forked from wolfSSL/wolfssl
add fix GCM use with CAAM SECO
This commit is contained in:
JacobBarthelmeh
@ -858,6 +858,7 @@ static hsm_err_t wc_SEC_AES_Common(unsigned int args[4], CAAM_BUFFER* buf,
|
|||||||
int sz, hsm_op_cipher_one_go_algo_t algo,
|
int sz, hsm_op_cipher_one_go_algo_t algo,
|
||||||
uint8_t* in, int inSz, uint8_t* out, int outSz)
|
uint8_t* in, int inSz, uint8_t* out, int outSz)
|
||||||
{
|
{
|
||||||
|
int dir;
|
||||||
hsm_hdl_t cipher_hdl;
|
hsm_hdl_t cipher_hdl;
|
||||||
open_svc_cipher_args_t open_args;
|
open_svc_cipher_args_t open_args;
|
||||||
op_cipher_one_go_args_t cipher_args;
|
op_cipher_one_go_args_t cipher_args;
|
||||||
@ -872,7 +873,8 @@ static hsm_err_t wc_SEC_AES_Common(unsigned int args[4], CAAM_BUFFER* buf,
|
|||||||
cipher_args.iv_size = buf[1].Length;
|
cipher_args.iv_size = buf[1].Length;
|
||||||
|
|
||||||
cipher_args.cipher_algo = algo;
|
cipher_args.cipher_algo = algo;
|
||||||
if (args[0] == CAAM_DEC) {
|
dir = args[0] & 0xFFFF; /* extract direction enc/dec from input args */
|
||||||
|
if (dir == CAAM_DEC) {
|
||||||
cipher_args.flags = HSM_CIPHER_ONE_GO_FLAGS_DECRYPT;
|
cipher_args.flags = HSM_CIPHER_ONE_GO_FLAGS_DECRYPT;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -928,8 +930,9 @@ static hsm_err_t wc_SECO_AESCCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
|
|||||||
hsm_err_t err;
|
hsm_err_t err;
|
||||||
uint8_t* in;
|
uint8_t* in;
|
||||||
uint8_t* out;
|
uint8_t* out;
|
||||||
int inSz;
|
int inSz;
|
||||||
int outSz;
|
int outSz;
|
||||||
|
int dir;
|
||||||
|
|
||||||
byte* cipherAndTag = NULL;
|
byte* cipherAndTag = NULL;
|
||||||
int cipherAndTagSz = 0;
|
int cipherAndTagSz = 0;
|
||||||
@ -952,7 +955,8 @@ static hsm_err_t wc_SECO_AESCCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
|
|||||||
cipherAndTagSz = buf[4].Length + buf[2].Length;
|
cipherAndTagSz = buf[4].Length + buf[2].Length;
|
||||||
cipherAndTag = (byte*)XMALLOC(cipherAndTagSz, NULL,
|
cipherAndTag = (byte*)XMALLOC(cipherAndTagSz, NULL,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (args[0] == CAAM_ENC) {
|
dir = args[0] & 0xFFFF; /* get if doing enc or dec */
|
||||||
|
if (dir == CAAM_ENC) {
|
||||||
in = (uint8_t*)buf[2].TheAddress;
|
in = (uint8_t*)buf[2].TheAddress;
|
||||||
inSz = buf[2].Length;
|
inSz = buf[2].Length;
|
||||||
out = cipherAndTag;
|
out = cipherAndTag;
|
||||||
@ -971,7 +975,7 @@ static hsm_err_t wc_SECO_AESCCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
|
|||||||
err = wc_SEC_AES_Common(args, buf, sz, HSM_CIPHER_ONE_GO_ALGO_AES_CCM,
|
err = wc_SEC_AES_Common(args, buf, sz, HSM_CIPHER_ONE_GO_ALGO_AES_CCM,
|
||||||
in, inSz, out, outSz);
|
in, inSz, out, outSz);
|
||||||
if (err == HSM_NO_ERROR) {
