Lines Matching +full:- +full:t0
1 // SPDX-License-Identifier: MIT
8 * The Xilinx True Random Number Generator(TRNG) module in Versal - PMC TRNG
17 * NIST SP-800-90A practically requires the true random generators based on
35 * However, the below guideline from section 10.2.1 of NIST SP-800-90A implies
316 max_blk -= 1; in checksum()
329 unsigned char t0 = 0; in setup_key() local
335 t0 = schedule[i - 4]; in setup_key()
336 t1 = schedule[i - 3]; in setup_key()
337 t2 = schedule[i - 2]; in setup_key()
338 t3 = schedule[i - 1]; in setup_key()
340 rota4(&t0, &t1, &t2, &t3); in setup_key()
341 t0 ^= rcon; in setup_key()
344 sbox4(&t0, &t1, &t2, &t3); in setup_key()
346 ik = i - klen; in setup_key()
347 schedule[i + 0] = schedule[ik + 0] ^ t0; in setup_key()
396 * - per NIST SP80090A.
399 * NIST.SP.800-90Ar1 document
409 size_t dfin_len = sizeof(struct trng_dfin) + trng->len; in trng_df_algorithm()
425 trng->dfin.val2 = TEE_U32_TO_BIG_ENDIAN(TRNG_PERS_STR_LEN); in trng_df_algorithm()
427 trng->dfin.val2 = TEE_U32_TO_BIG_ENDIAN(TRNG_GEN_LEN); in trng_df_algorithm()
429 trng->dfin.pad_data[0] = DF_PAD_VAL; in trng_df_algorithm()
432 if (trng->len > (MAX_PRE_DF_LEN + TRNG_PERS_STR_LEN)) in trng_df_algorithm()
435 dfin_len = dfin_len - TRNG_PERS_STR_LEN - MAX_PRE_DF_LEN; in trng_df_algorithm()
436 trng->dfin.val1 = TEE_U32_TO_BIG_ENDIAN(trng->len); in trng_df_algorithm()
439 src = (uintptr_t)trng->dfin.pad_data; in trng_df_algorithm()
440 offset = MAX_PRE_DF_LEN + TRNG_PERS_STR_LEN - trng->len; in trng_df_algorithm()
442 if (trng->len > MAX_PRE_DF_LEN) in trng_df_algorithm()
445 memcpy(trng->dfin.pstr, pstr, TRNG_PERS_STR_LEN); in trng_df_algorithm()
446 dfin_len = dfin_len - MAX_PRE_DF_LEN; in trng_df_algorithm()
447 trng->dfin.val1 = TEE_U32_TO_BIG_ENDIAN(trng->len + in trng_df_algorithm()
450 src = (uintptr_t)trng->dfin.pstr; in trng_df_algorithm()
451 offset = MAX_PRE_DF_LEN - trng->len; in trng_df_algorithm()
455 dst = src - offset; in trng_df_algorithm()
456 reminder = (uintptr_t)&trng->dfin + sizeof(trng->dfin) - offset; in trng_df_algorithm()
465 /* DF algorithm - step 1 */ in trng_df_algorithm()
468 memset((void *)(trng->dfout + index), 0, BLK_SIZE); in trng_df_algorithm()
469 trng->dfin.ivc[0] = TEE_U32_TO_BIG_ENDIAN(index / BLK_SIZE); in trng_df_algorithm()
470 checksum((unsigned char *)&trng->dfin, in trng_df_algorithm()
471 trng->dfout + index, dfin_len / BLK_SIZE); in trng_df_algorithm()
474 /* DF algorithm - step 2 */ in trng_df_algorithm()
475 setup_key(trng->dfout, DF_KEY_LEN); in trng_df_algorithm()
480 inp_blk = &dfout[index - BLK_SIZE]; in trng_df_algorithm()
513 trng_write32(trng->cfg.addr, off, 0); in trng_write32_range()
521 off = start + (TRNG_NUM_INIT_REGS - 1 - i) * TRNG_BYTES_PER_REG; in trng_write32_range()
522 trng_write32(trng->cfg.addr, off, val); in trng_write32_range()
536 /* Normal world might have suspended the OP-TEE thread, check again */ in trng_wait_for_event()
545 trng_clrset32(trng->cfg.addr, TRNG_CTRL, TRNG_CTRL_PRNGSRST_MASK, in trng_soft_reset()
548 trng_clrset32(trng->cfg.addr, TRNG_CTRL, TRNG_CTRL_PRNGSRST_MASK, 0); in trng_soft_reset()
553 trng_write32(trng->cfg.addr, TRNG_RESET, TRNG_RESET_VAL_MASK); in trng_reset()
555 trng_write32(trng->cfg.addr, TRNG_RESET, 0); in trng_reset()
561 trng_clrset32(trng->cfg.addr, TRNG_CTRL, in trng_hold_reset()
