/**
* This function finalizes the HMAC processing of a data block.
* The function receives as input a handle to the HMAC Context that was previously initialized
* by a CRYS_HMAC_Init function or by a CRYS_HMAC_Update function.
* This function finishes the HASH operation on the ipad and text, and then
* executes a new HASH operation with the key XOR opad and the previous HASH operation result.
*
* @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user
* that is used for the HMAC machine operation.
*
* @retval HmacResultBuff - A pointer to the target buffer where the
* HMAC result stored in the context is loaded to.
*
* @return CRYSError_t - On success the function returns CRYS_OK,
* and on failure a non-ZERO error.
*/
CIMPORT_C CRYSError_t CRYS_HMAC_Finish( CRYS_HMACUserContext_t *ContextID_ptr,
CRYS_HASH_Result_t HmacResultBuff )
{
struct sep_ctx_hmac *pHmacContext;
CRYS_HMACPrivateContext_t *pHmacPrivContext;
int symRc = DX_RET_OK;
uint32_t hmacDigesSize;
/* if the users context ID pointer is DX_NULL return an error */
if( ContextID_ptr == DX_NULL ) {
return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* check validity for priv */
if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HMACUserContext_t))) {
return CRYS_HMAC_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pHmacContext = (struct sep_ctx_hmac *)DX_GetUserCtxLocation(ContextID_ptr->buff);
pHmacPrivContext = (CRYS_HMACPrivateContext_t *)&(((uint32_t*)pHmacContext)[CRYS_HMAC_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]);
/* check validity for priv */
if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, pHmacContext, sizeof(struct sep_ctx_hmac))) {
return CRYS_HMAC_ILLEGAL_PARAMS_ERROR;
}
if (pHmacPrivContext->isLastBlockProcessed == 0) {
symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pHmacContext, NULL, NULL, 0);
if (symRc != DX_RET_OK) {
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHmacErr);
}
}
switch(pHmacContext->mode){
case SEP_HASH_SHA1:
hmacDigesSize = SEP_SHA1_DIGEST_SIZE;
break;
case SEP_HASH_SHA224:
hmacDigesSize = SEP_SHA224_DIGEST_SIZE;
break;
case SEP_HASH_SHA256:
hmacDigesSize = SEP_SHA256_DIGEST_SIZE;
break;
case SEP_HASH_SHA384:
hmacDigesSize = SEP_SHA384_DIGEST_SIZE;
break;
case SEP_HASH_SHA512:
hmacDigesSize = SEP_SHA512_DIGEST_SIZE;
break;
default:
hmacDigesSize = -1;
break;
}
DX_PAL_MemCopy(HmacResultBuff, pHmacContext->digest, hmacDigesSize);
return CRYS_OK;
}
/**
* @brief This function is used to initialize the RC4 machine.
* To operate the RC4 machine, this should be the first function called.
*
* @param[in] ContextID_ptr - A pointer to the RC4 context buffer that is allocated by the user
* and is used for the RC4 machine operation.
* @param[in] Key_ptr - A pointer to the user's key buffer.
