.
| int32_t HsmClient_checkAndWaitForBootNotification | ( | void | ) |
This API waits for HSMRT load if requested and then waits for boot notification. In case of failure in HSMRT load it returns SystemP_FAILURE.
| int32_t HsmClient_init | ( | SIPC_Params * | params | ) |
Initialize the HSM client for current core.
| params | [IN] SIPC_notify params. |
| void HsmClient_deInit | ( | void | ) |
De initialize the HSM client for current core.
| void HsmClient_SecureBootQueueInit | ( | uint32_t | configured_hsm_client_msg_queue_size | ) |
Customize the size of the HSM client message queue.
| configured_hsm_client_msg_queue_size | Desired size of the HSM client message queue passed by the user. |
| int32_t HsmClient_getVersion | ( | HsmClient_t * | HsmClient, |
| HsmVer_t * | verId, | ||
| uint32_t | timeToWaitInTick | ||
| ) |
populates the current HSMRT version Id by default the hsm flag is set to HSM_FLAG_AOP for this service
| timeToWaitInTick | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this getversion API. |
| verId | [OUT] populates HsmVer_t struct which describes current version. This object's memory address needs to be cache aligned. |
| int32_t HsmClient_getUID | ( | HsmClient_t * | HsmClient, |
| uint8_t * | uid, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server populates the Device UID by default the hsm flag is set to HSM_FLAG_AOP for this service.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this getUID API. |
| uid | [OUT] populates UID value. |
| int32_t HsmClient_openDbgFirewall | ( | HsmClient_t * | HsmClient, |
| uint8_t * | cert, | ||
| uint32_t | cert_size, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server verifies the certificate and by default the hsm flag is set to HSM_FLAG_AOP for this service.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this openDbgFirewalls API. |
| cert | [IN] point to the location of certificate in the device memory. |
| cert_size | [IN] size of certificate. |
| int32_t HsmClient_importKeyring | ( | HsmClient_t * | HsmClient, |
| uint8_t * | cert, | ||
| uint32_t | cert_size, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server verifies the certificate and imports the keys from the certificate.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this importKeyring API. |
| cert | [IN] point to the location of certificate in the device memory. |
| cert_size | [IN] size of certificate. |
| int32_t HsmClient_readOTPRow | ( | HsmClient_t * | HsmClient, |
| NvmOtpRead_t * | readRow | ||
| ) |
The service issued to HSM Server retrieves the data of GP OTP row based on row index provided as param.
| HsmClient | [IN] HsmClient object. |
| readRow | [IN] populates NvmOtpRead_t struct with rowData corresponding to rowIdx. |
| int32_t HsmClient_writeOTPRow | ( | HsmClient_t * | HsmClient, |
| NvmOtpRowWrite_t * | writeRow | ||
| ) |
The service issued to HSM Server writes the data to extended OTP efuse row based on row index provided as param.
| HsmClient | [IN] HsmClient object. |
| writeRow | [IN] populates NvmOtpRowWrite_t struct with rowData corresponding to rowIdx. |
| int32_t HsmClient_lockOTPRow | ( | HsmClient_t * | HsmClient, |
| NvmOtpRowProt_t * | rowProt | ||
| ) |
The service issued to HSM Server sets the protection status bit of the specified row to 1. This API is not valid for F29H85x.
| HsmClient | [IN] HsmClient object. |
| rowProt | [IN] Pointer to NvmOtpRowProt_t struct which contains the row index and row protection status |
| int32_t HsmClient_getOTPRowCount | ( | HsmClient_t * | HsmClient, |
| NvmOtpRowCount_t * | rowCount | ||
| ) |
The service issued to HSM Server retrieves the count of extended OTP rows.
| HsmClient | [IN] HsmClient object. |
| rowCount | [IN] Pointer to NvmOtpRowCount_t struct which is populated by HSM server with row count and row size |
| int32_t HsmClient_getOTPRowProtection | ( | HsmClient_t * | HsmClient, |
| NvmOtpRowProt_t * | rowProt | ||
| ) |
The service issued to HSM Server retrieves the extended otp efuse row protection status. This API is not valid for F29H85x.
| HsmClient | [IN] HsmClient object. |
| rowProt | [IN] Pointer to NvmOtpRowProt_t struct which is populated by HSM server with row protection status |
| int32_t HsmClient_procAuthBoot | ( | HsmClient_t * | HsmClient, |
| uint8_t * | cert, | ||
| uint32_t | cert_size, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server helps with extended secure boot for applications.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this openDbgFirewalls API. |
| cert | [IN] point to the location of certificate in the device memory. |
| cert_size | [IN] size of certificate. |
| int32_t HsmClient_procAuthBootStart | ( | HsmClient_t * | HsmClient, |
| SecureBoot_Stream_t * | secureBootInfo | ||
| ) |
The service issued to HSM Server helps with extended secure boot for applications.
