diff --git a/soc/arm/npcm4xx/CMakeLists.txt b/soc/arm/npcm4xx/CMakeLists.txt index 1c5bc4839c10af..26f21dd4c51e76 100644 --- a/soc/arm/npcm4xx/CMakeLists.txt +++ b/soc/arm/npcm4xx/CMakeLists.txt @@ -9,13 +9,40 @@ add_subdirectory(${SOC_SERIES}) zephyr_include_directories(.) # ImageGenerator +if (DEFINED CONFIG_SECURE_BOOT_ENABLE_NPCM4XX) set_property(GLOBAL APPEND PROPERTY extra_post_build_commands COMMAND cp ${PROJECT_BINARY_DIR}/${CONFIG_KERNEL_BIN_NAME}.bin ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Input COMMAND cp ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config.xml ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml COMMAND sed -i 's/@inputfile/${CONFIG_KERNEL_BIN_NAME}/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@gen_otp/1/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@recover_image_offset/${CONFIG_BACKUP_IMAGE_OFFSET_NPCM4XX}/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@secure_boot/1/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@secure_level/1/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@longkey_used/1/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@longkey_sel/1/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@not_do_backup/${CONFIG_DONT_UPDATE_BACKUP_IMAGE_NPCM4XX}/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND ${PYTHON_EXECUTABLE} ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/ImageGenerator.py /g ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND cp ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Output/*.bin ${PROJECT_BINARY_DIR} + COMMAND rm -rf ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND rm -rf ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Output/*.bin + COMMAND rm -rf ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Input/*.bin +) +else () +set_property(GLOBAL APPEND PROPERTY extra_post_build_commands + COMMAND cp ${PROJECT_BINARY_DIR}/${CONFIG_KERNEL_BIN_NAME}.bin ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Input + COMMAND cp ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config.xml ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@inputfile/${CONFIG_KERNEL_BIN_NAME}/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@gen_otp/0/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@recover_image_offset/0x40/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@secure_boot/0/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@secure_level/0/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@longkey_used/0/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@longkey_sel/0/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml + COMMAND sed -i 's/@not_do_backup/1/g' ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml COMMAND ${PYTHON_EXECUTABLE} ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/ImageGenerator.py /g ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml COMMAND cp ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Output/*.bin ${PROJECT_BINARY_DIR} COMMAND rm -rf ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Xml/_NTC_config_t.xml COMMAND rm -rf ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Output/*.bin COMMAND rm -rf ${SOC_DIR}/${ARCH}/${SOC_FAMILY}/common/ImageGenerator/Input/*.bin ) + endif() diff --git a/soc/arm/npcm4xx/common/ImageGenerator/FunctionDefine.py b/soc/arm/npcm4xx/common/ImageGenerator/FunctionDefine.py index f222a7c13240b7..a118115f13953f 100644 --- a/soc/arm/npcm4xx/common/ImageGenerator/FunctionDefine.py +++ b/soc/arm/npcm4xx/common/ImageGenerator/FunctionDefine.py @@ -279,9 +279,9 @@ def ClearTmpFiles(): DeleteFile('RAMCodeBBCombine') # os.chdir(Util.Path_Key) - # DeleteFile(Util.sAESPubKeyName) - # DeleteFile('FileTemp2') - # DeleteFile('FileTemp3') + DeleteFile(Util.sAESPubKeyName) + DeleteFile('FileTemp2') + DeleteFile('FileTemp3') # DeleteFile('oOtpRegion0Digest') # DeleteFile('_SS') # os._exit(0) diff --git a/soc/arm/npcm4xx/common/ImageGenerator/ImageGenerator.py b/soc/arm/npcm4xx/common/ImageGenerator/ImageGenerator.py index 370e3ace26ed8a..e2bbe97cc0f5a9 100644 --- a/soc/arm/npcm4xx/common/ImageGenerator/ImageGenerator.py +++ b/soc/arm/npcm4xx/common/ImageGenerator/ImageGenerator.py @@ -112,15 +112,15 @@ def GenFWHeader(): (int(Dict_FW_H['hActiveECFwOffset'], 0).to_bytes(2, byteorder='little'))) # hRecoveryEcFwOffset - ListFWHeaderCol_Sign.append(bytearray([0]*2)) - # (int(Dict_FW_H['hRecoveryEcFwOffset'], 0).to_bytes(2, byteorder='little'))) + ListFWHeaderCol_Sign.append( + (int(Dict_FW_H['hRecoveryEcFwOffset'], 0).to_bytes(2, byteorder='little'))) # hSystemECFWOffset ListFWHeaderCol_Sign.append( (int(Dict_FW_H['hSystemECFWOffset'], 0).to_bytes(4, byteorder='little'))) # hDevMode - temp = [0, 0, 1, 1, 0, 0, 0, 0] + temp = [int(Dict_FW_H['hNotDoBackup'], 0), int(Dict_FW_H['hOTPRefToSrcTable'], 0), int(Dict_FW_H['hNotEraseOTPTable'], 0), int(Dict_FW_H['hNotUpdateOTPRegister'], 0), int(Dict_FW_H['hHwTrimRefOTPTable'], 0), int(Dict_FW_H['hOTPRefToTable'], 0), int(Dict_FW_H['hSecurityLvl'], 0), int(Dict_FW_H['hSecureBoot'], 0)] ListFWHeaderCol_Sign.append(Fn.ConvertBitArray2Byte(temp)) # hFlashLockReg0 @@ -160,15 +160,12 @@ def GenFWHeader(): (FWLength).to_bytes(4, byteorder='big')) # hSigPubKeyHashIdx - # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): - # _idx = Dict_OpenSSL['EcFwSigKey_Idx'] - # elif(Util.CryptoSelect == 1): - # _idx = Dict_CNG['SignCert_Idx'] + _idx = Dict_OpenSSL['EcFwSigKey_Idx'] if(HashTypeforECKey == 256): - temp = [0, 0, 0, 0, 0, 0, 0, 0] + temp = [0, 0, 0, 0, 0, 0, 0, int(_idx, 0)] else: - temp = [0, 1, 0, 0, 0, 0, 0, 0] + temp = [0, 1, 0, 0, 0, 0, 0, int(_idx, 0)] ListFWHeaderCol_Sign.append(Fn.ConvertBitArray2Byte(temp)) @@ -224,21 +221,14 @@ def GenFWHeader(): # (int(Dict_FW_H['hBBWorkRAM'], 0).to_bytes(4, byteorder='little'))) # hSigPubKey - # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): - # if((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 0): - # data = OpenSSL_GetPubKey(Dict_OpenSSL['EcFwPubKey0'], totallen=512) if ( - # bPubKey) else Fn.ReservedData(512 * 8) - # elif((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 1): - # data = OpenSSL_GetPubKey(Dict_OpenSSL['EcFwPubKey1'], totallen=512) if ( - # bPubKey) else Fn.ReservedData(512 * 8) - # elif(Util.CryptoSelect == 1): - # if((int)(Dict_CNG['SignCert_Idx']) == 0): - # data = CNG_ExportPubKey(Dict_CNG['EcFwCert0_Subject'], totallen=512) if ( - # bPubKey) else Fn.ReservedData(512 * 8) - # elif((int)(Dict_CNG['SignCert_Idx']) == 1): - # data = CNG_ExportPubKey(Dict_CNG['EcFwCert1_Subject'], totallen=512) if ( - # bPubKey) else Fn.ReservedData(512 * 8) - data = Fn.ReservedData(512 * 8) + + secure_boot = int(Dict_FW_H['hSecureBoot'], 0) + + if secure_boot > 0: + data = OpenSSL_GetPubKey(Dict_OpenSSL['EcFwPubKey0'], totallen=512) + else: + data = Fn.ReservedData(512 * 8) + ListFWHeaderCol_Sign.append(data) # hRamCodeHash @@ -429,42 +419,23 @@ def GenFWHeader(): # hImageTag ListFWHeaderCol.append(Dict_FW_H['hImageTag'].encode('ascii')) - # gen sign - # print('Signature', '{:x}'.format(Signature)) - # print('oRSAPKCPAD', '{:x}'.format((int)(Dict_OTP['oRSAPKCPAD']))) - # print('HashTypeforECKey', '{:d}'.format(HashTypeforECKey)) - # if(Signature): - # if(int(Dict_Config["CryptoSelect"]) == 