fix(intel): extending to support large file size for SHA2/HMAC get digest and verifying
This patch is to extend to support large file size for SHA2/HMAC get digest and verifying. The large file will be split into smaller chunk and send using initialize, update and finalize staging method. Signed-off-by: Yuslaimi, Alif Zakuan <alif.zakuan.yuslaimi@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com> Change-Id: I1815deeb61287b32c3e77c5ac1b547b79ef12674
This commit is contained in:
parent
1d97dd74cd
commit
70a7e6af95
|
@ -231,18 +231,19 @@ int intel_fcs_get_crypto_service_key_info(uint32_t session_id, uint32_t key_id,
|
|||
int intel_fcs_get_digest_init(uint32_t session_id, uint32_t context_id,
|
||||
uint32_t key_id, uint32_t param_size,
|
||||
uint64_t param_data, uint32_t *mbox_error);
|
||||
int intel_fcs_get_digest_finalize(uint32_t session_id, uint32_t context_id,
|
||||
int intel_fcs_get_digest_update_finalize(uint32_t session_id, uint32_t context_id,
|
||||
uint32_t src_addr, uint32_t src_size,
|
||||
uint64_t dst_addr, uint32_t *dst_size,
|
||||
uint32_t *mbox_error);
|
||||
uint8_t is_finalised, uint32_t *mbox_error);
|
||||
|
||||
int intel_fcs_mac_verify_init(uint32_t session_id, uint32_t context_id,
|
||||
uint32_t key_id, uint32_t param_size,
|
||||
uint64_t param_data, uint32_t *mbox_error);
|
||||
int intel_fcs_mac_verify_finalize(uint32_t session_id, uint32_t context_id,
|
||||
int intel_fcs_mac_verify_update_finalize(uint32_t session_id, uint32_t context_id,
|
||||
uint32_t src_addr, uint32_t src_size,
|
||||
uint64_t dst_addr, uint32_t *dst_size,
|
||||
uint32_t data_size, uint32_t *mbox_error);
|
||||
uint32_t data_size, uint8_t is_finalised,
|
||||
uint32_t *mbox_error);
|
||||
|
||||
int intel_fcs_ecdsa_hash_sign_init(uint32_t session_id, uint32_t context_id,
|
||||
uint32_t key_id, uint32_t param_size,
|
||||
|
|
|
@ -110,8 +110,10 @@
|
|||
#define INTEL_SIP_SMC_FCS_AES_CRYPT_UPDATE 0x42000075
|
||||
#define INTEL_SIP_SMC_FCS_AES_CRYPT_FINALIZE 0x42000076
|
||||
#define INTEL_SIP_SMC_FCS_GET_DIGEST_INIT 0xC2000077
|
||||
#define INTEL_SIP_SMC_FCS_GET_DIGEST_UPDATE 0xC2000078
|
||||
#define INTEL_SIP_SMC_FCS_GET_DIGEST_FINALIZE 0xC2000079
|
||||
#define INTEL_SIP_SMC_FCS_MAC_VERIFY_INIT 0xC200007A
|
||||
#define INTEL_SIP_SMC_FCS_MAC_VERIFY_UPDATE 0xC200007B
|
||||
#define INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE 0xC200007C
|
||||
#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_INIT 0xC200007D
|
||||
#define INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_FINALIZE 0xC200007F
|
||||
|
|
|
@ -844,13 +844,16 @@ int intel_fcs_get_digest_init(uint32_t session_id, uint32_t context_id,
|
|||
mbox_error);
|
||||
}
|
||||
|
||||
int intel_fcs_get_digest_finalize(uint32_t session_id, uint32_t context_id,
|
||||
uint32_t src_addr, uint32_t src_size,
|
||||
uint64_t dst_addr, uint32_t *dst_size,
|
||||
int intel_fcs_get_digest_update_finalize(uint32_t session_id,
|
||||
uint32_t context_id, uint32_t src_addr,
|
||||
uint32_t src_size, uint64_t dst_addr,
|
||||
uint32_t *dst_size, uint8_t is_finalised,
|
||||
uint32_t *mbox_error)
