1 /**
2 ******************************************************************************
3 * @file rtl8721dhp_crypto_ram.c
4 * @author
5 * @version V1.0.0
6 * @date 2017-10-10
7 * @brief This file provides firmware functions to manage the following
8 * functionalities of the HW crypto:
9 * - Crypto initialization
10 * - Auth and cipher initialization
11 * - Descriptor setting
12 * - key/IV/PAD setting
13 * - Auth process/update/final
14 * - Cipher encrypt/decrypt
15 *
16 ******************************************************************************
17 * @attention
18 *
19 * This module is a confidential and proprietary property of RealTek and
20 * possession or use of this module requires written permission of RealTek.
21 *
22 * Copyright(c) 2017, Realtek Semiconductor Corporation. All rights reserved.
23 ******************************************************************************
24 */
25
26 #include "ameba_soc.h"
27 #include "osdep_service.h"
28
29 ALIGNMTO(32) static u8 ipsec_padding[64] = { 0x0 };
30
31 extern HAL_CRYPTO_ADAPTER crypto_engine ALIGNMTO(32);
32
33 /**
34 * @brief Sequential hash process.
35 * @param pDigest: Sequential hash result.
36 * @note There exist two buffers : last_message and seq_buf;
37 * last_message : store the previous message pointer.
38 * seq_buf : store the data less than 64.
39 * @retval Process status.
40 */
41 IMAGE2_RAM_TEXT_SECTION
CRYPTO_SendSeqBuf(u8 * pDigest)42 int CRYPTO_SendSeqBuf(u8 *pDigest)
43 {
44 HAL_CRYPTO_ADAPTER *pIE = &crypto_engine;
45 int ret = SUCCESS;
46 const u8* pIV = NULL;
47 const u32 ivlen = 0;
48 const u32 a2eo = 0;
49
50 int total_len = pIE->hmac_seq_last_msglen;
51 int buf_pos = pIE->hmac_seq_buf_is_used_bytes;
52 int rest_bytes = 64 - buf_pos;
53 int bodylen, restlen;
54
55 if ( total_len < rest_bytes ) { //store into seq buf
56 _memcpy((void*)(&pIE->hmac_seq_buf[buf_pos]), (const void*)(pIE->hmac_seq_last_message), total_len);
57 pIE->hmac_seq_buf_is_used_bytes += total_len;
58 } else {
59 // send out a seq buf if the seq buf is the last and length is 64-byte
60 _memcpy((void*)(&pIE->hmac_seq_buf[buf_pos]), (const void*)(pIE->hmac_seq_last_message), rest_bytes);
61 ret = CRYPTO_ProcessAD(pIE, (u8*)(pIE->hmac_seq_buf), 64, pIV, ivlen, NULL, a2eo, (total_len == rest_bytes)?pDigest:NULL, NULL);
62 if ( ret != SUCCESS ) return ret;
63
64 pIE->hmac_seq_buf_is_used_bytes = 0;
65 buf_pos = 0;
66
67 total_len -= rest_bytes;
68 pIE->hmac_seq_last_msglen = total_len;
69 pIE->hmac_seq_last_message += rest_bytes;
70
71 //send out all 64-byte align message
72 restlen = total_len & 0x3F;
73 bodylen = total_len - restlen;
74 if ( bodylen > 0 ) { // there are 64x messages
75 ret = CRYPTO_ProcessAD(pIE, pIE->hmac_seq_last_message, bodylen, pIV, ivlen, NULL, a2eo, (restlen==0)?pDigest:NULL, NULL);
76 if ( ret != SUCCESS ) return ret;
77 pIE->hmac_seq_last_message += bodylen;
78 }
79
80 // backup the rest
81 if ( restlen > 0 ) {
82 _memcpy((void*)(&pIE->hmac_seq_buf[0]), (const void*)(pIE->hmac_seq_last_message), restlen);
83 }
84 pIE->hmac_seq_buf_is_used_bytes = restlen;
85 }
86
87 if ( (pDigest != NULL) &&(pIE->hmac_seq_buf_is_used_bytes > 0) ) { // last one
88 ret = CRYPTO_ProcessAD(pIE, (u8*)(pIE->hmac_seq_buf), pIE->hmac_seq_buf_is_used_bytes, pIV, ivlen, NULL, a2eo, pDigest, NULL);
89 }
90
91 return ret;
92 }
93
94 /**
95 * @brief Crypto memory dump.
96 * @param start: Point to start address of memory to be dumped.
97 * @param size: The memory length.
98 * @param strHeader: String at the begining of dump.
99 * @retval None
100 */
101 IMAGE2_RAM_TEXT_SECTION
CRYPTO_MemDump(const u8 * start,u32 size,char * strHeader)102 void CRYPTO_MemDump(const u8 *start, u32 size, char * strHeader)
103 {
104 int row, column, index, index2, max;
105 u8 *buf, *line;
106
107 if(!start ||(size==0))
108 return;
109
110 line = (u8*)start;
111
112 /*
113 16 bytes per line
114 */
115 if (strHeader)
116 DiagPrintf ("%s", strHeader);
117
118 column = size % 16;
119 row = (size / 16) + 1;
120 for (index = 0; index < row; index++, line += 16)
121 {
122 buf = (u8*)line;
123
124 max = (index == row - 1) ? column : 16;
125 if ( max==0 )
126 break; /* If we need not dump this line, break it. */
127
128 DiagPrintf ("\n[%08x] ", line);
129
130 //Hex
131 for (index2 = 0; index2 < max; index2++)
132 {
133 if (index2 == 8)
134 DiagPrintf (" ");
135 DiagPrintf ("%02x ", (u8) buf[index2]);
136 }
137
138 if (max != 16)
139 {
140 if (max < 8)
141 DiagPrintf (" ");
142 for (index2 = 16 - max; index2 > 0; index2--)
143 DiagPrintf (" ");
144 }
145
146 }
147
148 DiagPrintf ("\n");
149 }
150
151 /**
152 * @brief dump crypto engine register for debug.
