| #
8938a34f |
| 06-Jun-2025 |
Mark Dykes <mark.dykes@arm.com> |
Merge changes I23e51bf9,I0fa9adaf into integration
* changes:
fix(intel): verify data size in AES GCM and GCM-GHASH modes
fix(intel): update FCS AES method for GCM block modes
|
| #
34f092a1 |
| 21-Mar-2025 |
Girisha Dengi <girisha.dengi@intel.com> |
fix(intel): verify data size in AES GCM and GCM-GHASH modes
On the Agilex5 platform, in the FCS AES GCM and GCM-GHASH
modes enc/dec data size should be 0 or multiple of 16bytes.
Change-Id: I23e51bf
fix(intel): verify data size in AES GCM and GCM-GHASH modes
On the Agilex5 platform, in the FCS AES GCM and GCM-GHASH
modes enc/dec data size should be 0 or multiple of 16bytes.
Change-Id: I23e51bf942771e74d16f8a87fbfdbf36ef3c3893
Signed-off-by: Girisha Dengi <girisha.dengi@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@altera.com>
show more ...
|
| #
1e1dbad0 |
| 12-Mar-2025 |
Girisha Dengi <girisha.dengi@intel.com> |
fix(intel): update FCS AES method for GCM block modes
On the Agilex5 platform, AES enc/dec with GCM and GCM-GHASH
modes, the source and destination size should be in multiples
of 16 bytes. For other
fix(intel): update FCS AES method for GCM block modes
On the Agilex5 platform, AES enc/dec with GCM and GCM-GHASH
modes, the source and destination size should be in multiples
of 16 bytes. For other platforms and other modes, it should
be in multiples of 32 bytes.
Change-Id: I0fa9adafb5d7fc4c794a4acb9339cf8259df0c78
Signed-off-by: Girisha Dengi <girisha.dengi@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@altera.com>
show more ...
|
| #
e86efe4b |
| 31-Mar-2025 |
Yann Gautier <yann.gautier@st.com> |
Merge changes I1dfb95aa,I9eb61c48 into integration
* changes:
feat(intel): support FCS commands with SiPSVC V3 framework
feat(intel): implementation of SiPSVC-V3 protocol framework
|
| #
597fff5f |
| 15-Nov-2024 |
Girisha Dengi <girisha.dengi@intel.com> |
feat(intel): support FCS commands with SiPSVC V3 framework
Support all the FCS(FPGA Crypto Service) commands with
SiPSVC verson3 framework.
Change-Id: I1dfb95aaddf7111325ce0082eb26f7a201001141
Sign
feat(intel): support FCS commands with SiPSVC V3 framework
Support all the FCS(FPGA Crypto Service) commands with
SiPSVC verson3 framework.
Change-Id: I1dfb95aaddf7111325ce0082eb26f7a201001141
Signed-off-by: Girisha Dengi <girisha.dengi@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@altera.com>
show more ...
|
| #
2abbb457 |
| 24-May-2023 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge "fix(intel): update checking for memcpy and memset" into integration
|
| #
c418064e |
| 17-May-2023 |
Jit Loon Lim <jit.loon.lim@intel.com> |
fix(intel): update checking for memcpy and memset
Add checking on the size of source data does not exceed source size
when using memcpy and memset.
Add checking on the size of source data in FPGA C
fix(intel): update checking for memcpy and memset
Add checking on the size of source data does not exceed source size
when using memcpy and memset.
Add checking on the size of source data in FPGA Crypto Service does
not exceed the maximum of expected data size and does not meet the
minimum of expected data size.
Signed-off-by: Phui Kei Wong <phui.kei.wong@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: Idb18f05c18d9142fbe703c3f4075341d179d8bad
show more ...
|
| #
cd3a7794 |
| 06-Dec-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge "feat(intel): extending to support SMMU in FCS" into integration
|
| #
9ccdfc44 |
| 06-Dec-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge "fix(intel): fix fcs_client crashed when increased param size" into integration
|
| #
c42402cd |
| 13-Sep-2022 |
Jit Loon Lim <jit.loon.lim@intel.com> |
fix(intel): fix fcs_client crashed when increased param size
No overflow buffer checking for param size. There is a security threat.
