From 2b20026dd755706934f8f8e1a192bffdfc3d717c Mon Sep 17 00:00:00 2001 From: Amaury Pouly Date: Sun, 1 Jan 2017 20:48:05 +0100 Subject: imxtools/sbtools: rework cryptography It was a mess, a mix of crypto_* and cbc_mac calls. I made everything call crypto functions, and also separate key setup from cryptographic operations, this will be useful to speed up the code in the upcoming commits. Drop support for "usbotp" key, since the crypto code for that was never mainlined and we can always get the keys from a device as long as we have code execution (using the DCP debug registers). Change-Id: I7aa24d12207ffb744225d1b9cc7cb1dc7281dd22 --- utils/imxtools/sbtools/crypto.h | 49 +++++++++++++++++------------------------ 1 file changed, 20 insertions(+), 29 deletions(-) (limited to 'utils/imxtools/sbtools/crypto.h') diff --git a/utils/imxtools/sbtools/crypto.h b/utils/imxtools/sbtools/crypto.h index 6751c2e861..9944289a4f 100644 --- a/utils/imxtools/sbtools/crypto.h +++ b/utils/imxtools/sbtools/crypto.h @@ -24,6 +24,11 @@ #include #include #include +#include + +#ifdef __cplusplus +extern "C" { +#endif typedef uint8_t byte; @@ -48,32 +53,8 @@ enum crypto_method_t CRYPTO_NONE, /* disable */ CRYPTO_KEY, /* key */ CRYPTO_XOR_KEY, /* XOR key */ - CRYPTO_USBOTP, /* use usbotp device */ }; -/* parameter can be: - * - CRYPTO_KEY: array of 16-bytes (the key) - * - CRYPTO_USBOTP: 32-bit integer: vid << 16 | pid */ -void crypto_setup(enum crypto_method_t method, void *param); - -#define CRYPTO_ERROR_SUCCESS 0 -#define CRYPTO_ERROR_BADSETUP -1 /* bad crypto setup */ -#define CRYPTO_ERROR_NODEVICE -2 /* no device with vid:pid */ -#define CRYPTO_ERROR_BADENDP -3 /* device doesn't have the required endpoints */ -#define CRYPTO_ERROR_CLAIMFAIL -4 /* device interface claim error */ -#define CRYPTO_ERROR_DEVREJECT -5 /* device rejected cypto operation */ -#define CRYPTO_ERROR_DEVSILENT -6 /* device did not notify completion */ -#define CRYPTO_ERROR_DEVERR -7 /* device did something wrong (like return too small buffer) */ -#define CRYPTO_NUM_ERRORS 8 -/* return 0 on success, <0 on error */ -int crypto_apply( - byte *in_data, /* Input data */ - byte *out_data, /* Output data (or NULL) */ - int nr_blocks, /* Number of blocks (one block=16 bytes) */ - byte iv[16], /* IV */ - byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */ - int encrypt); - union xorcrypt_key_t { uint8_t key[64]; @@ -88,19 +69,25 @@ struct crypto_key_t { byte key[16]; union xorcrypt_key_t xor_key[2]; - uint32_t vid_pid; - byte param[0]; }u; }; -int crypto_cbc( +#define CRYPTO_ERROR_SUCCESS 0 +#define CRYPTO_ERROR_BADSETUP -1 + +/* parameter can be: + * - CRYPTO_KEY: array of 16-bytes (the key) + * return 0 on success, <0 on error */ +int crypto_setup(struct crypto_key_t *key); + +/* return 0 on success, <0 on error */ +int crypto_apply( byte *in_data, /* Input data */ byte *out_data, /* Output data (or NULL) */ int nr_blocks, /* Number of blocks (one block=16 bytes) */ - struct crypto_key_t *key, /* Key */ byte iv[16], /* IV */ byte (*out_cbc_mac)[16], /* CBC-MAC of the result (or NULL) */ - int encrypt); + bool encrypt); /* crc.c */ uint32_t crc(byte *data, int size); @@ -127,4 +114,8 @@ uint32_t xor_encrypt(union xorcrypt_key_t keys[2], void *data, int size); uint32_t xor_decrypt(union xorcrypt_key_t keys[2], void *data, int size); void xor_generate_key(uint32_t laserfuse[3], union xorcrypt_key_t key[2]); +#ifdef __cplusplus +} +#endif + #endif /* __CRYPTO_H__ */ -- cgit v1.2.3