153 * @param None
154 * @retval None
155 */
156 IMAGE2_RAM_TEXT_SECTION
CRYPTO_RegDump(void)157 void CRYPTO_RegDump(void)
158 {
159 IPSEC_TypeDef* IPSEC = (IPSEC_TypeDef*) CRYPTO_REG_BASE;
160
161 if (TrustZone_IsSecure()) {
162 IPSEC = (IPSEC_TypeDef*) CRYPTOS_REG_BASE;
163 }
164
165 DiagPrintf("=========================================\n");
166 DiagPrintf("Crypto Engine Registers\n");
167 DiagPrintf("=========================================\n");
168
169 DiagPrintf(" SDSR : %08x\n", IPSEC->SDSR);
170 DiagPrintf(" SDFW : %08x\n", IPSEC->SDFW);
171 DiagPrintf(" SDSW : %08x\n", IPSEC->SDSW);
172 DiagPrintf(" RST_ISR_CON : %08x\n", IPSEC->RST_ISR_CON);
173 DiagPrintf(" IMR : %08x\n", IPSEC->IMR);
174 DiagPrintf(" DEBUG : %08x\n", IPSEC->DEBUG);
175 DiagPrintf(" ERR_STAT : %08x\n", IPSEC->ERR_STAT);
176 DiagPrintf(" A2EO_SUM : %08x\n", IPSEC->A2EO_SUM);
177 DiagPrintf(" ENL_SUM : %08x\n", IPSEC->ENL_SUM);
178 DiagPrintf(" APL_SUM : %08x\n", IPSEC->APL_SUM);
179 DiagPrintf(" EPL_SUM : %08x\n", IPSEC->EPL_SUM);
180 DiagPrintf(" SWAP_BURST : %08x\n", IPSEC->SWAP_BURST);
181 DiagPrintf(" ENG_DBG : %08x\n", IPSEC->ENG_DBG);
182 DiagPrintf(" DMA_LX_DBG : %08x\n", IPSEC->DMA_LX_DBG);
183 DiagPrintf(" DMA_RX_DBG : %08x\n", IPSEC->DMA_RX_DBG);
184 DiagPrintf(" DMA_TX_DBG : %08x\n", IPSEC->DMA_TX_DBG);
185 DiagPrintf(" STA_SDES_CFG : %08x\n", IPSEC->STA_SDES_CFG);
186 DiagPrintf(" STA_SDES_PTR : %08x\n", IPSEC->STA_SDES_PTR);
187 DiagPrintf(" STA_SDES_CMD1 : %08x\n", IPSEC->STA_SDES_CMD1);
188 DiagPrintf(" STA_SDES_CMD2 : %08x\n", IPSEC->STA_SDES_CMD2);
189 DiagPrintf(" STA_SDES_CMD3 : %08x\n", IPSEC->STA_SDES_CMD3);
190 DiagPrintf(" STA_DDES_CFG : %08x\n", IPSEC->STA_DDES_CFG);
191 DiagPrintf(" STA_DDES_PTR : %08x\n", IPSEC->STA_DDES_PTR);
192 DiagPrintf(" DBG_VERSION : %08x\n", IPSEC->DBG_VERSION);
193 DiagPrintf(" DDSR : %08x\n", IPSEC->DDSR);
194 DiagPrintf(" DDFW : %08x\n", IPSEC->DDFW);
195 DiagPrintf(" DDSW : %08x\n", IPSEC->DDSW);
196 DiagPrintf(" DESC_PKT_CONF : %08x\n", IPSEC->DESC_PKT_CONF);
197 DiagPrintf(" DBG_SD : %08x\n", IPSEC->DBG_SD);
198 DiagPrintf(" DBG_DD : %08x\n", IPSEC->DBG_DD);
199 }
200
201 /**
202 * @brief Set source descriptor.
203 * @param sd1: Source descriptor first word.
204 * @param sdpr: Source descriptor second word.
205 * @retval None
206 */
207 static inline
CRYPTO_SetSrcDesc(u32 sd1,u32 sdpr)208 void CRYPTO_SetSrcDesc(u32 sd1, u32 sdpr)
209 {
210 u32 timeout;
211 IPSEC_TypeDef* IPSEC = (IPSEC_TypeDef*) CRYPTO_REG_BASE;
212
213 if (TrustZone_IsSecure()) {
214 IPSEC = (IPSEC_TypeDef*) CRYPTOS_REG_BASE;
215 }
216
217 timeout = FIFOCNT_TIMEOUT;
218 while (1) {
219 if ( (IPSEC->SDSR & SFIFO_EMPTY_CNT) > 0 ) {
220 DBG_PRINTF(MODULE_IPSEC, LEVEL_INFO, "sd1=0x%x , sdpr=0x%x \r\n", sd1, sdpr);
221 IPSEC->SDFW = sd1;
222 IPSEC->SDSW = sdpr;
223 break;
224 }
225 timeout--;
226 if (timeout==0) {
227 DBG_PRINTF(MODULE_IPSEC, LEVEL_ERROR, "Timeout, src fifo is FULL \r\n");
228 break;
229 }
230 }
231 }
232
233 /**
234 * @brief Set destination descriptor.
235 * @param dd1: Destination descriptor first word.
236 * @param ddpr: Destination descriptor second word.
237 * @retval None
238 */
239 static inline
CRYPTO_SetDstDesc(u32 dd1,u32 ddpr)240 void CRYPTO_SetDstDesc(u32 dd1, u32 ddpr)
241 {
242 IPSEC_TypeDef* IPSEC = (IPSEC_TypeDef*) CRYPTO_REG_BASE;
243
244 if (TrustZone_IsSecure()) {
245 IPSEC = (IPSEC_TypeDef*) CRYPTOS_REG_BASE;
246 }
247
248 if ( (IPSEC->DDSR & DFIFO_EMPTY_CNT) > 0 ) {
249 DBG_PRINTF(MODULE_IPSEC, LEVEL_INFO, "dd1=0x%x , ddpr=0x%x \r\n", dd1, ddpr);
250 IPSEC->DDFW = dd1;
251 IPSEC->DDSW = ddpr;
252 } else {
253 DBG_PRINTF(MODULE_IPSEC, LEVEL_ERROR, "dst fifo_cnt is not correct: %d \r\n", (IPSEC->DDSR & DFIFO_EMPTY_CNT));
254 }
255 }
256
257 /**
258 * @brief Clear crypto engine command OK interrupt.
259 * @retval None
260 */
261 IMAGE2_RAM_TEXT_SECTION
CRYPTO_CleanCmdOk(void)262 void CRYPTO_CleanCmdOk(void)
263 {
264 IPSEC_TypeDef* IPSEC = (IPSEC_TypeDef*) CRYPTO_REG_BASE;
265
266 if (TrustZone_IsSecure()) {
267 IPSEC = (IPSEC_TypeDef*) CRYPTOS_REG_BASE;
268 }
269
270 u32 ok_intr_cnt = 0;
271 ok_intr_cnt = (IPSEC->RST_ISR_CON & OK_INTR_CNT) >> 8;
272 IPSEC->RST_ISR_CON |= ok_intr_cnt << 16;
273 IPSEC->RST_ISR_CON |= CMD_OK;
274 }
275
276 /**
277 * @brief Clear command ok and error interrupts.