| HsmClient | [IN] Client object which is using this openDbgFirewalls API. |
| secureBootInfo | [IN] pointer to the secure boot information object in shared memory. |
| int32_t HsmClient_procAuthBootUpdate | ( | HsmClient_t * | HsmClient, |
| SecureBoot_Stream_t * | secureBootInfo | ||
| ) |
The service issued to HSM Server helps with extended secure boot for applications.
| HsmClient | [IN] Client object which is using this openDbgFirewalls API. |
| secureBootInfo | [IN] pointer to the secure boot information object in shared memory. |
| int32_t HsmClient_procAuthBootFinish | ( | HsmClient_t * | HsmClient, |
| SecureBoot_Stream_t * | secureBootInfo | ||
| ) |
The service issued to HSM Server helps with extended secure boot for applications.
| HsmClient | [IN] Client object which is using this openDbgFirewalls API. |
| secureBootInfo | [IN] pointer to the secure boot information object in shared memory |
| int32_t HsmClient_setFirewall | ( | HsmClient_t * | HsmClient, |
| FirewallReq_t * | FirewallReqObj, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server sets the firewall for the given firewall id and region.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] HsmClient object. |
| FirewallReqObj | [IN] Pointer to FirewallReq_t struct which contains information required for HSM to process set firewall request. |
| int32_t HsmClient_FirewallIntr | ( | HsmClient_t * | HsmClient, |
| FirewallIntrReq_t * | FirewallIntrReqObj, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server sets the firewall interrupt request for the given firewall id.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] HsmClient object. |
| FirewallIntrReqObj | [IN] Pointer to FirewallIntrReq_t struct which contains information required for HSM to process firewall interrupt request. |
| int32_t HsmClient_keyWriter | ( | HsmClient_t * | HsmClient, |
| KeyWriterCertHeader_t * | certHeader, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server verifies the certificate and process the keywriter operations,.
| HsmClient | [IN] Client object which is using this API. |
| certHeader | [IN] point to the location of certificate in the device memory. This object's memory address needs to be cache aligned. |
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| int32_t HsmClient_readSWRev | ( | HsmClient_t * | HsmClient, |
| SWRev_t * | readSWRev | ||
| ) |
The service issued to HSM Server retrieves the SWRevision value based on identifier as param.
| HsmClient | [IN] HsmClient object. |
| readSWRev | [IN] populates SWRev_t struct with SWRev value corresponding to identifier. |
| int32_t HsmClient_writeSWRev | ( | HsmClient_t * | HsmClient, |
| SWRev_t * | writeSWRev | ||
| ) |
The service issued to HSM Server writes the SWRevision value based on identifier as param.
| HsmClient | [IN] HsmClient object. |
| writeSWRev | [IN] updates the SWRev efuses with SWRev value corresponding to identifier. |
| int32_t HsmClient_getDKEK | ( | HsmClient_t * | HsmClient, |
| DKEK_t * | getDKEK, | ||
| uint32_t | timeout | ||
| ) |
The service issued to HSM Server retrieves the derived KEK based on identifier as param.
The service issued to HSM Server retrieves the derived KEK.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] HsmClient object. |
| getDKEK | [IN] Pointer to DKEK_t which contains the request structure for Derived KEK. |
| int32_t HsmClient_register | ( | HsmClient_t * | HsmClient, |
| uint8_t | clientId | ||
| ) |
register a client to a particular ClientId
| HsmClient | [IN] HsmClient object. |
| clientId | [IN] enable HSM <--> R5 communication for given clientID |
| void HsmClient_unregister | ( | HsmClient_t * | HsmClient, |
| uint8_t | clientId | ||
| ) |
unregister a client to a particular ClientId
| HsmClient | [IN] HsmClient object |
| clientId | [IN] disable HSM <--> R5 communication for given clientId |
| int32_t HsmClient_waitForBootNotify | ( | HsmClient_t * | HsmClient, |
| uint32_t | timeToWaitInTicks | ||
| ) |
Current core will wait for bootnotify message from HSM core.
| HsmClient | [IN] HsmClient object |
| timeToWaitInTicks | [IN] amount of time to block waiting for semaphore to be available, in units of SystemP_timeout if timeout exception occours.system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| int32_t Hsmclient_loadHSMRtFirmware | ( | HsmClient_t * | gHSMClient, |
| const uint8_t * | pHSMRt_firmware | ||
| ) |
Loads the HSMRt firmware. This is typically called by SBL.
