diff options
-rw-r--r-- | board/cr50/dcrypto/aes.c | 69 | ||||
-rw-r--r-- | board/cr50/dcrypto/app_cipher.c | 161 | ||||
-rw-r--r-- | board/cr50/dcrypto/dcrypto_regs.h | 37 | ||||
-rw-r--r-- | board/cr50/dcrypto/gcm.c | 72 | ||||
-rw-r--r-- | board/cr50/dcrypto/internal.h | 3 |
5 files changed, 189 insertions, 153 deletions
diff --git a/board/cr50/dcrypto/aes.c b/board/cr50/dcrypto/aes.c index a4895b7a6f..e2d80a0795 100644 --- a/board/cr50/dcrypto/aes.c +++ b/board/cr50/dcrypto/aes.c @@ -3,26 +3,33 @@ * found in the LICENSE file. */ -#include "dcrypto.h" #include "internal.h" -#include "registers.h" +#include "dcrypto_regs.h" +/** + * Define KEYMGR AES access structure. + */ +static volatile struct keymgr_aes *reg_aes = (void *)(GC_KEYMGR_BASE_ADDR); -static void set_control_register( - unsigned mode, unsigned key_size, unsigned encrypt) +static void set_control_register(enum cipher_mode mode, uint32_t key_size, + enum encrypt_mode encrypt) { - GWRITE_FIELD(KEYMGR, AES_CTRL, RESET, CTRL_NO_SOFT_RESET); - GWRITE_FIELD(KEYMGR, AES_CTRL, KEYSIZE, key_size); - GWRITE_FIELD(KEYMGR, AES_CTRL, CIPHER_MODE, mode); - GWRITE_FIELD(KEYMGR, AES_CTRL, ENC_MODE, encrypt); - GWRITE_FIELD(KEYMGR, AES_CTRL, CTR_ENDIAN, CTRL_CTR_BIG_ENDIAN); - GWRITE_FIELD(KEYMGR, AES_CTRL, ENABLE, CTRL_ENABLE); + /* Make sure we don't use key coming from keyladder. */ + reg_aes->use_hidden_key = GC_KEYMGR_AES_USE_HIDDEN_KEY_ENABLE_DEFAULT; + /* Bring AES engine FIFO into known state. */ + reg_aes->ctrl = GC_KEYMGR_AES_CTRL_RESET_MASK; + reg_aes->ctrl = + (CTRL_NO_SOFT_RESET << GC_KEYMGR_AES_CTRL_RESET_LSB) | + (key_size << GC_KEYMGR_AES_CTRL_KEYSIZE_LSB) | + (mode << GC_KEYMGR_AES_CTRL_CIPHER_MODE_LSB) | + (encrypt << GC_KEYMGR_AES_CTRL_ENC_MODE_LSB) | + (CTRL_CTR_BIG_ENDIAN << GC_KEYMGR_AES_CTRL_CTR_ENDIAN_LSB) | + (CTRL_ENABLE << GC_KEYMGR_AES_CTRL_ENABLE_LSB); /* Turn off random nops (which are enabled by default). */ - GWRITE_FIELD(KEYMGR, AES_RAND_STALL_CTL, STALL_EN, 0); - /* Configure random nop percentage at 25%. */ - GWRITE_FIELD(KEYMGR, AES_RAND_STALL_CTL, FREQ, 1); - /* Now turn on random nops. */ - GWRITE_FIELD(KEYMGR, AES_RAND_STALL_CTL, STALL_EN, 1); + reg_aes->rand_stall = 0; + /* Configure random nop percentage at 25%, turn on random nops. */ + reg_aes->rand_stall = (1 << GC_KEYMGR_AES_RAND_STALL_CTL_FREQ_LSB) | + GC_KEYMGR_AES_RAND_STALL_CTL_STALL_EN_MASK; } static int wait_read_data(volatile uint32_t *addr) @@ -75,12 +82,12 @@ enum dcrypto_result dcrypto_aes_init(const uint8_t *key, size_t key_len, /* Initialize hardware with AES key */ p = (struct access_helper *) key; for (i = 0; i < (key_len >> 5); i++) - GR_KEYMGR_AES_KEY(i) = p[i].udata; + reg_aes->key[i] = p[i].udata; /* Trigger key expansion. */ - GREG32(KEYMGR, AES_KEY_START) = 1; + reg_aes->key_start = 1; /* Wait for key expansion. */ - if (!wait_read_data(GREG32_ADDR(KEYMGR, AES_KEY_START))) { + if (!wait_read_data(®_aes->key_start)) { /* Should not happen. */ return DCRYPTO_FAIL; } @@ -103,10 +110,9 @@ enum dcrypto_result DCRYPTO_aes_init(const uint8_t *key, size_t key_len, enum dcrypto_result DCRYPTO_aes_block(const uint8_t *in, uint8_t *out) { - int i; uint32_t buf[4]; const uint32_t *inw; - uint32_t *outw; + uint32_t *outw, *outw2; if (is_not_aligned(in)) { memcpy(buf, in, sizeof(buf)); @@ -114,27 +120,16 @@ enum dcrypto_result DCRYPTO_aes_block(const uint8_t *in, uint8_t *out) } else inw = (const uint32_t *)in; - /* Write plaintext. */ - for (i = 0; i < 4; i++) - GREG32(KEYMGR, AES_WFIFO_DATA) = inw[i]; - - /* Wait for the result. */ - if (!wait_read_data(GREG32_ADDR(KEYMGR, AES_RFIFO_EMPTY))) { - /* Should not happen, ciphertext not ready. */ - return DCRYPTO_FAIL; - } - - /* Read ciphertext. */ if (is_not_aligned(out)) outw = buf; else outw = (uint32_t *)out; - for (i = 0; i < 4; i++) - outw[i] = GREG32(KEYMGR, AES_RFIFO_DATA); + outw2 = outw; + dcrypto_aes_process(&outw, &inw, 16); - if (out != (uint8_t *)outw) - memcpy(out, outw, sizeof(buf)); + if (out != (uint8_t *)outw2) + memcpy(out, outw2, sizeof(buf)); return DCRYPTO_OK; } @@ -152,7 +147,7 @@ void DCRYPTO_aes_write_iv(const uint8_t *iv) ivw = (uint32_t *)iv; for (i = 0; i < 4; i++) - GR_KEYMGR_AES_CTR(i) = ivw[i]; + reg_aes->counter[i] = ivw[i]; } void DCRYPTO_aes_read_iv(uint8_t *iv) @@ -167,7 +162,7 @@ void DCRYPTO_aes_read_iv(uint8_t *iv) ivw = (uint32_t *)iv; for (i = 0; i < 4; i++) - ivw[i] = GR_KEYMGR_AES_CTR(i); + ivw[i] = reg_aes->counter[i]; if (iv != (uint8_t *)ivw) memcpy(iv, ivw, sizeof(buf)); diff --git a/board/cr50/dcrypto/app_cipher.c b/board/cr50/dcrypto/app_cipher.c index 004db6bd6c..cf862d246e 100644 --- a/board/cr50/dcrypto/app_cipher.c +++ b/board/cr50/dcrypto/app_cipher.c @@ -6,123 +6,121 @@ #include "crypto_api.h" #include "internal.h" #include "registers.h" - -/* The default build options compile for size (-Os); instruct the - * compiler to optimize for speed here. Incidentally -O produces - * faster code than -O2! +#include "dcrypto_regs.h" +/** + * Define KEYMGR AES access structure. */ -static int __optimize("O") inner_loop(uint32_t **out, const uint32_t **in, - size_t len) -{ - uint32_t *outw = *out; - const uint32_t *inw = *in; - - while (len >= 16) { - uint32_t w0, w1, w2, w3; - - w0 = inw[0]; - w1 = inw[1]; - w2 = inw[2]; - w3 = inw[3]; - GREG32(KEYMGR, AES_WFIFO_DATA) = w0; - GREG32(KEYMGR, AES_WFIFO_DATA) = w1; - GREG32(KEYMGR, AES_WFIFO_DATA) = w2; - GREG32(KEYMGR, AES_WFIFO_DATA) = w3; +static volatile struct keymgr_aes *reg_aes = (void *)(GC_KEYMGR_BASE_ADDR); - while (GREG32(KEYMGR, AES_RFIFO_EMPTY)) - ; - - w0 = GREG32(KEYMGR, AES_RFIFO_DATA); - w1 = GREG32(KEYMGR, AES_RFIFO_DATA); - w2 = GREG32(KEYMGR, AES_RFIFO_DATA); - w3 = GREG32(KEYMGR, AES_RFIFO_DATA); - outw[0] = w0; - outw[1] = w1; - outw[2] = w2; - outw[3] = w3; - - inw += 4; - outw += 4; - len -= 16; - } +static inline void read_aes_fifo(uint32_t *outw) +{ + uint32_t w0, w1, w2, w3; + + w0 = reg_aes->rfifo_data; + w1 = reg_aes->rfifo_data; + w2 = reg_aes->rfifo_data; + w3 = reg_aes->rfifo_data; + outw[0] = w0; + outw[1] = w1; + outw[2] = w2; + outw[3] = w3; +} - *in = inw; - *out = outw; - return len; +static inline void write_aes_fifo(const uint32_t *inw) +{ + uint32_t w0, w1, w2, w3; + + w0 = inw[0]; + w1 = inw[1]; + w2 = inw[2]; + w3 = inw[3]; + reg_aes->wfifo_data = w0; + reg_aes->wfifo_data = w1; + reg_aes->wfifo_data = w2; + reg_aes->wfifo_data = w3; } -static int outer_loop(uint32_t **out, const uint32_t **in, size_t len) +/* The default build options compile for size (-Os); instruct the + * compiler to optimize for speed here. Incidentally -O produces + * faster code than -O2! + * + * AES FIFOs are 32-bits wide by 16 entries deep (64-Bytes), so to + * get maximum throughput try to load it at least at 50% and that's why we don't + * read after the first 4 words are loaded, unless they are the only 4 words + */ +size_t __optimize("O") + dcrypto_aes_process(uint32_t **out, const uint32_t **in, size_t len) { uint32_t *outw = *out; const uint32_t *inw = *in; if (len >= 16) { - GREG32(KEYMGR, AES_WFIFO_DATA) = inw[0]; - GREG32(KEYMGR, AES_WFIFO_DATA) = inw[1]; - GREG32(KEYMGR, AES_WFIFO_DATA) = inw[2]; - GREG32(KEYMGR, AES_WFIFO_DATA) = inw[3]; + write_aes_fifo(inw); inw += 4; len -= 16; - len = inner_loop(&outw, &inw, len); + while (len >= 16) { + write_aes_fifo(inw); + inw += 4; + len -= 16; + while (reg_aes->rfifo_empty) + ; - while (GREG32(KEYMGR, AES_RFIFO_EMPTY)) + read_aes_fifo(outw); + outw += 4; + } + while (reg_aes->rfifo_empty) ; - outw[0] = GREG32(KEYMGR, AES_RFIFO_DATA); - outw[1] = GREG32(KEYMGR, AES_RFIFO_DATA); - outw[2] = GREG32(KEYMGR, AES_RFIFO_DATA); - outw[3] = GREG32(KEYMGR, AES_RFIFO_DATA); + read_aes_fifo(outw); outw += 4; } - - *in = inw; + *in = inw; *out = outw; return len; } -static int aes_init(enum dcrypto_appid appid, const uint32_t iv[4]) +static int aes_init(enum dcrypto_appid appid) { + uint32_t aes_config; + /* Setup USR-based application key. */ if (!DCRYPTO_appkey_init(appid)) return 0; /* Configure AES engine. */ - GWRITE_FIELD(KEYMGR, AES_CTRL, RESET, CTRL_NO_SOFT_RESET); - GWRITE_FIELD(KEYMGR, AES_CTRL, KEYSIZE, 2 /* AES-256 */); - GWRITE_FIELD(KEYMGR, AES_CTRL, CIPHER_MODE, CIPHER_MODE_CTR); - GWRITE_FIELD(KEYMGR, AES_CTRL, ENC_MODE, ENCRYPT_MODE); - GWRITE_FIELD(KEYMGR, AES_CTRL, CTR_ENDIAN, CTRL_CTR_BIG_ENDIAN); + aes_config = (CTRL_NO_SOFT_RESET << GC_KEYMGR_AES_CTRL_RESET_LSB) | + (2 << GC_KEYMGR_AES_CTRL_KEYSIZE_LSB) | + (CIPHER_MODE_CTR << GC_KEYMGR_AES_CTRL_CIPHER_MODE_LSB) | + (ENCRYPT_MODE << GC_KEYMGR_AES_CTRL_ENC_MODE_LSB) | + (CTRL_CTR_BIG_ENDIAN << GC_KEYMGR_AES_CTRL_CTR_ENDIAN_LSB); + reg_aes->ctrl = aes_config; /* * For fixed-key, bulk ciphering, turn off random nops (which * are enabled by default). */ - GWRITE_FIELD(KEYMGR, AES_RAND_STALL_CTL, STALL_EN, 0); + reg_aes->rand_stall = 0; /* Enable hidden key usage, each appid gets its own * USR, with USR0 starting at 0x2a0. */ - GWRITE_FIELD(KEYMGR, AES_USE_HIDDEN_KEY, INDEX, - 0x2a0 + (appid * 2)); - GWRITE_FIELD(KEYMGR, AES_USE_HIDDEN_KEY, ENABLE, 1); - GWRITE_FIELD(KEYMGR, AES_CTRL, ENABLE, CTRL_ENABLE); + reg_aes->use_hidden_key = GC_KEYMGR_AES_USE_HIDDEN_KEY_ENABLE_MASK | + ((0x2a0 + (appid * 2)) + << GC_KEYMGR_AES_USE_HIDDEN_KEY_INDEX_LSB); + + reg_aes->ctrl = aes_config | + (CTRL_ENABLE << GC_KEYMGR_AES_CTRL_ENABLE_LSB); /* Wait for key-expansion. */ - GREG32(KEYMGR, AES_KEY_START) = 1; - while (GREG32(KEYMGR, AES_KEY_START)) + reg_aes->key_start = 1; + while (reg_aes->key_start) ; /* Check for errors (e.g. USR not correctly setup. */ if (GREG32(KEYMGR, HKEY_ERR_FLAGS)) return 0; - /* Set IV. */ - GR_KEYMGR_AES_CTR(0) = iv[0]; - GR_KEYMGR_AES_CTR(1) = iv[1]; - GR_KEYMGR_AES_CTR(2) = iv[2]; - GR_KEYMGR_AES_CTR(3) = iv[3]; - return 1; } @@ -138,15 +136,14 @@ int DCRYPTO_app_cipher(enum dcrypto_appid appid, const void *salt, { /* Initialize key, and AES engine. */ - uint32_t iv[4]; - - BUILD_ASSERT(sizeof(iv) == CIPHER_SALT_SIZE); - memcpy(iv, salt, sizeof(iv)); - if (!aes_init(appid, iv)) + BUILD_ASSERT(CIPHER_SALT_SIZE == 16); + if (!aes_init(appid)) return 0; + /* Set IV. */ + DCRYPTO_aes_write_iv(salt); } - len = outer_loop(&outw, &inw, len); + len = dcrypto_aes_process(&outw, &inw, len); if (len) { /* Cipher the final partial block */ @@ -159,7 +156,7 @@ int DCRYPTO_app_cipher(enum