* @param[in] KeySize - The size of the KEY in bytes. Requirements:
* - for SW implementation 0 < KeySize < CRYS_RC4_MAX_KEY_SIZE_IN_BYTES,
* - for HW implementation LLF_RC4_MIN_KEY_SIZE_IN_BYTES < KeySize < LLF_RC4_MAX_KEY_SIZE_IN_BYTES,
*
* @return CRYSError_t - CRYS_OK,
* CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR,
* CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR,
* CRYS_RC4_INVALID_KEY_POINTER_ERROR
*/
CIMPORT_C CRYSError_t CRYS_RC4_Init(CRYS_RC4UserContext_t *ContextID_ptr,
DxUint8_t *Key_ptr,
DxUint32_t KeySizeInBytes)
{
int symRc = DX_RET_OK;
/* pointer on SEP RC4 context struct*/
struct sep_ctx_rc4 *pRc4Context;
/* ............... checking the parameters validity ................... */
/* -------------------------------------------------------------------- */
/* if the users context ID pointer is DX_NULL return an error */
if (ContextID_ptr == DX_NULL) {
return CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* If the Keys size is invalid return an error */
if ((KeySizeInBytes == 0) ||
(KeySizeInBytes > CRYS_RC4_MAX_KEY_SIZE_IN_BYTES)) {
return CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR;
}
/* If the the key pointer is not validity */
if (Key_ptr == DX_NULL) {
return CRYS_RC4_INVALID_KEY_POINTER_ERROR;
}
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, Key_ptr, KeySizeInBytes) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_RC4UserContext_t)) ) {
return CRYS_RC4_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer within the buffer that can accomodate context without
crossing a page */
pRc4Context = (struct sep_ctx_rc4 *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_RC4UserContext_t),
sizeof(struct sep_ctx_rc4));
pRc4Context->alg = SEP_CRYPTO_ALG_RC4;
pRc4Context->key_size = KeySizeInBytes;
DX_PAL_MemCopy(pRc4Context->key, Key_ptr, KeySizeInBytes);
/* ................. calling the low level init function ................. */
/* ----------------------------------------------------------------------- */
symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pRc4Context);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysRc4Err);
}
/*!
* This function is used to initialize the AES machine to perform the AES
* operations. This should be the first function called.
*
* \param pCtx A pointer to the context buffer in SRAM.
*
* \return int One of DX_SYM_* error codes defined in dx_error.h.
*/
int InitCipher(struct sep_ctx_cipher *pCtx)
{
SepCipherPrivateContext_s *pCipherPrivateCtx = (SepCipherPrivateContext_s *)pCtx->reserved;
int qid = CURR_QUEUE_ID(); /* qid is stored in pxTaskTag field */
if (ReadContextWord(&pCtx->alg) == SEP_CRYPTO_ALG_DES) {
/*in caes of double DES k1 = K3, copy k1-> K3*/
if (ReadContextWord(&pCtx->key_size) == SEP_DES_DOUBLE_KEY_SIZE){
#ifdef DX_CC_SRAM_INDIRECT_ACCESS
/*temporary buffer to allow key coping, must be aligned to words*/
uint32_t tKeybuff[SEP_DES_ONE_KEY_SIZE/sizeof(uint32_t)];
ReadContextField(pCtx->key, tKeybuff, SEP_DES_ONE_KEY_SIZE);
WriteContextField((pCtx->key + SEP_DES_DOUBLE_KEY_SIZE), tKeybuff, SEP_DES_ONE_KEY_SIZE);
WriteContextWord(&pCtx->key_size, SEP_DES_TRIPLE_KEY_SIZE);
#else
DX_PAL_MemCopy((pCtx->key + SEP_DES_DOUBLE_KEY_SIZE), pCtx->key, SEP_DES_ONE_KEY_SIZE);
pCtx->key_size = SEP_DES_TRIPLE_KEY_SIZE;
#endif
}
return DX_RET_OK;
}
switch (ReadContextWord(&pCtx->mode)) {
case SEP_CIPHER_CMAC:
ClearCtxField(pCtx->block_state, SEP_AES_BLOCK_SIZE);
if(ReadContextWord(&pCtx->crypto_key_type) == DX_ROOT_KEY) {
uint32_t keySize;
GET_ROOT_KEY_SIZE(keySize);
WriteContextWord(&pCtx->key_size,keySize);
}
break;
case SEP_CIPHER_XCBC_MAC:
