/**
* This function initializes the HASH machine on the CRYS level.
*
* This function allocates and initializes the HASH Context .
* The function receives as input a pointer to store the context handle to HASH Context ,
* it initializes the
* HASH Context with the cryptographic attributes that are needed for
* the HASH block operation ( initialize H's value for the HASH algorithm ).
*
* The function flow:
*
* 1) checking the validity of the arguments - returnes an error on an illegal argument case.
* 2) Aquiring the working context from the CCM manager.
* 3) Initializing the context with the parameters passed by the user and with the init values
* of the HASH.
* 4) loading the user tag to the context.
* 5) release the CCM context.
*
* @param[in] ContextID_ptr - a pointer to the HASH context buffer allocated by the user that
* is used for the HASH machine operation.
*
* @param[in] OperationMode - The operation mode : MD5 or SHA1.
*
* @return CRYSError_t on success the function returns CRYS_OK else non ZERO error.
*
*/
CEXPORT_C CRYSError_t CRYS_HASH_Init(CRYS_HASHUserContext_t* ContextID_ptr,
CRYS_HASH_OperationMode_t OperationMode)
{
struct sep_ctx_hash *pHashContext;
CRYS_HASHPrivateContext_t *pHashPrivContext;
int symRc = DX_RET_OK;
if ( ContextID_ptr == DX_NULL ) {
return CRYS_HASH_INVALID_USER_CONTEXT_POINTER_ERROR;
}
if( OperationMode >= CRYS_HASH_NumOfModes ) {
//PRINT_INFO("HASH MODE ERROR\n");
return CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR;
}
/*pointer for CTX allocation*/
/* FUNCTION LOGIC */
/* check validity for priv */
if (DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HASHUserContext_t))) {
return CRYS_HASH_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pHashContext = (struct sep_ctx_hash *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_HASHUserContext_t),
sizeof(struct sep_ctx_hash));
pHashPrivContext = (CRYS_HASHPrivateContext_t *)&(((uint32_t*)pHashContext)[CRYS_HASH_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]);
pHashContext->alg = SEP_CRYPTO_ALG_HASH;
pHashPrivContext->isLastBlockProcessed = 0;
switch (OperationMode) {
case CRYS_HASH_SHA1_mode:
pHashContext->mode = SEP_HASH_SHA1;
break;
case CRYS_HASH_SHA224_mode:
pHashContext->mode = SEP_HASH_SHA224;
break;
case CRYS_HASH_SHA256_mode:
pHashContext->mode = SEP_HASH_SHA256;
break;
case CRYS_HASH_SHA384_mode:
pHashContext->mode = SEP_HASH_SHA384;
break;
case CRYS_HASH_SHA512_mode:
pHashContext->mode = SEP_HASH_SHA512;
break;
case CRYS_HASH_MD5_mode:
default:
return CRYS_HASH_ILLEGAL_OPERATION_MODE_ERROR;
}
//PRINT_INFO("--->NOW into CRYS_HASH_Init,begin SymDriverAdaptorInit\n");
symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pHashContext);
//PRINT_INFO("---> after SymDriverAdaptorInit,symRc=0x%x\n",symRc);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHashErr);
}
/**
* @brief This function is used to initialize the RC4 machine.
* To operate the RC4 machine, this should be the first function called.
*
* @param[in] ContextID_ptr - A pointer to the RC4 context buffer that is allocated by the user
* and is used for the RC4 machine operation.
* @param[in] Key_ptr - A pointer to the user's key buffer.