278 * @retval None
279 */
280 IMAGE2_RAM_TEXT_SECTION
CRYPTO_ClearAllINT(void)281 void CRYPTO_ClearAllINT(void)
282 {
283 IPSEC_TypeDef* IPSEC = (IPSEC_TypeDef*) CRYPTO_REG_BASE;
284
285 if (TrustZone_IsSecure()) {
286 IPSEC = (IPSEC_TypeDef*) CRYPTOS_REG_BASE;
287 }
288
289 IPSEC->ERR_STAT = 0xFFFF;
290 //IPSEC->RST_ISR_CON |= CMD_OK;
291 CRYPTO_CleanCmdOk();
292 }
293
294 /**
295 * @brief Set source descriptor command buffer.
296 * @param pIE: Point to crypto adapter.
297 * @retval None
298 */
299 static inline
CRYPTO_SetCmdBuf(HAL_CRYPTO_ADAPTER * pIE)300 void CRYPTO_SetCmdBuf(HAL_CRYPTO_ADAPTER *pIE)
301 {
302 rtl_crypto_cl_t *pCL;
303 u32 a2eo;
304 u32 enl;
305
306 a2eo = pIE->a2eo;
307 enl = pIE->enl;
308
309 pCL = (rtl_crypto_cl_t *)pIE->cl_buffer;
310
311 _memset((u8*)pCL, 0, sizeof(pIE->cl_buffer));
312
313 if ( pIE->auth_type != AUTH_TYPE_NO_AUTH ) { //authentication
314 pCL->engine_mode = 1; //hash only
315 // Sequential hash setting
316 pCL->hmac_seq_hash=1;
317 pCL->hmac_seq_hash_first=0;
318 if ( pIE->hmac_seq_hash_first == 1 ) {
319 pCL->hmac_seq_hash_first=1;
320 pIE->hmac_seq_hash_first=0;
321 }
322 //Swap settting
323 if ( pIE->isMD5 ) {
324 pCL->habs=1;
325 pCL->hibs=1;
326 pCL->hobs=1;
327 pCL->hkbs=1;
328 } else if ( pIE->isSHA1 ) {
329 pCL->hmac_mode = 1;
330 pCL->habs=1;
331 } else if ( pIE->sha2type != SHA2_NONE ) {
332 pCL->hmac_mode = (pIE->sha2type == SHA2_224 )? 2 : 3 ; // currently only support SHA2_224 / SHA2_256
333 pCL->habs=1;
334 }
335
336 if ( pIE->isHMAC ) {
337 pCL->hmac_en = 1;
338 }
339 // Use auto padding and sequential hash III
340 if ( pIE->hmac_seq_hash_last == 1 ) { //The last block autopadding: 16-byte
341 // always using auto padding
342 pCL->enl = (enl + 15)/16 ;
343 pCL->enc_last_data_size = pIE->enc_last_data_size;
344 pCL->ap0 = pIE->hmac_seq_hash_total_len*8;
345 if ( pIE->isHMAC ) pCL->ap0 += 64*8;
346 } else { //MD5/SHA1/SHA224/SHA256: 64-byte
347 pCL->enl = enl/64;
348 }
349
350 pCL->hmac_seq_hash_last=0;
351 pCL->hmac_seq_hash_no_wb=1;
352 if ( pIE->hmac_seq_hash_last == 1 ) {
353 pCL->hmac_seq_hash_last=1;
354 pCL->hmac_seq_hash_no_wb=0;
355 }
356 } else { // cipher - encryption / decryption
357 u32 cipher_type;
358 u32 block_mode;
359 //cipher mode: 0x0 : ECB, 0x1: CBC, 0x2: CFB , 0x3 : OFB , 0x4 : CTR, 0x5 : GCTR, 0x6: GMAC, 0x7: GHASH, 0x8: GCM
360 //0 - chacha20+poly1305, 1 - chacha20, 2 - poly1305 mode 1, 3 - poly1305 mode 2
361 cipher_type = pIE->cipher_type;
362 block_mode = cipher_type & CIPHER_TYPE_MASK_BLOCK;
363 pCL->cipher_mode = block_mode;
364 //AES key length
365 if ( pIE->aes ) {
366 pCL->cipher_eng_sel = 0;
367 switch ( pIE->lenCipherKey ) {
368 case 128/8 :
369 pCL->aes_key_sel = 0;
370 break;
371 case 192/8 :
372 pCL->aes_key_sel = 1;
373 break;
374 case 256/8 :
375 pCL->aes_key_sel = 2;
376 break;
377 default:
378 break;
379 }
380
381 pCL->enl = (enl+15)/16;
382 pCL->enc_last_data_size = pIE->enc_last_data_size;
383
384 if ( block_mode == CIPHER_TYPE_BLOCK_GCM ) {
385 pCL->header_total_len = (a2eo+15)/16;
386 pCL->aad_last_data_size = pIE->aad_last_data_size;
387 }
388 } else if ( pIE->des ) {//DES setting
389 pCL->cipher_eng_sel = 1;
390 pCL->des3_en = 0;
391 pCL->enl = (enl+7)/8;
392 } else if ( pIE->trides ) {
393 pCL->cipher_eng_sel = 1;
394 pCL->des3_en = 1;
395 pCL->enl = (enl+7)/8;
396 } else if ( pIE->chacha ) {
397 pCL->cipher_eng_sel = 2;
398 pCL->enl = (enl+15)/16;
399 pCL->enc_last_data_size = pIE->enc_last_data_size;
400
401 pCL->header_total_len = (a2eo+15)/16;
402 pCL->aad_last_data_size = pIE->aad_last_data_size;
403 }
404
405 if ( pIE->isDecrypt == 0 )
406 pCL->cipher_encrypt = 1;
407 //Swap settting
408 if ( pIE->chacha ) {
409 pCL->ckws = 1;
410 pCL->ckbs = 1;
411 pCL->cabs = 1;
412 pCL->ciws = 1;
413 pCL->cibs = 1;
414 pCL->cows = 1;
415 pCL->cobs = 1;
416 pCL->codws = 1;
417 pCL->cidws = 1;
418 } else {
419 pCL->cabs = 1;
420 }
421 }
422
423 pCL->icv_total_length = 0x40; // for mix mode, but need to set a value 0x40
424 }
425
426 /**
427 * @brief Set source descriptor command, key, IV, pad array.
428 * @param pIE: Point to crypto adapter.
429 * @param p_iv: IV(initialization vector).
430 * @param ivLen: IV length.
