feat(intel): support ECDSA SHA-2 Data Signing
This command support ECC based signing on a blob. Supported ECC algorithm
are NISP P-256, NISP P-384, Brainpool 256 and Brainpool 384.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I82f95ddafa6b62f8cd882fce9a3e63e469c85067
diff --git a/plat/intel/soc/common/include/socfpga_fcs.h b/plat/intel/soc/common/include/socfpga_fcs.h
index f58f9fa..f5cab14 100644
--- a/plat/intel/soc/common/include/socfpga_fcs.h
+++ b/plat/intel/soc/common/include/socfpga_fcs.h
@@ -78,6 +78,7 @@
#define FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET 8U
#define FCS_ECDSA_GET_PUBKEY_MAX_WORD_SIZE 5U
+#define FCS_ECDSA_SHA2_DATA_SIGN_CMD_MAX_WORD_SIZE 7U
/* FCS Payload Structure */
typedef struct fcs_rng_payload_t {
uint32_t session_id;
@@ -236,6 +237,15 @@
uint64_t dst_addr, uint32_t *dst_size,
uint32_t data_size, uint32_t *mbox_error);
+int intel_fcs_ecdsa_sha2_data_sign_init(uint32_t session_id,
+ uint32_t context_id, uint32_t key_id,
+ uint32_t param_size, uint64_t param_data,
+ uint32_t *mbox_error);
+int intel_fcs_ecdsa_sha2_data_sign_finalize(uint32_t session_id,
+ uint32_t context_id, uint32_t src_addr,
+ uint32_t src_size, uint64_t dst_addr,
+ uint32_t *dst_size, uint32_t *mbox_error);
+
int intel_fcs_ecdsa_get_pubkey_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
diff --git a/plat/intel/soc/common/include/socfpga_mailbox.h b/plat/intel/soc/common/include/socfpga_mailbox.h
index 1d749a0..e5e1d14 100644
--- a/plat/intel/soc/common/include/socfpga_mailbox.h
+++ b/plat/intel/soc/common/include/socfpga_mailbox.h
@@ -78,6 +78,7 @@
#define MBOX_FCS_AES_CRYPT_REQ 0x81
#define MBOX_FCS_GET_DIGEST_REQ 0x82
#define MBOX_FCS_MAC_VERIFY_REQ 0x83
+#define MBOX_FCS_ECDSA_SHA2_DATA_SIGN_REQ 0x85
#define MBOX_FCS_ECDSA_GET_PUBKEY 0x88
#define MBOX_FCS_OPEN_CS_SESSION 0xA0
#define MBOX_FCS_CLOSE_CS_SESSION 0xA1
diff --git a/plat/intel/soc/common/include/socfpga_sip_svc.h b/plat/intel/soc/common/include/socfpga_sip_svc.h
index ff13af9..14be92b 100644
--- a/plat/intel/soc/common/include/socfpga_sip_svc.h
+++ b/plat/intel/soc/common/include/socfpga_sip_svc.h
@@ -100,6 +100,8 @@
#define INTEL_SIP_SMC_FCS_GET_DIGEST_FINALIZE 0xC2000079
#define INTEL_SIP_SMC_FCS_MAC_VERIFY_INIT 0xC200007A
#define INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE 0xC200007C
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_INIT 0xC2000080
+#define INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE 0xC2000082
#define INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_INIT 0xC2000089
#define INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_FINALIZE 0xC200008B