* @param[in] KeySize - The size of the KEY in bytes. Requirements:
* - for SW implementation 0 < KeySize < CRYS_RC4_MAX_KEY_SIZE_IN_BYTES,
* - for HW implementation LLF_RC4_MIN_KEY_SIZE_IN_BYTES < KeySize < LLF_RC4_MAX_KEY_SIZE_IN_BYTES,
*
* @return CRYSError_t - CRYS_OK,
* CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR,
* CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR,
* CRYS_RC4_INVALID_KEY_POINTER_ERROR
*/
CIMPORT_C CRYSError_t CRYS_RC4_Init(CRYS_RC4UserContext_t *ContextID_ptr,
DxUint8_t *Key_ptr,
DxUint32_t KeySizeInBytes)
{
int symRc = DX_RET_OK;
/* pointer on SEP RC4 context struct*/
struct sep_ctx_rc4 *pRc4Context;
/* ............... checking the parameters validity ................... */
/* -------------------------------------------------------------------- */
/* if the users context ID pointer is DX_NULL return an error */
if (ContextID_ptr == DX_NULL) {
return CRYS_RC4_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* If the Keys size is invalid return an error */
if ((KeySizeInBytes == 0) ||
(KeySizeInBytes > CRYS_RC4_MAX_KEY_SIZE_IN_BYTES)) {
return CRYS_RC4_ILLEGAL_KEY_SIZE_ERROR;
}
/* If the the key pointer is not validity */
if (Key_ptr == DX_NULL) {
return CRYS_RC4_INVALID_KEY_POINTER_ERROR;
}
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, Key_ptr, KeySizeInBytes) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_RC4UserContext_t)) ) {
return CRYS_RC4_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer within the buffer that can accomodate context without
crossing a page */
pRc4Context = (struct sep_ctx_rc4 *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_RC4UserContext_t),
sizeof(struct sep_ctx_rc4));
pRc4Context->alg = SEP_CRYPTO_ALG_RC4;
pRc4Context->key_size = KeySizeInBytes;
DX_PAL_MemCopy(pRc4Context->key, Key_ptr, KeySizeInBytes);
/* ................. calling the low level init function ................. */
/* ----------------------------------------------------------------------- */
symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pRc4Context);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysRc4Err);
}
/*!
* Memory copy using HW engines.
* The table below describes the supported copy modes that
* reference by the data input/output buffers:
*
* ----------------------------------------------
* | DataIn_ptr | DataOut_ptr |
* |--------------------------------------------|
* | SRAM | DCACHE/SRAM/DLLI/MLLI |
* | ICACHE | DCACHE/SRAM/DLLI/MLLI |
* | DCACHE | DCACHE/SRAM/DLLI/MLLI |
* | DLLI | DCACHE/SRAM/DLLI |
* | MLLI | DCACHE/SRAM/MLLI |
* ----------------------------------------------
*
* \param DataIn_ptr This is the source buffer which need to copy from.
* It may be a SeP local address or a DMA Object handle as described
* in the table above.
* \param DataSize In bytes
* \param DataOut_ptr This is the destination buffer which need to copy to.
* It may be a SeP local address or a DMA Object handle as described
* in the table above.
*
* Restriction: MLLI refers to DMA oject in System memory space.
*
* \return CRYSError_t On success CRYS_OK is returned, on failure an error according to
* CRYS_Bypass_error.h
*/
CIMPORT_C CRYSError_t CRYS_Bypass(DxUint8_t* DataIn_ptr,
DxUint32_t DataSize,
DxUint8_t* DataOut_ptr)
{
/* The return error identifiers */
CRYSError_t Error = CRYS_OK;
int symRc = DX_RET_OK;
DxUint32_t ctxBuff[CRYS_BYPASS_BUFF_OF_WORDS] = {0x0};
/* pointer on SEP AES context struct*/
struct sep_ctx_generic *pSepContext = (struct sep_ctx_generic *)DX_InitUserCtxLocation(ctxBuff,
sizeof(ctxBuff),
sizeof(struct sep_ctx_generic));
/* data size must be a positive number and a block size mult */
if (DataSize == 0 )
return DX_SUCCESS;
/* if the users Data In pointer is illegal return an error */
if ( DataIn_ptr == DX_NULL )
return CRYS_BYPASS_INVALID_INPUT_POINTER_ERROR;
/* if the users Data Out pointer is illegal return an error */
if ( DataOut_ptr == DX_NULL )
return CRYS_BYPASS_INVALID_OUTPUT_POINTER_ERROR;
Error = validateParams(DataIn_ptr, DataSize);
if ( Error != CRYS_OK ) {
return Error;
}
Error = validateParams(DataOut_ptr, DataSize);
if ( Error != CRYS_OK ) {
return Error;
}
pSepContext->alg = SEP_CRYPTO_ALG_BYPASS;
symRc = SymDriverAdaptorProcess(pSepContext,DataIn_ptr, DataOut_ptr, DataSize);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysBypassErr);
}
/*!
