mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #6041 from JacobBarthelmeh/seco

Browse Source 
Fix to mask the argument for enc/dec flag used with GCM/CCM in CAAM+SECO build
This commit is contained in:
David Garske 2023-02-02 08:32:48 -08:00 committed by GitHub
commit a4f55b01d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
wolfcrypt/src/port/caam/wolfcaam_seco.c
View File

@ -858,6 +858,7 @@ static hsm_err_t wc_SEC_AES_Common(unsigned int args[4], CAAM_BUFFER* buf,
int sz, hsm_op_cipher_one_go_algo_t algo,
uint8_t* in, int inSz, uint8_t* out, int outSz)
{
int dir;
hsm_hdl_t cipher_hdl;
open_svc_cipher_args_t open_args;
op_cipher_one_go_args_t cipher_args;
@ -872,7 +873,8 @@ static hsm_err_t wc_SEC_AES_Common(unsigned int args[4], CAAM_BUFFER* buf,
cipher_args.iv_size = buf[1].Length;
cipher_args.cipher_algo = algo;
if (args[0] == CAAM_DEC) {
dir = args[0] & 0xFFFF; /* extract direction enc/dec from input args */
if (dir == CAAM_DEC) {
cipher_args.flags = HSM_CIPHER_ONE_GO_FLAGS_DECRYPT;
}
else {
@ -930,6 +932,7 @@ static hsm_err_t wc_SECO_AESCCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
uint8_t* out;
int inSz;
int outSz;
int dir;
byte* cipherAndTag = NULL;
int cipherAndTagSz = 0;
@ -952,7 +955,8 @@ static hsm_err_t wc_SECO_AESCCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
cipherAndTagSz = buf[4].Length + buf[2].Length;
cipherAndTag = (byte*)XMALLOC(cipherAndTagSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (args[0] == CAAM_ENC) {
dir = args[0] & 0xFFFF; /* get if doing enc or dec */
if (dir == CAAM_ENC) {
in = (uint8_t*)buf[2].TheAddress;
inSz = buf[2].Length;
out = cipherAndTag;
@ -971,7 +975,7 @@ static hsm_err_t wc_SECO_AESCCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
err = wc_SEC_AES_Common(args, buf, sz, HSM_CIPHER_ONE_GO_ALGO_AES_CCM,
in, inSz, out, outSz);
if (err == HSM_NO_ERROR) {
if (args[0] == CAAM_ENC) {
if (dir == CAAM_ENC) {
XMEMCPY((uint8_t*)buf[4].TheAddress, cipherAndTag + inSz,
buf[4].Length);
XMEMCPY((uint8_t*)buf[3].TheAddress, cipherAndTag, buf[3].Length);
@ -994,14 +998,16 @@ static hsm_err_t wc_SECO_AESGCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
int outSz;
byte* cipherAndTag = NULL;
int cipherAndTagSz = 0;
int dir;
dir = args[0] & 0xFFFF; /* extract direction enc/dec from input args */
XMEMSET(&open_args, 0, sizeof(open_args));
err = hsm_open_cipher_service(key_store_hdl, &open_args, &cipher_hdl);
if (err == HSM_NO_ERROR) {
cipherAndTagSz = buf[4].Length + buf[2].Length;
cipherAndTag = (byte*)XMALLOC(cipherAndTagSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (args[0] == CAAM_ENC) {
if (dir == CAAM_ENC) {
in = (uint8_t*)buf[2].TheAddress;
inSz = buf[2].Length;
out = cipherAndTag;
@ -1027,7 +1033,7 @@ static hsm_err_t wc_SECO_AESGCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
auth_args.aad = (uint8_t*)buf[5].TheAddress;
auth_args.aad_size = buf[5].Length;
if (args[0] == CAAM_DEC) {
if (dir == CAAM_DEC) {
auth_args.flags = HSM_AUTH_ENC_FLAGS_DECRYPT;
}
else {
@ -1056,7 +1062,7 @@ static hsm_err_t wc_SECO_AESGCM(unsigned int args[4], CAAM_BUFFER* buf, int sz)
}
if (err == HSM_NO_ERROR) {
if (args[0] == CAAM_ENC) {
if (dir == CAAM_ENC) {
XMEMCPY((uint8_t*)buf[4].TheAddress, cipherAndTag + inSz,
buf[4].Length);
XMEMCPY((uint8_t*)buf[3].TheAddress, cipherAndTag, buf[3].Length);