563 trng_write32(trng->cfg.addr, TRNG_RESET, TRNG_RESET_VAL_MASK); in trng_hold_reset()
595 trng_clrset32(trng->cfg.addr, TRNG_CTRL, in trng_collect_random()
603 if (trng_wait_for_event(trng->cfg.addr, in trng_collect_random()
616 if (trng->usr_cfg.mode != TRNG_PTRNG) { in trng_collect_random()
617 val = trng_read32(trng->cfg.addr, TRNG_STATUS); in trng_collect_random()
620 trng->status = TRNG_CATASTROPHIC; in trng_collect_random()
631 val = trng_read32(trng->cfg.addr, TRNG_CORE_OUTPUT); in trng_collect_random()
633 if (bcnt > 0 && trng->buf[wcnt] != val) in trng_collect_random()
636 trng->buf[wcnt] = val; in trng_collect_random()
646 trng->status = TRNG_CATASTROPHIC; in trng_collect_random()
660 switch (trng->usr_cfg.mode) { in trng_reseed_internal_nodf()
662 trng_write32(trng->cfg.addr, TRNG_OSC_EN, TRNG_OSC_EN_VAL_MASK); in trng_reseed_internal_nodf()
664 trng_write32(trng->cfg.addr, TRNG_CTRL, in trng_reseed_internal_nodf()
694 memset(&trng->dfin, 0, sizeof(trng->dfin)); in trng_reseed_internal_df()
696 switch (trng->usr_cfg.mode) { in trng_reseed_internal_df()
698 trng_write32(trng->cfg.addr, TRNG_OSC_EN, TRNG_OSC_EN_VAL_MASK); in trng_reseed_internal_df()
700 trng_write32(trng->cfg.addr, TRNG_CTRL, in trng_reseed_internal_df()
703 if (trng_collect_random(trng, trng->dfin.entropy, trng->len)) in trng_reseed_internal_df()
706 if (trng_check_seed(trng->dfin.entropy, trng->len)) in trng_reseed_internal_df()
710 memcpy(trng->dfin.entropy, eseed, trng->len); in trng_reseed_internal_df()
716 trng_df_algorithm(trng, trng->dfout, DF_SEED, str); in trng_reseed_internal_df()
717 trng_write32_range(trng, TRNG_EXT_SEED_0, TRNG_SEED_REGS, trng->dfout); in trng_reseed_internal_df()
728 trng->stats.bytes_reseed = 0; in trng_reseed_internal()
729 trng->stats.elapsed_seed_life = 0; in trng_reseed_internal()
731 if (trng->usr_cfg.df_disable) in trng_reseed_internal()
732 trng->len = TRNG_SEED_LEN; in trng_reseed_internal()
734 trng->len = (mul + 1) * BYTES_PER_BLOCK; in trng_reseed_internal()
736 if (trng->usr_cfg.df_disable) { in trng_reseed_internal()
744 trng_write32(trng->cfg.addr, TRNG_CTRL, in trng_reseed_internal()
748 trng_clrset32(trng->cfg.addr, TRNG_CTRL, TRNG_CTRL_PRNGSTART_MASK, in trng_reseed_internal()
751 if (trng_wait_for_event(trng->cfg.addr, TRNG_STATUS, in trng_reseed_internal()
756 /* Check SP800 - 90B (entropy health test error) */ in trng_reseed_internal()
757 val = trng_read32(trng->cfg.addr, TRNG_STATUS) & TRNG_STATUS_CERTF_MASK; in trng_reseed_internal()
761 trng_clrset32(trng->cfg.addr, TRNG_CTRL, TRNG_CTRL_PRNGSTART_MASK, 0); in trng_reseed_internal()
764 trng->status = TRNG_ERROR; in trng_reseed_internal()
780 if (trng->status != TRNG_UNINITIALIZED) in trng_instantiate()
783 if (usr_cfg->mode != TRNG_HRNG && usr_cfg->mode != TRNG_DRNG && in trng_instantiate()
784 usr_cfg->mode != TRNG_PTRNG) in trng_instantiate()
787 if (usr_cfg->mode != TRNG_PTRNG && !usr_cfg->seed_life) in trng_instantiate()
790 if (!usr_cfg->iseed_en && usr_cfg->mode == TRNG_DRNG) in trng_instantiate()
793 if (usr_cfg->iseed_en && usr_cfg->mode == TRNG_HRNG) in trng_instantiate()
796 if (!usr_cfg->df_disable && in trng_instantiate()
797 (usr_cfg->dfmul < TRNG_MIN_DFLENMULT || in trng_instantiate()
798 usr_cfg->dfmul > TRNG_MAX_DFLENMULT)) in trng_instantiate()
801 if (usr_cfg->df_disable && usr_cfg->dfmul) in trng_instantiate()