* This function is used to finish the combined or tunneling operations
* It releases all used contexts (including suboperation ones).
*
* \param pConfig A pointer to the Configuration Nodes array (NodesConfig).
* This array represents the user combined scheme.
* \param cipherOffset Relevant in cases where the authenticated data resides in
* a different offset from the cipher data.
* Note: currently an error returned for any value other than zero.
* \param pDataIn A pointer on a block of input data ready for processing.
* \param dataInSize The size of the input data.
* \param pDataOut A pointer to output data. Could be the same as input data pointer
* (for inplace operations) or NULL if there is only
* authentication for output.
* \param pAuthDataOut A pointer to authenticated or digested output result.
*
* \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned,
* and on failure - a value from crys_combined_error.h
*/
CIMPORT_C CRYSError_t CRYS_Combined_Finish(
CrysCombinedConfig_t *pConfig,
uint32_t cipherOffset,
uint8_t *pDataIn,
uint32_t dataInSize,
uint8_t *pDataOut,
uint8_t *pAuthDataOut,
uint32_t *pAuthDataOutSize)
{
CRYS_COMBINED_UserContext_t combinedUsrCtx;
struct sep_ctx_combined *pcombinedCtx;
CRYSError_t crysErr = CRYS_OK;
int symRc = DX_RET_OK;
/* parameters check */
if (pConfig == DX_NULL) {
return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR;
}
if (cipherOffset != 0) {
/*currently cipher address must be equal to the auth address*/
return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR;
}
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, pConfig, sizeof(CrysCombinedConfig_t)) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, pAuthDataOutSize, sizeof(uint32_t)) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, pAuthDataOut, *pAuthDataOutSize)) {
return CRYS_COMBINED_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pcombinedCtx = (struct sep_ctx_combined *)DX_InitUserCtxLocation(combinedUsrCtx.buff,
sizeof(CRYS_COMBINED_UserContext_t),
sizeof(struct sep_ctx_combined));
InitCombinedContext(pcombinedCtx, pConfig);
if ((pcombinedCtx->mode != SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE) &&
(pAuthDataOutSize == DX_NULL)) {
return CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR;
}
switch (pcombinedCtx->mode) {
case SEP_COMBINED_DIN_TO_AES_TO_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_AND_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_TO_HASH_AND_DOUT_MODE:
if (pAuthDataOut == NULL) {
return CRYS_COMBINED_DATA_AUTH_POINTER_INVALID_ERROR;
}
break;
case SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE:
break;
default:
return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR;
}
crysErr = ValidateSupportedModes(pcombinedCtx);
if (crysErr != CRYS_OK) {
return crysErr;
}
symRc = SymDriverAdaptorFinalize((struct sep_ctx_generic *)pcombinedCtx,
pDataIn, pDataOut, dataInSize);
if (symRc != DX_RET_OK) {
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysCombinedErr);
}
switch (pcombinedCtx->mode) {
case SEP_COMBINED_DIN_TO_AES_TO_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_AND_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_TO_HASH_AND_DOUT_MODE:
{
struct sep_ctx_hash *pHashCtx = (struct sep_ctx_hash *)pcombinedCtx->sub_ctx[1];
uint32_t digestSize;
crysErr = GetHashDigestSize(pHashCtx->mode, &digestSize);
if (crysErr != CRYS_OK) {
return CRYS_COMBINED_HASH_DIGEST_SIZE_ERROR;
}
if ((digestSize == 0) || (*pAuthDataOutSize < digestSize)) {
return CRYS_COMBINED_DATA_AUTH_BUFFER_SIZE_INVALID_ERROR;
}
/* set the digest length out and copy digest result */
*pAuthDataOutSize = digestSize;
DX_PAL_MemCopy( pAuthDataOut, pHashCtx->digest, *pAuthDataOutSize );
break;
}
case SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE:
break;
default:
return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR;
}
return CRYS_OK;
}
/*!