| gHSMClient | [IN] Pointer to registered HSM Client |
| pHSMRt_firmware | [IN] Pointer to signed HSMRt binary |
| int32_t Hsmclient_loadHSMRtFirmwareNonBlocking | ( | const uint8_t * | pHSMRt_firmware | ) |
Loads the HSMRt firmware but does wait for ROM response and boot notification. This is typically called by SBL.
| pHSMRt_firmware | [IN] Pointer to signed HSMRt binary |
| int32_t HsmClient_getRandomNum | ( | HsmClient_t * | HsmClient, |
| RNGReq_t * | getRandomNum | ||
| ) |
Returns the Random Number Generated.
| HsmClient | [IN] HsmClient object |
| getRandomNum | [IN] Pointer to RNGReq_t which contains the request structure for Random Number Generated. |
| int32_t HsmClient_firmwareUpdate_CertProcess | ( | HsmClient_t * | HsmClient, |
| FirmwareUpdateReq_t * | pFirmwareUpdateObject | ||
| ) |
service request issued to HSM server to parse the certificate to validate authenticity and identify the firmware component undergoing update This service is valid only for F29H85x SOC
| HsmClient | [IN] Client object which is using this API. |
| pFirmwareUpdateObject | [IN] Pointer to arguments to be passed to HSM core via SIPC. |
| int32_t HsmClient_firmwareUpdate_CodeProgram | ( | HsmClient_t * | HsmClient, |
| FirmwareUpdateReq_t * | pFirmwareUpdateObject | ||
| ) |
service request issued to HSM server to program the incoming firmware to device dormant banks This service is valid only for F29H85x SOC
| HsmClient | [IN] Client object which is using this API. |
| pFirmwareUpdateObject | [IN] Pointer to arguments to be passed to HSM core via SIPC. |
| int32_t HsmClient_firmwareUpdate_CodeVerify | ( | HsmClient_t * | HsmClient, |
| FirmwareUpdateReq_t * | pFirmwareUpdateObject | ||
| ) |
service request issued to HSM server to decrypt the firmware programmed in dormant flash bank in place, perform integrity checks on the decrypted firmware and program the certificate in flash memory This service is valid only for F29H85x SOC
| HsmClient | [IN] Client object which is using this API. |
| pFirmwareUpdateObject | [IN] Pointer to arguments to be passed to HSM core via SIPC. |
| int32_t HsmClient_VerifyROTSwitchingCertificate | ( | HsmClient_t * | HsmClient, |
| uint8_t * | cert, | ||
| uint32_t | cert_size, | ||
| uint32_t | timeout | ||
| ) |
service request issued to HSM server to validate RoT Switching Certificate
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this RoT Switching API. |
| cert | [IN] point to the location of certificate in the device memory. |
| cert_size | [IN] size of certificate. |
| int32_t HsmClient_UpdateKeyRevsion | ( | HsmClient_t * | HsmClient, |
| uint32_t | timeout | ||
| ) |
service request issued to HSM server to update key revision to 0x2 which changes the root of trust key from secondary keys to back up keys.
| timeout | [IN] amount of time to block waiting for semaphore to be available, in units of system ticks (see KERNEL_DPL_CLOCK_PAGE) |
| HsmClient | [IN] Client object which is using this RoT Switching API. |
| int32_t HsmClient_configOTFARegions | ( | HsmClient_t * | HsmClient, |
| OTFA_Config_t * | OTFA_ConfigInfo, | ||
| uint32_t | timeout | ||
| ) |
Client request to configure the OTFA regions.
| HsmClient | [IN] HsmClient object |
| OTFA_ConfigInfo | [IN] OTFA Config Info |
| timeout | [IN] timeout |
| int32_t HsmClient_readOTFARegions | ( | HsmClient_t * | HsmClient, |
| OTFA_readRegion_t * | OTFA_readRegion, | ||
| uint32_t | timeout | ||
| ) |
Client request to read the OTFA regions.
| HsmClient | [IN] HsmClient object |
| OTFA_readRegion | [IN] OTFA Read Region |
| timeout | [IN] timeout |
| int32_t HsmClient_secCfgValidate | ( | HsmClient_t * | HsmClient, |
| SecCfgValidate_t * | pSecCfgParams, | ||
| uint32_t | timeout | ||
| ) |
Client request to validate sec-cfg Valid only for F29x family of devices.
| HsmClient | [IN] HsmClient object |
| pSecCfgParams | [IN] Sec-Cfg object |
| timeout | [IN] timeout |
1.8.20