security.rmh

和picoblaze完全兼容的mcu ip core

// #329: ;
30164 // @00e #330: CALL(send_welcome)
// #331: ;
// #332: ;
// #333: ; Display 'Copyright Ken Chapman 2006' via the UART.
// #334: ;
// #335: ; This message is significant because it demonstrates that the design now has a 'watermark'.
// #336: ; The ASCII codes for this string are part of the PicoBlaze program stored in a Block
// #337: ; Memory and therefore are also part of the configuration bit stream. If someone tries to
// #338: ; change or delete this copyright message the hardware design will detect the change to the
// #339: ; Block memory contents and also inhibit the design.
// #340: ;
301b4 // @00f #341: CALL(send_Copyright)
// #342: ;
// #343: ;
// #344: ;
// #345: ; Delay of 10 seconds before performing any security checks.
// #346: ;
// #347: ; This allows the design to work for a short time which could be important for
// #348: ; production testing.
// #349: ;
// #350: ; Having a significant time delay (days or weeks) before security checks means that someone
// #351: ; attempting to clone the product may not be aware that there is any form of design security
// #352: ; at all until products are in the field are failing. A time delay also impedes the ability to
// #353: ; attempt to break the security and confirm if an attempt is or is not successful.
// #354: ;
0050a // @010 #355: LOAD(s5,10) ;delay of 10 seconds.
30360 // @011 #356: CALL(delay_Ns)
// #357: ;
// #358: ;
// #359: ;
// #360: ; Read serial number of the StrataFLASH memory.
// #361: ; The whole principle of low cost design security is based on this unique number. Clearly this
// #362: ; number is not a secret, but what we then go on to do with it should normally be kept secret.
// #363: ;
300f2 // @012 #364: CALL(read_SF_serial_number) ;read serial number from FLASH memory
30065 // @013 #365: CALL(send_serial_number) ;send value to UART for display on PC
30070 // @014 #366: CALL(disp_serial_number) ;display serial number on LCD display.
30154 // @015 #367: CALL(send_CR)
// #368: ;
// #369: ;
// #370: ;
0050a // @016 #371: LOAD(s5,10) ;delay of 10 seconds to read messages.
30360 // @017 #372: CALL(delay_Ns)
// #373: ;
// #374: ;
// #375: ;
// #376: ; Compute the 16-bit CRC for the serial number as an authentication value for the design.
// #377: ; The CRC value is formed in register pair [sE,sD]. To complicate the authentication value
// #378: ; the initial contents of the registers are seeded with a 'secret' number.
// #379: ; Hint 1 - The CRC computation could be implemented in hardware where it is less visible.
// #380: ; Hint 2 - There are more secure algorithms such as SHA-1 which could be used to generate
// #381: ;          authentication values that are extremely difficult to decode.
// #382: ;
// #383: ;
00e15 // @018 #384: LOAD(sE,21) ;seed CRC register with an initial value provided by my daughter when asked :-)
00d8e // @019 #385: LOAD(sD,142)
3007f // @01a #386: CALL(compute_seeded_CRC) ;compute CRC for serial number and configuration memory
// #387: ;
// #388: ; Store CRC value in scratch pad memory and display computed CRC value on the PC via UART.
// #389: ;
2ed18 // @01b #390: STORE(sD,computed_CRC0) ;store CRC value
2ee19 // @01c #391: STORE(sE,computed_CRC1)
30252 // @01d #392: CALL(send_Computed_CRC) ;display computed CRC value on PC via UART
010e0 // @01e #393: LOAD(s0,sE)
30140 // @01f #394: CALL(send_hex_byte)
010d0 // @020 #395: LOAD(s0,sD)
30140 // @021 #396: CALL(send_hex_byte)
30154 // @022 #397: CALL(send_CR)
// #398: ;
// #399: ;
// #400: ;
// #401: ; Read the authenticated CRC value stored in StrataFLASH memory.