* This function is used to process block of data in the combined or tunneling mode.
*
* \param pConfig A pointer to the Configuration Nodes array (NodesConfig).
* This array represents the user combined scheme.
* \param cipherOffset Relevant in cases where the authenticated data resides in
* a different offset from the cipher data.
* Note: currently an error returned for any value other than zero.
* \param pDataIn A pointer on a block of input data ready for processing.
* \param dataInSize The size of the input data.
* \param pDataOut A pointer on output data. Could be the same as input data pointer
* (for inplace operations) or NULL if there is only
* authentication for output.
*
* \return CIMPORT_C CRYSError_t On success the value CRYS_OK is returned,
* and on failure - a value from crys_combined_error.h
*/
CIMPORT_C CRYSError_t CRYS_Combined_Process(
CrysCombinedConfig_t *pConfig,
uint32_t cipherOffset,
uint8_t *pDataIn,
uint32_t dataInSize,
uint8_t *pDataOut)
{
CRYS_COMBINED_UserContext_t combinedUsrCtx;
struct sep_ctx_combined *pcombinedCtx;
CRYSError_t crysErr = CRYS_OK;
int symRc = DX_RET_OK;
/* parameters check */
if (pConfig == DX_NULL) {
return CRYS_COMBINED_INVALID_NODES_CONFIG_POINTER_ERROR;
}
if (cipherOffset != 0) {
/*currently cipher address must be equal to the auth address*/
return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR;
}
if (pDataIn == NULL) {
return CRYS_COMBINED_DATA_IN_POINTER_INVALID_ERROR;
}
/* data size must be a positive number and a block size mult */
if (dataInSize == 0) {
return CRYS_COMBINED_DATA_IN_SIZE_ILLEGAL;
}
/* check validity for priv */
if (DxCcAcl_IsBuffAccessOk(ACCESS_READ, pConfig, sizeof(CrysCombinedConfig_t))) {
return CRYS_COMBINED_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pcombinedCtx = (struct sep_ctx_combined *)DX_InitUserCtxLocation(combinedUsrCtx.buff,
sizeof(CRYS_COMBINED_UserContext_t),
sizeof(struct sep_ctx_combined));
InitCombinedContext(pcombinedCtx, pConfig);
switch (pcombinedCtx->mode) {
case SEP_COMBINED_DIN_TO_AES_TO_HASH_MODE:
break;
case SEP_COMBINED_DIN_TO_AES_AND_HASH_MODE:
case SEP_COMBINED_DIN_TO_AES_TO_HASH_AND_DOUT_MODE:
case SEP_COMBINED_DIN_TO_AES_TO_AES_TO_DOUT_MODE:
if (pDataOut == NULL) {
return CRYS_COMBINED_DATA_OUT_POINTER_INVALID_ERROR;
}
break;
default:
return CRYS_COMBINED_ILLEGAL_OPERATION_MODE_ERROR;
}
crysErr = ValidateSupportedModes(pcombinedCtx);
if (crysErr != CRYS_OK) {
return crysErr;
}
symRc = SymDriverAdaptorProcess((struct sep_ctx_generic *)pcombinedCtx,
pDataIn, pDataOut, dataInSize);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysCombinedErr);
}
/**
* This function initializes the HMAC machine on the CRYS level.