dcrypto_appid appid, const void *salt, tmpoutw = tmpout; memcpy(tmpin, inw, len); - outer_loop(&tmpoutw, &tmpinw, 16); + dcrypto_aes_process(&tmpoutw, &tmpinw, 16); memcpy(outw, tmpout, len); } @@ -283,7 +280,7 @@ static int prepare_running(struct test_info *pinfo) static int basic_check(struct test_info *pinfo) { size_t half; - int i; + size_t i; uint32_t *p; ccprintf("original data %ph\n", HEX_BUF(pinfo->p, 16)); @@ -291,7 +288,7 @@ static int basic_check(struct test_info *pinfo) half = (pinfo->test_blob_size/2) & ~3; if (!DCRYPTO_app_cipher(NVMEM, pinfo->p, pinfo->p, pinfo->p + half, half)) { - ccprintf("first ecnryption run failed\n"); + ccprintf("first encryption run failed\n"); return EC_ERROR_UNKNOWN; } @@ -341,7 +338,7 @@ static int command_loop(struct test_info *pinfo) *p_last_byte = last_byte; - if (!(iteration % 500)) + if (!(iteration % 512)) watchdog_reload(); tstamp = get_time().val; diff --git a/board/cr50/dcrypto/dcrypto_regs.h b/board/cr50/dcrypto/dcrypto_regs.h index 7a524220fe..6d118f750a 100644 --- a/board/cr50/dcrypto/dcrypto_regs.h +++ b/board/cr50/dcrypto/dcrypto_regs.h @@ -29,7 +29,42 @@ extern "C" { #endif #include "registers.h" - +/** + * AES/GCM part of KEYMGR starting offset 0x000 + */ +struct keymgr_aes { + uint32_t ctrl; /* KEYMGR_AES_CTRL */ + const uint32_t _pad0; + uint32_t wfifo_data; /*KEYMGR_AES_WFIFO_DATA */ + const uint32_t rfifo_data; /* KEYMGR_AES_RFIFO_DATA */ + const uint32_t _pad1[7]; + uint32_t key[8]; /* KEYMGR_AES_KEY0 .. 7 */ + uint32_t key_start; /* KEYMGR_AES_KEY_START */ + uint32_t counter[4]; /* KEYMGR_AES_CTR0 .. 3 */ + uint32_t rand_stall; /* KEYMGR_AES_RAND_STALL_CTL */ + uint32_t wfifo_level; /* KEYMGR_AES_WFIFO_LEVEL */ + uint32_t wfifo_full; /* KEYMGR_AES_WFIFO_FULL */ + uint32_t rfifo_level; /* KEYMGR_AES_RFIFO_LEVEL */ + uint32_t rfifo_empty; /* KEYMGR_AES_RFIFO_EMPTY */ + const uint32_t execute_count_state; /* KEYMGR_AES_EXECUTE_COUNT_STATE */ + uint32_t execute_count_max; /* KEYMGR_AES_EXECUTE_COUNT_MAX */ + uint32_t gcm_do_acc; /* KEYMGR_GCM_DO_ACC */ + uint32_t gcm_h[4]; /* KEYMGR_GCM_H0 .. 3 */ + uint32_t gcm_mac[4]; /* KEYMGR_GCM_MAC0 .. 3 */ + uint32_t gcm_hash_in[4]; /* KEYMGR_GCM_HASH_IN0 .. 