bsps/arm/imxrt/mcux-sdk/drivers/key_manager/fsl_key_manager.c


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218

/*
 * Copyright 2020-2021, NXP
 * All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

#include "fsl_key_manager.h"

/*******************************************************************************
 * Definitions
 ******************************************************************************/

/* Component ID definition, used by tools. */
#ifndef FSL_COMPONENT_ID
#define FSL_COMPONENT_ID "platform.drivers.key_manager"
#endif

/*******************************************************************************
 * Prototypes
 ******************************************************************************/

/*******************************************************************************
 * Code
 ******************************************************************************/

/*!
 * brief Configures Master key settings.
 *
 * This function configures Key Manager's setting for Master key.
 *
 * param base Key Manager peripheral address.
 * param select select source for Master key.
 * param lock setting for lock Master key.
 * return  status of Master key control operation
 */
status_t KEYMGR_MasterKeyControll(KEY_MANAGER_Type *base, keymgr_select_t select, keymgr_lock_t lock)
{
    if ((select != (uint8_t)(KEYMGR_SEL_UDF)) && (select != (uint8_t)(KEYMGR_SEL_PUF)))
    {
        return kStatus_InvalidArgument;
    }

    /* Clear KEY_CTRL_SELECT bitfield */
    base->MASTER_KEY_CTRL &= ~KEY_MANAGER_MASTER_KEY_CTRL_SELECT_MASK;

    /* Write new setting in MASTER_KEY_CTRL register */
    base->MASTER_KEY_CTRL |= KEY_MANAGER_MASTER_KEY_CTRL_SELECT(select) | KEY_MANAGER_MASTER_KEY_CTRL_LOCK(lock);

    return kStatus_Success;
}

/*!
 * brief Configures OTFAD1 key settings.
 *
 * This function configures Key Manager's setting for OTFAD1 key.
 *
 * param base Key Manager peripheral address.
 * param select select source for OTFAD1 key.
 * param lock setting for lock OTFAD1 key.
 * return  status of OTFAD1 key control operation
 */
status_t KEYMGR_OTFAD1KeyControll(KEY_MANAGER_Type *base, keymgr_select_t select, keymgr_lock_t lock)
{
    if ((select != (uint8_t)(KEYMGR_SEL_OCOTP)) && (select != (uint8_t)(KEYMGR_SEL_PUF)))
    {
        return kStatus_InvalidArgument;
    }

    /* Clear KEY_CTRL_SELECT bitfield */
    base->OTFAD1_KEY_CTRL &= ~KEY_MANAGER_OTFAD1_KEY_CTRL_SELECT_MASK;

    /* Write new setting in OTFAD1_KEY_CTRL register */
    base->OTFAD1_KEY_CTRL |= KEY_MANAGER_OTFAD1_KEY_CTRL_SELECT(select) | KEY_MANAGER_OTFAD1_KEY_CTRL_LOCK(lock);

    return kStatus_Success;
}

/*!
 * brief Configures OTFAD2 key settings.
 *
 * This function configures Key Manager's setting for OTFAD2 key.
 *
 * param base Key Manager peripheral address.
 * param select select source for OTFAD2 key.
 * param lock setting for lock OTFAD2 key.
 * return  status of OTFAD2 key control operation
 */
status_t KEYMGR_OTFAD2KeyControll(KEY_MANAGER_Type *base, keymgr_select_t select, keymgr_lock_t lock)
{
    if ((select != (uint8_t)(KEYMGR_SEL_OCOTP)) && (select != (uint8_t)(KEYMGR_SEL_PUF)))
    {
        return kStatus_InvalidArgument;
    }

    /* Clear KEY_CTRL_SELECT bitfield */
    base->OTFAD2_KEY_CTRL &= ~KEY_MANAGER_OTFAD2_KEY_CTRL_SELECT_MASK;

    /* Write new setting in OTFAD2_KEY_CTRL register */
    base->OTFAD2_KEY_CTRL |= KEY_MANAGER_OTFAD2_KEY_CTRL_SELECT(select) | KEY_MANAGER_OTFAD2_KEY_CTRL_LOCK(lock);

    return kStatus_Success;
}

/*!
 * brief Restart load key signal for IEE.
 *
 * This function genrates Key Manager's restart signal for IEE key.
 *
 * param base Key Manager peripheral address.
 */
void KEYMGR_IEEKeyReload(KEY_MANAGER_Type *base)
{
    base->IEE_KEY_CTRL |= KEYMGR_IEE_RELOAD;
}

/*!
 * brief Lock the key select from PUF.
 *
 * This function locks selection of key for PUF.
 *
 * param base Key Manager peripheral address.
 */
void KEYMGR_PUFKeyLock(KEY_MANAGER_Type *base, keymgr_lock_t lock)
{
    base->PUF_KEY_CTRL |= KEY_MANAGER_PUF_KEY_CTRL_LOCK(lock);
}