*
* The function allocates and initializes the HMAC Context .
* The function receives as input a pointer to store the context handle to HMAC Context.
*
* The function executes a HASH_init session and processes a HASH update
* on the Key XOR ipad and stores it in the context.
*
* @param[in] ContextID_ptr - A pointer to the HMAC context buffer allocated by the user
* that is used for the HMAC machine operation.
*
* @param[in] OperationMode - The operation mode: MD5 or SHA1.
*
* @param[in] key_ptr - The pointer to the user's key buffer,
* or its digest (if larger than the hash block size).
*
* @param[in] keySize - The size of the received key. Must not exceed the associated
* hash block size. For larger keys the caller must provide
* a hash digest of the key as the actual key.
*
* @return CRYSError_t - On success the function returns the value CRYS_OK,
* and on failure a non-ZERO error.
*
*/
CIMPORT_C CRYSError_t CRYS_HMAC_Init(CRYS_HMACUserContext_t *ContextID_ptr,
CRYS_HASH_OperationMode_t OperationMode,
DxUint8_t *key_ptr,
DxUint16_t keySize)
{
struct sep_ctx_hmac *pHmacContext;
CRYS_HMACPrivateContext_t *pHmacPrivContext;
int symRc = DX_RET_OK;
DxUint32_t HashBlockSize;
/* if the users context ID pointer is DX_NULL return an error */
if( ContextID_ptr == DX_NULL ) {
return CRYS_HMAC_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* check if the key pointer is valid */
if( key_ptr == DX_NULL ) {
return CRYS_HMAC_INVALID_KEY_POINTER_ERROR;
}
/* check if the operation mode is legal and set hash block size */
switch (OperationMode) {
case CRYS_HASH_SHA1_mode:
case CRYS_HASH_SHA224_mode:
case CRYS_HASH_SHA256_mode:
HashBlockSize = CRYS_HASH_BLOCK_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA384_mode:
case CRYS_HASH_SHA512_mode:
HashBlockSize = CRYS_HASH_SHA512_BLOCK_SIZE_IN_BYTES;
break;
default:
return CRYS_HMAC_ILLEGAL_OPERATION_MODE_ERROR;
}
/* check if the key size is valid */
if (keySize == 0) {
return CRYS_HMAC_UNVALID_KEY_SIZE_ERROR;
}
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, key_ptr, keySize) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_HMACUserContext_t)) ) {
return CRYS_HMAC_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pHmacContext = (struct sep_ctx_hmac *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_HMACUserContext_t),
sizeof(struct sep_ctx_hmac));
pHmacPrivContext = (CRYS_HMACPrivateContext_t *)&(((uint32_t*)pHmacContext)[CRYS_HMAC_USER_CTX_ACTUAL_SIZE_IN_WORDS-1]);
pHmacContext->alg = SEP_CRYPTO_ALG_HMAC;
pHmacContext->mode = Crys2SepHashMode(OperationMode);
pHmacPrivContext->isLastBlockProcessed = 0;
if( keySize > HashBlockSize ) {
symRc = CRYS_HASH ( OperationMode,
key_ptr,
keySize,
(uint32_t*)pHmacContext->k0 );/*Write the result into th context*/
if( symRc != CRYS_OK )
return symRc;
/* update the new key size according to the mode */
switch(OperationMode) {
case CRYS_HASH_SHA1_mode:
keySize = CRYS_HASH_SHA1_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA224_mode:
keySize = CRYS_HASH_SHA224_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA256_mode:
keySize = CRYS_HASH_SHA256_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA384_mode:
keySize = CRYS_HASH_SHA384_DIGEST_SIZE_IN_BYTES;
break;
case CRYS_HASH_SHA512_mode:
keySize = CRYS_HASH_SHA512_DIGEST_SIZE_IN_BYTES;
break;
default:
break;
}
}/* end of key larger then 64 bytes case */
else {
DX_PAL_MemCopy(pHmacContext->k0 , key_ptr , keySize );
}
pHmacContext->k0_size = keySize;
symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pHmacContext);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysHmacErr);
}
/**
* @brief This function is used to initialize the AES machine or SW structures.