if (ReadContextWord(&pCtx->key_size) != SEP_AES_128_BIT_KEY_SIZE) {
DX_PAL_LOG_ERR("Invalid key size\n");
return DX_RET_INVARG;
}
ClearCtxField(pCtx->block_state, SEP_AES_BLOCK_SIZE);
CalcXcbcKeys(qid, pCtx);
break;
default:
break;
}
/* init private context */
WriteContextWord(&pCipherPrivateCtx->engineCore,SEP_AES_ENGINE1);
WriteContextWord(&pCipherPrivateCtx->isTunnelOp, TUNNEL_OFF);
WriteContextWord(&pCipherPrivateCtx->isDataBlockProcessed,0);
return DX_RET_OK;
}
CEXPORT_C CRYSError_t CRYS_HASH_Finish( CRYS_HASHUserContext_t* ContextID_ptr,
CRYS_HASH_Result_t HashResultBuff )
{
struct sep_ctx_hash *pHashContext;
CRYS_HASHPrivateContext_t *pHashPrivContext;
int symRc = DX_RET_OK;
//PRINT_INFO("--->NOW enter into CRYS_HASH_Finish\n");
if ( ContextID_ptr == DX_NULL ) {
return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR;
}
if ( HashResultBuff == DX_NULL ) {
return CRYS_HASH_INVALID_RESULT_BUFFER_POINTER_ERROR;
}
/* check validity for priv */
if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HASHUserContext_t))) {
return CRYS_HASH_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pHashContext = (struct sep_ctx_hash *)DX_GetUserCtxLocation(ContextID_ptr->buff);
pHashPrivContext = (CRYS_HASHPrivateContext_t *)&(((uint32_t*)pHashContext)[CRYS_HASH_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]);
/* check access permission for applet */
if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, HashResultBuff, sizeof(struct sep_ctx_hash))) {
return CRYS_HASH_ILLEGAL_PARAMS_ERROR;
}
if (pHashPrivContext->isLastBlockProcessed == 0) {
symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pHashContext, NULL, NULL, 0);
if (symRc != DX_RET_OK) {
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHashErr);
}
}
/* Copy the result to the user buffer */
DX_PAL_MemCopy(HashResultBuff, pHashContext->digest, CRYS_HASH_RESULT_SIZE_IN_WORDS*sizeof(DxUint32_t));
return CRYS_OK;
}
/*!
* This function is used to finish the combined or tunneling operations
* It releases all used contexts (including suboperation ones).
*
* \param pConfig A pointer to the Configuration Nodes array (NodesConfig).
* This array represents the user combined scheme.
* \param cipherOffset Relevant in cases where the authenticated data resides in
* a different offset from the cipher data.
* Note: currently an error returned for any value other than zero.
* \param pDataIn A pointer on a block of input data ready for processing.
* \param dataInSize The size of the input data.
* \param pDataOut A pointer to output data. Could be the same as input data pointer
* (for inplace operations) or NULL if there is only
* authentication for output.
* \param pAuthDataOut A pointer to authenticated or digested output result.
*
* \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned,
* and on failure - a value from crys_combined_error.h
*/
CIMPORT_C CRYSError_t CRYS_Combined_Finish(
CrysCombinedConfig_t *pConfig,
uint32_t cipherOffset,
uint8_t *pDataIn,
uint32_t dataInSize,
uint8_t *pDataOut,
uint8_t *pAuthDataOut,
uint32_t *pAuthDataOutSize)
{
CRYS_COMBINED_UserContext_t combinedUsrCtx;
struct sep_ctx_combined *pcombinedCtx;
CRYSError_t crysErr = CRYS_OK;
int symRc = DX_RET_OK;
/* parameters check */
if (pConfig == DX_NULL) {
return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR;
}
if (cipherOffset != 0) {
/*currently cipher address must be equal to the auth address*/
return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR;
}
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, pConfig, sizeof(CrysCombinedConfig_t)) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, pAuthDataOutSize, sizeof(uint32_t)) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, pAuthDataOut, *pAuthDataOutSize)) {
