mirror/u-boot-2016
1
0
Fork 0
mirror of https://git.codelinaro.org/clo/qsdk/oss/boot/u-boot-2016.git synced 2025-12-10 07:44:53 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge "drivers: qseecom: Add new SCM call for AES 128 bytes context length"

Browse source
This commit is contained in:
Linux Build Service Account 2024-03-11 10:41:00 -07:00 committed by Gerrit - the friendly Code Review server
commit 5c155dbba2
1 changed files with 108 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

171
common/cmd_aes.c
View file

@ -18,13 +18,13 @@
DECLARE_GLOBAL_DATA_PTR;
#define SCM_SW_CONTEXT_FEATURE_ID 0x5
#ifdef CONFIG_CMD_AES_256
enum tz_crypto_service_aes_cmd_t {
TZ_CRYPTO_SERVICE_AES_ENC_ID = 0x7,
TZ_CRYPTO_SERVICE_AES_DEC_ID = 0x8,
#ifdef CONFIG_IPQ_DERIVE_KEY
TZ_CRYPTO_SERVICE_AES_DERIVE_KEY_ID = 0x9,
TZ_CRYPTO_SERVICE_AES_DERIVE_128_KEY_ID = 0xE,
#endif
};
@ -117,7 +117,6 @@ unsigned char toBinary(char c)
return (c - 'a') + 10;
}
static uint32_t max_context_len = MAX_CONTEXT_BUFFER_LEN_V1;
/**
* do_derive_aes_256_key() - Handle the "derive_key" command-line command
* @cmdtp: Command data struct pointer
@ -131,8 +130,7 @@ static uint32_t max_context_len = MAX_CONTEXT_BUFFER_LEN_V1;
static int do_derive_aes_256_key(cmd_tbl_t *cmdtp, int flag,
int argc, char *const argv[])
{
struct crypto_aes_derive_key_cmd_t_v1 *v1_req_ptr = NULL;
struct crypto_aes_derive_key_cmd_t_v2 *v2_req_ptr = NULL;
struct crypto_aes_derive_key_cmd_t_v1 *req_ptr = NULL;
int ret = CMD_RET_USAGE;
uintptr_t *key_handle = NULL;
uint8_t *context_buf = NULL;
@ -141,77 +139,39 @@ static int do_derive_aes_256_key(cmd_tbl_t *cmdtp, int flag,
if (argc != 5)
return ret;
ret = qca_scm_is_feature_available(SCM_SW_CONTEXT_FEATURE_ID);
if (ret > 0) {
max_context_len = 128;
}
else {
max_context_len = 64;
}
context_buf = (uint8_t *)simple_strtoul(argv[3], NULL, 16);;
context_len = simple_strtoul(argv[4], NULL, 16);
if (context_len > max_context_len) {
if (context_len > MAX_CONTEXT_BUFFER_LEN_V1) {
printf("Error: context length should be less than %d\n",
max_context_len);
MAX_CONTEXT_BUFFER_LEN_V1);
return ret;
}
key_handle = (uintptr_t *)memalign(ARCH_DMA_MINALIGN, sizeof(uint64_t));
if (max_context_len == MAX_CONTEXT_BUFFER_LEN_V1) {
v1_req_ptr = (struct crypto_aes_derive_key_cmd_t_v1 *)memalign(
req_ptr = (struct crypto_aes_derive_key_cmd_t_v1 *)memalign(
ARCH_DMA_MINALIGN, sizeof(struct crypto_aes_derive_key_cmd_t_v1));
if (!v1_req_ptr) {
printf("Error allocating memory for key handle request buf");
return -ENOMEM;
}
if (!req_ptr) {
printf("Error allocating memory for key handle request buf");
return -ENOMEM;
}
v1_req_ptr->policy.key_type = DEFAULT_KEY_TYPE;
v1_req_ptr->policy.destination = DEFAULT_POLICY_DESTINATION;
v1_req_ptr->source = simple_strtoul(argv[1], NULL, 16);
v1_req_ptr->hw_key_bindings.bindings = simple_strtoul(argv[2],
NULL, 16);
v1_req_ptr->key = (uintptr_t) key_handle;
v1_req_ptr->mixing_key = 0;
v1_req_ptr->hw_key_bindings.context_len = context_len;
while (i < context_len) {
v1_req_ptr->hw_key_bindings.context[j++] = context_buf[i++];
}
ret = qca_scm_crypto(TZ_CRYPTO_SERVICE_AES_DERIVE_KEY_ID,
(void *)v1_req_ptr, sizeof(struct crypto_aes_derive_key_cmd_t_v1));
}
else if (max_context_len == MAX_CONTEXT_BUFFER_LEN_V2) {
v2_req_ptr = (struct crypto_aes_derive_key_cmd_t_v2 *)memalign(
ARCH_DMA_MINALIGN, sizeof(struct crypto_aes_derive_key_cmd_t_v2));
if (!v2_req_ptr) {
printf("Error allocating memory for key handle request buf");
return -ENOMEM;
}
v2_req_ptr->policy.key_type = DEFAULT_KEY_TYPE;
v2_req_ptr->policy.destination = DEFAULT_POLICY_DESTINATION;
v2_req_ptr->source = simple_strtoul(argv[1], NULL, 16);
v2_req_ptr->hw_key_bindings.bindings = simple_strtoul(argv[2],
NULL, 16);
v2_req_ptr->key = (uintptr_t) key_handle;
v2_req_ptr->mixing_key = 0;
