/** * This function process a block of data via the HASH Hardware. * The function receives as input an handle to the HASH Context , that was initialized before * by an CRYS_HASH_Init function or by other CRYS_HASH_Update * function. The function Sets the hardware with the last H's * value that where stored in the CRYS HASH context and then * process the data block using the hardware and in the end of * the process stores in the HASH context the H's value HASH * Context with the cryptographic attributes that are needed for * the HASH block operation ( initialize H's value for the HASH * algorithm ). This function is used in cases not all the data * is arrange in one continues buffer. * * The function flow: * * 1) checking the parameters validty if there is an error the function shall exit with an error code. * 2) Aquiring the working context from the CCM manager. * 3) If there isnt enouth data in the previous update data buff in the context plus the received data * load it to the context buffer and exit the function. * 4) fill the previous update data buffer to contain an entire block. * 5) Calling the hardware low level function to execute the update. * 6) fill the previous update data buffer with the data not processed at the end of the received data. * 7) release the CCM context. * * @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that * is used for the HASH machine operation. * * @param DataIn_ptr a pointer to the buffer that stores the data to be * hashed . * * @param DataInSize The size of the data to be hashed in bytes. * * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. * */ CEXPORT_C CRYSError_t CRYS_HASH_Update(CRYS_HASHUserContext_t* ContextID_ptr, DxUint8_t* DataIn_ptr, DxUint32_t DataInSize ) { struct sep_ctx_hash *pHashContext; CRYS_HASHPrivateContext_t *pHashPrivContext; int symRc = DX_RET_OK; int hash_block_size_in_bytes = 0; if ( ContextID_ptr == DX_NULL ) { return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; } if( DataInSize == 0 ) { return CRYS_OK; } if( DataIn_ptr == DX_NULL ) { return CRYS_HASH_DATA_IN_POINTER_INVALID_ERROR; } // PRINT_INFO("--->NOW enter into CRYS_HASH_Update\n"); /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HASHUserContext_t))) { return CRYS_HASH_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pHashContext = (struct sep_ctx_hash *)DX_GetUserCtxLocation(ContextID_ptr->buff); pHashPrivContext = (CRYS_HASHPrivateContext_t *)&(((uint32_t*)pHashContext)[CRYS_HASH_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]); if (pHashPrivContext->isLastBlockProcessed != 0) { return CRYS_HASH_LAST_BLOCK_ALREADY_PROCESSED_ERROR; } if (pHashContext->mode < SEP_HASH_SHA512) hash_block_size_in_bytes = CRYS_HASH_BLOCK_SIZE_IN_BYTES; else hash_block_size_in_bytes = CRYS_HASH_SHA512_BLOCK_SIZE_IN_BYTES; if ((DataInSize % hash_block_size_in_bytes) == 0) { symRc = SymDriverAdaptorProcess((struct sep_ctx_generic *)pHashContext, DataIn_ptr, NULL, DataInSize); if (symRc != DX_RET_OK) { return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHashErr); } } else { /* this is the last block */ pHashPrivContext->isLastBlockProcessed = 1; symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pHashContext, DataIn_ptr, NULL, DataInSize); if (symRc != DX_RET_OK) { return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHashErr); } } //PRINT_INFO("--->NOW leave CRYS_HASH_Update\n"); return CRYS_OK; }
CIMPORT_C CRYSError_t CRYS_HMAC_Update(CRYS_HMACUserContext_t *ContextID_ptr, DxUint8_t *DataIn_ptr, DxUint32_t DataInSize ) { struct sep_ctx_hmac *pHmacContext; CRYS_HMACPrivateContext_t *pHmacPrivContext; int symRc = DX_RET_OK; uint32_t blockSizeBytes; /* if the users context ID pointer is DX_NULL return an error */ if( ContextID_ptr == DX_NULL ) { return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; } /* if the users Data In pointer is illegal and the size is not 0 return an error */ if( (DataIn_ptr == DX_NULL) && DataInSize ) { return CRYS_HMAC_DATA_IN_POINTER_INVALID_ERROR; } /* if the data size is zero no need to execute an update , return CRYS_OK */ if( DataInSize == 0 ) { return CRYS_OK; } /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HMACUserContext_t))) { return