Adding support for clearing an existing
derived key.
Change-Id: I6e6c8718696aa7ae29cf9ec0429b9c90c074f62d
Signed-off-by: Hariharan K <quic_harihk@quicinc.com>
A new SCM has been added in TZ to support AES 128 byte context length.
Updated aes driver to add the same. Added new command as mentioned
below for 128 byte context length.
derive_aes_256_max_ctxt_key 0x2 0x20 0x41000000 0x80
Note: This new SCM call has been introduced since initial SCM call does not
derive keys the same way as Linux Fscrypt feature (128 byte context length)
Signed-off-by: Poovendhan Selvaraj <quic_poovendh@quicinc.com>
Change-Id: Ie71fc0e9b3c0b0d01995745bb61cd2d82f07eb85
Add support to increase context length if tz supports
128 bytes context length else fall back to old method.
Signed-off-by: Poovendhan Selvaraj <quic_poovendh@quicinc.com>
Change-Id: Ieded2c0139152e82011f792e91b875548fd29251
ipq5332 is a TME-L based platform in which before
encrypt/decrypt, we are required to derive a key
handle.
This patch adds support for the same.
Change-Id: I28b327611b62381542086d6d599c4a0195525aca
Signed-off-by: Poovendhan Selvaraj <quic_poovendh@quicinc.com>
(cherry picked from commit e15df34ac8)
ipq9574 is a TME-L based platform in which before
encrypt/decrypt, we are required to derive a key
handle.
This patch adds support for the same.
Change-Id: I583cee87607af2ab6461b429830cb8ff43cc44d4
Signed-off-by: Selvam Sathappan Periakaruppan <quic_speriaka@quicinc.com>
Encryptio/Decryption
- For encryption/decryption, plain data/
encrypted date has to be written to memory
directly using mw command along with
ivadata, type and mode
- Implemented new uboot command "aes_256"
to receive the memory address where the
above data is written to
- Perfom basic sanity check against the data
received and send them to secure world through
scm calls
- This is supported only for HK/CYP, hence not
implemented for TZ running in 32bit mode
Change-Id: I589a15025cd248cf5792f13ea435c5c5b64c6066
Signed-off-by: Karthick Jeyaraman <kjeyaram@codeaurora.org>
Add simple 'aes' command, which allows using the AES-128-CBC encryption
and decryption functions from U-Boot command line.
Signed-off-by: Marek Vasut <marex@denx.de>