3 */ + uint32_t wipe_secrets; /* KEYMGR_AES_WIPE_SECRETS */ + uint32_t int_enable; /* KEYMGR_AES_INT_ENABLE */ + uint32_t int_state; /* KEYMGR_AES_INT_STATE */ + uint32_t int_test; /* KEYMGR_AES_INT_TEST */ + uint32_t use_hidden_key; /* KEYMGR_AES_USE_HIDDEN_KEY */ +}; +BUILD_ASSERT(offsetof(struct keymgr_aes, wfifo_data) == + GC_KEYMGR_AES_WFIFO_DATA_OFFSET); +BUILD_ASSERT(offsetof(struct keymgr_aes, key) == GC_KEYMGR_AES_KEY0_OFFSET); +BUILD_ASSERT(offsetof(struct keymgr_aes, counter) == GC_KEYMGR_AES_CTR0_OFFSET); +BUILD_ASSERT(offsetof(struct keymgr_aes, gcm_h) == GC_KEYMGR_GCM_H0_OFFSET); +BUILD_ASSERT(offsetof(struct keymgr_aes, use_hidden_key) == + GC_KEYMGR_AES_USE_HIDDEN_KEY_OFFSET); /** * SHA/HMAC part of KEYMGR starting offset 0x400 diff --git a/board/cr50/dcrypto/gcm.c b/board/cr50/dcrypto/gcm.c index ff57a1e635..96e8b1dbae 100644 --- a/board/cr50/dcrypto/gcm.c +++ b/board/cr50/dcrypto/gcm.c @@ -3,39 +3,38 @@ * found in the LICENSE file. */ -#include "dcrypto.h" #include "internal.h" #include "registers.h" - +#include "dcrypto_regs.h" #include "endian.h" +/** + * Define KEYMGR AES access structure. + */ +static volatile struct keymgr_aes *reg_aes = (void *)(GC_KEYMGR_BASE_ADDR); + static void gcm_mul(uint32_t *counter) { - int i; - volatile uint32_t *p; + size_t i; /* Set HASH to zero. */ - p = GREG32_ADDR(KEYMGR, GCM_HASH_IN0); for (i = 0; i < 4; i++) - *p++ = 0; + reg_aes->gcm_hash_in[i] = 0; /* Initialize GMAC. */ - p = GREG32_ADDR(KEYMGR, GCM_MAC0); for (i = 0; i < 4; i++) - *p++ = counter[i]; + reg_aes->gcm_mac[i] = counter[i]; /* Crank GMAC. */ - GREG32(KEYMGR, GCM_DO_ACC) = 1; + reg_aes->gcm_do_acc = 1; /* Read GMAC. */ - p = GREG32_ADDR(KEYMGR, GCM_MAC0); for (i = 0; i < 4; i++) - counter[i] = *p++; + counter[i] = reg_aes->gcm_mac[i]; /* Reset GMAC. */ - p = GREG32_ADDR(KEYMGR, GCM_MAC0); for (i = 0; i < 4; ++i) - *p++ = 0; + reg_aes->gcm_mac[i] = 0; } static void gcm_init_iv( @@ -83,8 +82,8 @@ static void gcm_init_iv( void DCRYPTO_gcm_init(struct GCM_CTX *ctx, uint32_t key_bits, const uint8_t *key, const uint8_t *iv, size_t iv_len) { - int i; - const uint32_t zero[4] = {0, 0, 0, 0}; + size_t i; + static const uint32_t zero[4] = {0, 0, 0, 0}; uint32_t H[4]; uint32_t counter[4]; @@ -98,38 +97,45 @@ void DCRYPTO_gcm_init(struct GCM_CTX *ctx, uint32_t key_bits, /* Initialize the GMAC accumulator to ZERO. */ for (i = 0; i < 4; i++) - GR_KEYMGR_GCM_MAC(i) = zero[i]; + reg_aes->gcm_mac[i] = 0; /* Initialize H. */ for (i = 0; i < 4; i++) - GR_KEYMGR_GCM_H(i) = H[i]; + reg_aes->gcm_h[i] = H[i]; /* Map the IV to a 128-bit counter. */ gcm_init_iv(iv, iv_len, counter); /* Re-initialize the IV counter. */ for (i = 0; i < 4; i++) - GR_KEYMGR_AES_CTR(i) = counter[i]; + reg_aes->counter[i] = counter[i]; /* Calculate Ej0: encrypt IV counter XOR ZERO. */ DCRYPTO_aes_block((const uint8_t *) zero, ctx->Ej0.c); } -static void gcm_aad_block(const struct GCM_CTX *ctx, const uint32_t *block) +static