/*!
 * brief Sets the default configuration of Key manager slot.
 *
 * This function initialize Key Manager slot config structure to default values.
 *
 * param config Pointer to slot configuration structure.
 */
status_t KEYMGR_GetDefaultConfig(domain_slot_config_t *config)
{
    if (config == NULL)
    {
        return kStatus_InvalidArgument;
    }

    config->lockControl    = kKEYMGR_Unlock;
    config->allowUser      = kKEYMGR_Allow;
    config->allowNonSecure = kKEYMGR_Allow;
    config->lockList       = kKEYMGR_Unlock;
    config->whiteList      = 0u;

    return kStatus_Success;
}

/*!
 * brief Configures Slot Domain control.
 *
 * This function configures domain slot control which locks and allows writes.
 *
 * param base Key Manager peripheral address.
 * param config Pointer to slot configuration structure.
 * param slot Select slot to be configured.
 */
status_t KEYMGR_SlotControl(KEY_MANAGER_Type *base, domain_slot_config_t *config, keymgr_slot_t slot)
{
    if (slot == kKEYMGR_Slot0)
    {
        base->SLOT0_CTRL |=
            KEY_MANAGER_SLOT0_CTRL_WHITE_LIST(config->whiteList) | KEY_MANAGER_SLOT0_CTRL_LOCK_LIST(config->lockList) |
            KEY_MANAGER_SLOT0_CTRL_TZ_NS(config->allowNonSecure) | KEY_MANAGER_SLOT0_CTRL_TZ_USER(config->allowUser) |
            KEY_MANAGER_SLOT0_CTRL_LOCK_CONTROL(config->lockControl);
    }
    else if (slot == kKEYMGR_Slot1)
    {
        base->SLOT1_CTRL |=
            KEY_MANAGER_SLOT0_CTRL_WHITE_LIST(config->whiteList) | KEY_MANAGER_SLOT0_CTRL_LOCK_LIST(config->lockList) |
            KEY_MANAGER_SLOT0_CTRL_TZ_NS(config->allowNonSecure) | KEY_MANAGER_SLOT0_CTRL_TZ_USER(config->allowUser) |
            KEY_MANAGER_SLOT1_CTRL_LOCK_CONTROL(config->lockControl);
    }
    else if (slot == kKEYMGR_Slot2)
    {
        base->SLOT2_CTRL |=
            KEY_MANAGER_SLOT0_CTRL_WHITE_LIST(config->whiteList) | KEY_MANAGER_SLOT0_CTRL_LOCK_LIST(config->lockList) |
            KEY_MANAGER_SLOT0_CTRL_TZ_NS(config->allowNonSecure) | KEY_MANAGER_SLOT0_CTRL_TZ_USER(config->allowUser) |
            KEY_MANAGER_SLOT2_CTRL_LOCK_CONTROL(config->lockControl);
    }
    else if (slot == kKEYMGR_Slot3)
    {
        base->SLOT3_CTRL |=
            KEY_MANAGER_SLOT0_CTRL_WHITE_LIST(config->whiteList) | KEY_MANAGER_SLOT0_CTRL_LOCK_LIST(config->lockList) |
            KEY_MANAGER_SLOT0_CTRL_TZ_NS(config->allowNonSecure) | KEY_MANAGER_SLOT0_CTRL_TZ_USER(config->allowUser) |
            KEY_MANAGER_SLOT3_CTRL_LOCK_CONTROL(config->lockControl);
    }
    else if (slot == kKEYMGR_Slot4)
    {
        base->SLOT4_CTRL |=
            KEY_MANAGER_SLOT0_CTRL_WHITE_LIST(config->whiteList) | KEY_MANAGER_SLOT0_CTRL_LOCK_LIST(config->lockList) |
            KEY_MANAGER_SLOT0_CTRL_TZ_NS(config->allowNonSecure) | KEY_MANAGER_SLOT0_CTRL_TZ_USER(config->allowUser) |
            KEY_MANAGER_SLOT4_CTRL_LOCK_CONTROL(config->lockControl);
    }
    else
    {
        return kStatus_InvalidArgument;
    }

    return kStatus_Success;
}

/*!
 * brief Enables clock for Key Manager module.
 *
 * This function enables clocks for Key Manager module.
 *
 * param base Key Manager peripheral address.
 */
void KEYMGR_Init(KEY_MANAGER_Type *base)
{
#if !(defined(FSL_SDK_DISABLE_DRIVER_CLOCK_CONTROL) && FSL_SDK_DISABLE_DRIVER_CLOCK_CONTROL)
    CLOCK_EnableClock(kCLOCK_Key_Manager);
#endif
}