Line 3,305: |
Line 3,305: |
| ! Description | | ! Description |
| |- | | |- |
− | | 0-1 | + | | 0 |
− | | TSEC_FALCON_SCTL_SEC_MODE | + | | TSEC_FALCON_SCTL_LSMODE |
− | 0: Non-secure
| + | |- |
− | 1: Light Secure
| + | | 1 |
− | 2: Heavy Secure
| + | | TSEC_FALCON_SCTL_HSMODE |
| |- | | |- |
| | 4-5 | | | 4-5 |
− | | Previous security mode | + | | Unknown |
− | 0: Non-secure
| |
− | 1: Light Secure
| |
− | 2: Heavy Secure
| |
| |- | | |- |
| | 12-13 | | | 12-13 |
Line 3,860: |
Line 3,857: |
| 0x14: cenc (fuc5 opcode 0xD0) | | 0x14: cenc (fuc5 opcode 0xD0) |
| 0x15: cdec (fuc5 opcode 0xD4) | | 0x15: cdec (fuc5 opcode 0xD4) |
− | 0x16: csigauth (fuc5 opcode 0xD8) | + | 0x16: csigcmp (fuc5 opcode 0xD8) |
| 0x17: csigenc (fuc5 opcode 0xDC) | | 0x17: csigenc (fuc5 opcode 0xDC) |
| 0x18: csigclr (fuc5 opcode 0xE0) | | 0x18: csigclr (fuc5 opcode 0xE0) |
Line 4,148: |
Line 4,145: |
| |- | | |- |
| | 16 | | | 16 |
− | | Forbidden signature operation (csigenc, csigclr or csigauth in NS mode) | + | | Forbidden signature operation (csigcmp, csigenc or csigclr in NS mode) |
| |- | | |- |
| | 20 | | | 20 |
− | | Invalid signature operation (csigauth in HS mode) | + | | Invalid signature operation (csigcmp in HS mode) |
| |- | | |- |
| | 24 | | | 24 |
Line 4,982: |
Line 4,979: |
| | | |
| ==== Implementation ==== | | ==== Implementation ==== |
− | Under certain circumstances, it is possible to observe [[#sigauth|sigauth]] being briefly written to [[#TSEC_SCP_CMD|TSEC_SCP_CMD]] as "csigauth $c4 $c6" while the opcodes in [[#TSEC_SCP_STAT2|TSEC_SCP_STAT2]] are set to "cxsin" and "csigauth", respectively. | + | Under certain circumstances, it is possible to observe [[#sigcmp|sigcmp]] being briefly written to [[#TSEC_SCP_CMD|TSEC_SCP_CMD]] as "csigcmp $c4 $c6" while the opcodes in [[#TSEC_SCP_STAT2|TSEC_SCP_STAT2]] are set to "cxsin" and "csigcmp", respectively. |
| | | |
| Via [[#TSEC_SCP_DBG0|TSEC_SCP_DBG0]] it can be observed that a 3-sized macro sequence is loaded into cs0 during a secure mode transition. | | Via [[#TSEC_SCP_DBG0|TSEC_SCP_DBG0]] it can be observed that a 3-sized macro sequence is loaded into cs0 during a secure mode transition. |
Line 5,039: |
Line 5,036: |
| | 0x15 || dec || $cX || $cY || <code>$cX = aes_dec(active_key_idx, $cY); ACL(X) = ACL(active_key_idx) & ACL(Y);</code> || | | | 0x15 || dec || $cX || $cY || <code>$cX = aes_dec(active_key_idx, $cY); ACL(X) = ACL(active_key_idx) & ACL(Y);</code> || |
| |- | | |- |
− | | 0x16 || [[#sigauth|sigauth]] || $cX || $cY || <code>if (hash_verify($cX, $cY)) { has_sig = true; current_sig = $cX; }</code> || ? | + | | 0x16 || [[#sigcmp|sigcmp]] || $cX || $cY || <code>if (hash_verify($cX, $cY)) { has_sig = true; current_sig = $cX; }</code> || ? |
| |- | | |- |
| | 0x17 || [[#sigclr|sigclr]] || N/A || N/A || <code>has_sig = false;</code> || | | | 0x17 || [[#sigclr|sigclr]] || N/A || N/A || <code>has_sig = false;</code> || |
Line 5,046: |
Line 5,043: |
| |} | | |} |
| | | |
− | ==== sigauth ==== | + | ==== sigcmp ==== |
− | <code>00000000: f5 3c XY d8 csigauth $cY $cX</code> | + | <code>00000000: f5 3c XY d8 csigcmp $cY $cX</code> |
| | | |
| Takes 2 crypto registers as operands and is automatically executed when jumping to a code region previously uploaded as secret. This instruction does not work in secure mode. | | Takes 2 crypto registers as operands and is automatically executed when jumping to a code region previously uploaded as secret. This instruction does not work in secure mode. |