431 * @retval None
432 */
433 static inline
CRYPTO_SrcDescKeyIv(HAL_CRYPTO_ADAPTER * pIE,const u8 * p_iv,u32 ivLen)434 void CRYPTO_SrcDescKeyIv(HAL_CRYPTO_ADAPTER *pIE, const u8* p_iv, u32 ivLen)
435 {
436 rtl_crypto_srcdesc_t src_desc;
437
438 src_desc.w = 0;
439
440 // FS=1, CL=3
441 src_desc.b.rs = 1;
442 src_desc.b.fs = 1;
443 src_desc.b.cl= 3;
444
445 // auto padding
446 if ( pIE->hmac_seq_hash_last )
447 src_desc.b.ap = 0x01;
448
449 //Set command buffer array
450 CRYPTO_SetCmdBuf(pIE);
451 DCache_CleanInvalidate((u32)(&(pIE->cl_buffer)[0]), sizeof(pIE->cl_buffer));
452 crypto_dbg_mem_dump((u32)(&(pIE->cl_buffer)[0]), sizeof(pIE->cl_buffer), "Command Setting: ");
453 CRYPTO_SetSrcDesc(src_desc.w, (u32)(&(pIE->cl_buffer)[0]));
454
455 // Set key array
456 if ( pIE->cipher_type != CIPHER_TYPE_NO_CIPHER) { //cipher
457 u32 lenCipherKey;
458 u8 *pCipherKey;
459
460 lenCipherKey = (u32) pIE->lenCipherKey;
461 pCipherKey = (u8*) pIE->pCipherKey;
462
463 src_desc.w = 0;
464 src_desc.b.rs = 1;
465 src_desc.b.fs = 1;
466 src_desc.b.key_len = lenCipherKey/4;
467 DCache_CleanInvalidate((u32)(pCipherKey), lenCipherKey);
468 crypto_dbg_mem_dump((u32)(pCipherKey), lenCipherKey, "KEY: ");
469 CRYPTO_SetSrcDesc(src_desc.w, (u32)(pCipherKey));
470 }
471
472 // Set IV array
473 if ( p_iv != NULL && ivLen > 0 ) {
474 src_desc.w = 0;
475 src_desc.b.rs = 1;
476 src_desc.b.fs = 1;
477 src_desc.b.iv_len = ivLen/4;
478 DCache_CleanInvalidate((u32)(p_iv), ivLen);
479 crypto_dbg_mem_dump((u32)(p_iv), ivLen, "IV: ");
480 CRYPTO_SetSrcDesc(src_desc.w, (u32)(p_iv));
481 }
482
483 // Set Pad array
484 if ( pIE->isHMAC ) {
485 src_desc.w = 0;
486 src_desc.b.rs = 1;
487 src_desc.b.fs = 1;
488 src_desc.b.keypad_len = 128;
489 DCache_CleanInvalidate((u32)(&(pIE->g_IOPAD[0])), sizeof(pIE->g_IOPAD));
490 crypto_dbg_mem_dump((u32)(&(pIE->g_IOPAD[0])), 128, "PAD: ");
491 CRYPTO_SetSrcDesc(src_desc.w, (u32)(&(pIE->g_IOPAD[0])));
492 }
493 }
494
495 /**
496 * @brief Crypto engine reset.
497 * @param pIE: Point to crypto adapter.
498 * @note pIE is no need in Ameba-D reset api, but in order to compatible with AmebaZ reset api, pIE is added.
499 * @retval None
500 */
501 IMAGE2_RAM_TEXT_SECTION
CRYPTO_Reset(UNUSED_WARN_DIS HAL_CRYPTO_ADAPTER * pIE)502 void CRYPTO_Reset(UNUSED_WARN_DIS HAL_CRYPTO_ADAPTER *pIE)
503 {
504 IPSEC_TypeDef* IPSEC = (IPSEC_TypeDef*) CRYPTO_REG_BASE;
505
506 if (TrustZone_IsSecure()) {
507 IPSEC = (IPSEC_TypeDef*) CRYPTOS_REG_BASE;
508 }
509
510 // Crypto engine : Software Reset
511 IPSEC->RST_ISR_CON = SOFT_RST;
512 // register offset 0x030
513 IPSEC->SWAP_BURST = 16<<16;
514 IPSEC->SWAP_BURST |= (KEY_IV_SWAP | KEY_PAD_SWAP | HASH_INITIAL_VALUE_SWAP);
515 IPSEC->SWAP_BURST |= (DMA_IN_LITTLE_ENDIAN | DATA_OUT_LITTLE_ENDIAN | MAC_OUT_LITTLE_ENDIAN);
516
517 // ++++ register offset 0x018 +++++
518 // Crypto Engine : DMA arbiter(detect fifo wasted level) , clock enable
519 IPSEC->DEBUG = (ARBITER_MODE | ENGINE_CLK_EN);
520 }
521
522 /**
523 * @brief Set crypto adapter parameter.
524 * @param pIE: Point to crypto adapter.
525 * @param cipher_type: Cipher type.
526 * @arg CIPHER_TYPE_DES_ECB: DES_ECB
527 * @arg CIPHER_TYPE_DES_CBC: DES_CBC
528 * @arg CIPHER_TYPE_3DES_ECB: 3DES_ECB
529 * @arg CIPHER_TYPE_3DES_CBC: 3DES_CBC
530 * @arg CIPHER_TYPE_AES_ECB: AES_ECB
531 * @arg CIPHER_TYPE_AES_CBC: AES_CBC
532 * @arg CIPHER_TYPE_AES_CFB: AES_CFB
533 * @arg CIPHER_TYPE_AES_OFB: AES_OFB
534 * @arg CIPHER_TYPE_AES_CTR: AES_CTR
535 * @arg CIPHER_TYPE_AES_GCTR: AES_GCTR
536 * @arg CIPHER_TYPE_AES_GMAC: AES_GMAC
537 * @arg CIPHER_TYPE_AES_GHASH: AES_GHASH
538 * @arg CIPHER_TYPE_AES_GCM: AES_GCM
539 * @arg CIPHER_TYPE_CHACHA_POLY1305: ChaCha+poly1305
540 * @arg CIPHER_TYPE_CHACHA: ChaCha
541 * @arg CIPHER_TYPE_POLY1305: Poly 1305
542 * @param auth_type: Authentication algorithm type.
543 * @arg AUTH_TYPE_MD5: MD5
544 * @arg AUTH_TYPE_SHA1: SHA1
545 * @arg AUTH_TYPE_SHA2_224_ALL: SHA2_224
546 * @arg AUTH_TYPE_SHA2_256_ALL: SHA2_256
547 * @arg AUTH_TYPE_HMAC_MD5: HMAC MD5
548 * @arg AUTH_TYPE_HMAC_SHA1: HMAC SHA1
549 * @arg AUTH_TYPE_HMAC_SHA2_224_ALL: HMAC SHA2_224
550 * @arg AUTH_TYPE_HMAC_SHA2_256_ALL: HMAC SHA2_256
551 * @param pCipherKey: Point to cipher key.