// #402: ; 16-bit value is hidden in 256 bytes of random numbers to make it more difficult
// #403: ; for an attacker to identify.
// #404: ; Read value is stored in scratch pad memory and displayed on the PC via UART.
// #405: ;
30094 // @023 #406: CALL(read_authentication) ;read StrataFLASH memory into [sB,sA]
2ea1a // @024 #407: STORE(sA,authentication_CRC0) ;store CRC value
2eb1b // @025 #408: STORE(sB,authentication_CRC1)
30248 // @026 #409: CALL(send_FLASH_CRC) ;display CRC value from FLASH on PC via UART
010b0 // @027 #410: LOAD(s0,sB)
30140 // @028 #411: CALL(send_hex_byte)
010a0 // @029 #412: LOAD(s0,sA)
30140 // @02a #413: CALL(send_hex_byte)
30154 // @02b #414: CALL(send_CR)
// #415: ;
// #416: ;
// #417: ; Compare the computed CRC value with the authentication value stored in StrataFLASH
// #418: ; and determine if the design is authenticated. Then decide course of action.
// #419: ;
30339 // @02c #420: CALL(LCD_clear) ;clear LCD display
303a9 // @02d #421: CALL(disp_Authentication) ;prepare LCD display for result of authentication
30232 // @02e #422: CALL(send_Authentication) ;prepare PC display for result of authentication
// #423: ;
15ad0 // @02f #424: COMPARE(sA,sD) ;Perform comparison of CRC values
35436 // @030 #425: JUMP(NZ,auth_failure)
15be0 // @031 #426: COMPARE(sB,sE)
35436 // @032 #427: JUMP(NZ,auth_failure)
// #428: ;
// #429: ;
// #430: ; Authentication Successful Process
// #431: ;
// #432: ; In this mode the design continues to operate and for evaluation
// #433: ; purposes this design transfers control to the simple menu immediately.
// #434: ;
// @033 #435: [auth_passed]
303c8 // @033 #435: CALL(disp_Passed) ;display successful authentication on LCD display
3029d // @034 #436: CALL(send_PASSED) ;display successful authentication on PC via UART
3403c // @035 #437: JUMP(Menu)
// #438: ;
// #439: ; Authentication Failure Process
// #440: ;
// #441: ; When the authentication fails two hardware based disable methods are demonstrated. Then
// #442: ; the failed status is remembered for future software token messages to demonstrate software
// #443: ; based disabling of the 'real' application. Finally the simple menu of options is presented
// #444: ; to allow evaluation to continue.
// #445: ;
// #446: ;
// @036 #447: [auth_failure]
303d6 // @036 #447: CALL(disp_Failed) ;display failure to authenticate on LCD display
3028f // @037 #448: CALL(send_FAILED) ;display failure to authenticate on PC via UART
30154 // @038 #449: CALL(send_CR)
30056 // @039 #450: CALL(disable_app_hardware) ;sequence hardware disable signals
00046 // @03a #451: LOAD(s0,character_F) ;change authentication status to 'F' for failed.
