diff options
| author | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2020-03-09 15:23:22 +0000 |
|---|---|---|
| committer | TrustedFirmware Code Review <review@review.trustedfirmware.org> | 2020-03-09 15:23:22 +0000 |
| commit | 091576e7f1fa0ca7360732d290a28ff2dc2a16e6 (patch) | |
| tree | 7655976d4976e3bf991b7e110c64040c325426db /drivers/auth/crypto_mod.c | |
| parent | a3d0fa3144b891c7499098550c4c32c167ee2cc8 (diff) | |
| parent | 4ebbea9592ab37fc62217d0ac62fa13a3e063527 (diff) | |
| download | platform_external_arm-trusted-firmware-091576e7f1fa0ca7360732d290a28ff2dc2a16e6.tar.gz platform_external_arm-trusted-firmware-091576e7f1fa0ca7360732d290a28ff2dc2a16e6.tar.bz2 platform_external_arm-trusted-firmware-091576e7f1fa0ca7360732d290a28ff2dc2a16e6.zip | |
Merge changes from topic "tbbr/fw_enc" into integration
* changes:
docs: qemu: Add instructions to boot using FIP image
docs: Update docs with firmware encryption feature
qemu: Support optional encryption of BL31 and BL32 images
qemu: Update flash address map to keep FIP in secure FLASH0
Makefile: Add support to optionally encrypt BL31 and BL32
tools: Add firmware authenticated encryption tool
TBB: Add an IO abstraction layer to load encrypted firmwares
drivers: crypto: Add authenticated decryption framework
Diffstat (limited to 'drivers/auth/crypto_mod.c')
| -rw-r--r-- | drivers/auth/crypto_mod.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/drivers/auth/crypto_mod.c b/drivers/auth/crypto_mod.c index 110c5045f..c63ff080f 100644 --- a/drivers/auth/crypto_mod.c +++ b/drivers/auth/crypto_mod.c @@ -124,3 +124,35 @@ int crypto_mod_calc_hash(unsigned int alg, void *data_ptr, return crypto_lib_desc.calc_hash(alg, data_ptr, data_len, output); } #endif /* MEASURED_BOOT */ + +/* + * Authenticated decryption of data + * + * Parameters: + * + * dec_algo: authenticated decryption algorithm + * data_ptr, len: data to be decrypted (inout param) + * key, key_len, key_flags: symmetric decryption key + * iv, iv_len: initialization vector + * tag, tag_len: authentication tag + */ +int crypto_mod_auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr, + size_t len, const void *key, unsigned int key_len, + unsigned int key_flags, const void *iv, + unsigned int iv_len, const void *tag, + unsigned int tag_len) +{ + assert(crypto_lib_desc.auth_decrypt != NULL); + assert(data_ptr != NULL); + assert(len != 0U); + assert(key != NULL); + assert(key_len != 0U); + assert(iv != NULL); + assert((iv_len != 0U) && (iv_len <= CRYPTO_MAX_IV_SIZE)); + assert(tag != NULL); + assert((tag_len != 0U) && (tag_len <= CRYPTO_MAX_TAG_SIZE)); + + return crypto_lib_desc.auth_decrypt(dec_algo, data_ptr, len, key, + key_len, key_flags, iv, iv_len, tag, + tag_len); +} |