804 if (usr_cfg->mode == TRNG_PTRNG && in trng_instantiate()
805 (usr_cfg->iseed_en || usr_cfg->pstr_en || in trng_instantiate()
806 usr_cfg->predict_en || usr_cfg->seed_life)) in trng_instantiate()
809 memcpy(&trng->usr_cfg, usr_cfg, sizeof(struct trng_usr_cfg)); in trng_instantiate()
812 if (trng->usr_cfg.iseed_en) in trng_instantiate()
813 seed = (void *)trng->usr_cfg.init_seed; in trng_instantiate()
815 if (trng->usr_cfg.pstr_en) in trng_instantiate()
816 pers = (void *)trng->usr_cfg.pstr; in trng_instantiate()
818 if (trng->usr_cfg.mode != TRNG_PTRNG) { in trng_instantiate()
819 if (trng_reseed_internal(trng, seed, pers, trng->usr_cfg.dfmul)) in trng_instantiate()
823 trng->status = TRNG_HEALTHY; in trng_instantiate()
826 trng->status = TRNG_ERROR; in trng_instantiate()
836 if (trng->status != TRNG_HEALTHY) in trng_reseed()
839 if (trng->usr_cfg.mode != TRNG_DRNG && trng->usr_cfg.mode != TRNG_HRNG) in trng_reseed()
842 if (trng->usr_cfg.mode == TRNG_DRNG && !eseed) in trng_reseed()
845 if (trng->usr_cfg.mode != TRNG_DRNG && eseed) in trng_reseed()
848 if (!trng->usr_cfg.df_disable) { in trng_reseed()
853 if (trng->usr_cfg.df_disable && mul) in trng_reseed()
856 if (eseed && !memcmp(eseed, trng->usr_cfg.init_seed, trng->len)) in trng_reseed()
864 trng->status = TRNG_ERROR; in trng_reseed()
883 if (trng->status != TRNG_HEALTHY) in trng_generate()
886 if (trng->usr_cfg.mode == TRNG_PTRNG && predict) in trng_generate()
889 if (!trng->usr_cfg.predict_en && predict) in trng_generate()
892 switch (trng->usr_cfg.mode) { in trng_generate()
894 if (trng->stats.elapsed_seed_life >= trng->usr_cfg.seed_life) { in trng_generate()
899 if (predict && trng->stats.elapsed_seed_life > 0) { in trng_generate()
904 trng_write32(trng->cfg.addr, TRNG_CTRL, PRNGMODE_GEN); in trng_generate()
907 if (trng->stats.elapsed_seed_life > trng->usr_cfg.seed_life) in trng_generate()
910 if (predict && trng->stats.elapsed_seed_life > 0) in trng_generate()
913 trng_write32(trng->cfg.addr, TRNG_CTRL, PRNGMODE_GEN); in trng_generate()
916 if (!trng->usr_cfg.df_disable) { in trng_generate()
917 memset(&trng->dfin, 0, sizeof(trng->dfin)); in trng_generate()
918 len = (trng->usr_cfg.dfmul + 1) * BYTES_PER_BLOCK; in trng_generate()
919 trng->len = len; in trng_generate()
920 p = trng->dfin.entropy; in trng_generate()
923 trng_write32(trng->cfg.addr, TRNG_OSC_EN, TRNG_OSC_EN_VAL_MASK); in trng_generate()
925 trng_write32(trng->cfg.addr, TRNG_CTRL, in trng_generate()
933 trng->stats.bytes_reseed += len; in trng_generate()
934 trng->stats.bytes += len; in trng_generate()
935 trng->stats.elapsed_seed_life++; in trng_generate()
937 if (!trng->usr_cfg.df_disable && trng->usr_cfg.mode == TRNG_PTRNG) in trng_generate()
942 if (trng->status != TRNG_CATASTROPHIC) in trng_generate()
943 trng->status = TRNG_ERROR; in trng_generate()
953 if (trng->status == TRNG_UNINITIALIZED) in trng_release()
961 memset(&trng->usr_cfg, 0, sizeof(trng->usr_cfg)); in trng_release()
962 memset(trng->buf, 0, sizeof(trng->buf)); in trng_release()
963 memset(trng->dfout, 0, sizeof(trng->dfout)); in trng_release()
964 trng->status = TRNG_UNINITIALIZED; in trng_release()
968 trng->status = TRNG_ERROR; in trng_release()
994 trng->status = TRNG_ERROR; in trng_health_test()
1060 trng->status = TRNG_ERROR; in trng_kat_test()