552 * @param lenCipherKey: Cipher key length.
553 * @param pAuthKey: Point to authentication key.
554 * @param lenAuthKey: Authentication key length.
555 * @retval SUCCESS or error status
556 */
557 IMAGE2_RAM_TEXT_SECTION
CRYPTO_SetSecurityModeAD(HAL_CRYPTO_ADAPTER * pIE,IN const u32 cipher_type,IN const u32 auth_type,IN const void * pCipherKey,IN const u32 lenCipherKey,IN const void * pAuthKey,IN const u32 lenAuthKey)558 int CRYPTO_SetSecurityModeAD(HAL_CRYPTO_ADAPTER *pIE,
559 IN const u32 cipher_type, IN const u32 auth_type,
560 IN const void* pCipherKey, IN const u32 lenCipherKey,
561 IN const void* pAuthKey, IN const u32 lenAuthKey)
562 {
563 assert_param(pIE != NULL);
564 assert_param(pIE->isInit == _TRUE);
565
566 if ( lenAuthKey > 0 ) { // Authentication
567 assert_param(pAuthKey != NULL);
568 assert_param(lenAuthKey <= CRYPTO_AUTH_PADDING);
569 }
570
571 // Cipher
572 pIE->trides = 0;
573 pIE->aes = 0;
574 pIE->des = 0;
575 pIE->chacha = 0;
576 pIE->isDecrypt = 0;
577 pIE->cipher_type = cipher_type;
578
579 if ( cipher_type != CIPHER_TYPE_NO_CIPHER) {
580 switch (cipher_type & CIPHER_TYPE_MASK_FUNC ) {
581 case CIPHER_TYPE_FUNC_DES :
582 pIE->des = 1;
583 break;
584 case CIPHER_TYPE_FUNC_3DES :
585 pIE->trides = 1;
586 break;
587 case CIPHER_TYPE_FUNC_AES :
588 pIE->aes = 1;
589 break;
590 case CIPHER_TYPE_FUNC_CHACHA :
591 pIE->chacha = 1;
592 break;
593 }
594 pIE->isDecrypt = ( cipher_type & CIPHER_TYPE_MODE_ENCRYPT )? 0: 1;
595 }
596
597 // Auth
598 pIE->auth_type = auth_type;
599 if ( auth_type != AUTH_TYPE_NO_AUTH) {
600 pIE->isHMAC = (auth_type & AUTH_TYPE_MASK_HMAC) ? 1 : 0;
601 pIE->isMD5 = ( (auth_type & AUTH_TYPE_MASK_FUNC) == AUTH_TYPE_MD5 )? 1 : 0;
602 pIE->isSHA1 = ( (auth_type & AUTH_TYPE_MASK_FUNC) == AUTH_TYPE_SHA1 )? 1 : 0;
603 pIE->isSHA2 = ( (auth_type & AUTH_TYPE_MASK_FUNC) == AUTH_TYPE_SHA2 )? 1 : 0;
604 if ( pIE->isSHA2 ) {
605 switch ( auth_type & AUTH_TYPE_MASK_SHA2 ) {
606 case AUTH_TYPE_SHA2_224 :
607 pIE->sha2type = SHA2_224;
608 break;
609 case AUTH_TYPE_SHA2_256 :
610 pIE->sha2type = SHA2_256;
611 break;
612 default :
613 DBG_PRINTF(MODULE_IPSEC, LEVEL_ERROR, "No this auth_type(%d) for SHA2\n", auth_type);
614 pIE->sha2type = SHA2_NONE;
615 break;
616 }
617 } else {
618 pIE->sha2type = SHA2_NONE;
619 }
620 } else {
621 pIE->isMD5 = 0;
622 pIE->isHMAC = 0;
623 pIE->isSHA1=0;
624 pIE->isSHA2=0;
625 pIE->sha2type = SHA2_NONE;
626 }
627
628 //Set hash algorithm digest length.
629 switch (auth_type & AUTH_TYPE_MASK_FUNC) {
630 case AUTH_TYPE_MD5:
631 pIE->digestlen = CRYPTO_MD5_DIGEST_LENGTH;
632 break;
633 case AUTH_TYPE_SHA1:
634 pIE->digestlen = CRYPTO_SHA1_DIGEST_LENGTH;
635 break;
636 case AUTH_TYPE_SHA2:
637 pIE->digestlen = pIE->sha2type;
638 break;
639 default:
640 pIE->digestlen = 0;
641 break;
642 }
643
644 // Set auth key and cipher key.
645 pIE->lenCipherKey = lenCipherKey;
646 pIE->pCipherKey = pCipherKey;
647
648 pIE->pAuthKey = pAuthKey;
649 pIE->lenAuthKey = lenAuthKey;
650
651 //Authkey is always used in HMAC algorithm to generate auth ipad and opad.
652 if ( lenAuthKey > 0 ) {
653 u32 i;
654
655 pIE->ipad = (u8 *)(&(pIE->g_IOPAD[0]));
656 pIE->opad = (u8 *)(&(pIE->g_IOPAD[CRYPTO_PADSIZE]));
657
658 _memset(pIE->ipad, 0x36, CRYPTO_PADSIZE);
659 _memset(pIE->opad, 0x5c, CRYPTO_PADSIZE);
660
661 for (i=0; i< lenAuthKey; i++) {
662 pIE->ipad[i] ^= ((u8*) pIE->pAuthKey)[i];
663 pIE->opad[i] ^= ((u8*) pIE->pAuthKey)[i];
664 }
665 } else {
666 pIE->ipad = 0;
667 pIE->opad = 0;
668 }
669 // Sequential hash parameter init
670 if ( auth_type != AUTH_TYPE_NO_AUTH) {
671 pIE->hmac_seq_hash_first = 1;
672 pIE->hmac_seq_hash_last = 0;
673 pIE->hmac_seq_hash_total_len = 0;
674 }
675 return SUCCESS;
676 }
677
678 /**
679 * @brief Crypto engine initialize.
680 * @param pIE: Point to crypto adapter, Ameba-D should be NULL.