return CRYS_COMBINED_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pcombinedCtx = (struct sep_ctx_combined *)DX_InitUserCtxLocation(combinedUsrCtx.buff,
sizeof(CRYS_COMBINED_UserContext_t),
sizeof(struct sep_ctx_combined));
InitCombinedContext(pcombinedCtx, pConfig);
if ((pcombinedCtx->mode != SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE) &&
(pAuthDataOutSize == DX_NULL)) {
return CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR;
}
switch (pcombinedCtx->mode) {
case SEP_COMBINED_DIN_TO_AES_TO_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_AND_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_TO_HASH_AND_DOUT_MODE:
if (pAuthDataOut == NULL) {
return CRYS_COMBINED_DATA_AUTH_POINTER_INVALID_ERROR;
}
break;
case SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE:
break;
default:
return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR;
}
crysErr = ValidateSupportedModes(pcombinedCtx);
if (crysErr != CRYS_OK) {
return crysErr;
}
symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pcombinedCtx,
pDataIn, pDataOut, dataInSize);
if (symRc != DX_RET_OK) {
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysCombinedErr);
}
switch (pcombinedCtx->mode) {
case SEP_COMBINED_DIN_TO_AES_TO_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_AND_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_TO_HASH_AND_DOUT_MODE:
{
struct sep_ctx_hash *pHashCtx = (struct sep_ctx_hash *)pcombinedCtx->sub_ctx[1];
uint32_t digestSize;
crysErr = GetHashDigestSize(pHashCtx->mode, &digestSize);
if (crysErr != CRYS_OK) {
return CRYS_COMBINED_HASH_DIGEST_SIZE_ERROR;
}
if ((digestSize == 0) || (*pAuthDataOutSize < digestSize)) {
return CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR;
}
/* set the digest length out and copy digest result */
*pAuthDataOutSize = digestSize;
DX_PAL_MemCopy( pAuthDataOut, pHashCtx->digest, *pAuthDataOutSize );
break;
}
case SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE:
break;
default:
return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR;
}
return CRYS_OK;
}
/**
* This function initializes the HMAC machine on the CRYS level.
*
* The function allocates and initializes the HMAC Context .
* The function receives as input a pointer to store the context handle to HMAC Context.
*
* The function executes a HASH_init session and processes a HASH update
* on the Key XOR ipad and stores it in the context.
*
* @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user
* that is used for the HMAC machine operation.
*
* @param[in] OperationMode - The operation mode: MD5 or SHA1.
*
* @param[in] key_ptr - The pointer to the user's key buffer,
* or its digest (if larger than the hash block size).
*
* @param[in] keySize - The size of the received key. Must not exceed the associated
* hash block size. For larger keys the caller must provide
* a hash digest of the key as the actual key.
*
* @return CRYSError_t - On success the function returns the value CRYS_OK,
* and on failure a non-ZERO error.
*
*/
CIMPORT_C CRYSError_t CRYS_HMAC_Init(CRYS_HMACUserContext_t *ContextID_ptr,
CRYS_HASH_OperationMode_t OperationMode,
DxUint8_t *key_ptr,
DxUint16_t keySize)
{
struct sep_ctx_hmac *pHmacContext;
CRYS_HMACPrivateContext_t *pHmacPrivContext;
int symRc = DX_RET_OK;
DxUint32_t HashBlockSize;
/* if the users context ID pointer is DX_NULL return an error */
if( ContextID_ptr == DX_NULL ) {
return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* check if the key pointer is valid */