0): - # if(bPriKey != 1): - # Fn.OutputString(1, 'There is no private key.') - # raise Util.SettingError(" setting error") - # ListFWHeaderCol.append(OpenSSL_SignFile(HashTypeforECKey, 0, Fn.GenBinFilefromList( - # hHashTotal, 'SignField'), Dict_OpenSSL['EcFwSigKey'])) - # elif(int(Dict_Config["CryptoSelect"]) == 1): - # if((int)(Dict_CNG['SignCert_Idx']) == 0): - # ListFWHeaderCol.append(CNG_SignFile( - # Dict_CNG["EcFwCert0_Subject"], 0, HashTypeforECKey, 0, Fn.GenBinFilefromList(hHashTotal, 'SignField'))) - # elif((int)(Dict_CNG['SignCert_Idx']) == 1): - # ListFWHeaderCol.append(CNG_SignFile( - # Dict_CNG["EcFwCert1_Subject"], 0, HashTypeforECKey, 0, Fn.GenBinFilefromList(hHashTotal, 'SignField'))) - # else: - # ListFWHeaderCol.append(PKCS11_SignFile(HashTypeforECKey, Fn.GenBinFilefromList( - # hHashTotal, 'SignField'), Dict_PKCS11['KeyID'])) - # else: - # ListFWHeaderCol.append(CryptoDigest(Util.Path_Input, Fn.GenBinFilefromList( - # hHashTotal, 'SignField'), HashTypeforECKey)) - ListFWHeaderCol.append(bytearray([0]*512)) + if secure_boot > 0: + ListFWHeaderCol.append(OpenSSL_SignFile(HashTypeforECKey, 0, Fn.GenBinFilefromList( + hHashTotal, 'SignField'), Dict_OpenSSL['EcFwSigKey'])) + else: + ListFWHeaderCol.append(bytearray([0]*512)) # hOtpImgHdrOffset - # if(GenOTP == 1): - # if(AESencrypt): - # ListFWHeaderCol.append( - # (FWLength + OtpAlign).to_bytes(4, byteorder='big')) - # else: - # ListFWHeaderCol.append( - # (FWLength + OtpAlign).to_bytes(4, byteorder='big')) - # else: - ListFWHeaderCol.append(Fn.ReservedData(32)) + if(GenOTP == 1): + if(AESencrypt): + ListFWHeaderCol.append( + (FWLength + OtpAlign).to_bytes(4, byteorder='big')) + else: + ListFWHeaderCol.append( + (FWLength + OtpAlign).to_bytes(4, byteorder='big')) + else: + ListFWHeaderCol.append(Fn.ReservedData(32)) + ListFWHeaderCol.append(Fn.ReservedData(Util.hReservedField0)) # Gen Header list @@ -516,23 +487,7 @@ def GenOTPHeader(): def GenOTPImage(): - # os.chdir(Util.Path_Key) - # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): - # FileList = [Dict_OpenSSL['EcFwPubKey0']] - # if(bPubHash1): - # Fn.CheckFile(FileList) - # FileList = [Dict_OpenSSL['EcFwPubKey1']] - # if(bPubHash2): - # Fn.CheckFile(FileList) - # FileList = [Dict_OpenSSL['SySFwPubKey0']] - # if(bFWPubHash1): - # Fn.CheckFile(FileList) - # FileList = [Dict_OpenSSL['SySFwPubKey1']] - # if(bFWPubHash2): - # Fn.CheckFile(FileList) - # FileList = [Dict_OpenSSL['SessPrivKey']] - # if(bSessPrivKey): - # Fn.CheckFile(FileList) + os.chdir(Util.Path_Key) try: print("Generate OTP Image...") @@ -543,90 +498,108 @@ def GenOTPImage(): ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 1 - temp = [Fn.ConvertInt2Bin(Dict_OTP['oMCPFlashSize'], 2), 0, Fn.ConvertInt2Bin(Dict_OTP['oECPTRCheckCRC'], 1), - Fn.ConvertInt2Bin(Dict_OTP['oSpiQuadPEn'], 1), Fn.ConvertInt2Bin( - Dict_OTP['oSPIP4BMode'], 1), - Fn.ConvertInt2Bin(Dict_OTP['oFIUShr4BMode'], 1), int(Dict_OTP['oNotTrySysIfFIUBkp'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [Fn.ConvertInt2Bin(Dict_OTP['oMCPFlashSize'], 2), 0, Fn.ConvertInt2Bin(Dict_OTP['oECPTRCheckCRC'], 1), + # Fn.ConvertInt2Bin(Dict_OTP['oSpiQuadPEn'], 1), Fn.ConvertInt2Bin( + # Dict_OTP['oSPIP4BMode'], 1), + # Fn.ConvertInt2Bin(Dict_OTP['oFIUShr4BMode'], 1), int(Dict_OTP['oNotTrySysIfFIUBkp'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 2 - temp = [0, 0, Fn.ConvertInt2Bin(Dict_OTP['oSPIPFLMode'], 2), Fn.ConvertInt2Bin( - Dict_OTP['oFIUShrFLMode'], 2), Fn.ConvertInt2Bin(Dict_OTP['oMCPFLMode'], 2)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + #temp = [0, 0, Fn.ConvertInt2Bin(Dict_OTP['oSPIPFLMode'], 2), Fn.ConvertInt2Bin( + # Dict_OTP['oFIUShrFLMode'], 2), Fn.ConvertInt2Bin(Dict_OTP['oMCPFLMode'], 2)] + #ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 3 - temp = [Fn.ConvertInt2Bin(Dict_OTP['oFwNotUse2NStep'], 1), Fn.ConvertInt2Bin(Dict_OTP['oFwNotUse4KStep'], 1), Fn.ConvertInt2Bin( - Dict_OTP['oSPIPClkDiv'], 2), Fn.ConvertInt2Bin(Dict_OTP['oSPIMClkDiv'], 2), Fn.ConvertInt2Bin(Dict_OTP['oFIUClkDiv'], 2)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [Fn.ConvertInt2Bin(Dict_OTP['oFwNotUse2NStep'], 1), Fn.ConvertInt2Bin(Dict_OTP['oFwNotUse4KStep'], 1), Fn.ConvertInt2Bin( + # Dict_OTP['oSPIPClkDiv'], 2), Fn.ConvertInt2Bin(Dict_OTP['oSPIMClkDiv'], 2), Fn.ConvertInt2Bin(Dict_OTP['oFIUClkDiv'], 2)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + ListOTPImageCol.append(Fn.ReservedData(3 * 8)) # 4 - temp = [int(Dict_OTP['oUnmapRomBfXferCtl'], 0), 0, int(Dict_OTP['oTryBootIfAllCrashed'], 0), int(Dict_OTP['oHaltIfOnlyMafValid'], 0), int( - Dict_OTP['oHaltIfActiveRollbk'], 0), int(Dict_OTP['oHaltIfMafRollbk'], 0), int(Dict_OTP['oSecurityLvl'], 0), int(Dict_OTP['oSecureBoot'], 0)] + # temp = [int(Dict_OTP['oUnmapRomBfXferCtl'], 0), 0, int(Dict_OTP['oTryBootIfAllCrashed'], 0), int(Dict_OTP['oHaltIfOnlyMafValid'], 0), int( + # Dict_OTP['oHaltIfActiveRollbk'], 0), int(Dict_OTP['oHaltIfMafRollbk'], 0), int(Dict_OTP['oSecurityLvl'], 0), int(Dict_OTP['oSecureBoot'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + temp = [0, 0, int(Dict_OTP['oTryBootIfAllCrashed'], 0), int(Dict_OTP['oHaltIfOnlyMafValid'], 0), int(Dict_OTP['oHaltIfActiveRollbk'], 0), + int(Dict_OTP['oHaltIfMafRollbk'], 0), int(Dict_OTP['oSecurityLvl'], 0), int(Dict_OTP['oSecureBoot'], 0)] ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 5 - temp = [int(Dict_OTP['oOtpRgn6Lock'], 0), int(Dict_OTP['oOtpRgn5Lock'], 0), int(Dict_OTP['oOtpRgn4Lock'], 0), int(Dict_OTP['oOtpRgn3Lock'], 0), int(Dict_OTP['oOtpRgn2Lock'], 0), int( - Dict_OTP['oHWCfgFieldLock'], 0), int(Dict_OTP['oAESKeyLock'], 0), int(Dict_OTP['oDisableDBGAtRst'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [int(Dict_OTP['oOtpRgn6Lock'], 0), int(Dict_OTP['oOtpRgn5Lock'], 0), int(Dict_OTP['oOtpRgn4Lock'], 0), int(Dict_OTP['oOtpRgn3Lock'], 0), int(Dict_OTP['oOtpRgn2Lock'], 0), int( + # Dict_OTP['oHWCfgFieldLock'], 0), int(Dict_OTP['oAESKeyLock'], 0), int(Dict_OTP['oDisableDBGAtRst'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 6-7 - ListOTPImageCol.append( - int(Dict_OTP['oSecEvnLogLoc'], 0).to_bytes(2, byteorder='little')) + # ListOTPImageCol.append( + # int(Dict_OTP['oSecEvnLogLoc'], 0).to_bytes(2, byteorder='little')) + + ListOTPImageCol.append(Fn.ReservedData(3 * 8)) # 8 - temp = [int(Dict_OTP['oSHA512Used'], 0), int(Dict_OTP['oLongKeyUsed'], 0), - Fn.ConvertInt2Bin(Dict_OTP['oRevokeKeySts'], 2), Fn.ConvertInt2Bin(Dict_OTP['oECPubKeySts'], 2), Fn.ConvertInt2Bin(Dict_OTP['oRSAPubKeySts'], 2)] + # temp = [int(Dict_OTP['oSHA512Used'], 0), int(Dict_OTP['oLongKeyUsed'], 0), + # Fn.ConvertInt2Bin(Dict_OTP['oRevokeKeySts'], 2), Fn.ConvertInt2Bin(Dict_OTP['oECPubKeySts'], 2), Fn.ConvertInt2Bin(Dict_OTP['oRSAPubKeySts'], 2)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + temp = [int(Dict_OTP['oSHA512Used'], 0), int(Dict_OTP['oLongKeyUsed'], 0), 0, 0, 0, 0, Fn.ConvertInt2Bin(Dict_OTP['oRSAPubKeySts'], 2)] + ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 9-15 ListOTPImageCol.append(Fn.ReservedData(7 * 8)) # 16 - temp = [0, 