2e01c // @03b #452: STORE(s0,authentication_status) ; so that application software disable is demonstrated
// #453: ;
// #454: ;
// #455: ;
// #456: ; Menu of options for authentication processing
// #457: ;
// @03c #458: [Menu]
302bc // @03c #458: CALL(send_Menu) ;display menu and prompt
3011d // @03d #459: CALL(read_from_UART) ;read character from PC
30129 // @03e #460: CALL(upper_case) ;convert to upper case
14f52 // @03f #461: COMPARE(UART_data,character_R)
35046 // @040 #462: JUMP(Z,read_command)
14f45 // @041 #463: COMPARE(UART_data,character_E)
3504b // @042 #464: JUMP(Z,erase_command)
14f41 // @043 #465: COMPARE(UART_data,character_A)
3504f // @044 #466: JUMP(Z,authorise_command)
3403c // @045 #467: JUMP(Menu) ;repeat menu for invalid selection
// #468: ;
// #469: ;
// #470: ;
// @046 #471: [read_command]
30154 // @046 #471: CALL(send_CR)
300ae // @047 #472: CALL(send_auth_page)
30154 // @048 #473: CALL(send_CR)
30154 // @049 #474: CALL(send_CR)
3403c // @04a #475: JUMP(Menu)
// #476: ;
// #477: ;
// #478: ;
// @04b #479: [erase_command]
3026f // @04b #479: CALL(send_Erase_in_progress)
300de // @04c #480: CALL(erase_authentication)
30289 // @04d #481: CALL(send_OK)
3403c // @04e #482: JUMP(Menu)
// #483: ;
// #484: ;
// #485: ;
// @04f #486: [authorise_command]
302aa // @04f #486: CALL(send_Writing) ;Send 'Writing Authorisation' message
30154 // @050 #487: CALL(send_CR)
06d18 // @051 #488: FETCH(sD,computed_CRC0) ;fetch computed CRC value
06e19 // @052 #489: FETCH(sE,computed_CRC1)
300be // @053 #490: CALL(write_authentication) ;write computed CRC to FLASH with random data
30289 // @054 #491: CALL(send_OK)
3403c // @055 #492: JUMP(Menu)
// #493: ;
// #494: ;
// #495: ;**************************************************************************************
// #496: ; Drive failure signals to the application.
// #497: ;**************************************************************************************
// #498: ;
// #499: ; When the design fails to authorise, these controls cause the application to behave in
// #500: ; a strange way!
// #501: ;
// #502: ;
// #503: ; Disable interrupts to application PicoBlaze to stop PWM generation completely for 5 seconds
// #504: ;
// @056 #505: [disable_app_hardware]
00001 // @056 #505: LOAD(s0,security_disable_interrupts)
2c010 // @057 #506: OUTPUT(s0,authentication_control_port)
00505 // @058 #507: LOAD(s5,5)
30360 // @059 #508: CALL(delay_Ns)
// #509: ;
// #510: ; Enable application for 5 seconds
// #511: ;
00000 // @05a #512: LOAD(s0,0)
2c010 // @05b #513: OUTPUT(s0,authentication_control_port)
00505 // @05c #514: LOAD(s5,5)
30360 // @05d #515: CALL(delay_Ns)
// #516: ;
// #517: ; Disable and/or scramble outputs connected to application PicoBlaze for 5 seconds
// #518: ;
00002 // @05e #519: LOAD(s0,security_disable_outputs)
2c010 // @05f #520: OUTPUT(s0,authentication_control_port)
00505 // @060 #521: LOAD(s5,5)
30360 // @061 #522: CALL(delay_Ns)
// #523: ;
// #524: ;
// #525: ; Enable application in hardware so that software disable function can then be
// #526: ; demonstrated until the design is reconfigured and authentication test repeated.
// #527: ;
00000 // @062 #528: LOAD(s0,0)
2c010 // @063 #529: OUTPUT(s0,authentication_control_port)
2a000 // @064 #530: RETURN
// #531: ;
// #532: ;
// #533: ;
// #534: ;**************************************************************************************
// #535: ; Send the 64-bit serial number stored in scratch pad memory to the UART
// #536: ;**************************************************************************************
// #537: ;
// #538: ; The serial number should previously have been copied into the 8 ascending scratch pad
// #539: ; memory locations called 'serial_number0' through to 'serial_number7'.
// #540: ;
// #541: ; The serial number is displayed MS-Byte first.