|
||||
{
|
||||
int status;
|
||||
uint32_t i;
|
||||
uint32_t flag;
|
||||
uint32_t crypto_header;
|
||||
uint32_t resp_len;
|
||||
uint32_t payload[FCS_GET_DIGEST_CMD_MAX_WORD_SIZE] = {0U};
|
||||
|
||||
|
@ -875,29 +878,48 @@ int intel_fcs_get_digest_finalize(uint32_t session_id, uint32_t context_id,
|
|||
|
||||
resp_len = *dst_size / MBOX_WORD_BYTE;
|
||||
|
||||
/* Prepare crypto header */
|
||||
flag = 0;
|
||||
|
||||
if (fcs_sha_get_digest_param.is_updated) {
|
||||
fcs_sha_get_digest_param.crypto_param_size = 0;
|
||||
} else {
|
||||
flag |= FCS_CS_FIELD_FLAG_INIT;
|
||||
}
|
||||
|
||||
if (is_finalised != 0U) {
|
||||
flag |= FCS_CS_FIELD_FLAG_FINALIZE;
|
||||
} else {
|
||||
flag |= FCS_CS_FIELD_FLAG_UPDATE;
|
||||
fcs_sha_get_digest_param.is_updated = 1;
|
||||
}
|
||||
|
||||
crypto_header = ((flag << FCS_CS_FIELD_FLAG_OFFSET) |
|
||||
(fcs_sha_get_digest_param.crypto_param_size &
|
||||
FCS_CS_FIELD_SIZE_MASK));
|
||||
|
||||
/* Prepare command payload */
|
||||
i = 0;
|
||||
/* Crypto header */
|
||||
payload[i] = fcs_sha_get_digest_param.session_id;
|
||||
i++;
|
||||
payload[i] = fcs_sha_get_digest_param.context_id;
|
||||
i++;
|
||||
payload[i] = fcs_sha_get_digest_param.crypto_param_size
|
||||
& FCS_CS_FIELD_SIZE_MASK;
|
||||
payload[i] |= (FCS_CS_FIELD_FLAG_INIT | FCS_CS_FIELD_FLAG_UPDATE
|
||||
| FCS_CS_FIELD_FLAG_FINALIZE)
|
||||
<< FCS_CS_FIELD_FLAG_OFFSET;
|
||||
i++;
|
||||
payload[i] = fcs_sha_get_digest_param.key_id;
|
||||
i++;
|
||||
/* Crypto parameters */
|
||||
payload[i] = fcs_sha_get_digest_param.crypto_param
|
||||
& INTEL_SIP_SMC_FCS_SHA_MODE_MASK;
|
||||
payload[i] |= ((fcs_sha_get_digest_param.crypto_param
|
||||
>> INTEL_SIP_SMC_FCS_DIGEST_SIZE_OFFSET)
|
||||
& INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK)
|
||||
<< FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
|
||||
payload[i] = crypto_header;
|
||||
i++;
|
||||
|
||||
if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
|
||||
FCS_CS_FIELD_FLAG_INIT) {
|
||||
payload[i] = fcs_sha_get_digest_param.key_id;
|
||||
i++;
|
||||
/* Crypto parameters */
|
||||
payload[i] = fcs_sha_get_digest_param.crypto_param
|
||||
& INTEL_SIP_SMC_FCS_SHA_MODE_MASK;
|
||||
payload[i] |= ((fcs_sha_get_digest_param.crypto_param
|
||||
>> INTEL_SIP_SMC_FCS_DIGEST_SIZE_OFFSET)
|
||||
& INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK)
|
||||
<< FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
|
||||
i++;
|
||||
}
|
||||
/* Data source address and size */
|
||||
payload[i] = src_addr;
|
||||
i++;
|
||||
|
@ -908,7 +930,10 @@ int intel_fcs_get_digest_finalize(uint32_t session_id, uint32_t context_id,
|
|||
payload, i, CMD_CASUAL,
|
||||
(uint32_t *) dst_addr, &resp_len);
|
||||
|
||||
memset((void *)&fcs_sha_get_digest_param, 0, sizeof(fcs_crypto_service_data));
|
||||
if (is_finalised != 0U) {
|
||||
memset((void *)&fcs_sha_get_digest_param, 0,
|
||||
sizeof(fcs_crypto_service_data));
|
||||
}
|
||||
|
||||
if (status < 0) {
|
||||
*mbox_error = -status;
|
||||
|
@ -931,13 +956,16 @@ int intel_fcs_mac_verify_init(uint32_t session_id, uint32_t context_id,