0, Fn.ConvertInt2Bin(Dict_OTP['oAESDecryptEn'], 2), 0, 0, int( - Dict_OTP['oRSAPKCPAD'], 0), int(Dict_OTP['oLongKeySel'], 0)] + # temp = [0, 0, Fn.ConvertInt2Bin(Dict_OTP['oAESDecryptEn'], 2), 0, 0, int( + # Dict_OTP['oRSAPKCPAD'], 0), int(Dict_OTP['oLongKeySel'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + temp = [0, 0, 0, 0, 0, 0, 0, int(Dict_OTP['oLongKeySel'], 0)] + ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 17 - temp = [int(Dict_OTP['oClrRamExitRom'], 0), int(Dict_OTP['oOTPRegionRdLock'], 0), 0, int( - Dict_OTP['oOlnyLogCriticalEvent'], 0), int(Dict_OTP['oSkipCtyptoSelfTest'], 0), int(Dict_OTP['oRetryLimitEn'], 0), 0, 0] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [int(Dict_OTP['oClrRamExitRom'], 0), int(Dict_OTP['oOTPRegionRdLock'], 0), 0, int( + # Dict_OTP['oOlnyLogCriticalEvent'], 0), int(Dict_OTP['oSkipCtyptoSelfTest'], 0), int(Dict_OTP['oRetryLimitEn'], 0), 0, 0] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 18 - temp = [0, 0, 0, 0, int(Dict_OTP['oNotUpdateToPrvFw'], 0), int(Dict_OTP['oTryBootNotCtrlFWRdy'], 0), int( - Dict_OTP['oNoWaitVSpiExist'], 0), int(Dict_OTP['oVSpiExistNoTimeOut'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [0, 0, 0, 0, int(Dict_OTP['oNotUpdateToPrvFw'], 0), int(Dict_OTP['oTryBootNotCtrlFWRdy'], 0), int( + # Dict_OTP['oNoWaitVSpiExist'], 0), int(Dict_OTP['oVSpiExistNoTimeOut'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 19 - temp = [0, 0, 0, 0, 0, 0, int(Dict_OTP['oSysPfrWP1En'], 0), int( - Dict_OTP['oSysPfrWP0En'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [0, 0, 0, 0, 0, 0, int(Dict_OTP['oSysPfrWP1En'], 0), int( + # Dict_OTP['oSysPfrWP0En'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 20 - 22 - ListOTPImageCol.append(Fn.ReservedData(1 * 8)) - ListOTPImageCol.append( - int(Dict_OTP['oOTPDatValid0'], 0).to_bytes(1, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oOTPDatValid1'], 0).to_bytes(1, byteorder='big')) + # ListOTPImageCol.append(Fn.ReservedData(1 * 8)) + # ListOTPImageCol.append( + # int(Dict_OTP['oOTPDatValid0'], 0).to_bytes(1, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oOTPDatValid1'], 0).to_bytes(1, byteorder='big')) # 23 - 27 - temp = [0, 0, 0, Fn.ConvertInt2Bin( - Dict_OTP['oLed1Pole'], 1), Fn.ConvertInt2Bin(Dict_OTP['oLed1Sel'], 4)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - temp = [0, 0, 0, Fn.ConvertInt2Bin( - Dict_OTP['oLed2Pole'], 1), Fn.ConvertInt2Bin(Dict_OTP['oLed2Sel'], 4)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - temp = [Fn.ConvertInt2Bin(Dict_OTP['oLedSysRbkBlkDef'], 4), Fn.ConvertInt2Bin( - Dict_OTP['oLedActRbkBlkDef'], 4)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - temp = [Fn.ConvertInt2Bin(Dict_OTP['oLedSysOnlyBlkDef'], 4), Fn.ConvertInt2Bin( - Dict_OTP['oLedFwCpyBlkDef'], 4)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - temp = [Fn.ConvertInt2Bin(Dict_OTP['oLedCryptoTestFailBlkDef'], 4), Fn.ConvertInt2Bin( - Dict_OTP['oLedAllCrashBlkDef'], 4)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [0, 0, 0, Fn.ConvertInt2Bin( + # Dict_OTP['oLed1Pole'], 1), Fn.ConvertInt2Bin(Dict_OTP['oLed1Sel'], 4)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [0, 0, 0, Fn.ConvertInt2Bin( + # Dict_OTP['oLed2Pole'], 1), Fn.ConvertInt2Bin(Dict_OTP['oLed2Sel'], 4)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [Fn.ConvertInt2Bin(Dict_OTP['oLedSysRbkBlkDef'], 4), Fn.ConvertInt2Bin( + # Dict_OTP['oLedActRbkBlkDef'], 4)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [Fn.ConvertInt2Bin(Dict_OTP['oLedSysOnlyBlkDef'], 4), Fn.ConvertInt2Bin( + # Dict_OTP['oLedFwCpyBlkDef'], 4)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # temp = [Fn.ConvertInt2Bin(Dict_OTP['oLedCryptoTestFailBlkDef'], 4), Fn.ConvertInt2Bin( + # Dict_OTP['oLedAllCrashBlkDef'], 4)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) # 28 - 31 - ListOTPImageCol.append(Fn.ReservedData(4 * 8)) + # ListOTPImageCol.append(Fn.ReservedData(4 * 8)) + + ListOTPImageCol.append(Fn.ReservedData(15 * 8)) # 32 - 95 if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): @@ -640,150 +613,199 @@ def GenOTPImage(): 32 * 8)) if ((bPubHash1) and (HashTypeforECKey == 256)) else 0 # 96 - 159 - if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): - data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( - Dict_OpenSSL['EcFwPubKey1'], reFile=1), HashTypeforECKey) if (bPubHash2) else Fn.ReservedData(64 * 8) - elif(Util.CryptoSelect == 1): - data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( - Dict_CNG['EcFwCert1_Subject'], reFile=1), HashTypeforECKey) if (bPubHash2) else Fn.ReservedData(64 * 8) - ListOTPImageCol.append(data) - ListOTPImageCol.append(Fn.ReservedData( - 32 * 8)) if ((bPubHash2) and (HashTypeforECKey == 256)) else 0 + # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): + # data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( + # Dict_OpenSSL['EcFwPubKey1'], reFile=1), HashTypeforECKey) if (bPubHash2) else Fn.ReservedData(64 * 8) + # elif(Util.CryptoSelect == 1): + # data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( + # Dict_CNG['EcFwCert1_Subject'], reFile=1), HashTypeforECKey) if (bPubHash2) else Fn.ReservedData(64 * 8) + # ListOTPImageCol.append(data) + # ListOTPImageCol.append(Fn.ReservedData( + # 32 * 8)) if ((bPubHash2) and (HashTypeforECKey == 256)) else 0 + + ListOTPImageCol.append(Fn.ReservedData(64 * 8)) # 160 - 191 ListOTPImageCol.append(Fn.ReservedData(32 * 8)) # 192 - 223 - if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): - data = OpenSSL_GetPrivKey(Dict_OpenSSL['SessPrivKey']) if ( - bSessPrivKey) else Fn.ReservedData(32 * 8) - elif(Util.CryptoSelect == 1): - data = CNG_ExportPrivKey(Dict_CNG['AESCert_Subject']) if ( - bSessPrivKey) else Fn.ReservedData(32 * 8) - ListOTPImageCol.append(data) + # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): + # data = OpenSSL_GetPrivKey(Dict_OpenSSL['SessPrivKey']) if ( + # bSessPrivKey) else Fn.ReservedData(32 * 8) + # elif(Util.CryptoSelect == 1): + # data = CNG_ExportPrivKey(Dict_CNG['AESCert_Subject']) if ( + # bSessPrivKey) else Fn.ReservedData(32 * 8) + # ListOTPImageCol.append(data) + + ListOTPImageCol.append(Fn.ReservedData(32 * 8)) # 224 - 287 ListOTPImageCol.append(Fn.ReservedData(64 * 8)) # 288 - 319 - if Dict_OTP['oAESKey'] is None: - ListOTPImageCol.append(Fn.ReservedData(32 * 8)) - else: - ListOTPImageCol.append(OpenSSL_GetAESKey(Dict_OTP['oAESKey'])) - - # 320 - 351 - temp = [int(Dict_OTP['oMCPSel'], 0), int(Dict_OTP['oMCPRdEdge'], 0), Fn.ConvertInt2Bin(Dict_OTP['oMCPRdDly'], 3), int(Dict_OTP['oMCUClkNNotDiv2'], 0), int( - Dict_OTP['oAESNotSupport'], 0), int(Dict_OTP['oPartID'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - ListOTPImageCol.append( - int(Dict_OTP['oANAD2Low'], 0).to_bytes(1, byteorder='big')) - - temp = [int(Dict_OTP['oValANAD'], 0), 0, 0, 0, 0, - 0, 0, int(Dict_OTP['oANAD2High'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - - temp = [int(Dict_OTP['oValDevId'], 0), 0, 0, - Fn.ConvertInt2Bin(Dict_OTP['oDevId'], 5)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - ListOTPImageCol.append( - int(Dict_OTP['oRSMRST_L'], 0).to_bytes(1, byteorder='big')) + # if Dict_OTP['oAESKey'] is