* To perform the AES operations this should be the first function called.
*
* The actual macros, that will be used by the user for calling this function, are described
* in crys_aes.h file.
*
* @param[in] ContextID_ptr - A pointer to the AES context buffer that is allocated by the user
* and is used for the AES machine operation.
* @param[in] IVCounter_ptr - A buffer containing an initial value: IV, Counter or Tweak according
* to operation mode:
* - on ECB, XCBC, CMAC mode this parameter is not used and may be NULL,
* - on CBC and MAC modes it contains the IV value,
* - on CTR and OFB modes it contains the init counter,
* - on XTS mode it contains the initial tweak value - 128-bit consecutive number
* of data unit (in little endian).
* @param[in] Key_ptr - A pointer to the user's key buffer.
* @param[in] KeySize - An enum parameter, defines size of used key (128, 192, 256, 512 bits):
* On XCBC mode allowed 128 bit size only, on XTS - 256 or 512 bit, on other modes <= 256 bit.
* @param[in] EncryptDecryptFlag - A flag specifying whether the AES should perform an Encrypt operation (0)
* or a Decrypt operation (1). In XCBC, MAC and CMAC modes it must be Encrypt.
* @param[in] OperationMode - The operation mode: ECB, CBC, MAC, CTR, OFB, XCBC (PRF and 96), CMAC.
*
* @return CRYSError_t - On success the value CRYS_OK is returned, and on failure - a value from crys_aes_error.h
*/
CIMPORT_C CRYSError_t CRYS_AES_Init(
CRYS_AESUserContext_t *ContextID_ptr,
CRYS_AES_IvCounter_t IVCounter_ptr,
CRYS_AES_Key_t Key_ptr,
CRYS_AES_KeySize_t KeySizeID,
CRYS_AES_EncryptMode_t EncryptDecryptFlag,
CRYS_AES_OperationMode_t OperationMode )
{
int symRc;
/* Aes key size bytes */
DxUint32_t keySizeBytes = 0;
/* pointer on SEP AES context struct*/
struct sep_ctx_cipher *pAesContext;
uint32_t keyAddr;
DX_CRYPTO_KEY_TYPE_t cryptoKeyType;
KeyPtrType_t keyPtrType;
/* FUNCTION LOGIC */
/* ............... local initializations .............................. */
/* -------------------------------------------------------------------- */
/* ............... checking the parameters validity ................... */
/* -------------------------------------------------------------------- */
/* if the users context ID pointer is DX_NULL return an error */
if( ContextID_ptr == DX_NULL ) {
return CRYS_AES_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* check if the operation mode is legal */
if( OperationMode >= CRYS_AES_NumOfModes || OperationMode == CRYS_AES_CCM_mode) {
return CRYS_AES_ILLEGAL_OPERATION_MODE_ERROR;
}
/* check if the OFB mode is supported */
#ifdef CRYS_NO_AES_OFB_SUPPORT
if(OperationMode == CRYS_AES_OFB_mode) {
return CRYS_AES_ILLEGAL_OPERATION_MODE_ERROR;
}
#endif
/* if the operation mode selected is CBC,CTS, MAC, CTR, XTS or OFB then check the validity of
the IV counter pointer (note: on XTS mode it is the Tweak pointer) */
if( ((OperationMode == CRYS_AES_CBC_mode) ||