CRYS_HMAC_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pHmacContext = (struct sep_ctx_hmac *)DX_GetUserCtxLocation(ContextID_ptr->buff); pHmacPrivContext = (CRYS_HMACPrivateContext_t *)&(((uint32_t*)pHmacContext)[CRYS_HMAC_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]); if (pHmacPrivContext->isLastBlockProcessed != 0) { return CRYS_HMAC_LAST_BLOCK_ALREADY_PROCESSED_ERROR; } blockSizeBytes = GetHmacBlocktSize(pHmacContext->mode); if ((DataInSize % blockSizeBytes) == 0) { symRc = SymDriverAdaptorProcess((struct sep_ctx_generic *)pHmacContext, DataIn_ptr, NULL, DataInSize); if (symRc != DX_RET_OK) { return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHmacErr); } } else { /* this is the last block */ pHmacPrivContext->isLastBlockProcessed = 1; symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pHmacContext, DataIn_ptr, NULL, DataInSize); if (symRc != DX_RET_OK) { return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHmacErr); } } return CRYS_OK; }
/** * This function finalizes the HMAC processing of a data block. * The function receives as input a handle to the HMAC Context that was previously initialized * by a CRYS_HMAC_Init function or by a CRYS_HMAC_Update function. * This function finishes the HASH operation on the ipad and text, and then * executes a new HASH operation with the key XOR opad and the previous HASH operation result. * * @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user * that is used for the HMAC machine operation. * * @retval HmacResultBuff - A pointer to the target buffer where the * HMAC result stored in the context is loaded to. * * @return CRYSError_t - On success the function returns CRYS_OK, * and on failure a non-ZERO error. */ CIMPORT_C CRYSError_t CRYS_HMAC_Finish( CRYS_HMACUserContext_t *ContextID_ptr, CRYS_HASH_Result_t HmacResultBuff ) { struct sep_ctx_hmac *pHmacContext; CRYS_HMACPrivateContext_t *pHmacPrivContext; int symRc = DX_RET_OK; uint32_t hmacDigesSize; /* if the users context ID pointer is DX_NULL return an error */ if( ContextID_ptr == DX_NULL ) { return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; } /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HMACUserContext_t))) { return CRYS_HMAC_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pHmacContext = (struct sep_ctx_hmac *)DX_GetUserCtxLocation(ContextID_ptr->buff); pHmacPrivContext = (CRYS_HMACPrivateContext_t *)&(((uint32_t*)pHmacContext)[CRYS_HMAC_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]); /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, pHmacContext, sizeof(struct sep_ctx_hmac))) { return CRYS_HMAC_ILLEGAL_PARAMS_ERROR; } if (pHmacPrivContext->isLastBlockProcessed == 0) { symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pHmacContext, NULL, NULL, 0); if (symRc != DX_RET_OK) { return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHmacErr); } } switch(pHmacContext->mode){ case SEP_HASH_SHA1: hmacDigesSize = SEP_SHA1_DIGEST_SIZE; break; case SEP_HASH_SHA224: hmacDigesSize = SEP_SHA224_DIGEST_SIZE; break; case SEP_HASH_SHA256: hmacDigesSize = SEP_SHA256_DIGEST_SIZE; break; case SEP_HASH_SHA384: hmacDigesSize = SEP_SHA384_DIGEST_SIZE; break; case SEP_HASH_SHA512: hmacDigesSize = SEP_SHA512_DIGEST_SIZE; break; default: hmacDigesSize = -1; break; } DX_PAL_MemCopy(HmacResultBuff, pHmacContext->digest, hmacDigesSize); return CRYS_OK; }
/** * This function initializes the HASH machine on the CRYS level. * * This function allocates and initializes the HASH Context . * The function receives as input a pointer to store the context handle to HASH Context , * it initializes the * HASH Context with the cryptographic attributes that are needed for * the HASH block operation ( initialize H's value for the HASH algorithm ). * * The function flow: * * 1) checking the validity of the arguments - returnes an error on an illegal argument case. * 2) Aquiring the working context from the CCM manager. * 3) Initializing the context with the parameters passed by the user and with the init values * of the HASH. * 4) loading the user tag to the context. * 5) release the CCM context. * * @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that * is used for the HASH machine operation. * * @param[in] OperationMode - The operation mode : MD5 or SHA1. * * @return CRYSError_t on success the function returns CRYS_OK else non ZERO error. * */ CEXPORT_C CRYSError_t CRYS_HASH_Init(CRYS_HASHUserContext_t* ContextID_ptr, CRYS_HASH_OperationMode_t OperationMode) { struct sep_ctx_hash *pHashContext; CRYS_HASHPrivateContext_t *pHashPrivContext; int symRc = DX_RET_OK; if ( ContextID_ptr == DX_NULL ) { return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; } if( OperationMode >= CRYS_HASH_NumOfModes ) { //PRINT_INFO("HASH MODE ERROR\n"); return CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR; } /*pointer for CTX allocation*/ /* FUNCTION LOGIC */ /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HASHUserContext_t))) { return CRYS_HASH_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pHashContext = (struct sep_ctx_hash *)DX_InitUserCtxLocation(ContextID_ptr->buff, sizeof(CRYS_HASHUserContext_t), sizeof(struct sep_ctx_hash)); pHashPrivContext = (CRYS_HASHPrivateContext_t *)&(((uint32_t*)pHashContext)[CRYS_HASH_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]); pHashContext->alg = SEP_CRYPTO_ALG_HASH; pHashPrivContext->isLastBlockProcessed = 0; switch (OperationMode) { case CRYS_HASH_SHA1_mode: pHashContext->mode = SEP_HASH_SHA1; break; case CRYS_HASH_SHA224_mode: pHashContext->mode = SEP_HASH_SHA224; break; case CRYS_HASH_SHA256_mode: pHashContext->mode = SEP_HASH_SHA256; break; case CRYS_HASH_SHA384_mode: pHashContext->mode = SEP_HASH_SHA384; break; case CRYS_HASH_SHA512_mode: pHashContext->mode = SEP_HASH_SHA512; break; case CRYS_HASH_MD5_mode: default: return CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR; } //PRINT_INFO("--->NOW into CRYS_HASH_Init,begin SymDriverAdaptorInit\n"); symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pHashContext); //PRINT_INFO("---> after SymDriverAdaptorInit,symRc=0x%x\n",symRc); return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHashErr); }
/** * @brief This function is used to initialize the RC4 machine. * To operate the RC4 machine, this should be the first function called. * * @param[in] ContextID_ptr - A pointer to the RC4 context buffer that is allocated by the user * and is used for the RC4 machine operation. * @param[in] Key_ptr - A pointer to the user's key buffer. * @param[in] KeySize - The size of the KEY in bytes. Requirements: * - for SW implementation 0 < KeySize < CRYS_RC4_MAX_KEY_SIZE_IN_BYTES, * - for HW implementation LLF_RC4_MIN_KEY_SIZE_IN_BYTES < KeySize < LLF_RC4_MAX_KEY_SIZE_IN_BYTES, * * @return CRYSError_t - CRYS_OK, * CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR, * CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR, * CRYS_RC4_INVALID_KEY_POINTER_ERROR */ CIMPORT_C CRYSError_t CRYS_RC4_Init(CRYS_RC4UserContext_t *ContextID_ptr, DxUint8_t *Key_ptr, DxUint32_t KeySizeInBytes) { int symRc = DX_RET_OK; /* pointer on SEP RC4 context struct*/ struct sep_ctx_rc4 *pRc4Context; /* ............... checking the parameters validity ................... */ /* -------------------------------------------------------------------- */ /* if the users context ID pointer is DX_NULL return an error */ if (ContextID_ptr == DX_NULL) { return CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR; } /* If the Keys size is invalid return an error */ if ((KeySizeInBytes == 0) || (KeySizeInBytes > CRYS_RC4_MAX_KEY_SIZE_IN_BYTES)) { return CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR; } /* If the the key pointer is not validity */ if (Key_ptr == DX_NULL) { return CRYS_RC4_INVALID_KEY_POINTER_ERROR; } /* check validity for priv */ if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, Key_ptr, KeySizeInBytes) || DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_RC4UserContext_t)) ) { return CRYS_RC4_ILLEGAL_PARAMS_ERROR; } /* Get pointer within the buffer that can accomodate context without crossing a page */ pRc4Context = (struct sep_ctx_rc4 *)DX_InitUserCtxLocation(ContextID_ptr->buff, sizeof(CRYS_RC4UserContext_t), sizeof(struct sep_ctx_rc4)); pRc4Context->alg = SEP_CRYPTO_ALG_RC4; pRc4Context->key_size = KeySizeInBytes; DX_PAL_MemCopy(pRc4Context->key, Key_ptr, KeySizeInBytes); /* ................. calling the low level init function ................. */ /* ----------------------------------------------------------------------- */ symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pRc4Context); return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysRc4Err); }