void gcm_aad_block(const struct GCM_CTX *ctx, const void *block) { - int i; - const struct access_helper *p = (struct access_helper *) block; + size_t i; + uint32_t buf[4]; + const uint32_t *p; + + if (is_not_aligned(block)) { + memcpy(buf, block, 16); + p = buf; + } else + p = block; if (ctx->aad_len == 0 && ctx->count <= 16) { /* Update GMAC. */ for (i = 0; i < 4; i++) - GR_KEYMGR_GCM_MAC(i) = p[i].udata; + reg_aes->gcm_mac[i] = p[i]; } else { for (i = 0; i < 4; i++) - GR_KEYMGR_GCM_HASH_IN(i) = p[i].udata; + reg_aes->gcm_hash_in[i] = p[i]; /* Crank GMAC. */ - GREG32(KEYMGR, GCM_DO_ACC) = 1; + reg_aes->gcm_do_acc = 1; } } @@ -173,7 +179,7 @@ int DCRYPTO_gcm_encrypt(struct GCM_CTX *ctx, uint8_t *out, size_t out_len, DCRYPTO_aes_block(ctx->block.c, outp); ctx->count += 16; - gcm_aad_block(ctx, (uint32_t *) outp); + gcm_aad_block(ctx, outp); ctx->remainder = 0; in += count; in_len -= count; @@ -184,7 +190,7 @@ int DCRYPTO_gcm_encrypt(struct GCM_CTX *ctx, uint8_t *out, size_t out_len, DCRYPTO_aes_block(in, outp); ctx->count += 16; - gcm_aad_block(ctx, (uint32_t *) outp); + gcm_aad_block(ctx, outp); in_len -= 16; in += 16; @@ -304,23 +310,23 @@ static void dcrypto_gcm_len_vector( static void dcrypto_gcm_tag(const struct GCM_CTX *ctx, const uint32_t *len_vector, uint32_t *tag) { - int i; + size_t i; for (i = 0; i < 4; i++) - GR_KEYMGR_GCM_HASH_IN(i) = len_vector[i]; + reg_aes->gcm_hash_in[i] = len_vector[i]; /* Crank GMAC. */ - GREG32(KEYMGR, GCM_DO_ACC) = 1; + reg_aes->gcm_do_acc = 1; for (i = 0; i < 4; i++) - GR_KEYMGR_GCM_HASH_IN(i) = ctx->Ej0.d[i]; + reg_aes->gcm_hash_in[i] = ctx->Ej0.d[i]; /* Crank GMAC. */ - GREG32(KEYMGR, GCM_DO_ACC) = 1; + reg_aes->gcm_do_acc = 1; /* Read tag. */ for (i = 0; i < 4; i++) - tag[i] = GR_KEYMGR_GCM_MAC(i); + tag[i] = reg_aes->gcm_mac[i]; } int DCRYPTO_gcm_tag(struct GCM_CTX *ctx, uint8_t *tag, size_t tag_len) @@ -339,5 +345,5 @@ int DCRYPTO_gcm_tag(struct GCM_CTX *ctx, uint8_t *tag, size_t tag_len) void DCRYPTO_gcm_finish(struct GCM_CTX *ctx) { always_memset(ctx, 0, sizeof(struct GCM_CTX)); - GREG32(KEYMGR, AES_WIPE_SECRETS) = 1; + reg_aes->wipe_secrets = 1; } diff --git a/board/cr50/dcrypto/internal.h b/board/cr50/dcrypto/internal.h index 706baeaa17..f69ce4d059 100644 --- a/board/cr50/dcrypto/internal.h +++ b/board/cr50/dcrypto/internal.h @@ -778,6 +778,9 @@ __always_inline enum dcrypto_result dcrypto_ok_if_zero(uintptr_t val) DCRYPTO_OK); } +/* Process blocks using configured AES engine. */ +size_t dcrypto_aes_process(uint32_t **out, const uint32_t **in, size_t len); + /* * Key ladder. */ |