summaryrefslogtreecommitdiff
path: root/board/cr50/dcrypto/aes.c
diff options
context:
space:
mode:
Diffstat (limited to 'board/cr50/dcrypto/aes.c')
-rw-r--r--board/cr50/dcrypto/aes.c55
1 files changed, 38 insertions, 17 deletions
diff --git a/board/cr50/dcrypto/aes.c b/board/cr50/dcrypto/aes.c
index 327ce67257..a4895b7a6f 100644
--- a/board/cr50/dcrypto/aes.c
+++ b/board/cr50/dcrypto/aes.c
@@ -38,8 +38,9 @@ static int wait_read_data(volatile uint32_t *addr)
return empty ? 0 : 1;
}
-int DCRYPTO_aes_init(const uint8_t *key, size_t key_len, const uint8_t *iv,
- enum cipher_mode c_mode, enum encrypt_mode e_mode)
+enum dcrypto_result dcrypto_aes_init(const uint8_t *key, size_t key_len,
+ const uint8_t *iv, enum cipher_mode c_mode,
+ enum encrypt_mode e_mode)
{
size_t i;
const struct access_helper *p;
@@ -57,9 +58,19 @@ int DCRYPTO_aes_init(const uint8_t *key, size_t key_len, const uint8_t *iv,
break;
default:
/* Invalid key length specified. */
- return 0;
+ return DCRYPTO_FAIL;
+ }
+
+ switch (c_mode) {
+ case CIPHER_MODE_ECB:
+ case CIPHER_MODE_CTR:
+ case CIPHER_MODE_CBC:
+ set_control_register(c_mode, key_mode, e_mode);
+ break;
+ default:
+ /* Invalid mode specified. */
+ return DCRYPTO_FAIL;
}
- set_control_register(c_mode, key_mode, e_mode);
/* Initialize hardware with AES key */
p = (struct access_helper *) key;
@@ -71,17 +82,26 @@ int DCRYPTO_aes_init(const uint8_t *key, size_t key_len, const uint8_t *iv,
/* Wait for key expansion. */
if (!wait_read_data(GREG32_ADDR(KEYMGR, AES_KEY_START))) {
/* Should not happen. */
- return 0;
+ return DCRYPTO_FAIL;
}
/* Initialize IV for modes that require it. */
if (iv)
DCRYPTO_aes_write_iv(iv);
- return 1;
+ return DCRYPTO_OK;
+}
+
+enum dcrypto_result DCRYPTO_aes_init(const uint8_t *key, size_t key_len,
+ const uint8_t *iv, enum cipher_mode c_mode,
+ enum encrypt_mode e_mode)
+{
+ if (!fips_crypto_allowed())
+ return DCRYPTO_FAIL;
+ return dcrypto_aes_init(key, key_len, iv, c_mode, e_mode);
}
-int DCRYPTO_aes_block(const uint8_t *in, uint8_t *out)
+enum dcrypto_result DCRYPTO_aes_block(const uint8_t *in, uint8_t *out)
{
int i;
uint32_t buf[4];
@@ -101,7 +121,7 @@ int DCRYPTO_aes_block(const uint8_t *in, uint8_t *out)
/* Wait for the result. */
if (!wait_read_data(GREG32_ADDR(KEYMGR, AES_RFIFO_EMPTY))) {
/* Should not happen, ciphertext not ready. */
- return 0;
+ return DCRYPTO_FAIL;
}
/* Read ciphertext. */
@@ -116,7 +136,7 @@ int DCRYPTO_aes_block(const uint8_t *in, uint8_t *out)
if (out != (uint8_t *)outw)
memcpy(out, outw, sizeof(buf));
- return 1;
+ return DCRYPTO_OK;
}
void DCRYPTO_aes_write_iv(const uint8_t *iv)
@@ -153,13 +173,14 @@ void DCRYPTO_aes_read_iv(uint8_t *iv)
memcpy(iv, ivw, sizeof(buf));
}
-int DCRYPTO_aes_ctr(uint8_t *out, const uint8_t *key, uint32_t key_bits,
- const uint8_t *iv, const uint8_t *in, size_t in_len)
+enum dcrypto_result DCRYPTO_aes_ctr(uint8_t *out, const uint8_t *key,
+ uint32_t key_bits, const uint8_t *iv,
+ const uint8_t *in, size_t in_len)
{
/* Initialize AES hardware. */
- if (!DCRYPTO_aes_init(key, key_bits, iv,
- CIPHER_MODE_CTR, ENCRYPT_MODE))
- return 0;
+ if (DCRYPTO_aes_init(key, key_bits, iv, CIPHER_MODE_CTR,
+ ENCRYPT_MODE) != DCRYPTO_OK)
+ return DCRYPTO_FAIL;
while (in_len > 0) {
uint32_t tmpin[4];
@@ -176,8 +197,8 @@ int DCRYPTO_aes_ctr(uint8_t *out, const uint8_t *key, uint32_t key_bits,
inp = in;
outp = out;
}
- if (!DCRYPTO_aes_block(inp, outp))
- return 0;
+ if (DCRYPTO_aes_block(inp, outp) != DCRYPTO_OK)
+ return DCRYPTO_FAIL;
if (outp != out)
memcpy(out, outp, count);
@@ -185,5 +206,5 @@ int DCRYPTO_aes_ctr(uint8_t *out, const uint8_t *key, uint32_t key_bits,
out += count;
in_len -= count;
}
- return 1;
+ return DCRYPTO_OK;
}
View Lorry Controller Status