if( key_ptr == DX_NULL ) {
return CRYS_HMAC_INVALID_KEY_POINTER_ERROR;
}
/* check if the operation mode is legal and set hash block size */
switch (OperationMode) {
case CRYS_HASH_SHA1_mode:
case CRYS_HASH_SHA224_mode:
case CRYS_HASH_SHA256_mode:
HashBlockSize = CRYS_HASH_BLOCK_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA384_mode:
case CRYS_HASH_SHA512_mode:
HashBlockSize = CRYS_HASH_SHA512_BLOCK_SIZE_IN_BYTES;
break;
default:
return CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR;
}
/* check if the key size is valid */
if (keySize == 0) {
return CRYS_HMAC_UNVALID_KEY_SIZE_ERROR;
}
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, key_ptr, keySize) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HMACUserContext_t)) ) {
return CRYS_HMAC_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pHmacContext = (struct sep_ctx_hmac *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_HMACUserContext_t),
sizeof(struct sep_ctx_hmac));
pHmacPrivContext = (CRYS_HMACPrivateContext_t *)&(((uint32_t*)pHmacContext)[CRYS_HMAC_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]);
pHmacContext->alg = SEP_CRYPTO_ALG_HMAC;
pHmacContext->mode = Crys2SepHashMode(OperationMode);
pHmacPrivContext->isLastBlockProcessed = 0;
if( keySize > HashBlockSize ) {
symRc = CRYS_HASH ( OperationMode,
key_ptr,
keySize,
(uint32_t*)pHmacContext->k0 );/*Write the result into th context*/
if( symRc != CRYS_OK )
return symRc;
/* update the new key size according to the mode */
switch(OperationMode) {
case CRYS_HASH_SHA1_mode:
keySize = CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA224_mode:
keySize = CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA256_mode:
keySize = CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA384_mode:
keySize = CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA512_mode:
keySize = CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES;
break;
default:
break;
}
}/* end of key larger then 64 bytes case */
else {
DX_PAL_MemCopy(pHmacContext->k0 , key_ptr , keySize );
}
pHmacContext->k0_size = keySize;
symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pHmacContext);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHmacErr);
}
/**
* @brief This function is used to initialize the AES machine or SW structures.
* To perform the AES operations this should be the first function called.
*
* The actual macros, that will be used by the user for calling this function, are described
* in crys_aes.h file.
*
* @param[in] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user
* and is used for the AES machine operation.
* @param[in] IVCounter_ptr - A buffer containing an initial value: IV, Counter or Tweak according
* to operation mode:
* - on ECB, XCBC, CMAC mode this parameter is not used and may be NULL,
* - on CBC and MAC modes it contains the IV value,
* - on CTR and OFB modes it contains the init counter,
* - on XTS mode it contains the initial tweak value - 128-bit consecutive number
* of data unit (in little endian).
* @param[in] Key_ptr - A pointer to the user's key buffer.
* @param[in] KeySize - An enum parameter, defines size of used key (128, 192, 256, 512 bits):
* On XCBC mode allowed 128 bit size only, on XTS - 256 or 512 bit, on other modes <= 256 bit.
* @param[in] EncryptDecryptFlag - A flag specifying whether the AES should perform an Encrypt operation (0)
* or a Decrypt operation (1). In XCBC, MAC and CMAC modes it must be Encrypt.
* @param[in] OperationMode - The operation mode: ECB, CBC, MAC, CTR, OFB, XCBC (PRF and 96), CMAC.
*
* @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h
*/
CIMPORT_C CRYSError_t CRYS_AES_Init(