// #542: ;
// #543: ; Registers used s0,s1,s2,s3
// #544: ;
// @065 #545: [send_serial_number]
301f2 // @065 #545: CALL(send_FLASH_Serial_Number) ;display text message
00317 // @066 #546: LOAD(s3,serial_number7) ;pointer to scratch pad memory
// @067 #547: [send_SN_loop]
07030 // @067 #547: FETCH(s0,s3) ;read serial number byte
30140 // @068 #548: CALL(send_hex_byte) ;display byte
30157 // @069 #549: CALL(send_space) ;display byte
14310 // @06a #550: COMPARE(s3,serial_number0) ;check for 8 bytes sent to UART
3506e // @06b #551: JUMP(Z,end_send_SN)
1c301 // @06c #552: SUB(s3,1) ;increment memory pointer
34067 // @06d #553: JUMP(send_SN_loop)
// #554: ;
// @06e #555: [end_send_SN]
30154 // @06e #555: CALL(send_CR)
2a000 // @06f #556: RETURN
// #557: ;
// #558: ;
// #559: ;
// #560: ;**************************************************************************************
// #561: ; Display the 64-bit serial number stored in scratch pad memory on the LCD display
// #562: ;**************************************************************************************
// #563: ;
// #564: ; The serial number should previously have been copied into the 8 ascending scratch pad
// #565: ; memory locations called 'serial_number0' through to 'serial_number7'.
// #566: ;
// #567: ; The serial number is displayed MS-Byte first.
// #568: ;
// #569: ; Registers used s0,s1,s2,s3,s4,s5,s6
// #570: ;
// @070 #571: [disp_serial_number]
30339 // @070 #571: CALL(LCD_clear) ;clear LCD display
00510 // @071 #572: LOAD(s5,16) ;Line 1 position 0
3033e // @072 #573: CALL(LCD_cursor)
30388 // @073 #574: CALL(disp_FLASH_Serial_No) ;display text message
00520 // @074 #575: LOAD(s5,32) ;Line 2 position 0
3033e // @075 #576: CALL(LCD_cursor)
00617 // @076 #577: LOAD(s6,serial_number7) ;pointer to scratch pad memory
// @077 #578: [disp_SN_loop]
07060 // @077 #578: FETCH(s0,s6) ;read serial number byte
3014d // @078 #579: CALL(disp_hex_byte) ;display byte
14610 // @079 #580: COMPARE(s6,serial_number0) ;check for 8 bytes sent to UART
3507d // @07a #581: JUMP(Z,end_disp_SN)
1c601 // @07b #582: SUB(s6,1) ;increment memory pointer
34077 // @07c #583: JUMP(disp_SN_loop)
// #584: ;
// @07d #585: [end_disp_SN]
30154 // @07d #585: CALL(send_CR)
2a000 // @07e #586: RETURN
// #587: ;
// #588: ;
// #589: ;**************************************************************************************
// #590: ; Compute a 16-bit CRC value for the StrataFLASH 64-bit serial number.
// #591: ;**************************************************************************************
// #592: ;
// #593: ; This routing performs a 16-bit CRC calculation for the 64-bit unique serial number
// #594: ; of the StrataFLASH memory which forms the authentication value for the design.
// #595: ;
// #596: ; The 16-bit CRC value returned in register pair [sE,sD] will be reflective of the unique
// #597: ; serial number. This will be used as the authentication value for the design which is
// #598: ; stored at known locations in the FLASH memory.
// #599: ;
// #600: ; A direct copy of the FLASH contents will not authorise a design to operate because the
// #601: ; authentication value will not match the CRC value generated from the different serial number.
// #602: ;
// #603: ; To complicate the CRC value generation the CRC register can be seeded with a value rather
// #604: ; than starting with a clear register.
// #605: ;
// #606: ;
// #607: ; Registers used s0,s1,s2,s3
// #608: ;
// @07f #609: [compute_seeded_CRC]
00410 // @07f #609: LOAD(s4,serial_number0) ;pointer to scratch pad memory holding serial number
// @080 #610: [CRC_send_loop]
07340 // @080 #610: FETCH(s3,s4) ;read serial number byte
30086 // @081 #611: CALL(compute_CRC16) ;compute CRC for value in 's3'