None: + # ListOTPImageCol.append(Fn.ReservedData(32 * 8)) + # else: + # ListOTPImageCol.append(OpenSSL_GetAESKey(Dict_OTP['oAESKey'])) - temp = [int(Dict_OTP['oValRSMRST_L'], 0), 0, 0, 0, 0, 0, 0, 0] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - ListOTPImageCol.append( - int(Dict_OTP['oRSMRST_Sys'], 0).to_bytes(1, byteorder='big')) + ListOTPImageCol.append(Fn.ReservedData(32 * 8)) - temp = [int(Dict_OTP['oValRSMRST_Sys'], 0), 0, 0, 0, 0, 0, 0, 0] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - ListOTPImageCol.append( - int(Dict_OTP['oDivMinLow'], 0).to_bytes(1, byteorder='big')) + # 320 - 351 + # temp = [int(Dict_OTP['oMCPSel'], 0), int(Dict_OTP['oMCPRdEdge'], 0), Fn.ConvertInt2Bin(Dict_OTP['oMCPRdDly'], 3), int(Dict_OTP['oMCUClkNNotDiv2'], 0), int( + # Dict_OTP['oAESNotSupport'], 0), int(Dict_OTP['oPartID'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # ListOTPImageCol.append( + # int(Dict_OTP['oANAD2Low'], 0).to_bytes(1, byteorder='big')) + + # temp = [int(Dict_OTP['oValANAD'], 0), 0, 0, 0, 0, + # 0, 0, int(Dict_OTP['oANAD2High'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + # temp = [int(Dict_OTP['oValDevId'], 0), 0, 0, + # Fn.ConvertInt2Bin(Dict_OTP['oDevId'], 5)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # ListOTPImageCol.append( + # int(Dict_OTP['oRSMRST_L'], 0).to_bytes(1, byteorder='big')) + + # temp = [int(Dict_OTP['oValRSMRST_L'], 0), 0, 0, 0, 0, 0, 0, 0] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # ListOTPImageCol.append( + # int(Dict_OTP['oRSMRST_Sys'], 0).to_bytes(1, byteorder='big')) + + # temp = [int(Dict_OTP['oValRSMRST_Sys'], 0), 0, 0, 0, 0, 0, 0, 0] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # ListOTPImageCol.append( + # int(Dict_OTP['oDivMinLow'], 0).to_bytes(1, byteorder='big')) + + # temp = [int(Dict_OTP['oValDivMin'], 0), 0, 0, 0, 0, + # 0, 0, int(Dict_OTP['oDivMinHigh'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # ListOTPImageCol.append( + # int(Dict_OTP['oDivMaxLow'], 0).to_bytes(1, byteorder='big')) + + # temp = [int(Dict_OTP['oValDivMax'], 0), 0, 0, 0, 0, + # 0, 0, int(Dict_OTP['oDivMaxHigh'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # ListOTPImageCol.append( + # int(Dict_OTP['oFrcDivLow'], 0).to_bytes(1, byteorder='big')) + + # temp = [int(Dict_OTP['oValFrcDiv'], 0), 0, 0, 0, 0, + # 0, 0, int(Dict_OTP['oFrcDivHigh'], 0)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + # temp = [int(Dict_OTP['oValFR_CLK'], 0), 0, 0, 0, + # Fn.ConvertInt2Bin(Dict_OTP['oFR_CLK'], 4)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # ListOTPImageCol.append( + # int(Dict_OTP['oOTPWriteTime'], 0).to_bytes(1, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oDnxRsmrstWidth'], 0).to_bytes(1, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oDnxDPOkWidth'], 0).to_bytes(1, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oECTestMode0'], 0).to_bytes(2, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oChipTesterID'], 0).to_bytes(4, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oVSpiExistWaitCnter'], 0).to_bytes(1, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oPwmLedAdj'], 0).to_bytes(1, byteorder='big')) + + # temp = [Fn.ConvertInt2Bin(Dict_OTP['oFPRED'], 4), + # 0, 0, Fn.ConvertInt2Bin(Dict_OTP['oAHB6DIV'], 2)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + # temp = [Fn.ConvertInt2Bin(Dict_OTP['oAPB2DIV'], 4), Fn.ConvertInt2Bin( + # Dict_OTP['oAPB1DIV'], 4)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + # temp = [int(Dict_OTP['oRefOTPClk']), 0, 0, int( + # Dict_OTP['oXFRANGE'], 0), Fn.ConvertInt2Bin(Dict_OTP['oAPB3DIV'], 4)] + # ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + + # ListOTPImageCol.append(Fn.ReservedData(3 * 8)) - temp = [int(Dict_OTP['oValDivMin'], 0), 0, 0, 0, 0, - 0, 0, int(Dict_OTP['oDivMinHigh'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - ListOTPImageCol.append( - int(Dict_OTP['oDivMaxLow'], 0).to_bytes(1, byteorder='big')) + ListOTPImageCol.append(Fn.ReservedData(32 * 8)) - temp = [int(Dict_OTP['oValDivMax'], 0), 0, 0, 0, 0, - 0, 0, int(Dict_OTP['oDivMaxHigh'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - ListOTPImageCol.append( - int(Dict_OTP['oFrcDivLow'], 0).to_bytes(1, byteorder='big')) + # 352 - 362 + ListOTPImageCol.append(Fn.ReservedData(11 * 8)) - temp = [int(Dict_OTP['oValFrcDiv'], 0), 0, 0, 0, 0, - 0, 0, int(Dict_OTP['oFrcDivHigh'], 0)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # 363 - 383 + ListOTPImageCol.append(Fn.ReservedData(21 * 8)) - temp = [int(Dict_OTP['oValFR_CLK'], 0), 0, 0, 0, - Fn.ConvertInt2Bin(Dict_OTP['oFR_CLK'], 4)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) - ListOTPImageCol.append( - int(Dict_OTP['oOTPWriteTime'], 0).to_bytes(1, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oDnxRsmrstWidth'], 0).to_bytes(1, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oDnxDPOkWidth'], 0).to_bytes(1, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oECTestMode0'], 0).to_bytes(2, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oChipTesterID'], 0).to_bytes(4, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oVSpiExistWaitCnter'], 0).to_bytes(1, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oPwmLedAdj'], 0).to_bytes(1, byteorder='big')) - - temp = [Fn.ConvertInt2Bin(Dict_OTP['oFPRED'], 4), - 0, 0, Fn.ConvertInt2Bin(Dict_OTP['oAHB6DIV'], 2)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # 384 - 447 + # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): + # data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( + # Dict_OpenSSL['EcFwPubKey2'], reFile=1), HashTypeforECKey) if (bPubHash3) else Fn.ReservedData(64 * 8) + # elif(Util.CryptoSelect == 1): + # data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( + # Dict_CNG['EcFwCert2_Subject'], reFile=1), HashTypeforECKey) if (bPubHash3) else Fn.ReservedData(64 * 8) + # ListOTPImageCol.append(data) + # ListOTPImageCol.append(Fn.ReservedData( + # 32 * 8)) if ((bPubHash3) and (HashTypeforECKey == 256)) else 0 - temp = [Fn.ConvertInt2Bin(Dict_OTP['oAPB2DIV'], 4), Fn.ConvertInt2Bin( - Dict_OTP['oAPB1DIV'], 4)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # 448 - 511 + # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): + # data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( + # Dict_OpenSSL['EcFwPubKey3'], reFile=1), HashTypeforECKey) if (bPubHash4) else Fn.ReservedData(64 * 8) + # elif(Util.CryptoSelect == 1): + # data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( + # Dict_CNG['EcFwCert3_Subject'], reFile=1), HashTypeforECKey) if (bPubHash4) else Fn.ReservedData(64 * 8) + # ListOTPImageCol.append(data) + # ListOTPImageCol.append(Fn.ReservedData( + # 32 * 8)) if ((bPubHash4) and (HashTypeforECKey == 256)) else 0 - temp = [int(Dict_OTP['oRefOTPClk']), 0, 0, int( - Dict_OTP['oXFRANGE'], 0), Fn.ConvertInt2Bin(Dict_OTP['oAPB3DIV'], 4)] - ListOTPImageCol.append(Fn.ConvertBitArray2Byte(temp)) + # 512 - 575 + # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): + # data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( + # Dict_OpenSSL['EcFwPubKey4'], reFile=1), HashTypeforECKey) if (bPubHash5) else Fn.ReservedData(64 * 