drivers: caam: Update comments in ECC driver

There were some typos in comments in the code, updated them

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: caam: add CAAM key support for ECC

Add CAAM key support for ECC.
Add RSA black key support for key pair generation and sign/decrypt
functions.

Signed-off-by: Clement Faure <clement.faure@n

drivers: caam: add CAAM key support for ECC

Add CAAM key support for ECC.
Add RSA black key support for key pair generation and sign/decrypt
functions.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: sm2 operation fallback

Fallback to software operations for SM2.

Reverts the temporary solution implemented in commit '3489781e9072
("drivers: caam: disable CFG_CRYPTO_SM2_* when ECC

drivers: caam: sm2 operation fallback

Fallback to software operations for SM2.

Reverts the temporary solution implemented in commit '3489781e9072
("drivers: caam: disable CFG_CRYPTO_SM2_* when ECC CAAM driver is
enabled")'.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

drivers: caam: Fix for TLS1.3 handshake failure

There is a limitation on some of i.MX8M series platforms.
When the input is marked as a hash value, it is moved first into
the Class 2 Context Registe

drivers: caam: Fix for TLS1.3 handshake failure

There is a limitation on some of i.MX8M series platforms.
When the input is marked as a hash value, it is moved first into
the Class 2 Context Register, which is only 40 bytes long.
From there, it is copied into the PKHA.
If HASH is more than 40bytes, extra bytes become zero, which is not
proper message representative,so signatures generation/verification
go wrong.

This makes a limitation when the hash size is longer than 40 bytes
and the signature component/private key size is longer than 40 bytes
As a workaround when the input is marked as a message representative,
then a different path is taken to bring the value into CAAM,
and the value stays intact.

CFG_NXP_CAAM_C2_CTX_REG_WA config flag is added to enable/disable
this workaround.
Currently it is enabled by default for i.MX8M platforms.

Fixes: 4b383f736e9e ("drivers: caam: implement NXP CAAM Driver - DSA")
Fixes: 503b5c013761 ("drivers: caam: implement NXP CAAM Driver - ECC")
Link: https://github.com/OP-TEE/optee_os/issues/6492
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: add msg_type argument in DSA_SIGN/VERIFY macro

Add msg_type argument in DSA_SIGN/VERIFY macro.
Based on type of Message whether HASHED, Message representative, will
pass this argument

drivers: caam: add msg_type argument in DSA_SIGN/VERIFY macro

Add msg_type argument in DSA_SIGN/VERIFY macro.
Based on type of Message whether HASHED, Message representative, will
pass this argument.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto_bignum_free(): add indirection and set pointer to NULL

To prevent human mistake, crypto_bignum_free() sets the location of the
bignum pointer to NULL after freeing it.

Signed-off-by: J

core: crypto_bignum_free(): add indirection and set pointer to NULL

To prevent human mistake, crypto_bignum_free() sets the location of the
bignum pointer to NULL after freeing it.

Signed-off-by: Jihwan Park <jihwp@amazon.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

crypto_api: acipher: ecc key allocation API, pass the key type

For Elliptic Curve, the cryptographic API can fallback to its software
operation instead of failing due to the lack of hardware support

crypto_api: acipher: ecc key allocation API, pass the key type

For Elliptic Curve, the cryptographic API can fallback to its software
operation instead of failing due to the lack of hardware support.

The relevant code can be see seen in the function
crypto_acipher_alloc_ecc_keypair(..).

crypto_api/acipher/ecc.c however does not pass the key type to the
relevant driver and therefore the backend driver can not take the
correct action at allocation time.

This commit addresses that limitation.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

drivers: caam: ecc: key size must be a multiple of 8

Enforce the alignment required by the CAAM hardware.

Notice that the NIST-P521 curve uses a 521 bit private key
hence why this change is needed.

drivers: caam: ecc: key size must be a multiple of 8

Enforce the alignment required by the CAAM hardware.

Notice that the NIST-P521 curve uses a 521 bit private key
hence why this change is needed.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: acipher: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM acipher drivers, use the job ring allocated to OPTE

drivers: caam: acipher: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM acipher drivers, use the job ring allocated to OPTEE OS.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: caam: implement NXP CAAM Driver - ECC

Add ECC CAAM driver.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklande

drivers: caam: implement NXP CAAM Driver - ECC

Add ECC CAAM driver.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...