681 * @retval SUCCESS
682 */
683 IMAGE2_RAM_TEXT_SECTION
CRYPTO_Init(HAL_CRYPTO_ADAPTER * pIE_I)684 int CRYPTO_Init(HAL_CRYPTO_ADAPTER *pIE_I)
685 {
686 HAL_CRYPTO_ADAPTER *pIE = &crypto_engine;
687
688 if (pIE_I != NULL) {
689 pIE = pIE_I;
690 }
691
692 CRYPTO_Reset(pIE);
693
694 pIE->isInit = 1;
695 pIE->isIntMode = 0;
696 return SUCCESS;
697 }
698
699 IMAGE2_RAM_TEXT_SECTION
CRYPTO_Cache_Sync(u8 * p_buf,u32 len)700 void CRYPTO_Cache_Sync(u8 *p_buf, u32 len)
701 {
702 u32 start_addr = (u32)(p_buf);
703 u32 end_addr = start_addr + len;
704 u8 cache_buf[CACHE_LINE_SIZE] = {0};
705 u8 header_offset = 0, tail_offset = 0;
706 //S1: enter critical, should be initialized before use
707 //if(driver_call_os_func_map.driver_enter_critical) {
708 // driver_call_os_func_map.driver_enter_critical();
709 //}
710 rtw_enter_critical(NULL,NULL);
711
712 header_offset = (start_addr & (~CACHE_LINE_ADDR_MSK));
713 tail_offset = (end_addr & (~CACHE_LINE_ADDR_MSK));
714
715 if(!IS_CACHE_LINE_ALIGNED_ADDR(start_addr))
716 {
717 //S2: cache store
718 memcpy(cache_buf, (u8 *)(start_addr & CACHE_LINE_ADDR_MSK), CACHE_LINE_SIZE);
719 //S3: cache flush
720 DCache_Invalidate((start_addr & CACHE_LINE_ADDR_MSK), CACHE_LINE_SIZE);
721 //S4: memory store
722 if((end_addr & CACHE_LINE_ADDR_MSK) == (start_addr & CACHE_LINE_ADDR_MSK))
723 {
724 memcpy((cache_buf + header_offset), (u8 *)(start_addr), (tail_offset - header_offset));
725 }
726 else
727 {
728 memcpy((cache_buf + header_offset), (u8 *)(start_addr), (CACHE_LINE_SIZE - header_offset));
729 }
730 //S5: write back
731 memcpy((u8 *)(start_addr & CACHE_LINE_ADDR_MSK), cache_buf, CACHE_LINE_SIZE);
732 //S6: cache clean
733 DCache_Clean((start_addr & CACHE_LINE_ADDR_MSK), CACHE_LINE_SIZE);
734 }
735
736 if((!IS_CACHE_LINE_ALIGNED_ADDR(end_addr)) && ((end_addr & CACHE_LINE_ADDR_MSK) != (start_addr & CACHE_LINE_ADDR_MSK)))
737 {
738 //S2: cache store
739 memcpy(cache_buf, (u8 *)(end_addr & CACHE_LINE_ADDR_MSK), CACHE_LINE_SIZE);
740 //S3: cache flush
741 DCache_Invalidate((end_addr & CACHE_LINE_ADDR_MSK), CACHE_LINE_SIZE);
742 //S4: memory store
743 memcpy(cache_buf, (u8 *)(end_addr & CACHE_LINE_ADDR_MSK), tail_offset);
744 //S5: write back
745 memcpy((u8 *)(end_addr & CACHE_LINE_ADDR_MSK), cache_buf, CACHE_LINE_SIZE);
746 //S6: cache clean
747 DCache_Clean((end_addr & CACHE_LINE_ADDR_MSK), CACHE_LINE_SIZE);
748 }
749
750 //S7: cache flush
751 DCache_Invalidate(start_addr, len);
752
753 //S8: exit critical
754 //if(driver_call_os_func_map.driver_exit_critical) {
755 // driver_call_os_func_map.driver_exit_critical();
756 //}
757 rtw_exit_critical(NULL,NULL);
758 }
759
760 /**
761 * @brief Crypto engine process.
762 * @param pIE: Point to crypto adapter.
763 * @param message: Point to message.
764 * @param msglen: Message length.
765 * @param pIv: Point to IV(initialize vector).
766 * @param ivlen: IV length.
767 * @param paad: Point to AAD(additional authentication data).
768 * @param aadlen: AAD length.
769 * @param pResult: Point to auth or cipher result.
770 * @param pTag: Point to MAC(Message Authentication Code) .
771 * @retval Result of process.
772 */
773 IMAGE2_RAM_TEXT_SECTION
CRYPTO_ProcessAD(HAL_CRYPTO_ADAPTER * pIE,IN const u8 * message,IN const u32 msglen,IN const u8 * pIv,IN const u32 ivlen,IN const u8 * paad,IN const u32 aadlen,OUT u8 * pResult,OUT u8 * pTag)774 int CRYPTO_ProcessAD(HAL_CRYPTO_ADAPTER *pIE,
775 IN const u8 *message, IN const u32 msglen,
776 IN const u8 *pIv, IN const u32 ivlen,
777 IN const u8 *paad, IN const u32 aadlen,
778 OUT u8 *pResult, OUT u8 *pTag)
779 {
780 rtl_crypto_srcdesc_t srcdesc;
781 u32 a2eo;
782 u32 enl;
783 u32 digestlen;
784 volatile u32 ips_err;
785 u32 loopWait;
786 IPSEC_TypeDef* IPSEC = (IPSEC_TypeDef*) CRYPTO_REG_BASE;
787
788 if (TrustZone_IsSecure()) {
789 IPSEC = (IPSEC_TypeDef*) CRYPTOS_REG_BASE;
790 }
791
792 assert_param(message != NULL);
793 //assert_param(msglen >= 0 && msglen <= CRYPTO_MAX_MSG_LENGTH);
794 assert_param(pIE != NULL);
795 assert_param(pIE->isInit == _TRUE);
796
797 // Use only one scatter
798 a2eo = aadlen;
799 enl = msglen;
800
801 CRYPTO_ClearAllINT();
802
803 // Set relative length data
804 /* ** Calculate message and a2eo auto padding length ** */
805 pIE->a2eo = a2eo;
806 pIE->enl = enl;
807
808 // DES / 3DES : 8 byte alignment
809 if ( (pIE->des == 1) || (pIE->trides == 1) ) {
810 pIE->enc_last_data_size = enl % 8;
811 pIE->apl = (8-pIE->enc_last_data_size) % 8;
812
813 pIE->aad_last_data_size = a2eo % 8;
814 pIE->apl_aad = (8-pIE->aad_last_data_size) % 8;
815 } else {
816 pIE->enc_last_data_size = enl % 16;
817 pIE->apl = (16-pIE->enc_last_data_size) % 16;
818
819 pIE->aad_last_data_size = a2eo % 16;
820 pIE->apl_aad = (16-pIE->aad_last_data_size) % 16;
821 }
822
823 digestlen = pIE->digestlen;
824
825 if ( pIE->auth_type != AUTH_TYPE_NO_AUTH) {
826 pIE->hmac_seq_hash_total_len += msglen;
827
828 if ( pResult != NULL ) {
829 pIE->hmac_seq_hash_last = 1;
830 }
831 }
832
833 /********************************************
834 * step 1: Setup desitination descriptor
