riscv: telink: load DAC key/cert from flash zone. #366
Conversation
pulin1103
requested review from
damien0x0023,
andy-liu-telink,
haiwentelink and
fengtai-telink
| { | ||
| return false; | ||
| } | ||
| if (efuse_get_chip_id(chip_id)) |
There was a problem hiding this comment.
efuse_get_chip_id在B92和TL321x中的返回值不同的,处理逻辑刚好相反。可以参考金邈的这个PR里面的处理方式:telink-semi/mcuboot#3
| } | ||
|
|
||
| size_t dac_cert_len; | ||
| dac_cert_len = buffer[100]; |
There was a problem hiding this comment.
100用宏表示一下吧。 比如
static constexpr uint32_t kDacContentsOffset = 100;
|
|
||
| size_t dac_cert_len; | ||
| dac_cert_len = buffer[100]; | ||
| dac_cert_len |= (uint16_t) buffer[101] << 8; |
There was a problem hiding this comment.
按照上面的处理方式,这里可以101可以替换成kDacContentsOffset + 1
| { | ||
| return false; | ||
| } | ||
| factoryData->dac_cert.data = buffer + 102; |
There was a problem hiding this comment.
kDacContentsOffset + 2
pulin1103
force-pushed
the
develop_dual_dac_loader
branch
from
acda9b6 to
9f99531
Compare
|
|
||
| #if CHIP_DEVICE_SECURE_PROGRAMMING | ||
|
|
||
| #if defined(CONFIG_SOC_RISCV_TELINK_B92) |
There was a problem hiding this comment.
是不是可以改成 #ifdef CONFIG_SOC_RISCV_TELINK_B92
| #include "aes.h" | ||
| #endif | ||
|
|
||
| #if defined(CONFIG_SOC_RISCV_TELINK_TL321X) |
There was a problem hiding this comment.
#if defined -> #ifdef
config/telink/chip-module/Kconfig
Outdated
| config SECURE_PROGRAMMING | ||
| bool "Enable reading DAC and keys from the DAC partition" | ||
| depends on CHIP_FACTORY_DATA | ||
| default n |
There was a problem hiding this comment.
还有就是,我记得海文说过,Kconfig里面不要Enable xxx,CI会不过,直接Read DAC and keys from the DAC partition会不会简单点
There was a problem hiding this comment.
刚和海文确认了下,matter这边没这个问题,那应该没什么问题
pulin1103
force-pushed
the
develop_dual_dac_loader
branch
from
9f99531 to
f20f19e
Compare
Signed-off-by: Zhenghuan Zhang <[email protected]>
pulin1103
force-pushed
the
develop_dual_dac_loader
branch
from
f20f19e to
f23f72a
Compare
- add plaintext vid, pid & discriminator at the beginning. - add optional argument --secure-programming-verification and --chip-id to generate factory data and independent DAC. Signed-off-by: Damien Ji <[email protected]> Signed-off-by: Zhenghuan Zhang <[email protected]>
pulin1103
force-pushed
the
develop_dual_dac_loader
branch
from
099e852 to
0abcf93
Compare
Signed-off-by: Zhenghuan Zhang <[email protected]>
- modify mfg_tool code format. - add merge_factorydata_dac. Signed-off-by: Damien Ji <[email protected]>
to fix code style issues. Signed-off-by: Damien Ji <[email protected]>
damien0x0023
force-pushed
the
develop_dual_dac_loader
branch
from
1724e4c to
9bac534
Compare
damien0x0023
requested review from
fengtai-telink,
andy-liu-telink and
liucoldstar
| } | ||
| else | ||
| { | ||
| LOG_ERR("Private key decryption failed."); |
There was a problem hiding this comment.
这个错误信息应该改成“Failed to retrieve chip ID.”
There was a problem hiding this comment.
@pulin1103 How about we add this change to my next Pull Request?
No description provided.