1 /*
2  * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include "aes.h"
8 #include "cc_pal_types.h"
9 #include "cc_pal_mem.h"
10 #include "cc_pal_abort.h"
11 #include "aes_driver.h"
12 #include "cc_aes_defs.h"
13 #include "mbedtls_ext_dma_error.h"
14 #include "aes_driver.h"
15 #include "driver_defs.h"
16 #include "cc_sym_error.h"
17 #include "cc_pal_perf.h"
18 #include "cc_pal_compiler.h"
19 #include "mbedtls_aes_ext_dma.h"
20 #include "aes_driver_ext_dma.h"
21 
22 
CC2DriverAesMode(CCAesOperationMode_t operationMode)23 static aesMode_t CC2DriverAesMode(CCAesOperationMode_t operationMode)
24 {
25     aesMode_t result;
26 
27     switch (operationMode) {
28     case CC_AES_MODE_ECB:
29         result = CIPHER_ECB;
30         break;
31     case CC_AES_MODE_CBC:
32         result = CIPHER_CBC;
33         break;
34     case CC_AES_MODE_CTR:
35         result = CIPHER_CTR;
36         break;
37     case CC_AES_MODE_CBC_MAC:
38         result = CIPHER_CBC_MAC;
39         break;
40     case CC_AES_MODE_CMAC:
41         result = CIPHER_CMAC;
42         break;
43     case CC_AES_MODE_OFB:
44         result = CIPHER_OFB;
45         break;
46     default:
47         result = CIPHER_NULL_MODE;
48     }
49 
50     return result;
51 }
52 
53 
54 
mbedtls_aes_ext_dma_init(unsigned int keybits,int encryptDecryptFlag,CCAesOperationMode_t operationMode)55 int mbedtls_aes_ext_dma_init(
56     unsigned int keybits,
57     int   encryptDecryptFlag,
58     CCAesOperationMode_t operationMode)
59 {
60     drvError_t drvRc = AES_DRV_OK;
61     aesMode_t         mode;
62     keySizeId_t       keySizeId;
63 
64     /* check if the operation mode is legal */
65     if ( (operationMode != CC_AES_MODE_ECB) &&
66          (operationMode != CC_AES_MODE_CBC) &&
67          (operationMode != CC_AES_MODE_CTR) &&
68          (operationMode != CC_AES_MODE_CBC_MAC) &&
69          (operationMode != CC_AES_MODE_CMAC)  &&
70          (operationMode != CC_AES_MODE_OFB)) {
71         return EXT_DMA_AES_ILLEGAL_OPERATION_MODE_ERROR;
72     }
73 
74     if (CC_AES_DECRYPT != encryptDecryptFlag && CC_AES_ENCRYPT != encryptDecryptFlag) {
75         return EXT_DMA_AES_INVALID_ENCRYPT_MODE_ERROR;
76     }
77 
78     /* in MAC,XCBC,CMAC modes enable only encrypt mode  */
79     if ( ((operationMode == CC_AES_MODE_CBC_MAC) ||
80           (operationMode == CC_AES_MODE_CMAC)) &&
81          (encryptDecryptFlag != CC_AES_ENCRYPT) ) {
82         return EXT_DMA_AES_DECRYPTION_NOT_ALLOWED_ON_THIS_MODE;
83     }
84 
85     /* check key size validity */
86     switch (keybits)
87     {
88     case 128:
89         keySizeId =  KEY_SIZE_128_BIT;
90         break;
91     case 192:
92         keySizeId =  KEY_SIZE_192_BIT;
93         break;
94     case 256:
95         keySizeId =  KEY_SIZE_256_BIT;
96         break;
97     default:
98         return EXT_DMA_AES_ILLEGAL_KEY_SIZE_ERROR;
99     }
100 
101     mode = CC2DriverAesMode(operationMode);
102     /* In case of failure, the resources will be freed within the driver */
103     drvRc = AesExtDmaInit((cryptoDirection_t)encryptDecryptFlag, mode, keySizeId);
104     // "add driver to CC conversion"
105     return drvRc;
106 }
107 