|
|||
mbox_error);
|
||||
}
|
||||
|
||||
int intel_fcs_mac_verify_finalize(uint32_t session_id, uint32_t context_id,
|
||||
uint32_t src_addr, uint32_t src_size,
|
||||
uint64_t dst_addr, uint32_t *dst_size,
|
||||
uint32_t data_size, uint32_t *mbox_error)
|
||||
int intel_fcs_mac_verify_update_finalize(uint32_t session_id,
|
||||
uint32_t context_id, uint32_t src_addr,
|
||||
uint32_t src_size, uint64_t dst_addr,
|
||||
uint32_t *dst_size, uint32_t data_size,
|
||||
uint8_t is_finalised, uint32_t *mbox_error)
|
||||
{
|
||||
int status;
|
||||
uint32_t i;
|
||||
uint32_t flag;
|
||||
uint32_t crypto_header;
|
||||
uint32_t resp_len;
|
||||
uint32_t payload[FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
|
||||
uintptr_t mac_offset;
|
||||
|
@ -967,45 +995,70 @@ int intel_fcs_mac_verify_finalize(uint32_t session_id, uint32_t context_id,
|
|||
|
||||
resp_len = *dst_size / MBOX_WORD_BYTE;
|
||||
|
||||
/* Prepare crypto header */
|
||||
flag = 0;
|
||||
|
||||
if (fcs_sha_mac_verify_param.is_updated) {
|
||||
fcs_sha_mac_verify_param.crypto_param_size = 0;
|
||||
} else {
|
||||
flag |= FCS_CS_FIELD_FLAG_INIT;
|
||||
}
|
||||
|
||||
if (is_finalised) {
|
||||
flag |= FCS_CS_FIELD_FLAG_FINALIZE;
|
||||
} else {
|
||||
flag |= FCS_CS_FIELD_FLAG_UPDATE;
|
||||
fcs_sha_mac_verify_param.is_updated = 1;
|
||||
}
|
||||
|
||||
crypto_header = ((flag << FCS_CS_FIELD_FLAG_OFFSET) |
|
||||
(fcs_sha_mac_verify_param.crypto_param_size &
|
||||
FCS_CS_FIELD_SIZE_MASK));
|
||||
|
||||
/* Prepare command payload */
|
||||
i = 0;
|
||||
/* Crypto header */
|
||||
payload[i] = fcs_sha_mac_verify_param.session_id;
|
||||
i++;
|
||||
payload[i] = fcs_sha_mac_verify_param.context_id;
|
||||
i++;
|
||||
payload[i] = fcs_sha_mac_verify_param.crypto_param_size
|
||||
& FCS_CS_FIELD_SIZE_MASK;
|
||||
payload[i] |= (FCS_CS_FIELD_FLAG_INIT | FCS_CS_FIELD_FLAG_UPDATE
|
||||
| FCS_CS_FIELD_FLAG_FINALIZE)
|
||||
<< FCS_CS_FIELD_FLAG_OFFSET;
|
||||
i++;
|
||||
payload[i] = fcs_sha_mac_verify_param.key_id;
|
||||
i++;
|
||||
/* Crypto parameters */
|
||||
payload[i] = ((fcs_sha_mac_verify_param.crypto_param
|
||||
>> INTEL_SIP_SMC_FCS_DIGEST_SIZE_OFFSET)
|
||||
& INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK)
|
||||
<< FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
|
||||
payload[i] = crypto_header;
|
||||
i++;
|
||||
|
||||
if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
|
||||
FCS_CS_FIELD_FLAG_INIT) {
|
||||
payload[i] = fcs_sha_mac_verify_param.key_id;
|
||||
i++;
|
||||
/* Crypto parameters */
|
||||
payload[i] = ((fcs_sha_mac_verify_param.crypto_param
|
||||
>> INTEL_SIP_SMC_FCS_DIGEST_SIZE_OFFSET)
|
||||
& INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK)
|
||||
<< FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
|
||||
i++;
|
||||
}
|
||||
/* Data source address and size */
|
||||
payload[i] = src_addr;
|
||||
i++;
|
||||
payload[i] = data_size;
|
||||
i++;
|
||||
/* Copy mac data to command */
|
||||
mac_offset = src_addr + data_size;
|
||||
memcpy((uint8_t *) &payload[i], (uint8_t *) mac_offset,
|
||||
src_size - data_size);
|
