[M2351] Add consistency check for CRYPTO/CRPT's secure attribute and TRNG/Mbed TLS H/W

ccli8 · ccli8 · commit 8f1623f7177c · 2018-07-12T17:51:55.000+08:00
diff --git a/targets/TARGET_NUVOTON/TARGET_M2351/crypto/crypto-misc.c b/targets/TARGET_NUVOTON/TARGET_M2351/crypto/crypto-misc.c
@@ -24,6 +24,8 @@
 #include "nu_bitutil.h"
 #include "crypto-misc.h"
 
+#if DEVICE_TRNG || defined(MBEDTLS_CONFIG_HW_SUPPORT)
+
 /* NOTE: There's inconsistency in cryptography related naming, Crpt or Crypto. For example, cryptography IRQ
  *       handler could be CRPT_IRQHandler or CRYPTO_IRQHandler. To override default cryptography IRQ handler, see
  *       device/startup_{CHIP}.c for its name or call NVIC_SetVector regardless of its name. */
@@ -327,3 +329,5 @@ void CRPT_IRQHandler()
         ECC_CLR_INT_FLAG(CRYPTO_MODBASE());
     }
 }
+
+#endif /* #if DEVICE_TRNG || defined(MBEDTLS_CONFIG_HW_SUPPORT) */
diff --git a/targets/TARGET_NUVOTON/TARGET_M2351/crypto/crypto-misc.h b/targets/TARGET_NUVOTON/TARGET_M2351/crypto/crypto-misc.h
@@ -20,6 +20,29 @@
 #include <stdbool.h>
 #include "partition_M2351.h"
 
+/* Policy for configuring secure attribute of CRYPTO/CRPT module:
+ *
+ * There's only one CRYPTO/CRPT module and we have the following policy for configuring its secure attribute:
+ *
+ * 1. TRNG or mbedtls H/W support can be enabled on either secure target or non-secure target, but not both.
+ * 2. TRNG and mbedtls H/W supports cannot be enabled on different targets.
+ * 3. On secure target, if TRNG or mbedtls H/W support is enabled, CRYPTO/CRPT must configure to secure.
+ * 4. On non-secure target, if TRNG or mbedtls H/W support is enabled, CRYPTO/CRPT must configure to non-secure.
+ */
+#if DEVICE_TRNG || defined(MBEDTLS_CONFIG_HW_SUPPORT)
+    #if defined(__ARM_FEATURE_CMSE) && (__ARM_FEATURE_CMSE == 3U)
+        #if defined(SCU_INIT_PNSSET1_VAL) && (SCU_INIT_PNSSET1_VAL & (1 << 18))
+            #error("CRYPTO/CRPT must configure to secure for secure target which supports TRNG or mbedtls H/W")
+        #endif
+    #else
+        #if (! defined(SCU_INIT_PNSSET1_VAL)) || (! (SCU_INIT_PNSSET1_VAL & (1 << 18)))
+            #error("CRYPTO/CRPT must configure to non-secure for non-secure target which supports TRNG or mbedtls H/W")
+        #endif
+    #endif
+#endif
+
+#if DEVICE_TRNG || defined(MBEDTLS_CONFIG_HW_SUPPORT)
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -102,4 +125,6 @@ bool crypto_dma_buffs_overlap(const void *in_buff, size_t in_buff_size, const vo
 }
 #endif
 
+#endif  /* #if DEVICE_TRNG || defined(MBEDTLS_CONFIG_HW_SUPPORT) */
+
 #endif

Original file line number	Diff line number	Diff line change
`@@ -24,6 +24,8 @@`
`24`	`24`	`#include "nu_bitutil.h"`
`25`	`25`	`#include "crypto-misc.h"`
`26`	`26`
	`27`	`+#if DEVICE_TRNG \|\| defined(MBEDTLS_CONFIG_HW_SUPPORT)`
	`28`	`+`
`27`	`29`	`/* NOTE: There's inconsistency in cryptography related naming, Crpt or Crypto. For example, cryptography IRQ`
`28`	`30`	`* handler could be CRPT_IRQHandler or CRYPTO_IRQHandler. To override default cryptography IRQ handler, see`
`29`	`31`	`* device/startup_{CHIP}.c for its name or call NVIC_SetVector regardless of its name. */`
`@@ -327,3 +329,5 @@ void CRPT_IRQHandler()`
`327`	`329`	`ECC_CLR_INT_FLAG(CRYPTO_MODBASE());`
`328`	`330`	`}`
`329`	`331`	`}`
	`332`	`+`
	`333`	`+#endif /* #if DEVICE_TRNG \|\| defined(MBEDTLS_CONFIG_HW_SUPPORT) */`