835 * Auth descriptor (1):
836 -----------------
837 |digest |
838 -----------------
839 * Cipher descriptor:
840 -----------------
841 |Data |
842 -----------------
843 |Hash Data(Tag) |
844 -----------------
845 ********************************************/
846 if ( pIE->auth_type != AUTH_TYPE_NO_AUTH ) { //auth
847 rtl_crypto_dstdesc_t dst_desc;
848
849 if ( pResult != NULL ) {
850 dst_desc.w = 0;
851 dst_desc.auth.ws = 1;
852 dst_desc.auth.fs = 1;
853 dst_desc.auth.ls = 1;
854 dst_desc.auth.adl = digestlen;
855 DCache_CleanInvalidate((u32)pResult, digestlen);
856 CRYPTO_SetDstDesc(dst_desc.w, (u32)pResult);
857 }
858 } else { // cipher
859 rtl_crypto_dstdesc_t dst_auth_desc;
860 rtl_crypto_dstdesc_t dst_cipher_desc;
861
862 if ( pResult != NULL ) {
863 dst_cipher_desc.w = 0;
864 dst_cipher_desc.cipher.ws = 1;
865 dst_cipher_desc.cipher.fs = 1;
866 dst_cipher_desc.cipher.enc = 1;
867 dst_cipher_desc.cipher.enl = pIE->enl;
868 if ( pTag == NULL ) {
869 dst_cipher_desc.cipher.ls = 1;
870 }
871 DCache_CleanInvalidate(((u32)pResult), pIE->enl);
872 CRYPTO_SetDstDesc(dst_cipher_desc.w, (u32)pResult);// Data
873 }
874
875 if ( pTag != NULL ) { // Tag
876 dst_auth_desc.w = 0;
877 dst_auth_desc.auth.ws = 1;
878 dst_auth_desc.auth.enc = 0;
879 dst_auth_desc.auth.adl = 16;
880 dst_auth_desc.auth.ls = 1;
881 if ( pResult == NULL ) {
882 dst_auth_desc.auth.fs = 1;
883 }
884 DCache_CleanInvalidate((u32)pTag, 16);
885 CRYPTO_SetDstDesc(dst_auth_desc.w, (u32)pTag);
886 }
887 }
888
889 /********************************************
890 * step 2: Setup source descriptor
891 ----------
892 |Cmd buffer |
893 ----------
894 |Key array |
895 ----------
896 |IV array |
897 ----------
898 |PAD array |
899 ----------
900 |Data 1 |
901 | . |
902 | . |
903 | . |
904 |Data N |
905 ----------
906 |HMAC APL |
907 ----------
908 ********************************************/
909 /********************************************
910 * step 2-1: prepare Cmd & Key & IV array & Pad array:
911 ********************************************/
912
913 CRYPTO_SrcDescKeyIv(pIE, pIv, ivlen);
914
915 /********************************************
916 * step 2-2: prepare Data1 ~ DataN
917 ********************************************/
918 srcdesc.w = 0;
919 srcdesc.d.rs = 1;
920
921 if ( paad != NULL ) {
922 DCache_CleanInvalidate((u32)paad, aadlen);
923 while ( a2eo > 16 ) { //AAD, 16-byte per src desc
924 srcdesc.d.a2eo = 16;
925
926 crypto_dbg_mem_dump(paad, 16, "AAD: ");
927 CRYPTO_SetSrcDesc(srcdesc.w, (u32)paad);
928
929 paad += 16;
930 a2eo -= 16;
931 srcdesc.w = 0;
932 srcdesc.d.rs = 1;
933 }
934
935 if ( a2eo > 0 ) { //AAD, last block
936 srcdesc.d.a2eo = a2eo;
937 crypto_dbg_mem_dump(paad, a2eo, "AAD: ");
938 CRYPTO_SetSrcDesc(srcdesc.w, (u32)paad);
939 srcdesc.w = 0;
940 srcdesc.d.rs = 1;
941 }
942
943 if ( pIE->apl_aad > 0 ) { //AAD padding, last block
944 srcdesc.d.a2eo = pIE->apl_aad;
945 DCache_CleanInvalidate((u32)ipsec_padding, sizeof(ipsec_padding));
946 crypto_dbg_mem_dump(ipsec_padding, pIE->apl_aad, "AAD padding ");
947 CRYPTO_SetSrcDesc(srcdesc.w, (u32)ipsec_padding);
948 srcdesc.w = 0;
949 srcdesc.d.rs = 1;
950 }
951 }
952
953 if(message != NULL)
954 DCache_CleanInvalidate(((u32)message), enl);
955
956 while ( enl > 16368 ) { // Data body 16352-byte per src desc
957 srcdesc.d.enl = 16368;
958 CRYPTO_SetSrcDesc(srcdesc.w, (u32)message);
959
960 message += 16368;
961 enl -= 16368;
962 srcdesc.w = 0;
963 srcdesc.d.rs = 1;
964 }
965
966 // Data body msglen < 16352
967 if ( pIE->apl == 0 )
968 srcdesc.d.ls = 1;
969 srcdesc.d.enl = enl;
970 CRYPTO_SetSrcDesc(srcdesc.w, (u32)message);
971 crypto_dbg_mem_dump(message, enl, "message: ");
972
973 // data padding, regard as enl
974 if ( pIE->apl != 0 ) {
975 srcdesc.w = 0;
976 srcdesc.d.rs = 1;
977 srcdesc.d.enl = pIE->apl;
978 srcdesc.d.ls = 1;
979 DCache_CleanInvalidate((u32)ipsec_padding, sizeof(ipsec_padding));
980 crypto_dbg_mem_dump(ipsec_padding, srcdesc.d.enl, "data padding ");
981 CRYPTO_SetSrcDesc(srcdesc.w, (u32)ipsec_padding);
982 }
983
984 /********************************************
985 * step 3: Wait until ipsec engine stop
986 *Polling mode, intr_mode = 0
987 ********************************************/
988 loopWait = 1000000; /* hope long enough */
989 while (1) {
990 if ( IPSEC->RST_ISR_CON & CMD_OK ) break;
991
992 ips_err = IPSEC->ERR_STAT;
993 if ( ips_err ) {
994 DBG_PRINTF(MODULE_IPSEC, LEVEL_ERROR, "ips 0x1C err = 0x%08x\r\n", ips_err);
995 return FAIL;
996 }
997
998 loopWait--;
999 if (loopWait == 0) {
1000 DBG_PRINTF(MODULE_IPSEC, LEVEL_ERROR, "Wait Timeout\r\n");
1001 return FAIL; /* error occurs */
1002 }
1003 }
1004
1005 if(pResult != NULL) {
1006 if ( pIE->auth_type != AUTH_TYPE_NO_AUTH ) { //auth
1007 CRYPTO_Cache_Sync(pResult, digestlen);
1008 } else {
1009 CRYPTO_Cache_Sync(pResult, pIE->enl);
1010 }
1011 }
1012
1013 if ( pTag != NULL ) {
1014 CRYPTO_Cache_Sync(pTag, 16);
1015 }
1016
1017 //CRYPTO_CleanCmdOk();
1018 return SUCCESS;
1019 }
1020
1021 /**
1022 * @brief Cipher initialize.