||||
|
||||
i += (src_size - data_size) / MBOX_WORD_BYTE;
|
||||
if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
|
||||
FCS_CS_FIELD_FLAG_FINALIZE) {
|
||||
/* Copy mac data to command */
|
||||
mac_offset = src_addr + data_size;
|
||||
memcpy((uint8_t *) &payload[i], (uint8_t *) mac_offset,
|
||||
src_size - data_size);
|
||||
|
||||
i += (src_size - data_size) / MBOX_WORD_BYTE;
|
||||
}
|
||||
|
||||
status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_MAC_VERIFY_REQ,
|
||||
payload, i, CMD_CASUAL,
|
||||
(uint32_t *) dst_addr, &resp_len);
|
||||
|
||||
memset((void *)&fcs_sha_mac_verify_param, 0,
|
||||
sizeof(fcs_crypto_service_data));
|
||||
if (is_finalised) {
|
||||
memset((void *)&fcs_sha_mac_verify_param, 0,
|
||||
sizeof(fcs_crypto_service_data));
|
||||
}
|
||||
|
||||
if (status < 0) {
|
||||
*mbox_error = -status;
|
||||
|
|
|
@ -903,11 +903,20 @@ uintptr_t sip_smc_handler_v1(uint32_t smc_fid,
|
|||
x4, x5, &mbox_error);
|
||||
SMC_RET2(handle, status, mbox_error);
|
||||
|
||||
case INTEL_SIP_SMC_FCS_GET_DIGEST_UPDATE:
|
||||
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
|
||||
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
|
||||
status = intel_fcs_get_digest_update_finalize(x1, x2, x3,
|
||||
x4, x5, (uint32_t *) &x6, false,
|
||||
&mbox_error);
|
||||
SMC_RET4(handle, status, mbox_error, x5, x6);
|
||||
|
||||
case INTEL_SIP_SMC_FCS_GET_DIGEST_FINALIZE:
|
||||
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
|
||||
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
|
||||
status = intel_fcs_get_digest_finalize(x1, x2, x3,
|
||||
x4, x5, (uint32_t *) &x6, &mbox_error);
|
||||
status = intel_fcs_get_digest_update_finalize(x1, x2, x3,
|
||||
x4, x5, (uint32_t *) &x6, true,
|
||||
&mbox_error);
|
||||
SMC_RET4(handle, status, mbox_error, x5, x6);
|
||||
|
||||
case INTEL_SIP_SMC_FCS_MAC_VERIFY_INIT:
|
||||
|
@ -916,12 +925,22 @@ uintptr_t sip_smc_handler_v1(uint32_t smc_fid,
|
|||
x4, x5, &mbox_error);
|
||||
SMC_RET2(handle, status, mbox_error);
|
||||
|
||||
case INTEL_SIP_SMC_FCS_MAC_VERIFY_UPDATE:
|
||||
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
|
||||
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
|
||||
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
|
||||
status = intel_fcs_mac_verify_update_finalize(x1, x2, x3,
|
||||
x4, x5, (uint32_t *) &x6, x7,
|
||||
false, &mbox_error);
|
||||
SMC_RET4(handle, status, mbox_error, x5, x6);
|
||||
|
||||
case INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE:
|
||||
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
|
||||
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
|
||||
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
|
||||
status = intel_fcs_mac_verify_finalize(x1, x2, x3,
|
||||
x4, x5, (uint32_t *) &x6, x7, &mbox_error);
|
||||
status = intel_fcs_mac_verify_update_finalize(x1, x2, x3,
|
||||
x4, x5, (uint32_t *) &x6, x7,
|
||||
true, &mbox_error);
|
||||
SMC_RET4(handle, status, mbox_error, x5, x6);
|
||||
|
||||
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_INIT:
|
||||
|
|
Loading…
Reference in New Issue