|
if (err == HSM_NO_ERROR) {
|
||||||
if (args[0] == CAAM_ENC) {
|
if (dir == CAAM_ENC) {
|
||||||
XMEMCPY((uint8_t*)buf[4].TheAddress, cipherAndTag + inSz,
|
XMEMCPY((uint8_t*)buf[4].TheAddress, cipherAndTag + inSz,
|
||||||
buf[4].Length);
|
buf[4].Length);
|
||||||
XMEMCPY((uint8_t*)buf[3].TheAddress, cipherAndTag, buf[3].Length);
|
XMEMCPY((uint8_t*)buf[3].TheAddress, cipherAndTag, buf[3].Length);
|
||||||
@ -994,14 +998,16 @@ static hsm_err_t wc_SECO_AESGCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
|
|||||||
int outSz;
|
int outSz;
|
||||||
byte* cipherAndTag = NULL;
|
byte* cipherAndTag = NULL;
|
||||||
int cipherAndTagSz = 0;
|
int cipherAndTagSz = 0;
|
||||||
|
int dir;
|
||||||
|
|
||||||
|
dir = args[0] & 0xFFFF; /* extract direction enc/dec from input args */
|
||||||
XMEMSET(&open_args, 0, sizeof(open_args));
|
XMEMSET(&open_args, 0, sizeof(open_args));
|
||||||
err = hsm_open_cipher_service(key_store_hdl, &open_args, &cipher_hdl);
|
err = hsm_open_cipher_service(key_store_hdl, &open_args, &cipher_hdl);
|
||||||
if (err == HSM_NO_ERROR) {
|
if (err == HSM_NO_ERROR) {
|
||||||
cipherAndTagSz = buf[4].Length + buf[2].Length;
|
cipherAndTagSz = buf[4].Length + buf[2].Length;
|
||||||
cipherAndTag = (byte*)XMALLOC(cipherAndTagSz, NULL,
|
cipherAndTag = (byte*)XMALLOC(cipherAndTagSz, NULL,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (args[0] == CAAM_ENC) {
|
if (dir == CAAM_ENC) {
|
||||||
in = (uint8_t*)buf[2].TheAddress;
|
in = (uint8_t*)buf[2].TheAddress;
|
||||||
inSz = buf[2].Length;
|
inSz = buf[2].Length;
|
||||||
out = cipherAndTag;
|
out = cipherAndTag;
|
||||||
@ -1027,7 +1033,7 @@ static hsm_err_t wc_SECO_AESGCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
|
|||||||
auth_args.aad = (uint8_t*)buf[5].TheAddress;
|
auth_args.aad = (uint8_t*)buf[5].TheAddress;
|
||||||
auth_args.aad_size = buf[5].Length;
|
auth_args.aad_size = buf[5].Length;
|
||||||
|
|
||||||
if (args[0] == CAAM_DEC) {
|
if (dir == CAAM_DEC) {
|
||||||
auth_args.flags = HSM_AUTH_ENC_FLAGS_DECRYPT;
|
auth_args.flags = HSM_AUTH_ENC_FLAGS_DECRYPT;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -1056,7 +1062,7 @@ static hsm_err_t wc_SECO_AESGCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (err == HSM_NO_ERROR) {
|
if (err == HSM_NO_ERROR) {
|
||||||
if (args[0] == CAAM_ENC) {
|
if (dir == CAAM_ENC) {
|
||||||
XMEMCPY((uint8_t*)buf[4].TheAddress, cipherAndTag + inSz,
|
XMEMCPY((uint8_t*)buf[4].TheAddress, cipherAndTag + inSz,
|
||||||
buf[4].Length);
|
buf[4].Length);
|
||||||
XMEMCPY((uint8_t*)buf[3].TheAddress, cipherAndTag, buf[3].Length);
|
XMEMCPY((uint8_t*)buf[3].TheAddress, cipherAndTag, buf[3].Length);
|
||||||
|
|||||||
Reference in New Issue
Block a user