/** * @brief This function is used to process a stream on the RC4 machine. * This function should be called after the CRYS_RS4_Init. * * * @param[in] ContextID_ptr - A pointer to the RC4 context buffer allocated by the user * that is used for the RC4 machine operation. This should be the * same context as was used for the previous call of this session. * * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the RC4. * The pointer's value does not need to be word-aligned. * * @param[in] DataInSize - The size of the input data. * * @param[in,out] DataOut_ptr - The pointer to the buffer of the output data from the RC4. * The pointer's value does not need to be word-aligned. * * @return CRYSError_t - CRYS_OK, * CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR, * CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR, * CRYS_RC4_INVALID_KEY_POINTER_ERROR */ CIMPORT_C CRYSError_t CRYS_RC4_Stream(CRYS_RC4UserContext_t *ContextID_ptr, DxUint8_t *DataIn_ptr, DxUint32_t DataInSize, DxUint8_t *DataOut_ptr) { int symRc = DX_RET_OK; /* pointer on SEP RC4 context struct*/ struct sep_ctx_rc4 *pRc4Context; /* ............... checking the parameters validity ................... */ /* -------------------------------------------------------------------- */ /* if no data to process -we're done */ if (DataInSize == 0) { return CRYS_OK; } /* if the users context ID pointer is DX_NULL return an error */ if (ContextID_ptr == DX_NULL) { return CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR; } /* if the users Data In pointer is illegal return an error */ if (DataIn_ptr == DX_NULL) { return CRYS_RC4_DATA_IN_POINTER_INVALID_ERROR; } /* if the users Data Out pointer is illegal return an error */ if (DataOut_ptr == DX_NULL) { return CRYS_RC4_DATA_OUT_POINTER_INVALID_ERROR; } /* data size must be a positive number */ if (DataInSize == 0) { return CRYS_RC4_DATA_SIZE_ILLEGAL; } /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_RC4UserContext_t))) { return CRYS_RC4_ILLEGAL_PARAMS_ERROR; } pRc4Context = (struct sep_ctx_rc4 *)DX_GetUserCtxLocation(ContextID_ptr->buff); symRc = SymDriverAdaptorProcess((struct sep_ctx_generic *)pRc4Context, DataIn_ptr, DataOut_ptr, DataInSize); return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysRc4Err); }
CEXPORT_C CRYSError_t CRYS_HASH_Finish( CRYS_HASHUserContext_t* ContextID_ptr, CRYS_HASH_Result_t HashResultBuff ) { struct sep_ctx_hash *pHashContext; CRYS_HASHPrivateContext_t *pHashPrivContext; int symRc = DX_RET_OK; //PRINT_INFO("--->NOW enter into CRYS_HASH_Finish\n"); if ( ContextID_ptr == DX_NULL ) { return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR; } if ( HashResultBuff == DX_NULL ) { return CRYS_HASH_INVALID_RESULT_BUFFER_POINTER_ERROR; } /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HASHUserContext_t))) { return CRYS_HASH_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pHashContext = (struct sep_ctx_hash *)DX_GetUserCtxLocation(ContextID_ptr->buff); pHashPrivContext = (CRYS_HASHPrivateContext_t *)&(((uint32_t*)pHashContext)[CRYS_HASH_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]); /* check access permission for applet */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, HashResultBuff, sizeof(struct sep_ctx_hash))) { return CRYS_HASH_ILLEGAL_PARAMS_ERROR; } if (pHashPrivContext->isLastBlockProcessed == 0) { symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pHashContext, NULL, NULL, 0); if (symRc != DX_RET_OK) { return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHashErr); } } /* Copy the result to the user buffer */ DX_PAL_MemCopy(HashResultBuff, pHashContext->digest, CRYS_HASH_RESULT_SIZE_IN_WORDS*sizeof(DxUint32_t)); return CRYS_OK; }