CRYS_AESUserContext_t *ContextID_ptr,
CRYS_AES_IvCounter_t IVCounter_ptr,
CRYS_AES_Key_t Key_ptr,
CRYS_AES_KeySize_t KeySizeID,
CRYS_AES_EncryptMode_t EncryptDecryptFlag,
CRYS_AES_OperationMode_t OperationMode )
{
int symRc;
/* Aes key size bytes */
DxUint32_t keySizeBytes = 0;
/* pointer on SEP AES context struct*/
struct sep_ctx_cipher *pAesContext;
uint32_t keyAddr;
DX_CRYPTO_KEY_TYPE_t cryptoKeyType;
KeyPtrType_t keyPtrType;
/* FUNCTION LOGIC */
/* ............... local initializations .............................. */
/* -------------------------------------------------------------------- */
/* ............... checking the parameters validity ................... */
/* -------------------------------------------------------------------- */
/* if the users context ID pointer is DX_NULL return an error */
if( ContextID_ptr == DX_NULL ) {
return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* check if the operation mode is legal */
if( OperationMode >= CRYS_AES_NumOfModes || OperationMode == CRYS_AES_CCM_mode) {
return CRYS_AES_ILLEGAL_OPERATION_MODE_ERROR;
}
/* check if the OFB mode is supported */
#ifdef CRYS_NO_AES_OFB_SUPPORT
if(OperationMode == CRYS_AES_OFB_mode) {
return CRYS_AES_ILLEGAL_OPERATION_MODE_ERROR;
}
#endif
/* if the operation mode selected is CBC,CTS, MAC, CTR, XTS or OFB then check the validity of
the IV counter pointer (note: on XTS mode it is the Tweak pointer) */
if( ((OperationMode == CRYS_AES_CBC_mode) ||
(OperationMode == CRYS_AES_CTR_mode) ||
(OperationMode == CRYS_AES_MAC_mode) ||
(OperationMode == CRYS_AES_XTS_mode) ||
(OperationMode == CRYS_AES_CBC_CTS_mode) ||
(OperationMode == CRYS_AES_OFB_mode)) &&
(IVCounter_ptr == DX_NULL) ) {
return CRYS_AES_INVALID_IV_OR_TWEAK_PTR_ERROR;
}
/* in XCBC mode enable only key size = 128 bit */
if( (OperationMode == CRYS_AES_XCBC_MAC_mode) &&
(KeySizeID != CRYS_AES_Key128BitSize) ) {
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR;
}
/* check the Encrypt / Decrypt flag validity */
if ( EncryptDecryptFlag >= CRYS_AES_EncryptNumOfOptions ) {
return CRYS_AES_INVALID_ENCRYPT_MODE_ERROR;
}
/* in MAC,XCBC,CMAC modes enable only encrypt mode */
if( ((OperationMode == CRYS_AES_XCBC_MAC_mode) ||
(OperationMode == CRYS_AES_CMAC_mode) ||
(OperationMode == CRYS_AES_MAC_mode)) &&
(EncryptDecryptFlag != CRYS_AES_Encrypt) ) {
return CRYS_AES_DECRYPTION_NOT_ALLOWED_ON_THIS_MODE;
}
/* check the validity of the key pointer */
if ( Key_ptr == DX_NULL ) {
return CRYS_AES_INVALID_KEY_POINTER_ERROR;
}
if(getKeyDataFromKeyObj((uint8_t*)Key_ptr, &keyAddr, &cryptoKeyType, &keyPtrType, DX_AES_API_INIT) != CRYS_OK)
return CRYS_AES_INVALID_KEY_POINTER_ERROR;
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, (uint8_t *)keyAddr, KeySizeID * SEP_AES_128_BIT_KEY_SIZE) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_AESUserContext_t)) ||
((IVCounter_ptr != NULL) && DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, IVCounter_ptr, sizeof(CRYS_AES_IvCounter_t))) ) {
return CRYS_AES_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pAesContext = (struct sep_ctx_cipher *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_AESUserContext_t),
sizeof(struct sep_ctx_cipher));
pAesContext->alg = SEP_CRYPTO_ALG_AES;
pAesContext->mode = MakeSepAesMode(OperationMode);
pAesContext->direction = (enum sep_crypto_direction)EncryptDecryptFlag;
pAesContext->key_size = 0;
pAesContext->crypto_key_type = cryptoKeyType;
/* check key size in XTS mode */
if ( OperationMode == CRYS_AES_XTS_mode ) {
if( (KeySizeID != CRYS_AES_Key256BitSize) &&
(KeySizeID != CRYS_AES_Key512BitSize) ) {