8) + # elif(Util.CryptoSelect == 1): + # data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( + # Dict_CNG['EcFwCert4_Subject'], reFile=1), HashTypeforECKey) if (bPubHash5) else Fn.ReservedData(64 * 8) + # ListOTPImageCol.append(data) + # ListOTPImageCol.append(Fn.ReservedData( + # 32 * 8)) if ((bPubHash5) and (HashTypeforECKey == 256)) else 0 - ListOTPImageCol.append(Fn.ReservedData(3 * 8)) + ListOTPImageCol.append(Fn.ReservedData(192 * 8)) - # 352 - 362 - ListOTPImageCol.append(Fn.ReservedData(11 * 8)) + # 576 - 1023 + ListOTPImageCol.append(Fn.ReservedData(448 * 8)) # 363 - ListOTPImageCol.append( - int(Dict_OTP['oSysFwSigPubKeySts'], 0).to_bytes(1, byteorder='big')) - if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): - data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( - Dict_OpenSSL['SySFwPubKey0'], reFile=1), HashTypeforSystemKey) if (bFWPubHash1) else Fn.ReservedData(64 * 8) - elif(Util.CryptoSelect == 1): - data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( - Dict_CNG['SySFwCert0_Subject'], reFile=1), HashTypeforSystemKey) if (bFWPubHash1) else Fn.ReservedData(64 * 8) - ListOTPImageCol.append(data) - ListOTPImageCol.append(Fn.ReservedData( - 32 * 8)) if ((bFWPubHash1) and (HashTypeforSystemKey == 256)) else 0 - if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): - data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( - Dict_OpenSSL['SySFwPubKey1'], reFile=1), HashTypeforSystemKey) if (bFWPubHash2) else Fn.ReservedData(64 * 8) - elif(Util.CryptoSelect == 1): - data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( - Dict_CNG['SySFwCert1_Subject'], reFile=1), HashTypeforSystemKey) if (bFWPubHash2) else Fn.ReservedData(64 * 8) - ListOTPImageCol.append(data) - ListOTPImageCol.append(Fn.ReservedData( - 32 * 8)) if ((bFWPubHash2) and (HashTypeforSystemKey == 256)) else 0 + # ListOTPImageCol.append( + # int(Dict_OTP['oSysFwSigPubKeySts'], 0).to_bytes(1, byteorder='big')) + # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): + # data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( + # Dict_OpenSSL['SySFwPubKey0'], reFile=1), HashTypeforSystemKey) if (bFWPubHash1) else Fn.ReservedData(64 * 8) + # elif(Util.CryptoSelect == 1): + # data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( + # Dict_CNG['SySFwCert0_Subject'], reFile=1), HashTypeforSystemKey) if (bFWPubHash1) else Fn.ReservedData(64 * 8) + # ListOTPImageCol.append(data) + # ListOTPImageCol.append(Fn.ReservedData( + # 32 * 8)) if ((bFWPubHash1) and (HashTypeforSystemKey == 256)) else 0 + # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): + # data = CryptoDigest(Util.Path_Key, OpenSSL_GetPubKey( + # Dict_OpenSSL['SySFwPubKey1'], reFile=1), HashTypeforSystemKey) if (bFWPubHash2) else Fn.ReservedData(64 * 8) + # elif(Util.CryptoSelect == 1): + # data = CryptoDigest(Util.Path_Key, CNG_ExportPubKey( + # Dict_CNG['SySFwCert1_Subject'], reFile=1), HashTypeforSystemKey) if (bFWPubHash2) else Fn.ReservedData(64 * 8) + # ListOTPImageCol.append(data) + # ListOTPImageCol.append(Fn.ReservedData( + # 32 * 8)) if ((bFWPubHash2) and (HashTypeforSystemKey == 256)) else 0 # 364 - 511 - ListOTPImageCol.append( - int(Dict_OTP['oUserDataField'], 0).to_bytes(20, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oUserDataField'], 0).to_bytes(20, byteorder='big')) # 512 - 1023 - ListOTPImageCol.append( - int(Dict_OTP['oUserDataField1'], 0).to_bytes(128, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oUserDataField2'], 0).to_bytes(128, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oUserDataField3'], 0).to_bytes(128, byteorder='big')) - ListOTPImageCol.append( - int(Dict_OTP['oUserDataField4'], 0).to_bytes(128, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oUserDataField1'], 0).to_bytes(128, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oUserDataField2'], 0).to_bytes(128, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oUserDataField3'], 0).to_bytes(128, byteorder='big')) + # ListOTPImageCol.append( + # int(Dict_OTP['oUserDataField4'], 0).to_bytes(128, byteorder='big')) total = 0 for i in range(0, len(ListOTPImageCol)): @@ -1058,8 +1080,8 @@ def GenHeader(): # print('FWLength', '{:x}'.format(FWLength)) # print('OtpAlign', '{:x}'.format(OtpAlign)) - # if(GenOTP): - # List_OTPHeader = GenOTPHeader() + if(GenOTP): + List_OTPHeader = GenOTPHeader() List_FWHeader = GenFWHeader() List_Header = [List_FWHeader, List_OTPHeader] logging.info('GenHeader OK') @@ -1651,7 +1673,7 @@ def DumpOTP(File): def ParseXml(XmlTree): global Dict_Config, Dict_OpenSSL, Dict_CNG, Dict_PKCS11, Dict_File, Dict_FW_H, Dict_OTP_H, Dict_OTP, GenOTP, AESencrypt,\ - bPriKey, bPubKey, bPubHash1, bPubHash2, bFWPubHash1, bFWPubHash2, bSessPrivKey,\ + bPriKey, bPubKey, bPubHash1, bPubHash2, bPubHash3, bPubHash4, bPubHash5, bFWPubHash1, bFWPubHash2, bSessPrivKey,\ HashTypeforECKey, HashTypeforSystemKey # Config Field @@ -1729,9 +1751,9 @@ def ParseXml(XmlTree): # os.chdir(Util.Path_Current) # OpenSSL Field - # Node = XmlTree.find('Crypto') - # Node = Node.find('OpenSSL') - # Dict_OpenSSL = ParseXmlwithTarget(Node, Util.Target.OpenSSL) + Node = XmlTree.find('Crypto') + Node = Node.find('OpenSSL') + Dict_OpenSSL = ParseXmlwithTarget(Node, Util.Target.OpenSSL) # # CNG Field # Node = XmlTree.find('Crypto') @@ -1755,43 +1777,72 @@ def ParseXml(XmlTree): Dict_FW_H = ParseXmlwithTarget(Node, Util.Target.FWImageHeader) # # OTP Header Field - # Node = XmlTree.find('OTPImageHeader') - # if(Node is not None): - # Dict_OTP_H = ParseXmlwithTarget(Node, Util.Target.OTPImageHeader) + Node = XmlTree.find('OTPImageHeader') + if(Node is not None): + Dict_OTP_H = ParseXmlwithTarget(Node, Util.Target.OTPImageHeader) # Setting Global variable if 'AESencrypt' in Dict_Config: - AESencrypt = 0 #(int)(Dict_Config['AESencrypt']) - Util.CryptoSelect = 0 #(int)(Dict_Config['CryptoSelect']) - - # if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): - # KeyType = [0, 0] - # KeyLonger = [False, False] - # Key3072_384 = [False, False] - # if Dict_OpenSSL['EcFwSigKey'] is not None: - # bPriKey = 1 - # if Dict_OpenSSL['EcFwPubKey0'] is not None: - # bPubHash1 = 1 - # KeyType[0], KeyLonger[0], Key3072_384[0] = IdentifyPubKey_2( - # Dict_OpenSSL['EcFwPubKey0']) - # if Dict_OpenSSL['EcFwPubKey1'] is not None: - # bPubHash2 = 1 - # KeyType[1], KeyLonger[1], Key3072_384[1] = IdentifyPubKey_2( - # Dict_OpenSSL['EcFwPubKey1']) - # if(((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 0) and bPubHash1) or \ - # (((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 1) and bPubHash2): - # bPubKey = 1 - # if(bPriKey and bPubKey): - # if((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 0): - # CheckKeyPair( - # Dict_OpenSSL['EcFwSigKey'], Dict_OpenSSL['EcFwPubKey0']) - # else: - # CheckKeyPair( - # Dict_OpenSSL['EcFwSigKey'], Dict_OpenSSL['EcFwPubKey1']) - - # if Util.internal: - # if Dict_OpenSSL['SessPrivKey'] is not None: - # bSessPrivKey = 1 + AESencrypt = (int)(Dict_Config['AESencrypt']) + Util.CryptoSelect = (int)(Dict_Config['CryptoSelect']) + + if(Util.CryptoSelect == 0 or Util.CryptoSelect == 2): + KeyType = [0, 0, 0, 0, 0] + KeyLonger = [False, False, False, False, False] + Key3072_384 = [False, False, False, False, False] + if(Util.CryptoSelect == 0): + if Dict_OpenSSL['EcFwSigKey'] is not None: + bPriKey = 1 + if Dict_OpenSSL['EcFwPubKey0'] is not None: + bPubHash1 = 1 + KeyType[0], KeyLonger[0], Key3072_384[0] = IdentifyPubKey_2( + Dict_OpenSSL['EcFwPubKey0']) + # if Dict_OpenSSL['EcFwPubKey1'] is not None: + # bPubHash2 = 1 + # KeyType[1], KeyLonger[1], Key3072_384[1] = IdentifyPubKey_2( + # Dict_OpenSSL['EcFwPubKey1']) + # if Dict_OpenSSL['EcFwPubKey2'] is not None: + # bPubHash3 = 1 + # KeyType[2], KeyLonger[2], Key3072_384[2] = IdentifyPubKey_2( + # Dict_OpenSSL['EcFwPubKey2']) + # if Dict_OpenSSL['EcFwPubKey3'] is not None: + # bPubHash4 = 1 + # KeyType[3], KeyLonger[3], Key3072_384[3] = IdentifyPubKey_2( + # Dict_OpenSSL['EcFwPubKey3']) + # if Dict_OpenSSL['EcFwPubKey4'] is not None: + # bPubHash5 = 1 + # KeyType[4], KeyLonger[4], Key3072_384[4] = IdentifyPubKey_2( + # Dict_OpenSSL['EcFwPubKey4']) + + # if(((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 0) and bPubHash1) or \ + # (((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 1) and bPubHash2) or \ + # (((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 2) and bPubHash3) or \ + # (((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 3) and bPubHash4) or \ + # (((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 4) and bPubHash5): + # bPubKey = 1 + + if(((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 0)): + bPubKey = 1 + + if(bPriKey and bPubKey): + if((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 0): + CheckKeyPair( + Dict_OpenSSL['EcFwSigKey'], Dict_OpenSSL['EcFwPubKey0']) + # elif((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 1): + # CheckKeyPair( + # Dict_OpenSSL['EcFwSigKey'], Dict_OpenSSL['EcFwPubKey1']) + # elif((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 2): + # CheckKeyPair( + # Dict_OpenSSL['EcFwSigKey'], Dict_OpenSSL['EcFwPubKey2']) + # elif((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 3): + # CheckKeyPair( + # Dict_OpenSSL['EcFwSigKey'], Dict_OpenSSL['EcFwPubKey3']) + # elif((int)(Dict_OpenSSL['EcFwSigKey_Idx']) == 4): + # CheckKeyPair( + # Dict_OpenSSL['EcFwSigKey'], Dict_OpenSSL['EcFwPubKey4']) + # if Util.internal: + # if Dict_OpenSSL['SessPrivKey'] is not None: + # bSessPrivKey = 1 # elif not Util.internal: # # oSigPubKeySts @@ -1891,10 +1942,10 @@ def ParseXml(XmlTree): # # if (('AESCert_Subject' in Dict_CNG) and (Dict_CNG['AESCert_Subject'] is not None)): # # bSessPrivKey = 1 - # if(bPubKey == 0): - # Fn.OutputString( - # 1, "Need an EcFwPubKey or EcFwCert. Please check Crypto section.") - # Fn.ClearTmpFiles() + if(bPubKey == 0): + Fn.OutputString( + 1, "Need an EcFwPubKey or EcFwCert. Please check Crypto section.") + Fn.ClearTmpFiles() # YH # if(Util.CryptoSelect == 0): @@ -1903,7 +1954,7 @@ def ParseXml(XmlTree): # Dict_Config['hSigPubKeyHashIdx'] = Dict_CNG['SignCert_Idx'] if(Util.internal): - GenOTP = 0 #(int)(Dict_Config['GenOTP']) + GenOTP = (int)(Dict_Config['GenOTP']) # elif(not Util.internal): # Custom XML setting # if(Util.CryptoSelect == 0): # Dict_Config['hSigPubKeyHashIdx'] = Dict_OpenSSL['EcFwSigKey_Idx'] @@ -1931,10 +1982,10 @@ def ParseXml(XmlTree): # print('FanTableCnt = ', '{:x}'.format(Util.FanTableCnt)) # OTP Field - # if(GenOTP): - # Node = XmlTree.find('OTPbitmap') - # if((Node is not None) and Util.internal): - # Dict_OTP = ParseXmlwithTarget(Node, Util.Target.OTPbitmap) + if(GenOTP): + Node = XmlTree.find('OTPbitmap') + if((Node is not None) and Util.internal): + Dict_OTP = ParseXmlwithTarget(Node, Util.Target.OTPbitmap) # # if 'oSigPubKeySts' in Dict_OTP: # # ECPubKeySts = Fn.ConvertInt2Bin(Dict_OTP['oSigPubKeySts'], 8) # # HashTypeforECKey = 512 if( @@ -1959,11 +2010,10 @@ def ParseXml(XmlTree): # Dict_OTP['oLongKeySel'] = str(Util.oLongKeySel) # Dict_OTP['oRSAPKCPAD'] = str(Util.RSAPKCPAD) - # if Util.internal: - # HashTypeforECKey = 512 if(int(Dict_OTP['oSHA512Used'], 0) == 1) else 256 - - Util.SetCryptoFunc(0) + if Util.internal: + HashTypeforECKey = 512 if(int(Dict_OTP['oSHA512Used'], 0) == 1) else 256 + Util.SetCryptoFunc((int)(Dict_Config['CryptoSelect'])) def GenImage(): try: @@ -2065,8 +2115,8 @@ def RemoveOTP(): if Util.internal: ParseXml(ReadXml(XmlFile)) - # if(GenOTP): - # GenImage() + if(GenOTP): + GenImage() GenPacket(GenHeader()) # elif not Util.internal: diff --git a/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pri.der b/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pri.der new file mode 100644 index 00000000000000..c70bc299b6a23f Binary files /dev/null and b/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pri.der differ diff --git a/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pri.pem b/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pri.pem new file mode 100644 index 00000000000000..852a635a33e945 --- /dev/null +++ b/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pri.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEApRmjyg+ftgDiRlmsrjd+rSreojY1yTBfoSn7Pp2QXYaijTQG +OpD86zRFMYrWu5NAaBJWOhhDc/PoGyGWW6dJ5m5Gql5IxJv0s9+479npy4QZNj4e +t65sTMmYXxfO8A1d7nWO2G8/B/3s+NDNrGJhw36QCc05X8pyguYGvC3Ro8GbO8os +F7bHn1NG4ixPhckzaxVfX2uocWO2lXmFiqniQqs6oc/RZEzjnjhBwuJ0yE5uXj+1 +rSR1mjJwol6oFzgNIRaYK976GX8zE+lWW+xNo7cGXR66IWK3lxSbQjfhdluBl5Ew +1t484HGGPZX+SfJKJ8xlHbzL0FQzTiinIzvJWtcXSbe7vng/LONY7KYs5L1iPSzV +ZIXgUAdArUMhd8e1boGhYniECP4jnNi/BhhGiLxXV87Iz2K4qBX0kUYW2rdf+Cpt +xPnOHkaOpjqN5u6PKC0l8Ja5r5IAgbpYeu9N1/S46kA6X0X9SAuKaSO8CDzU8KEr +UiIFhIqwjXXEqndjAgMBAAECggGBAJkZRqZoiJz5Attj6tp/QawJVfysMoJHplZI +HOD6sdXYtMImHSSQMMlXZlbDvc6hhRc88dLbjylmY7VNFyYU4lWZq1PvLKGNUYS/ +kLpyo/gCnnKLdma0i19FjlOYO2CltJYdU4Jm3tdlZCtzTVZuwOPNaHp+YZbvn/K8 +pkA4aO/m6DGwj+TJrSGU0uWHW5Lfehvx7MgKiF/lrHm9/9UPJm7WY/+LPEw7dNPS +rUCwSMU63ePuRmWxqpB797DKACvP3/cZbQ4FV2KHxNpEzXeDv4QXHHeKBbs645sN +li0gBL6xGCz2WiLT8g09b7HhbqqX7rwVrhnSqdkQ1zvA/QTToP6EZ/ROzr4yyhmM +uju9RxJ8SATkhc7O7liIJu0C4pWrjlbJiTVnqI4w1da8Kb0AmemB6NvZ7obr0nzI +9cKN4uAA5Vv7KNunhZkZLqDzIdj/PyZsMg8CSX5irYhUvGMvz4bC4ENhe/M3Kf1I +t3VxlAXIGkNnaf4O4WXhZIq1K1JPuQKBwQDY6zlFucdkAAlc75EzlyCzcllTbwcW +ROhdXpTrvdrl+vrWmBLMRoT8pcNJdyrjY+OsVhlgPjWOwIQMmxgbVwTi++kpL3Ot +5xfLyfLFjEFpejoq8UOcTcGONvWvhMr05VZYjTH8HuxYh0WAwvu1sWNsVt9NRTQf +A4nMv+UOmYORCuz4RKhP73bCFvbLHCqKGncoGuzEHleQSFrXQbd5yhvrEkaFlxxE +OYBHgbTaH+t5saHdaOyCFUW5QAUnAb9dF2cCgcEAwthselcIgnz4jCh5XviHJ/hp +j5irSHrjJWb6aNVeKGP37ZNyT0NG8Sn+PeMq4jEZOyZRid9fUsxpZBXTlYud9kkN +6oSNpjbhgtQfdEDcK6EzS+knuaZOsCC+WvxXh0B+QYyol34K5iU9WpNvAJNXR6q3 +B7dL3q+GPHa3ja2rM7g2gYGwjUXQpSDypSnCHIwCtlPXjxkM6CR5G2ztlg+lRnN4 +nSQ5N8kHtL3ldJ/Dmigj/hiMs79LPxuzFDhSj06lAoHAAljBHNz+qDlL4KKC2qEG +7IoPJ1TrKbWDIgd06vv500Uc05d/lJAqviT48OGGKEGbY/Dmg2EI6Utx4kUHRLxz +RBVfl195C+eVHVJI+xQiXQbCfFZx2c4JiwVTMRvpqi6U+Y5FfSnEesyz1snFOVj6 +72AdOFPIVZGPOxTUYI0OnFIW8DSl8X9wtHbVIqtiVm4k3d00tIZzgg8WVH/UgU/L +b4aaFrXky2Qn3B4uG7H+tSlTy/ZnoJykTXXA2IQvUs1/AoHABT3TNTtQJEp+WS7h +jPd8k0uwc0d1HB8KK0Bo7hcHUGjYC5ES2yUBLI2npDyPM8SEXD38pYvXwZ90Glgn +9/boie6PLEbilJ0XVfCk4/i2s4nDmoAsLGdX6I8I7+On6yCGBPdmtaSTYHuR+fTL +YKWWDHyALfn1VYk9QDUlXO9WEq8a8ELv3+0H3tlTDbRg32m4zPTWcKgI29nXVDCK +96V2Gb4TeY6251RGG8ub95Ywqd34keZRKqizun/hQmL9fZNtAoHBAJtUojd8Vdqd +I2yaWi5IHRTJ6Ffw0A7dJjSL/DnHx++MV75y29+9BHm5uo3zmuXi8vlkGpMv6iVB +7KY6jm0Omb/ugh2ltmr8CDE5q38gJ4lGZemP4Ie+i3/Q1uzwo6ESJ5/xugsBn7dz +vLqgcPW+USRX9i1E9b/tcsVucn2vpwNtI4uw82uhF3WjjQeBwVRwK0sYu5MH7HyN +T7t1SlD02x5X9Uf4po73aMU5RtAwYC8EgZ+TH8CkI+MhDX+ErWoJ3A== +-----END RSA PRIVATE KEY----- diff --git a/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pub.der b/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pub.der new file mode 100644 index 00000000000000..d0881740d58706 Binary files /dev/null and b/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pub.der differ diff --git a/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pub.pem b/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pub.pem new file mode 100644 index 00000000000000..d834e6ea9a5b0b --- /dev/null +++ b/soc/arm/npcm4xx/common/ImageGenerator/Key/RSA3072key_pub.pem @@ -0,0 +1,11 @@ +-----BEGIN PUBLIC KEY----- +MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEApRmjyg+ftgDiRlmsrjd+ +rSreojY1yTBfoSn7Pp2QXYaijTQGOpD86zRFMYrWu5NAaBJWOhhDc/PoGyGWW6dJ +5m5Gql5IxJv0s9+479npy4QZNj4et65sTMmYXxfO8A1d7nWO2G8/B/3s+NDNrGJh +w36QCc05X8pyguYGvC3Ro8GbO8osF7bHn1NG4ixPhckzaxVfX2uocWO2lXmFiqni +Qqs6oc/RZEzjnjhBwuJ0yE5uXj+1rSR1mjJwol6oFzgNIRaYK976GX8zE+lWW+xN +o7cGXR66IWK3lxSbQjfhdluBl5Ew1t484HGGPZX+SfJKJ8xlHbzL0FQzTiinIzvJ +WtcXSbe7vng/LONY7KYs5L1iPSzVZIXgUAdArUMhd8e1boGhYniECP4jnNi/BhhG +iLxXV87Iz2K4qBX0kUYW2rdf+CptxPnOHkaOpjqN5u6PKC0l8Ja5r5IAgbpYeu9N +1/S46kA6X0X9SAuKaSO8CDzU8KErUiIFhIqwjXXEqndjAgMBAAE= +-----END PUBLIC KEY----- diff --git a/soc/arm/npcm4xx/common/ImageGenerator/Xml/_NTC_config.xml b/soc/arm/npcm4xx/common/ImageGenerator/Xml/_NTC_config.xml index 2ce5cb75fedb51..146ea4faebc4bf 100644 --- a/soc/arm/npcm4xx/common/ImageGenerator/Xml/_NTC_config.xml +++ b/soc/arm/npcm4xx/common/ImageGenerator/Xml/_NTC_config.xml @@ -2,9 +2,19 @@ + @gen_otp + 0 + + + RSA3072key_pri.pem + 0 + RSA3072key_pub.der + + + @inputfile.bin @inputfile_signed.bin @@ -12,14 +22,49 @@ %FiMg94@ - 0x00 - 0x00 - 0x20 - 0x00 + 0x00 + @recover_image_offset + 0x00 + @recover_image_offset + + @secure_boot + @secure_level + 1 + 0 + 1 + 1 + 1 + @not_do_backup + + 0x00 0x0000 00000000 0x000000 0x0000 + + %OtPmAp@ + + + + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + @secure_boot + @secure_level + 0x01 + 0 + @longkey_used + @longkey_sel + 0 + 0 + 0 + 0 + diff --git a/soc/arm/npcm4xx/common/ImageGenerator/XmlParser.py b/soc/arm/npcm4xx/common/ImageGenerator/XmlParser.py index 226aa79b6fd153..2b566270840a0a 100644 --- a/soc/arm/npcm4xx/common/ImageGenerator/XmlParser.py +++ b/soc/arm/npcm4xx/common/ImageGenerator/XmlParser.py @@ -87,131 +87,131 @@ def CheckXml(Dict_Variable, Target): CheckZeroOrOne(Dict_Variable, 'oNotTrySysIfSPI1') CheckZeroOrOne(Dict_Variable, 'oNotTrySysIfFIUBkp') # CheckZeroOrOne(Dict_Variable, 'oFIUPri4BMode') - CheckZeroOrOne(Dict_Variable, 'oFIUShr4BMode') + # CheckZeroOrOne(Dict_Variable, 'oFIUShr4BMode') # 6694 - CheckZeroOrOne(Dict_Variable, 'oSPIP4BMode') - CheckZeroOrOne(Dict_Variable, 'oSpiQuadPEn') - CheckZeroOrOne(Dict_Variable, 'oECPTRCheckCRC') + # CheckZeroOrOne(Dict_Variable, 'oSPIP4BMode') + # CheckZeroOrOne(Dict_Variable, 'oSpiQuadPEn') + # CheckZeroOrOne(Dict_Variable, 'oECPTRCheckCRC') # CheckZeroOrOne(Dict_Variable, 'oSysAuthAlways') - CheckZeroOrOne(Dict_Variable, 'oSecureBoot') - CheckZeroOrOne(Dict_Variable, 'oSecurityLvl') + # CheckZeroOrOne(Dict_Variable, 'oSecureBoot') + # CheckZeroOrOne(Dict_Variable, 'oSecurityLvl') CheckZeroOrOne(Dict_Variable, 'oHaltIfMafRollbk') CheckZeroOrOne(Dict_Variable, 'oHaltIfActiveRollbk') CheckZeroOrOne(Dict_Variable, 'oHaltIfOnlyMafValid') CheckZeroOrOne(Dict_Variable, 'oTryBootIfAllCrashed') - CheckZeroOrOne(Dict_Variable, 'oUnmapRomBfXferCtl') - CheckZeroOrOne(Dict_Variable, 'oDisableDBGAtRst') - CheckZeroOrOne(Dict_Variable, 'oAESKeyLock') - CheckZeroOrOne(Dict_Variable, 'oHWCfgFieldLock') - CheckZeroOrOne(Dict_Variable, 'oOtpRgn2Lock') - CheckZeroOrOne(Dict_Variable, 'oOtpRgn3Lock') - CheckZeroOrOne(Dict_Variable, 'oOtpRgn4Lock') - CheckZeroOrOne(Dict_Variable, 'oOtpRgn5Lock') - CheckZeroOrOne(Dict_Variable, 'oOtpRgn6Lock') - CheckZeroOrOne(Dict_Variable, 'oRSAPKCPAD') - CheckZeroOrOne(Dict_Variable, 'oRetryLimitEn') - CheckZeroOrOne(Dict_Variable, 'oSkipCtyptoSelfTest') - CheckZeroOrOne(Dict_Variable, 'oOlnyLogCriticalEvent') + # CheckZeroOrOne(Dict_Variable, 'oUnmapRomBfXferCtl') + # CheckZeroOrOne(Dict_Variable, 'oDisableDBGAtRst') + # CheckZeroOrOne(Dict_Variable, 'oAESKeyLock') + # CheckZeroOrOne(Dict_Variable, 'oHWCfgFieldLock') + # CheckZeroOrOne(Dict_Variable, 'oOtpRgn2Lock') + # CheckZeroOrOne(Dict_Variable, 'oOtpRgn3Lock') + # CheckZeroOrOne(Dict_Variable, 'oOtpRgn4Lock') + # CheckZeroOrOne(Dict_Variable, 'oOtpRgn5Lock') + # CheckZeroOrOne(Dict_Variable, 'oOtpRgn6Lock') + # CheckZeroOrOne(Dict_Variable, 'oRSAPKCPAD') + # CheckZeroOrOne(Dict_Variable, 'oRetryLimitEn') + # CheckZeroOrOne(Dict_Variable, 'oSkipCtyptoSelfTest') + # CheckZeroOrOne(Dict_Variable, 'oOlnyLogCriticalEvent') CheckZeroOrOne(Dict_Variable, 'oLongKeySel') - CheckZeroOrOne(Dict_Variable, 'oOTPRegionRdLock') - CheckZeroOrOne(Dict_Variable, 'oClrRamExitRom') - CheckZeroOrOne(Dict_Variable, 'oVSpiExistNoTimeOut') - CheckZeroOrOne(Dict_Variable, 'oNoWaitVSpiExist') - CheckZeroOrOne(Dict_Variable, 'oTryBootNotCtrlFWRdy') - CheckZeroOrOne(Dict_Variable, 'oNotUpdateToPrvFw') - CheckZeroOrOne(Dict_Variable, 'oPartID') - CheckZeroOrOne(Dict_Variable, 'oAESNotSupport') - CheckZeroOrOne(Dict_Variable, 'oMCUClkNNotDiv2') - CheckZeroOrOne(Dict_Variable, 'oMCPRdEdge') - CheckZeroOrOne(Dict_Variable, 'oMCPSel') - CheckZeroOrOne(Dict_Variable, 'oANAD2High') - CheckZeroOrOne(Dict_Variable, 'oValANAD') - CheckZeroOrOne(Dict_Variable, 'oValDevId') - CheckZeroOrOne(Dict_Variable, 'oValRSMRST_L') - CheckZeroOrOne(Dict_Variable, 'oValRSMRST_Sys') - CheckZeroOrOne(Dict_Variable, 'oDivMinHigh') - CheckZeroOrOne(Dict_Variable, 'oValDivMin') - CheckZeroOrOne(Dict_Variable, 'oDivMaxHigh') - CheckZeroOrOne(Dict_Variable, 'oValDivMax') - CheckZeroOrOne(Dict_Variable, 'oFrcDivHigh') - CheckZeroOrOne(Dict_Variable, 'oValFrcDiv') - CheckZeroOrOne(Dict_Variable, 'oValFR_CLK') + # CheckZeroOrOne(Dict_Variable, 'oOTPRegionRdLock') + # CheckZeroOrOne(Dict_Variable, 'oClrRamExitRom') + # CheckZeroOrOne(Dict_Variable, 'oVSpiExistNoTimeOut') + # CheckZeroOrOne(Dict_Variable, 'oNoWaitVSpiExist') + # CheckZeroOrOne(Dict_Variable, 'oTryBootNotCtrlFWRdy') + # CheckZeroOrOne(Dict_Variable, 'oNotUpdateToPrvFw') + # CheckZeroOrOne(Dict_Variable, 'oPartID') + # CheckZeroOrOne(Dict_Variable, 'oAESNotSupport') + # CheckZeroOrOne(Dict_Variable, 'oMCUClkNNotDiv2') + # CheckZeroOrOne(Dict_Variable, 'oMCPRdEdge') + # CheckZeroOrOne(Dict_Variable, 'oMCPSel') + # CheckZeroOrOne(Dict_Variable, 'oANAD2High') + # CheckZeroOrOne(Dict_Variable, 'oValANAD') + # CheckZeroOrOne(Dict_Variable, 'oValDevId') + # CheckZeroOrOne(Dict_Variable, 'oValRSMRST_L') + # CheckZeroOrOne(Dict_Variable, 'oValRSMRST_Sys') + # CheckZeroOrOne(Dict_Variable, 'oDivMinHigh') + # CheckZeroOrOne(Dict_Variable, 'oValDivMin') + # CheckZeroOrOne(Dict_Variable, 'oDivMaxHigh') + # CheckZeroOrOne(Dict_Variable, 'oValDivMax') + # CheckZeroOrOne(Dict_Variable, 