diff options
author | Amaury Pouly <amaury.pouly@gmail.com> | 2017-01-01 20:48:05 +0100 |
---|---|---|
committer | Amaury Pouly <amaury.pouly@gmail.com> | 2017-01-16 19:58:24 +0100 |
commit | 2b20026dd755706934f8f8e1a192bffdfc3d717c (patch) | |
tree | 3c8bb119ab5e9d3f62093563e99609c7dc2a8f2f /utils/imxtools/sbtools/crypto.h | |
parent | cb8a98e365c0b69e068dc077eb5d68dd4a29a1ad (diff) | |
download | rockbox-2b20026dd755706934f8f8e1a192bffdfc3d717c.tar.gz rockbox-2b20026dd755706934f8f8e1a192bffdfc3d717c.zip |
imxtools/sbtools: rework cryptography
It was a mess, a mix of crypto_* and cbc_mac calls. I made everything call crypto
functions, and also separate key setup from cryptographic operations, this will
be useful to speed up the code in the upcoming commits. Drop support for "usbotp"
key, since the crypto code for that was never mainlined and we can always get the
keys from a device as long as we have code execution (using the DCP debug registers).
Change-Id: I7aa24d12207ffb744225d1b9cc7cb1dc7281dd22
Diffstat (limited to 'utils/imxtools/sbtools/crypto.h')
-rw-r--r-- | utils/imxtools/sbtools/crypto.h | 49 |
1 files changed, 20 insertions, 29 deletions
diff --git a/utils/imxtools/sbtools/crypto.h b/utils/imxtools/sbtools/crypto.h index 6751c2e861..9944289a4f 100644 --- a/utils/imxtools/sbtools/crypto.h +++ b/utils/imxtools/sbtools/crypto.h | |||
@@ -24,6 +24,11 @@ | |||
24 | #include <stdio.h> | 24 | #include <stdio.h> |
25 | #include <stdint.h> | 25 | #include <stdint.h> |
26 | #include <string.h> | 26 | #include <string.h> |
27 | #include <stdbool.h> | ||
28 | |||
29 | #ifdef __cplusplus | ||
30 | extern "C" { | ||
31 | #endif | ||
27 | 32 | ||
28 | typedef uint8_t byte; | 33 | typedef uint8_t byte; |
29 | 34 | ||
@@ -48,32 +53,8 @@ enum crypto_method_t | |||
48 | CRYPTO_NONE, /* disable */ | 53 | CRYPTO_NONE, /* disable */ |
49 | CRYPTO_KEY, /* key */ | 54 | CRYPTO_KEY, /* key */ |
50 | CRYPTO_XOR_KEY, /* XOR key */ | 55 | CRYPTO_XOR_KEY, /* XOR key */ |
51 | CRYPTO_USBOTP, /* use usbotp device */ | ||
52 | }; | 56 | }; |
53 | 57 | ||
54 | /* parameter can be: | ||
55 | * - CRYPTO_KEY: array of 16-bytes (the key) | ||
56 | * - CRYPTO_USBOTP: 32-bit integer: vid << 16 | pid */ | ||
57 | void crypto_setup(enum crypto_method_t method, void *param); | ||
58 | |||
59 | #define CRYPTO_ERROR_SUCCESS 0 | ||
60 | #define CRYPTO_ERROR_BADSETUP -1 /* bad crypto setup */ | ||
61 | #define CRYPTO_ERROR_NODEVICE -2 /* no device with vid:pid */ | ||
62 | #define CRYPTO_ERROR_BADENDP -3 /* device doesn't have the required endpoints */ | ||
63 | #define CRYPTO_ERROR_CLAIMFAIL -4 /* device interface claim error */ | ||
64 | #define CRYPTO_ERROR_DEVREJECT -5 /* device rejected cypto operation */ | ||
65 | #define CRYPTO_ERROR_DEVSILENT -6 /* device did not notify completion */ | ||
66 | #define CRYPTO_ERROR_DEVERR -7 /* device did something wrong (like return too small buffer) */ | ||
67 | #define CRYPTO_NUM_ERRORS 8 | ||
68 | /* return 0 on success, <0 on error */ | ||
69 | int crypto_apply( | ||
70 | byte *in_data, /* Input data */ | ||
71 | byte *out_data, /* Output data (or NULL) */ | ||
72 | int nr_blocks, /* Number of blocks (one block=16 bytes) */ | ||
73 | byte iv[16], /* IV */ | ||
74 | byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */ | ||
75 | int encrypt); | ||
76 | |||
77 | union xorcrypt_key_t | 58 | union xorcrypt_key_t |
78 | { | 59 | { |
79 | uint8_t key[64]; | 60 | uint8_t key[64]; |
@@ -88,19 +69,25 @@ struct crypto_key_t | |||
88 | { | 69 | { |
89 | byte key[16]; | 70 | byte key[16]; |
90 | union xorcrypt_key_t xor_key[2]; | 71 | union xorcrypt_key_t xor_key[2]; |
91 | uint32_t vid_pid; | ||
92 | byte param[0]; | ||
93 | }u; | 72 | }u; |
94 | }; | 73 | }; |
95 | 74 | ||
96 | int crypto_cbc( | 75 | #define CRYPTO_ERROR_SUCCESS 0 |
76 | #define CRYPTO_ERROR_BADSETUP -1 | ||
77 | |||
78 | /* parameter can be: | ||
79 | * - CRYPTO_KEY: array of 16-bytes (the key) | ||
80 | * return 0 on success, <0 on error */ | ||
81 | int crypto_setup(struct crypto_key_t *key); | ||
82 | |||
83 | /* return 0 on success, <0 on error */ | ||
84 | int crypto_apply( | ||
97 | byte *in_data, /* Input data */ | 85 | byte *in_data, /* Input data */ |
98 | byte *out_data, /* Output data (or NULL) */ | 86 | byte *out_data, /* Output data (or NULL) */ |
99 | int nr_blocks, /* Number of blocks (one block=16 bytes) */ | 87 | int nr_blocks, /* Number of blocks (one block=16 bytes) */ |
100 | struct crypto_key_t *key, /* Key */ | ||
101 | byte iv[16], /* IV */ | 88 | byte iv[16], /* IV */ |
102 | byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */ | 89 | byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */ |
103 | int encrypt); | 90 | bool encrypt); |
104 | 91 | ||
105 | /* crc.c */ | 92 | /* crc.c */ |
106 | uint32_t crc(byte *data, int size); | 93 | uint32_t crc(byte *data, int size); |
@@ -127,4 +114,8 @@ uint32_t xor_encrypt(union xorcrypt_key_t keys[2], void *data, int size); | |||
127 | uint32_t xor_decrypt(union xorcrypt_key_t keys[2], void *data, int size); | 114 | uint32_t xor_decrypt(union xorcrypt_key_t keys[2], void *data, int size); |
128 | void xor_generate_key(uint32_t laserfuse[3], union xorcrypt_key_t key[2]); | 115 | void xor_generate_key(uint32_t laserfuse[3], union xorcrypt_key_t key[2]); |
129 | 116 | ||
117 | #ifdef __cplusplus | ||
118 | } | ||
119 | #endif | ||
120 | |||
130 | #endif /* __CRYPTO_H__ */ | 121 | #endif /* __CRYPTO_H__ */ |