/*! * Memory copy using HW engines. * The table below describes the supported copy modes that * reference by the data input/output buffers: * * ---------------------------------------------- * | DataIn_ptr | DataOut_ptr | * |--------------------------------------------| * | SRAM | DCACHE/SRAM/DLLI/MLLI | * | ICACHE | DCACHE/SRAM/DLLI/MLLI | * | DCACHE | DCACHE/SRAM/DLLI/MLLI | * | DLLI | DCACHE/SRAM/DLLI | * | MLLI | DCACHE/SRAM/MLLI | * ---------------------------------------------- * * \param DataIn_ptr This is the source buffer which need to copy from. * It may be a SeP local address or a DMA Object handle as described * in the table above. * \param DataSize In bytes * \param DataOut_ptr This is the destination buffer which need to copy to. * It may be a SeP local address or a DMA Object handle as described * in the table above. * * Restriction: MLLI refers to DMA oject in System memory space. * * \return CRYSError_t On success CRYS_OK is returned, on failure an error according to * CRYS_Bypass_error.h */ CIMPORT_C CRYSError_t CRYS_Bypass(DxUint8_t* DataIn_ptr, DxUint32_t DataSize, DxUint8_t* DataOut_ptr) { /* The return error identifiers */ CRYSError_t Error = CRYS_OK; int symRc = DX_RET_OK; DxUint32_t ctxBuff[CRYS_BYPASS_BUFF_OF_WORDS] = {0x0}; /* pointer on SEP AES context struct*/ struct sep_ctx_generic *pSepContext = (struct sep_ctx_generic *)DX_InitUserCtxLocation(ctxBuff, sizeof(ctxBuff), sizeof(struct sep_ctx_generic)); /* data size must be a positive number and a block size mult */ if (DataSize == 0 ) return DX_SUCCESS; /* if the users Data In pointer is illegal return an error */ if ( DataIn_ptr == DX_NULL ) return CRYS_BYPASS_INVALID_INPUT_POINTER_ERROR; /* if the users Data Out pointer is illegal return an error */ if ( DataOut_ptr == DX_NULL ) return CRYS_BYPASS_INVALID_OUTPUT_POINTER_ERROR; Error = validateParams(DataIn_ptr, DataSize); if ( Error != CRYS_OK ) { return Error; } Error = validateParams(DataOut_ptr, DataSize); if ( Error != CRYS_OK ) { return Error; } pSepContext->alg = SEP_CRYPTO_ALG_BYPASS; symRc = SymDriverAdaptorProcess(pSepContext,DataIn_ptr, DataOut_ptr, DataSize); return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysBypassErr); }
/** * @brief This function is used to process a block on the DES machine. * This function should be called after the CRYS_DES_Init function was called. * * * @param[in] ContextID_ptr - a pointer to the DES context buffer allocated by the user that * is used for the DES machine operation. this should be the same context that was * used on the previous call of this session. * * @param[in] DataIn_ptr - The pointer to the buffer of the input data to the DES. The pointer does * not need to be aligned. * * @param[in] DataInSize - The size of the input data in bytes: must be not 0 and must be multiple * of 8 bytes. * * @param[in/out] DataOut_ptr - The pointer to the buffer of the output data from the DES. The pointer does not * need to be aligned. * * @return CRYSError_t - On success CRYS_OK is returned, on failure a * value MODULE_* crys_des_error.h */ CIMPORT_C CRYSError_t CRYS_DES_Block( CRYS_DESUserContext_t *ContextID_ptr, DxUint8_t *DataIn_ptr, DxUint32_t DataInSize, DxUint8_t *DataOut_ptr ) { int symRc = DX_RET_OK; /* pointer on SEP DES context struct*/ struct sep_ctx_cipher *pDesContext; /* if the users context ID pointer is DX_NULL return an error */ if( ContextID_ptr == DX_NULL ) { return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; } /* if the users Data In pointer is illegal return an error */ if( DataIn_ptr == DX_NULL ) { return CRYS_DES_DATA_IN_POINTER_INVALID_ERROR; } /* if the users Data Out pointer is illegal return an error */ if( DataOut_ptr == DX_NULL ) { return CRYS_DES_DATA_OUT_POINTER_INVALID_ERROR; } /* data size must be a positive number and a block size mult */ if (((DataInSize % CRYS_DES_BLOCK_SIZE_IN_BYTES) != 0) || (DataInSize == 0)) { return CRYS_DES_DATA_SIZE_ILLEGAL; } /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_DESUserContext_t))) { return CRYS_DES_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pDesContext = (struct sep_ctx_cipher *)DX_GetUserCtxLocation(ContextID_ptr->buff); symRc = SymDriverAdaptorProcess((struct sep_ctx_generic *)pDesContext, DataIn_ptr, DataOut_ptr, DataInSize); return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysDesErr); }