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR;
}
} else if ( KeySizeID > CRYS_AES_Key256BitSize ) {
/* check the max key size for all modes besides XTS */
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR;
}
/* get AES_Key size in bytes */
switch( KeySizeID ) {
case CRYS_AES_Key128BitSize:
keySizeBytes = 16;
break;
case CRYS_AES_Key192BitSize:
keySizeBytes = 24;
break;
case CRYS_AES_Key256BitSize:
keySizeBytes = 32;
break;
case CRYS_AES_Key512BitSize:
keySizeBytes = 64;
break;
default:
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR; /*for preventing compiler warnings*/
}
/* HDCP max allowed key size is 16 bytes */
if ((pAesContext->crypto_key_type == DX_XOR_HDCP_KEY) && (keySizeBytes > 16)) {
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR;
}
DX_PAL_MemCopy(pAesContext->key, (uint8_t *)keyAddr, keySizeBytes);
pAesContext->key_size = keySizeBytes;
if (pAesContext->mode == SEP_CIPHER_XTS ) {
/* Divide by two (we have two keys of the same size) */
pAesContext->key_size >>= 1;
/* copy second half of the double-key as XEX-key */
DX_PAL_MemCopy(pAesContext->xex_key, (uint8_t*)keyAddr + pAesContext->key_size, pAesContext->key_size);
}
CIMPORT_C CRYSError_t CRYS_DES_Init( CRYS_DESUserContext_t *ContextID_ptr,
CRYS_DES_Iv_t IV_ptr,
CRYS_DES_Key_t *Key_ptr,
CRYS_DES_NumOfKeys_t NumOfKeys,
CRYS_DES_EncryptMode_t EncryptDecryptFlag,
CRYS_DES_OperationMode_t OperationMode )
{
int symRc = DX_RET_OK;
/* pointer on SEP DES context struct*/
struct sep_ctx_cipher *pDesContext;
/* ............... checking the parameters validity ................... */
/* -------------------------------------------------------------------- */
/* if the users context ID pointer is DX_NULL return an error */
if( ContextID_ptr == DX_NULL ) {
return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* check if the operation mode is legal */
if( OperationMode >= CRYS_DES_NumOfModes ) {
return CRYS_DES_ILLEGAL_OPERATION_MODE_ERROR;
}
/* if the operation mode selected is CBC then check the validity of
the IV counter pointer */
if( (OperationMode == CRYS_DES_CBC_mode) && (IV_ptr == DX_NULL) ) {
return CRYS_DES_INVALID_IV_PTR_ON_NON_ECB_MODE_ERROR;
}
/* If the number of keys in invalid return an error */
if( (NumOfKeys >= CRYS_DES_NumOfKeysOptions) || (NumOfKeys == 0) ) {
return CRYS_DES_ILLEGAL_NUM_OF_KEYS_ERROR;
}
/*check the valisity of the key pointer */
if( Key_ptr == DX_NULL ) {
return CRYS_DES_INVALID_KEY_POINTER_ERROR;
}
/* Check the Encrypt / Decrypt flag validity */
if( EncryptDecryptFlag >= CRYS_DES_EncryptNumOfOptions ) {
return CRYS_DES_INVALID_ENCRYPT_MODE_ERROR;
}
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, Key_ptr, NumOfKeys * SEP_DES_ONE_KEY_SIZE) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_DESUserContext_t)) ||
((IV_ptr != DX_NULL) && (DxCcAcl_IsBuffAccessOk(ACCESS_READ, IV_ptr, sizeof(CRYS_DES_Iv_t)))) ) {
return CRYS_DES_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pDesContext = (struct sep_ctx_cipher *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_DESUserContext_t),
sizeof(struct sep_ctx_cipher));
pDesContext->alg = SEP_CRYPTO_ALG_DES;
pDesContext->mode = MakeSepDesMode(OperationMode);
pDesContext->direction = (enum sep_crypto_direction)EncryptDecryptFlag;
pDesContext->key_size = NumOfKeys * SEP_DES_BLOCK_SIZE;
DX_PAL_MemCopy(pDesContext->key, Key_ptr, pDesContext->key_size);
if (pDesContext->mode == SEP_CIPHER_CBC) {
DX_PAL_MemCopy(pDesContext->block_state, IV_ptr, CRYS_DES_IV_SIZE_IN_BYTES);
}
symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pDesContext);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysDesErr);
}