(OperationMode == CRYS_AES_CTR_mode) ||
(OperationMode == CRYS_AES_MAC_mode) ||
(OperationMode == CRYS_AES_XTS_mode) ||
(OperationMode == CRYS_AES_CBC_CTS_mode) ||
(OperationMode == CRYS_AES_OFB_mode)) &&
(IVCounter_ptr == DX_NULL) ) {
return CRYS_AES_INVALID_IV_OR_TWEAK_PTR_ERROR;
}
/* in XCBC mode enable only key size = 128 bit */
if( (OperationMode == CRYS_AES_XCBC_MAC_mode) &&
(KeySizeID != CRYS_AES_Key128BitSize) ) {
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR;
}
/* check the Encrypt / Decrypt flag validity */
if ( EncryptDecryptFlag >= CRYS_AES_EncryptNumOfOptions ) {
return CRYS_AES_INVALID_ENCRYPT_MODE_ERROR;
}
/* in MAC,XCBC,CMAC modes enable only encrypt mode */
if( ((OperationMode == CRYS_AES_XCBC_MAC_mode) ||
(OperationMode == CRYS_AES_CMAC_mode) ||
(OperationMode == CRYS_AES_MAC_mode)) &&
(EncryptDecryptFlag != CRYS_AES_Encrypt) ) {
return CRYS_AES_DECRYPTION_NOT_ALLOWED_ON_THIS_MODE;
}
/* check the validity of the key pointer */
if ( Key_ptr == DX_NULL ) {
return CRYS_AES_INVALID_KEY_POINTER_ERROR;
}
if(getKeyDataFromKeyObj((uint8_t*)Key_ptr, &keyAddr, &cryptoKeyType, &keyPtrType, DX_AES_API_INIT) != CRYS_OK)
return CRYS_AES_INVALID_KEY_POINTER_ERROR;
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, (uint8_t *)keyAddr, KeySizeID * SEP_AES_128_BIT_KEY_SIZE) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_AESUserContext_t)) ||
((IVCounter_ptr != NULL) && DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, IVCounter_ptr, sizeof(CRYS_AES_IvCounter_t))) ) {
return CRYS_AES_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pAesContext = (struct sep_ctx_cipher *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_AESUserContext_t),
sizeof(struct sep_ctx_cipher));
pAesContext->alg = SEP_CRYPTO_ALG_AES;
pAesContext->mode = MakeSepAesMode(OperationMode);
pAesContext->direction = (enum sep_crypto_direction)EncryptDecryptFlag;
pAesContext->key_size = 0;
pAesContext->crypto_key_type = cryptoKeyType;
/* check key size in XTS mode */
if ( OperationMode == CRYS_AES_XTS_mode ) {
if( (KeySizeID != CRYS_AES_Key256BitSize) &&
(KeySizeID != CRYS_AES_Key512BitSize) ) {
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR;
}
} else if ( KeySizeID > CRYS_AES_Key256BitSize ) {
/* check the max key size for all modes besides XTS */
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR;
}
/* get AES_Key size in bytes */
switch( KeySizeID ) {
case CRYS_AES_Key128BitSize:
keySizeBytes = 16;
break;
case CRYS_AES_Key192BitSize:
keySizeBytes = 24;
break;
case CRYS_AES_Key256BitSize:
keySizeBytes = 32;
break;
case CRYS_AES_Key512BitSize:
keySizeBytes = 64;
break;
default:
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR; /*for preventing compiler warnings*/
}
/* HDCP max allowed key size is 16 bytes */
if ((pAesContext->crypto_key_type == DX_XOR_HDCP_KEY) && (keySizeBytes > 16)) {
return CRYS_AES_ILLEGAL_KEY_SIZE_ERROR;
}