/*! * This function is used to finish the combined or tunneling operations * It releases all used contexts (including suboperation ones). * * \param pConfig A pointer to the Configuration Nodes array (NodesConfig). * This array represents the user combined scheme. * \param cipherOffset Relevant in cases where the authenticated data resides in * a different offset from the cipher data. * Note: currently an error returned for any value other than zero. * \param pDataIn A pointer on a block of input data ready for processing. * \param dataInSize The size of the input data. * \param pDataOut A pointer to output data. Could be the same as input data pointer * (for inplace operations) or NULL if there is only * authentication for output. * \param pAuthDataOut A pointer to authenticated or digested output result. * * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, * and on failure - a value from crys_combined_error.h */ CIMPORT_C CRYSError_t CRYS_Combined_Finish( CrysCombinedConfig_t *pConfig, uint32_t cipherOffset, uint8_t *pDataIn, uint32_t dataInSize, uint8_t *pDataOut, uint8_t *pAuthDataOut, uint32_t *pAuthDataOutSize) { CRYS_COMBINED_UserContext_t combinedUsrCtx; struct sep_ctx_combined *pcombinedCtx; CRYSError_t crysErr = CRYS_OK; int symRc = DX_RET_OK; /* parameters check */ if (pConfig == DX_NULL) { return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR; } if (cipherOffset != 0) { /*currently cipher address must be equal to the auth address*/ return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR; } /* check validity for priv */ if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, pConfig, sizeof(CrysCombinedConfig_t)) || DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, pAuthDataOutSize, sizeof(uint32_t)) || DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, pAuthDataOut, *pAuthDataOutSize)) { return CRYS_COMBINED_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pcombinedCtx = (struct sep_ctx_combined *)DX_InitUserCtxLocation(combinedUsrCtx.buff, sizeof(CRYS_COMBINED_UserContext_t), sizeof(struct sep_ctx_combined)); InitCombinedContext(pcombinedCtx, pConfig); if ((pcombinedCtx->mode != SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE) && (pAuthDataOutSize == DX_NULL)) { return CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR; } switch (pcombinedCtx->mode) { case SEP_COMBINED_DIN_TO_AES_TO_HASH_MODE: case SEP_COMBINED_DIN_TO_AES_AND_HASH_MODE: case SEP_COMBINED_DIN_TO_AES_TO_HASH_AND_DOUT_MODE: if (pAuthDataOut == NULL) { return CRYS_COMBINED_DATA_AUTH_POINTER_INVALID_ERROR; } break; case SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE: break; default: return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR; } crysErr = ValidateSupportedModes(pcombinedCtx); if (crysErr != CRYS_OK) { return crysErr; } symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pcombinedCtx, pDataIn, pDataOut, dataInSize); if (symRc != DX_RET_OK) { return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysCombinedErr); } switch (pcombinedCtx->mode) { case SEP_COMBINED_DIN_TO_AES_TO_HASH_MODE: case SEP_COMBINED_DIN_TO_AES_AND_HASH_MODE: case SEP_COMBINED_DIN_TO_AES_TO_HASH_AND_DOUT_MODE: { struct sep_ctx_hash *pHashCtx = (struct sep_ctx_hash *)pcombinedCtx->sub_ctx[1]; uint32_t digestSize; crysErr = GetHashDigestSize(pHashCtx->mode, &digestSize); if (crysErr != CRYS_OK) { return CRYS_COMBINED_HASH_DIGEST_SIZE_ERROR; } if ((digestSize == 0) || (*pAuthDataOutSize < digestSize)) { return CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR; } /* set the digest length out and copy digest result */ *pAuthDataOutSize = digestSize; DX_PAL_MemCopy( pAuthDataOut, pHashCtx->digest, *pAuthDataOutSize ); break; } case SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE: break; default: return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR; } return CRYS_OK; }