mbedtls_aes_ext_dma_set_key(CCAesOperationMode_t operationMode,const unsigned char * key,unsigned int keybits)108 int  mbedtls_aes_ext_dma_set_key(
109         CCAesOperationMode_t operationMode,
110         const unsigned char *key,
111         unsigned int keybits )
112 {
113     drvError_t drvRc = AES_DRV_OK;
114     drvError_t rc = AES_DRV_OK;
115     keySizeId_t keySizeId;
116     uint32_t  keyBuffer[CC_AES_KEY_MAX_SIZE_IN_WORDS];
117     aesMode_t         mode;
118 
119     /* check the validity of the key data pointer */
120     if (key == NULL) {
121         drvRc = EXT_DMA_AES_ILLEGAL_KEY_SIZE_ERROR;
122         goto end;
123     }
124 
125     /* check if the operation mode is legal */
126     if ( (operationMode != CC_AES_MODE_ECB) &&
127          (operationMode != CC_AES_MODE_CBC) &&
128          (operationMode != CC_AES_MODE_CTR) &&
129          (operationMode != CC_AES_MODE_CBC_MAC) &&
130          (operationMode != CC_AES_MODE_CMAC)  &&
131          (operationMode != CC_AES_MODE_OFB)) {
132         drvRc = EXT_DMA_AES_ILLEGAL_OPERATION_MODE_ERROR;
133         goto end;
134     }
135 
136     /* check key size validity */
137     switch (keybits)
138     {
139     case 128:
140         keySizeId =  KEY_SIZE_128_BIT;
141         break;
142     case 192:
143         keySizeId =  KEY_SIZE_192_BIT;
144         break;
145     case 256:
146         keySizeId =  KEY_SIZE_256_BIT;
147         break;
148     default:
149         drvRc =  EXT_DMA_AES_ILLEGAL_KEY_SIZE_ERROR;
150         goto end;
151     }
152 
153     mode = CC2DriverAesMode(operationMode);
154     CC_PalMemCopy(keyBuffer, key, keybits/8);
155     drvRc = AesExtDmaSetKey(mode, keyBuffer, keySizeId);
156     if (drvRc != AES_DRV_OK)
157     {
158         goto end;
159     }
160     return AES_DRV_OK;
161 
162 end:
163     rc = terminateAesExtDma();
164     if (rc != 0) {
165         CC_PalAbort("Failed to terminateAesExtDma \n");
166     }
167     return drvRc;
168 }
169 
mbedtls_aes_ext_dma_set_data_size(uint32_t dataSize,CCAesOperationMode_t operationMode)170 int mbedtls_aes_ext_dma_set_data_size(uint32_t dataSize, CCAesOperationMode_t operationMode)
171 {
172     drvError_t drvRc = AES_DRV_OK;
173     drvError_t rc = AES_DRV_OK;
174 
175     /* check if the operation mode is legal */
176     if ( (operationMode != CC_AES_MODE_ECB) &&
177          (operationMode != CC_AES_MODE_CBC) &&
178          (operationMode != CC_AES_MODE_CTR) &&
179          (operationMode != CC_AES_MODE_CBC_MAC) &&
180          (operationMode != CC_AES_MODE_CMAC)  &&
181          (operationMode != CC_AES_MODE_OFB)) {
182         drvRc = EXT_DMA_AES_ILLEGAL_OPERATION_MODE_ERROR;
183         goto end;
184     }
185     /* Check the dataSize */
186     if ( (dataSize == 0) || (dataSize > CPU_DIN_MAX_SIZE) ){
187         drvRc = EXT_DMA_ILLEGAL_INPUT_SIZE_ERROR;
188         goto end;
189     }
190     if ( ( (operationMode == CC_AES_MODE_ECB) ||
191             (operationMode == CC_AES_MODE_CBC) ||
192             (operationMode == CC_AES_MODE_CBC_MAC) ) &&
193             (dataSize % AES_BLOCK_SIZE != 0)  ){
194         drvRc = EXT_DMA_ILLEGAL_INPUT_SIZE_ERROR;
195         goto end;
196     }
197 
198     /* Set data size */
199     AesExtDmaSetDataSize(dataSize);
200     return drvRc;
201 
202 end:
203     rc = terminateAesExtDma();