DX_PAL_MemCopy(pAesContext->key, (uint8_t *)keyAddr, keySizeBytes);
pAesContext->key_size = keySizeBytes;
if (pAesContext->mode == SEP_CIPHER_XTS ) {
/* Divide by two (we have two keys of the same size) */
pAesContext->key_size >>= 1;
/* copy second half of the double-key as XEX-key */
DX_PAL_MemCopy(pAesContext->xex_key, (uint8_t*)keyAddr + pAesContext->key_size, pAesContext->key_size);
}
CIMPORT_C CRYSError_t CRYS_DES_Init( CRYS_DESUserContext_t *ContextID_ptr,
CRYS_DES_Iv_t IV_ptr,
CRYS_DES_Key_t *Key_ptr,
CRYS_DES_NumOfKeys_t NumOfKeys,
CRYS_DES_EncryptMode_t EncryptDecryptFlag,
CRYS_DES_OperationMode_t OperationMode )
{
int symRc = DX_RET_OK;
/* pointer on SEP DES context struct*/
struct sep_ctx_cipher *pDesContext;
/* ............... checking the parameters validity ................... */
/* -------------------------------------------------------------------- */
/* if the users context ID pointer is DX_NULL return an error */
if( ContextID_ptr == DX_NULL ) {
return CRYS_DES_INVALID_USER_CONTEXT_POINTER_ERROR;
}
/* check if the operation mode is legal */
if( OperationMode >= CRYS_DES_NumOfModes ) {
return CRYS_DES_ILLEGAL_OPERATION_MODE_ERROR;
}
/* if the operation mode selected is CBC then check the validity of
the IV counter pointer */
if( (OperationMode == CRYS_DES_CBC_mode) && (IV_ptr == DX_NULL) ) {
return CRYS_DES_INVALID_IV_PTR_ON_NON_ECB_MODE_ERROR;
}
/* If the number of keys in invalid return an error */
if( (NumOfKeys >= CRYS_DES_NumOfKeysOptions) || (NumOfKeys == 0) ) {
return CRYS_DES_ILLEGAL_NUM_OF_KEYS_ERROR;
}
/*check the valisity of the key pointer */
if( Key_ptr == DX_NULL ) {
return CRYS_DES_INVALID_KEY_POINTER_ERROR;
}
/* Check the Encrypt / Decrypt flag validity */
if( EncryptDecryptFlag >= CRYS_DES_EncryptNumOfOptions ) {
return CRYS_DES_INVALID_ENCRYPT_MODE_ERROR;
}
/* check validity for priv */
if ( DxCcAcl_IsBuffAccessOk(ACCESS_READ, Key_ptr, NumOfKeys * SEP_DES_ONE_KEY_SIZE) ||
DxCcAcl_IsBuffAccessOk(ACCESS_READ_WRITE, ContextID_ptr, sizeof(CRYS_DESUserContext_t)) ||
((IV_ptr != DX_NULL) && (DxCcAcl_IsBuffAccessOk(ACCESS_READ, IV_ptr, sizeof(CRYS_DES_Iv_t)))) ) {
return CRYS_DES_ILLEGAL_PARAMS_ERROR;
}
/* Get pointer to contiguous context in the HOST buffer */
pDesContext = (struct sep_ctx_cipher *)DX_InitUserCtxLocation(ContextID_ptr->buff,
sizeof(CRYS_DESUserContext_t),
sizeof(struct sep_ctx_cipher));
pDesContext->alg = SEP_CRYPTO_ALG_DES;
pDesContext->mode = MakeSepDesMode(OperationMode);
pDesContext->direction = (enum sep_crypto_direction)EncryptDecryptFlag;
pDesContext->key_size = NumOfKeys * SEP_DES_BLOCK_SIZE;
DX_PAL_MemCopy(pDesContext->key, Key_ptr, pDesContext->key_size);
if (pDesContext->mode == SEP_CIPHER_CBC) {
DX_PAL_MemCopy(pDesContext->block_state, IV_ptr, CRYS_DES_IV_SIZE_IN_BYTES);
}
symRc = SymDriverAdaptorInit((struct sep_ctx_generic *)pDesContext);
return DX_CRYS_RETURN_ERROR(symRc, 0, SymAdaptor2CrysDesErr);
}