'oFrcDivHigh') + # CheckZeroOrOne(Dict_Variable, 'oValFrcDiv') + # CheckZeroOrOne(Dict_Variable, 'oValFR_CLK') # 6694 - CheckZeroOrOne(Dict_Variable, 'oRefOTPClk') - CheckZeroOrOne(Dict_Variable, 'oXFRANGE') + # CheckZeroOrOne(Dict_Variable, 'oRefOTPClk') + # CheckZeroOrOne(Dict_Variable, 'oXFRANGE') - CheckRange(Dict_Variable, 'oFlashConnection', 2) - CheckRange(Dict_Variable, 'oMCPFlashSize', 2) - CheckRange(Dict_Variable, 'oMCPFLMode', 2) - CheckRange(Dict_Variable, 'oFIUShrFLMode', 2) + # CheckRange(Dict_Variable, 'oFlashConnection', 2) + # CheckRange(Dict_Variable, 'oMCPFlashSize', 2) + # CheckRange(Dict_Variable, 'oMCPFLMode', 2) + # CheckRange(Dict_Variable, 'oFIUShrFLMode', 2) # 6694 - CheckRange(Dict_Variable, 'oSPIPFLMode', 2) + # CheckRange(Dict_Variable, 'oSPIPFLMode', 2) # CheckRange(Dict_Variable, 'oSPIMFLMode', 2) - CheckRange(Dict_Variable, 'oFIUClkDiv', 2) + # CheckRange(Dict_Variable, 'oFIUClkDiv', 2) # 6694 - CheckRange(Dict_Variable, 'oSPIPClkDiv', 2) - CheckRange(Dict_Variable, 'oSPIMClkDiv', 2) + # CheckRange(Dict_Variable, 'oSPIPClkDiv', 2) + # CheckRange(Dict_Variable, 'oSPIMClkDiv', 2) - CheckRange(Dict_Variable, 'oSecEvnLogLoc', 16) + # CheckRange(Dict_Variable, 'oSecEvnLogLoc', 16) # 6694 # CheckRange(Dict_Variable, 'oSigPubKeySts', 8) - CheckRange(Dict_Variable, 'oRSAPubKeySts', 2) - CheckRange(Dict_Variable, 'oECPubKeySts', 2) - CheckRange(Dict_Variable, 'oRevokeKeySts', 2) + # CheckRange(Dict_Variable, 'oRSAPubKeySts', 2) + # CheckRange(Dict_Variable, 'oECPubKeySts', 2) + # CheckRange(Dict_Variable, 'oRevokeKeySts', 2) CheckRange(Dict_Variable, 'oLongKeyUsed', 1) CheckRange(Dict_Variable, 'oSHA512Used', 1) - CheckRange(Dict_Variable, 'oAESDecryptEn', 2) + # CheckRange(Dict_Variable, 'oAESDecryptEn', 2) - CheckRange(Dict_Variable, 'oSysPfrWP0En', 8) - CheckRange(Dict_Variable, 'oSysPfrWP1En', 8) - CheckRange(Dict_Variable, 'oSysPfrWP1En', 8) - CheckRange(Dict_Variable, 'oOTPDatValid0', 8) - CheckRange(Dict_Variable, 'oOTPDatValid1', 8) + # CheckRange(Dict_Variable, 'oSysPfrWP0En', 8) + # CheckRange(Dict_Variable, 'oSysPfrWP1En', 8) + # CheckRange(Dict_Variable, 'oSysPfrWP1En', 8) + # CheckRange(Dict_Variable, 'oOTPDatValid0', 8) + # CheckRange(Dict_Variable, 'oOTPDatValid1', 8) # 6694 - CheckRange(Dict_Variable, 'oLed1Sel', 4) - CheckRange(Dict_Variable, 'oLed1Pole', 1) - CheckRange(Dict_Variable, 'oLed2Sel', 4) - CheckRange(Dict_Variable, 'oLed2Pole', 1) - CheckRange(Dict_Variable, 'oLedActRbkBlkDef', 4) - CheckRange(Dict_Variable, 'oLedSysRbkBlkDef', 4) - CheckRange(Dict_Variable, 'oLedFwCpyBlkDef', 4) - CheckRange(Dict_Variable, 'oLedSysOnlyBlkDef', 4) - CheckRange(Dict_Variable, 'oLedAllCrashBlkDef', 4) - CheckRange(Dict_Variable, 'oLedCryptoTestFailBlkDef', 4) + # CheckRange(Dict_Variable, 'oLed1Sel', 4) + # CheckRange(Dict_Variable, 'oLed1Pole', 1) + # CheckRange(Dict_Variable, 'oLed2Sel', 4) + # CheckRange(Dict_Variable, 'oLed2Pole', 1) + # CheckRange(Dict_Variable, 'oLedActRbkBlkDef', 4) + # CheckRange(Dict_Variable, 'oLedSysRbkBlkDef', 4) + # CheckRange(Dict_Variable, 'oLedFwCpyBlkDef', 4) + # CheckRange(Dict_Variable, 'oLedSysOnlyBlkDef', 4) + # CheckRange(Dict_Variable, 'oLedAllCrashBlkDef', 4) + # CheckRange(Dict_Variable, 'oLedCryptoTestFailBlkDef', 4) # CheckRange(Dict_Variable, 'oRomMlbxLoc', 16) - CheckRange(Dict_Variable, 'oMCPRdDly', 3) - - CheckRange(Dict_Variable, 'oANAD2Low', 8) - CheckRange(Dict_Variable, 'oDevId', 5) - CheckRange(Dict_Variable, 'oRSMRST_L', 8) - CheckRange(Dict_Variable, 'oRSMRST_Sys', 8) - CheckRange(Dict_Variable, 'oDivMinLow', 8) - CheckRange(Dict_Variable, 'oDivMaxLow', 8) - CheckRange(Dict_Variable, 'oFrcDivLow', 8) - CheckRange(Dict_Variable, 'oFR_CLK', 4) - CheckRange(Dict_Variable, 'oOTPWriteTime', 8) - CheckRange(Dict_Variable, 'oDnxRsmrstWidth', 8) - CheckRange(Dict_Variable, 'oDnxDPOkWidth', 8) - CheckRange(Dict_Variable, 'oECTestMode0', 16) - - CheckRange(Dict_Variable, 'oVSpiExistWaitCnter', 8) - CheckRange(Dict_Variable, 'oPwmLedAdj', 8) - CheckRange(Dict_Variable, 'oFPRED', 4) - CheckRange(Dict_Variable, 'oAHB6DIV', 2) - CheckRange(Dict_Variable, 'oAPB1DIV', 4) - CheckRange(Dict_Variable, 'oAPB2DIV', 4) - CheckRange(Dict_Variable, 'oAPB3DIV', 4) - - CheckRange(Dict_Variable, 'oChipTesterID', 32) - CheckRange(Dict_Variable, 'oSysFwSigPubKeySts', 8) - CheckRange(Dict_Variable, 'oUserDataField', 160) - CheckRange(Dict_Variable, 'oUserDataField1', 128) - CheckRange(Dict_Variable, 'oUserDataField2', 128) - CheckRange(Dict_Variable, 'oUserDataField3', 128) - CheckRange(Dict_Variable, 'oUserDataField4', 128) + # CheckRange(Dict_Variable, 'oMCPRdDly', 3) + + # CheckRange(Dict_Variable, 'oANAD2Low', 8) + # CheckRange(Dict_Variable, 'oDevId', 5) + # CheckRange(Dict_Variable, 'oRSMRST_L', 8) + # CheckRange(Dict_Variable, 'oRSMRST_Sys', 8) + # CheckRange(Dict_Variable, 'oDivMinLow', 8) + # CheckRange(Dict_Variable, 'oDivMaxLow', 8) + # CheckRange(Dict_Variable, 'oFrcDivLow', 8) + # CheckRange(Dict_Variable, 'oFR_CLK', 4) + # CheckRange(Dict_Variable, 'oOTPWriteTime', 8) + # CheckRange(Dict_Variable, 'oDnxRsmrstWidth', 8) + # CheckRange(Dict_Variable, 'oDnxDPOkWidth', 8) + # CheckRange(Dict_Variable, 'oECTestMode0', 16) + + # CheckRange(Dict_Variable, 'oVSpiExistWaitCnter', 8) + # CheckRange(Dict_Variable, 'oPwmLedAdj', 8) + # CheckRange(Dict_Variable, 'oFPRED', 4) + # CheckRange(Dict_Variable, 'oAHB6DIV', 2) + # CheckRange(Dict_Variable, 'oAPB1DIV', 4) + # CheckRange(Dict_Variable, 'oAPB2DIV', 4) + # CheckRange(Dict_Variable, 'oAPB3DIV', 4) + + # CheckRange(Dict_Variable, 'oChipTesterID', 32) + # CheckRange(Dict_Variable, 'oSysFwSigPubKeySts', 8) + # CheckRange(Dict_Variable, 'oUserDataField', 160) + # CheckRange(Dict_Variable, 'oUserDataField1', 128) + # CheckRange(Dict_Variable, 'oUserDataField2', 128) + # CheckRange(Dict_Variable, 'oUserDataField3', 128) + # CheckRange(Dict_Variable, 'oUserDataField4', 128) def CheckZeroOrOne(Dict, s): diff --git a/soc/arm/npcm4xx/npcm400f/Kconfig.defconfig.series b/soc/arm/npcm4xx/npcm400f/Kconfig.defconfig.series index 56b7d91756a95b..553d578599d7c5 100644 --- a/soc/arm/npcm4xx/npcm400f/Kconfig.defconfig.series +++ b/soc/arm/npcm4xx/npcm400f/Kconfig.defconfig.series @@ -38,6 +38,28 @@ config GPIO_NPCM4XX_RESET_SL_POWER_UP GPIO port 0-9, A-F is reset by VSB Power-Up reset. endchoice +config SECURE_BOOT_ENABLE_NPCM4XX + bool "Enable secure boot" + default n + +config BACKUP_IMAGE_OFFSET_NPCM4XX + hex "Backup/Recovery Image offset in the internal flash" + depends on SECURE_BOOT_ENABLE_NPCM4XX + default 0x40 + help + This option specifies the internal flash offset that use for backup/recovery image. + If the backup data is empty or broken, ROM backup the active image to the offset. + If the active image is broken or verify failed, ROM recovery the active image from + the offset. + The value should multiple 8kB, for example, 0x40 * 8kB = 512kB + +config DONT_UPDATE_BACKUP_IMAGE_NPCM4XX + int "Don't update suppose active image newer than backup image" + depends on SECURE_BOOT_ENABLE_NPCM4XX + default 1 + help + Don't update suppose active image newer than backup image. + DT_CHOSEN_Z_FLASH := zephyr,flash config FLASH_SIZE