The XilSecure library provides APIs to access hardened cryptography engines of Zynq® UltraScale+. MPSoC devices. More information can be found in the XilSecure Standalone Library Documentation.

Features supported

Hashing

XilSecure library provides access to SHA-3 algorithms for hashing. ZynqMP has inbuilt hardware accelerator for SHA-3/384 based hash calculation.

SHA-3

XilSecure SHA-3 APIs in provides access to ZynqMP hardware accelerator for SHA-3/384 hash calculation
Uses NIST SHA-3 padding by default
User can configure system to use Keccak padding.

Symmetric Key Encryption/Decryption

XilSecure library provides access to symmetric key based AES-GCM algorithms for encryption, decryption and authentication using GCM tag. ZynqMP has inbuilt hardware accelerator to accelerate AES-GCM algorithm.

AES-GCM

XilSecure encryption APIs provides access to ZynqMP AEC-GCM cryptographic engine for encryption
XilSecure encryption API allows to choose 256-bit AES key source among user defined key (KUP key) and device keys
XilSecure encryption APIs also takes initialization vector (IV) as input along with AES key
XilSecure encryption APIs allow encryption and decryption on only WORD aligned data
XilSecure encryption algorithm appends GCM tag to encrypted data
XilSecure decryption APIs provides access to ZynqMP AEC-GCM hardware accelerator engine for decryption
XilSecure decryption APIs provides option to check GCM tag matching while decryption of the data. Not that GCM tag should be provided explicitly during decryption.

Restrictions

XilSecure supports only word aligned data and each update should not be more than 512MB
Key rolling encryption feature is available during secure boot and not through XilSecure APIs

Asymmetric Key Encryption/Decryption

ZynqMP has inbuilt hardware accelerator to accelerate RSA algorithm. XilSecure library provides access to this hardware accelerator to run asymmetric algorithm.

RSA

XilSecure authentication APIs supports RSA-4096 and RSA-2048 only
XilSecure authentication APIs expect key parameters modulus, exponent and exponentiation values as an input.

Changelog

2016.3

Provided SHA2 hash support, and also an example to illustrate the SHA2 hash generation

2017.1

Xilsecure is made support for PMU
Added comments with .nky fields for aes encryption example.
Provided genric APIs for encryption and decryption of data.
Support for calculation of exponential value can also be done internally while doing RSA decryption, for this user needs to pass NULL pointer.
Modified AES APIs such that, data passed to APIs should be in little endian format

2017.2

Added new version and modified pre-compiled binary file to support hard floating point.

2017.3

Added RSA APIs for private key decryption.
Added support for RSA- 2048 key size.

2017.4

None

2018.1

Added support for NIST SHA3 padding.
Added API to select NIST/KECCAK SHA3 padding of choice
Modified XSecure_AesDecrypt() API to fix Secure key and IV vulnerabilities.

2018.2

Added support for additional AES key sizes - 512, 576, 704, 768, 992, 1024, 1152, 1408, 1536, 1984, 3072 bits.
Fixed wrong memory zeroization issue on GCM tag failure.
Added support of secondary public key revocation using user eFuses.
Added compilation flag for opting secure/non-secure environment for image loading. By default it is non-secure.

2018.3

Added input data validation for XSecure_RsaPrivateDecrypt.
Added support to existing SHA3 library functions to accept input data which is not 4-byte/Word aligned and no restriction on data sizes.
Added supportive APIs to encrypt/decrypt the data blobs from Linux/u-boot.
Added support to clear user key after use.

2019.1

Added support to clear RSA engine's key component memory after every RSA operation.
Added support to hold AES engine in reset condition after use.
Fixed limited memory zeroization issue on GCM tag failure.
Added support to hold SHA3 engine in reset condition after use.
Deprecated SHA2 support.
Deprecated XSecure_RsaDecrypt function, replacement to this function is XSecure_RsaPublicEncrypt.
Added IAR compiler support.
XSecure_Sha3Finish is updated to return error condition if padding is wrongly selected.
Fixed wrong IV length issue in xilsecure.c file.

2019.2

Fixed MISRAC and coverity warnings.
Optimized code in xsecure.c file

2020.1

Updated RSA zeroize API, RSA zeroization and verification are only done for private operations
Optimized Sha3 data transfer for unaligned sizes and addresses
Moved AES reset calls into library code.
ZynqMP single parition image IV calculation is corrected

Table of content

1 Features supported
- 1.1 Hashing
  - 1.1.1 SHA-3
- 1.2 Symmetric Key Encryption/Decryption
  - 1.2.1 AES-GCM
  - 1.2.2 Restrictions
- 1.3 Asymmetric Key Encryption/Decryption
  - 1.3.1 RSA
2 Changelog
- 2.1 2016.3
- 2.2 2017.1
- 2.3 2017.2
- 2.4 2017.3
- 2.5 2017.4
- 2.6 2018.1
- 2.7 2018.2
- 2.8 2018.3
- 2.9 2019.1
- 2.10 2019.2
- 2.11 2020.1

xilsecure Library