204     if (rc != 0) {
205         CC_PalAbort("Failed to terminateAesExtDma \n");
206     }
207     return drvRc;
208 }
209 
210 
mbedtls_aes_ext_dma_set_iv(CCAesOperationMode_t operationMode,unsigned char * iv,unsigned int iv_size)211 int mbedtls_aes_ext_dma_set_iv(
212     CCAesOperationMode_t operationMode,
213     unsigned char       * iv,
214     unsigned int          iv_size)
215 {
216 
217     drvError_t drvRc = AES_DRV_OK;
218     int rc;
219     aesMode_t  mode;
220     uint32_t   ivBuff[CC_AES_IV_SIZE_IN_WORDS];
221 
222     /* check if the operation mode is legal */
223     if ( (operationMode != CC_AES_MODE_ECB) &&
224          (operationMode != CC_AES_MODE_CBC) &&
225          (operationMode != CC_AES_MODE_CTR) &&
226          (operationMode != CC_AES_MODE_CBC_MAC) &&
227          (operationMode != CC_AES_MODE_CMAC)  &&
228          (operationMode != CC_AES_MODE_OFB)) {
229         drvRc = EXT_DMA_AES_ILLEGAL_OPERATION_MODE_ERROR;
230         goto end;
231     }
232 
233     if (iv == NULL || iv_size != CC_AES_IV_SIZE_IN_BYTES) {
234         drvRc = EXT_DMA_AES_INVALID_IV_OR_TWEAK_PTR_ERROR;
235         goto end;
236     }
237     mode = CC2DriverAesMode(operationMode);
238     CC_PalMemCopy((uint8_t *)ivBuff, iv, CC_AES_IV_SIZE_IN_BYTES);
239 
240     drvRc = AesExtDmaSetIv(mode, ivBuff);
241     if (drvRc != AES_DRV_OK)
242     {
243         goto end;
244     }
245     return AES_DRV_OK;
246 end:
247     rc = terminateAesExtDma();
248     if (rc != 0) {
249         CC_PalAbort("Failed to terminateAesExtDma \n");
250     }
251     return drvRc;
252 }
253 
254 
mbedtls_aes_ext_dma_finish(CCAesOperationMode_t operationMode,unsigned char * iv,unsigned int iv_size)255 int mbedtls_aes_ext_dma_finish(
256     CCAesOperationMode_t operationMode,
257     unsigned char       *iv,
258     unsigned int         iv_size )
259 {
260 
261     drvError_t      drvRc = AES_DRV_OK;
262     drvError_t      rc = AES_DRV_OK;
263     aesMode_t       mode;
264     uint32_t        ivBuff[CC_AES_IV_SIZE_IN_WORDS];
265 
266     /* check if the operation mode is legal */
267     if ( (operationMode != CC_AES_MODE_ECB) &&
268          (operationMode != CC_AES_MODE_CBC) &&
269          (operationMode != CC_AES_MODE_CTR) &&
270          (operationMode != CC_AES_MODE_CBC_MAC) &&
271          (operationMode != CC_AES_MODE_CMAC)  &&
272          (operationMode != CC_AES_MODE_OFB)) {
273         drvRc = EXT_DMA_AES_ILLEGAL_OPERATION_MODE_ERROR;
274         goto end;
275     }
276 
277     if ((operationMode == CC_AES_MODE_CBC_MAC || operationMode==CC_AES_MODE_CMAC) &&
278         (iv == NULL || iv_size != CC_AES_IV_SIZE_IN_BYTES) ) {
279         drvRc = EXT_DMA_AES_INVALID_IV_OR_TWEAK_PTR_ERROR;
280         goto end;
281     }
282     mode = CC2DriverAesMode(operationMode);
283 
284     drvRc = finalizeAesExtDma(mode, ivBuff);
285 
286     if ((operationMode == CC_AES_MODE_CBC_MAC || operationMode==CC_AES_MODE_CMAC) && (drvRc == AES_DRV_OK)) {
287         CC_PalMemCopy(iv, (uint8_t *)ivBuff, CC_AES_IV_SIZE_IN_BYTES);
288     }
289 
290 end:
291     rc = terminateAesExtDma();
292     if (rc != 0) {
293         CC_PalAbort("Failed to terminateAesExtDma \n");
294     }
295     return drvRc;
296 
297 }
298