/*! * This function is used to process block of data in the combined or tunneling mode. * * \param pConfig A pointer to the Configuration Nodes array (NodesConfig). * This array represents the user combined scheme. * \param cipherOffset Relevant in cases where the authenticated data resides in * a different offset from the cipher data. * Note: currently an error returned for any value other than zero. * \param pDataIn A pointer on a block of input data ready for processing. * \param dataInSize The size of the input data. * \param pDataOut A pointer on output data. Could be the same as input data pointer * (for inplace operations) or NULL if there is only * authentication for output. * * \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned, * and on failure - a value from crys_combined_error.h */ CIMPORT_C CRYSError_t CRYS_Combined_Process( CrysCombinedConfig_t *pConfig, uint32_t cipherOffset, uint8_t *pDataIn, uint32_t dataInSize, uint8_t *pDataOut) { CRYS_COMBINED_UserContext_t combinedUsrCtx; struct sep_ctx_combined *pcombinedCtx; CRYSError_t crysErr = CRYS_OK; int symRc = DX_RET_OK; /* parameters check */ if (pConfig == DX_NULL) { return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR; } if (cipherOffset != 0) { /*currently cipher address must be equal to the auth address*/ return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR; } if (pDataIn == NULL) { return CRYS_COMBINED_DATA_IN_POINTER_INVALID_ERROR; } /* data size must be a positive number and a block size mult */ if (dataInSize == 0) { return CRYS_COMBINED_DATA_IN_SIZE_ILLEGAL; } /* check validity for priv */ if (DxCcAcl_IsBuffAccessOk(ACCESS_READ, pConfig, sizeof(CrysCombinedConfig_t))) { return CRYS_COMBINED_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pcombinedCtx = (struct sep_ctx_combined *)DX_InitUserCtxLocation(combinedUsrCtx.buff, sizeof(CRYS_COMBINED_UserContext_t), sizeof(struct sep_ctx_combined)); InitCombinedContext(pcombinedCtx, pConfig); switch (pcombinedCtx->mode) { case SEP_COMBINED_DIN_TO_AES_TO_HASH_MODE: break; case SEP_COMBINED_DIN_TO_AES_AND_HASH_MODE: case SEP_COMBINED_DIN_TO_AES_TO_HASH_AND_DOUT_MODE: case SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE: if (pDataOut == NULL) { return CRYS_COMBINED_DATA_OUT_POINTER_INVALID_ERROR; } break; default: return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR; } crysErr = ValidateSupportedModes(pcombinedCtx); if (crysErr != CRYS_OK) { return crysErr; } symRc = SymDriverAdaptorProcess((struct sep_ctx_generic *)pcombinedCtx, pDataIn, pDataOut, dataInSize); return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysCombinedErr); }
/** * This function initializes the HMAC machine on the CRYS level. * * The function allocates and initializes the HMAC Context . * The function receives as input a pointer to store the context handle to HMAC Context. * * The function executes a HASH_init session and processes a HASH update * on the Key XOR ipad and stores it in the context. * * @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user * that is used for the HMAC machine operation. * * @param[in] OperationMode - The operation mode: MD5 or SHA1. * * @param[in] key_ptr - The pointer to the user's key buffer, * or its digest (if larger than the hash block size). * * @param[in] keySize - The size of the received key. Must not exceed the associated * hash block size. For larger keys the caller must provide * a hash digest of the key as the actual key. * * @return CRYSError_t - On success the function returns the value CRYS_OK, * and on failure a non-ZERO error. * */ CIMPORT_C CRYSError_t CRYS_HMAC_Init(CRYS_HMACUserContext_t *ContextID_ptr, CRYS_HASH_OperationMode_t OperationMode, DxUint8_t *key_ptr, DxUint16_t keySize) { struct sep_ctx_hmac *pHmacContext; CRYS_HMACPrivateContext_t *pHmacPrivContext; int symRc = DX_RET_OK; DxUint32_t HashBlockSize; /* if the users context ID pointer is DX_NULL return an error */ if( ContextID_ptr == DX_NULL ) { return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR; } /* check if the key pointer is valid */ if( key_ptr == DX_NULL ) { return CRYS_HMAC_INVALID_KEY_POINTER_ERROR; } /* check if the operation mode is legal and set hash block size */ switch (OperationMode) { case CRYS_HASH_SHA1_mode: case CRYS_HASH_SHA224_mode: case CRYS_HASH_SHA256_mode: HashBlockSize = CRYS_HASH_BLOCK_SIZE_IN_BYTES; break; case CRYS_HASH_SHA384_mode: case CRYS_HASH_SHA512_mode: HashBlockSize = CRYS_HASH_SHA512_BLOCK_SIZE_IN_BYTES; break; default: return CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR; } /* check if the key size is valid */ if (keySize == 0) { return CRYS_HMAC_UNVALID_KEY_SIZE_ERROR; } /* check validity for priv */ if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, key_ptr, keySize) || DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HMACUserContext_t)) ) { return CRYS_HMAC_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pHmacContext = (struct sep_ctx_hmac *)DX_InitUserCtxLocation(ContextID_ptr->buff, sizeof(CRYS_HMACUserContext_t), sizeof(struct sep_ctx_hmac)); pHmacPrivContext = (CRYS_HMACPrivateContext_t *)&(((uint32_t*)pHmacContext)[CRYS_HMAC_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]); pHmacContext->alg = SEP_CRYPTO_ALG_HMAC; pHmacContext->mode = Crys2SepHashMode(OperationMode); pHmacPrivContext->isLastBlockProcessed = 0; if( keySize > HashBlockSize ) { symRc = CRYS_HASH ( OperationMode, key_ptr, keySize, (uint32_t*)pHmacContext->k0 );/*Write the result into th context*/ if( symRc != CRYS_OK ) return symRc; /* update the new key size according to the mode */ switch(OperationMode) { case CRYS_HASH_SHA1_mode: keySize = CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES; break; case CRYS_HASH_SHA224_mode: keySize = CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES; break; case CRYS_HASH_SHA256_mode: keySize = CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES; break; case CRYS_HASH_SHA384_mode: keySize = CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES; break; case CRYS_HASH_SHA512_mode: keySize = CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES; break; default: break; } }/* end of key larger then 64 bytes case */ else { DX_PAL_MemCopy(pHmacContext->k0 , key_ptr , keySize ); } pHmacContext->k0_size = keySize; symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pHmacContext); return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHmacErr); }
CIMPORT_C CRYSError_t CRYS_DES_Init( CRYS_DESUserContext_t *ContextID_ptr, CRYS_DES_Iv_t IV_ptr, CRYS_DES_Key_t *Key_ptr, CRYS_DES_NumOfKeys_t NumOfKeys, CRYS_DES_EncryptMode_t EncryptDecryptFlag, CRYS_DES_OperationMode_t OperationMode ) { int symRc = DX_RET_OK; /* pointer on SEP DES context struct*/ struct sep_ctx_cipher *pDesContext; /* ............... checking the parameters validity ................... */ /* -------------------------------------------------------------------- */ /* if the users context ID pointer is DX_NULL return an error */ if( ContextID_ptr == DX_NULL ) { return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR; } /* check if the operation mode is legal */ if( OperationMode >= CRYS_DES_NumOfModes ) { return CRYS_DES_ILLEGAL_OPERATION_MODE_ERROR; } /* if the operation mode selected is CBC then check the validity of the IV counter pointer */ if( (OperationMode == CRYS_DES_CBC_mode) && (IV_ptr == DX_NULL) ) { return CRYS_DES_INVALID_IV_PTR_ON_NON_ECB_MODE_ERROR; } /* If the number of keys in invalid return an error */ if( (NumOfKeys >= CRYS_DES_NumOfKeysOptions) || (NumOfKeys == 0) ) { return CRYS_DES_ILLEGAL_NUM_OF_KEYS_ERROR; } /*check the valisity of the key pointer */ if( Key_ptr == DX_NULL ) { return CRYS_DES_INVALID_KEY_POINTER_ERROR; } /* Check the Encrypt / Decrypt flag validity */ if( EncryptDecryptFlag >= CRYS_DES_EncryptNumOfOptions ) { return CRYS_DES_INVALID_ENCRYPT_MODE_ERROR; } /* check validity for priv */ if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, Key_ptr, NumOfKeys * SEP_DES_ONE_KEY_SIZE) || DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_DESUserContext_t)) || ((IV_ptr != DX_NULL) && (DxCcAcl_IsBuffAccessOk(ACCESS_READ, IV_ptr, sizeof(CRYS_DES_Iv_t)))) ) { return CRYS_DES_ILLEGAL_PARAMS_ERROR; } /* Get pointer to contiguous context in the HOST buffer */ pDesContext = (struct sep_ctx_cipher *)DX_InitUserCtxLocation(ContextID_ptr->buff, sizeof(CRYS_DESUserContext_t), sizeof(struct sep_ctx_cipher)); pDesContext->alg = SEP_CRYPTO_ALG_DES; pDesContext->mode = MakeSepDesMode(OperationMode); pDesContext->direction = (enum sep_crypto_direction)EncryptDecryptFlag; pDesContext->key_size = NumOfKeys * SEP_DES_BLOCK_SIZE; DX_PAL_MemCopy(pDesContext->key, Key_ptr, pDesContext->key_size); if (pDesContext->mode == SEP_CIPHER_CBC) { DX_PAL_MemCopy(pDesContext->block_state, IV_ptr, CRYS_DES_IV_SIZE_IN_BYTES); } symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pDesContext); return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysDesErr); }