1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (C) 2018, ARM Limited
4 * Copyright (C) 2019, Linaro Limited
5 */
6
7 #include <assert.h>
8 #include <compiler.h>
9 #include <crypto/crypto_accel.h>
10 #include <crypto/crypto.h>
11 #include <kernel/panic.h>
12 #include <mbedtls/aes.h>
13 #include <mbedtls/platform_util.h>
14 #include <string.h>
15
crypto_aes_expand_enc_key(const void * key,size_t key_len,void * enc_key,size_t enc_keylen,unsigned int * rounds)16 TEE_Result crypto_aes_expand_enc_key(const void *key, size_t key_len,
17 void *enc_key, size_t enc_keylen,
18 unsigned int *rounds)
19 {
20 #if defined(MBEDTLS_AES_ALT)
21 return crypto_accel_aes_expand_keys(key, key_len, enc_key, NULL,
22 enc_keylen, rounds);
23 #else
24 mbedtls_aes_context ctx;
25
26 memset(&ctx, 0, sizeof(ctx));
27 mbedtls_aes_init(&ctx);
28 if (mbedtls_aes_setkey_enc(&ctx, key, key_len * 8) != 0)
29 return TEE_ERROR_BAD_PARAMETERS;
30
31 if (enc_keylen > sizeof(ctx.buf))
32 return TEE_ERROR_BAD_PARAMETERS;
33 memcpy(enc_key, ctx.buf, enc_keylen);
34 *rounds = ctx.nr;
35 mbedtls_aes_free(&ctx);
36 return TEE_SUCCESS;
37 #endif
38 }
39
crypto_aes_enc_block(const void * enc_key,size_t enc_keylen __maybe_unused,unsigned int rounds,const void * src,void * dst)40 void crypto_aes_enc_block(const void *enc_key, size_t enc_keylen __maybe_unused,
41 unsigned int rounds, const void *src, void *dst)
42 {
43 #if defined(MBEDTLS_AES_ALT)
44 crypto_accel_aes_ecb_enc(dst, src, enc_key, rounds, 1);
45 #else
46 mbedtls_aes_context ctx;
47
48 memset(&ctx, 0, sizeof(ctx));
49 mbedtls_aes_init(&ctx);
50 if (enc_keylen > sizeof(ctx.buf))
51 panic();
52 memcpy(ctx.buf, enc_key, enc_keylen);
53 ctx.rk = ctx.buf;
54 ctx.nr = rounds;
55 mbedtls_aes_encrypt(&ctx, src, dst);
56 mbedtls_aes_free(&ctx);
57 #endif
58 }
59
60 #if defined(MBEDTLS_AES_ALT)
mbedtls_aes_init(mbedtls_aes_context * ctx)61 void mbedtls_aes_init(mbedtls_aes_context *ctx)
62 {
63 assert(ctx);
64 memset(ctx, 0, sizeof(*ctx));
65 }
66
mbedtls_aes_free(mbedtls_aes_context * ctx)67 void mbedtls_aes_free( mbedtls_aes_context *ctx )
68 {
69 if (ctx)
70 mbedtls_platform_zeroize(ctx, sizeof(*ctx));
71 }
72
mbedtls_aes_setkey_enc(mbedtls_aes_context * ctx,const unsigned char * key,unsigned int keybits)73 int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
74 unsigned int keybits)
75 {
76 assert(ctx && key);
77
78 if (keybits != 128 && keybits != 192 && keybits != 256)
79 return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
80
81 if (crypto_accel_aes_expand_keys(key, keybits / 8, ctx->key, NULL,
82 sizeof(ctx->key), &ctx->round_count))
83 return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
84
85 return 0;
86 }
87
mbedtls_aes_setkey_dec(mbedtls_aes_context * ctx,const unsigned char * key,unsigned int keybits)88 int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
89 unsigned int keybits)
90 {
91 uint32_t enc_key[sizeof(ctx->key)] = { 0 };
92
93 assert(ctx && key);
94
95 if (keybits != 128 && keybits != 192 && keybits != 256)
96 return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
97
98 if (crypto_accel_aes_expand_keys(key, keybits / 8, enc_key, ctx->key,
99 sizeof(ctx->key), &ctx->round_count))
100 return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
101
102 return 0;
103 }
104 #endif /*MBEDTLS_AES_ALT*/
105