v2_req_ptr->hw_key_bindings.context_len = context_len;
while (i < context_len) {
v2_req_ptr->hw_key_bindings.context[j++] = context_buf[i++];
}
ret = qca_scm_crypto(TZ_CRYPTO_SERVICE_AES_DERIVE_KEY_ID,
(void *)v2_req_ptr, sizeof(struct crypto_aes_derive_key_cmd_t_v2));
}
if (ret)
printf("Scm call failed with error code: %d\n", ret);
else {
printf("Key handle is %u\n", (unsigned int)*key_handle);
req_ptr->policy.key_type = DEFAULT_KEY_TYPE;
req_ptr->policy.destination = DEFAULT_POLICY_DESTINATION;
req_ptr->source = simple_strtoul(argv[1], NULL, 16);
req_ptr->hw_key_bindings.bindings = simple_strtoul(argv[2],
NULL, 16);
req_ptr->key = (uintptr_t) key_handle;
req_ptr->mixing_key = 0;
req_ptr->hw_key_bindings.context_len = context_len;
while (i < context_len) {
req_ptr->hw_key_bindings.context[j++] = context_buf[i++];
}
ret = qca_scm_crypto(TZ_CRYPTO_SERVICE_AES_DERIVE_KEY_ID,
(void *)req_ptr, sizeof(struct crypto_aes_derive_key_cmd_t_v1));
if (key_handle)
free(key_handle);
if (v1_req_ptr)
free(v1_req_ptr);
if (v2_req_ptr)
free(v2_req_ptr);
if (req_ptr)
free(req_ptr);
return ret;
}
@ -223,6 +183,91 @@ U_BOOT_CMD(
"Key Derivation: derive_aes_256_key <source_data> <bindings_data>"
"<context_data address> <context data len>"
);
/**
* do_derive_aes_256_max_ctxt_key() - Handle the "derive_key" command-line
* command for 128 byte context
* @cmdtp: Command data struct pointer
* @flag: Command flag
* @argc: Command-line argument count
* @argv: Array of command-line arguments
*
* Returns zero on success, CMD_RET_USAGE in case of misuse and negative
* on error.
*/
static int do_derive_aes_256_max_ctxt_key(cmd_tbl_t *cmdtp, int flag,
int argc, char *const argv[])
{
struct crypto_aes_derive_key_cmd_t_v2 *req_ptr = NULL;
int ret = CMD_RET_USAGE;
uintptr_t *key_handle = NULL;
uint8_t *context_buf = NULL;
int context_len = 0;
int i = 0, j = 0;
if (argc != 5)
return ret;
ret = is_scm_sec_auth_available(SCM_SVC_CRYPTO,
TZ_CRYPTO_SERVICE_AES_DERIVE_128_KEY_ID);
if (ret <= 0) {
printf("Aes 256 Max context key derivation"
"scm call is not supported. ret = %d\n", ret);
return CMD_RET_SUCCESS;
}
context_buf = (uint8_t *)simple_strtoul(argv[3], NULL, 16);
context_len = simple_strtoul(argv[4], NULL, 16);
if (context_len > MAX_CONTEXT_BUFFER_LEN_V2) {
printf("Error: context length should be less than %d\n",
MAX_CONTEXT_BUFFER_LEN_V2);
return ret;
}
key_handle = (uintptr_t *)memalign(ARCH_DMA_MINALIGN,
sizeof(uint64_t));
req_ptr = (struct crypto_aes_derive_key_cmd_t_v2 *)memalign(ARCH_DMA_MINALIGN,
sizeof(struct crypto_aes_derive_key_cmd_t_v2));
if (!req_ptr) {
printf("Error allocating memory for key handle request buf");
return -ENOMEM;
}
req_ptr->policy.key_type = DEFAULT_KEY_TYPE;
req_ptr->policy.destination = DEFAULT_POLICY_DESTINATION;
req_ptr->source = simple_strtoul(argv[1], NULL, 16);
req_ptr->hw_key_bindings.bindings = simple_strtoul(argv[2], NULL, 16);
req_ptr->key = (uintptr_t) key_handle;
req_ptr->mixing_key = 0;
req_ptr->hw_key_bindings.context_len = context_len;
while (i < context_len) {
req_ptr->hw_key_bindings.context[j++] = context_buf[i++];
}
ret = qca_scm_crypto(TZ_CRYPTO_SERVICE_AES_DERIVE_128_KEY_ID,
(void *)req_ptr, sizeof(struct crypto_aes_derive_key_cmd_t_v2));
if (ret)
printf("Scm call failed with error code: %d\n", ret);
else {
printf("Key handle is %u\n", (unsigned int)*key_handle);
}
if (key_handle)
free(key_handle);
if (req_ptr)
free(req_ptr);
return ret;
}
/***************************************************/
U_BOOT_CMD(
derive_aes_256_max_ctxt_key, 5, 1, do_derive_aes_256_max_ctxt_key,
"Derive AES 256 key with 128 byte context before"
"encrypt/decrypt in TME-L based systems",
"Key Derivation: derive_aes_256_max_ctxt_key <source_data>"
"<bindings_data> <context_data address> <context data len>"
);
#endif
/**