1023 * @param pIE: Point to crypto adapter.
1024 * @param cipher_type: Cipher type.
1025 * @arg CIPHER_TYPE_DES_ECB: DES_ECB
1026 * @arg CIPHER_TYPE_DES_CBC: DES_CBC
1027 * @arg CIPHER_TYPE_3DES_ECB: 3DES_ECB
1028 * @arg CIPHER_TYPE_3DES_CBC: 3DES_CBC
1029 * @arg CIPHER_TYPE_AES_ECB: AES_ECB
1030 * @arg CIPHER_TYPE_AES_CBC: AES_CBC
1031 * @arg CIPHER_TYPE_AES_CFB: AES_CFB
1032 * @arg CIPHER_TYPE_AES_OFB: AES_OFB
1033 * @arg CIPHER_TYPE_AES_CTR: AES_CTR
1034 * @arg CIPHER_TYPE_AES_GCTR: AES_GCTR
1035 * @arg CIPHER_TYPE_AES_GMAC: AES_GMAC
1036 * @arg CIPHER_TYPE_AES_GHASH: AES_GHASH
1037 * @arg CIPHER_TYPE_AES_GCM: AES_GCM
1038 * @arg CIPHER_TYPE_CHACHA_POLY1305: ChaCha+poly1305
1039 * @arg CIPHER_TYPE_CHACHA: ChaCha
1040 * @arg CIPHER_TYPE_POLY1305: Poly 1305
1041 * @param key: Cipher key.
1042 * @param keylen: Key length.
1043 * @retval Function execute status.
1044 */
1045 IMAGE2_RAM_TEXT_SECTION
CRYPTO_CipherInit(HAL_CRYPTO_ADAPTER * pIE,IN const u32 cipher_type,IN const u8 * key,IN const u32 keylen)1046 int CRYPTO_CipherInit(HAL_CRYPTO_ADAPTER *pIE,
1047 IN const u32 cipher_type,
1048 IN const u8 *key, IN const u32 keylen)
1049 {
1050 u8* pAuthKey = NULL;
1051 u32 lenAuthKey = 0;
1052
1053 return CRYPTO_SetSecurityModeAD(pIE,
1054 cipher_type, AUTH_TYPE_NO_AUTH,
1055 key, keylen, pAuthKey, lenAuthKey);
1056
1057 }
1058
1059 /**
1060 * @brief Cipher encryption.
1061 * @param pIE: Point to crypto adapter.
1062 * @param message: Point to message.
1063 * @param msglen: Message length.
1064 * @param pIv: Point to IV(initialize vector).
1065 * @param ivlen: IV length.
1066 * @param paad: Point to AAD(additional authentication data).
1067 * @param aadlen: AAD length.
1068 * @param pResult: Point to auth or cipher result.
1069 * @param pTag: Point to MAC(Message Authentication Code) .
1070 * @retval Result of process.
1071 */
1072 IMAGE2_RAM_TEXT_SECTION
CRYPTO_CipherEncryptAD(HAL_CRYPTO_ADAPTER * pIE,IN const u8 * message,IN const u32 msglen,IN const u8 * piv,IN const u32 ivlen,IN const u8 * paad,IN const u32 aadlen,OUT u8 * pResult,OUT u8 * pTag)1073 int CRYPTO_CipherEncryptAD(HAL_CRYPTO_ADAPTER *pIE,
1074 IN const u8* message, IN const u32 msglen,
1075 IN const u8* piv, IN const u32 ivlen,
1076 IN const u8* paad, IN const u32 aadlen,
1077 OUT u8* pResult, OUT u8* pTag)
1078 {
1079 int ret;
1080
1081 pIE->cipher_type |= CIPHER_TYPE_MODE_ENCRYPT;
1082 pIE->isDecrypt = _FALSE;
1083
1084 ret = CRYPTO_ProcessAD(pIE, message, msglen,
1085 piv, ivlen, paad, aadlen, pResult, pTag);
1086
1087 return ret;
1088 }
1089
1090 /**
1091 * @brief Cipher decryption.
1092 * @param pIE: Point to crypto adapter.
1093 * @param message: Point to message.
1094 * @param msglen: Message length.
1095 * @param pIv: Point to IV(initialize vector).
1096 * @param ivlen: IV length.
1097 * @param paad: Point to AAD(additional authentication data).
1098 * @param aadlen: AAD length.
1099 * @param pResult: Point to auth or cipher result.
1100 * @param pTag: Point to MAC(Message Authentication Code) .
1101 * @retval Result of process.
1102 */
1103 IMAGE2_RAM_TEXT_SECTION
CRYPTO_CipherDecryptAD(HAL_CRYPTO_ADAPTER * pIE,IN const u8 * message,IN const u32 msglen,IN const u8 * piv,IN const u32 ivlen,IN const u8 * paad,IN const u32 aadlen,OUT u8 * pResult,OUT u8 * pTag)1104 int CRYPTO_CipherDecryptAD(
1105 HAL_CRYPTO_ADAPTER *pIE,
1106 IN const u8* message, IN const u32 msglen,
1107 IN const u8* piv, IN const u32 ivlen,
1108 IN const u8* paad, IN const u32 aadlen,
1109 OUT u8* pResult, OUT u8* pTag )
1110 {
1111 int ret;
1112
1113 pIE->cipher_type ^= CIPHER_TYPE_MODE_ENCRYPT;
1114 pIE->isDecrypt = _TRUE;
1115
1116 ret = CRYPTO_ProcessAD(pIE, message, msglen, piv, ivlen, paad, aadlen, pResult, pTag);
1117
1118 return ret;
1119 }
1120
1121 /******************* (C) COPYRIGHT 2017 Realtek Semiconductor *****END OF FILE****/
1122