Update code to check for param size according to cryto param mode
fix(intel): fix fcs_client crashed when increased param size
No overflow buffer checking for param size. There is a security threat.
Update code to check for param size according to cryto param mode.
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I37a2d047edd9ff835b3f0986d85309c402887bef
show more ...
|
| #
4687021d |
| 28-Sep-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): extending to support SMMU in FCS
This patch is to extend support SMMU in FCS GET_DIGEST, MAC_VERIFY,
ECDSA_SHA2_DATA_SIGNING and ECDSA_SHA2_DATA_SIGNATURE_VERIFY.
It also will change to
feat(intel): extending to support SMMU in FCS
This patch is to extend support SMMU in FCS GET_DIGEST, MAC_VERIFY,
ECDSA_SHA2_DATA_SIGNING and ECDSA_SHA2_DATA_SIGNATURE_VERIFY.
It also will change to use asynchronous mailbox send command to improve
fcs_client timing performance.
Increase the SIP_SVC_VERSION_MAJOR because SMMU support is not backward
compatible.
Increase the SIP_SVC_VERSION_MINOR because 8 news function IDs are
introduced.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I15e619e246531b065451f9b201646f3c50e26307
show more ...
|
| #
868f9768 |
| 12-May-2022 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
Merge changes Ie9451e35,I1815deeb,If277b2b3,Ie2ceaf24,I7996d505, ... into integration
* changes:
fix(intel): add flash dcache after return response for INTEL_SIP_SMC_MBOX_SEND_CMD
fix(intel): ex
Merge changes Ie9451e35,I1815deeb,If277b2b3,Ie2ceaf24,I7996d505, ... into integration
* changes:
fix(intel): add flash dcache after return response for INTEL_SIP_SMC_MBOX_SEND_CMD
fix(intel): extending to support large file size for SHA2/HMAC get digest and verifying
fix(intel): extending to support large file size for SHA-2 ECDSA data signing and signature verifying
fix(intel): extending to support large file size for AES encryption and decryption
feat(intel): support version 2 SiP SVC SMC function ID for mailbox commands
feat(intel): support version 2 SiP SVC SMC function ID for non-mailbox commands
fix(intel): update certificate mask for FPGA Attestation
feat(intel): update to support maximum response data size
feat(intel): support ECDSA HASH Verification
feat(intel): support ECDSA HASH Signing
feat(intel): support ECDH request
feat(intel): support ECDSA SHA-2 Data Signature Verification
feat(intel): support ECDSA SHA-2 Data Signing
feat(intel): support ECDSA Get Public Key
feat(intel): support session based SDOS encrypt and decrypt
feat(intel): support AES Crypt Service
feat(intel): support HMAC SHA-2 MAC verify request
feat(intel): support SHA-2 hash digest generation on a blob
feat(intel): support extended random number generation
feat(intel): support crypto service key operation
feat(intel): support crypto service session
feat(intel): extend attestation service to Agilex family
fix(intel): flush dcache before sending certificate to mailbox
fix(intel): introduce a generic response error code
fix(intel): allow non-secure access to FPGA Crypto Services (FCS)
feat(intel): single certificate feature enablement
feat(intel): initial commit for attestation service
fix(intel): update encryption and decryption command logic
show more ...
|
| #
70a7e6af |
| 28-Apr-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
fix(intel): extending to support large file size for SHA2/HMAC get digest and verifying
This patch is to extend to support large file size
for SHA2/HMAC get digest and verifying. The large
file will
fix(intel): extending to support large file size for SHA2/HMAC get digest and verifying
This patch is to extend to support large file size
for SHA2/HMAC get digest and verifying. The large
file will be split into smaller chunk and send using
initialize, update and finalize staging method.
Signed-off-by: Yuslaimi, Alif Zakuan <alif.zakuan.yuslaimi@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I1815deeb61287b32c3e77c5ac1b547b79ef12674
show more ...
|
| #
1d97dd74 |
| 28-Apr-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
fix(intel): extending to support large file size for SHA-2 ECDSA data signing and signature verifying
This patch is to extend to support large file size
for SHA-2 ECDSA data signing and signature ve
fix(intel): extending to support large file size for SHA-2 ECDSA data signing and signature verifying
This patch is to extend to support large file size
for SHA-2 ECDSA data signing and signature verifying.
The large file will be split into smaller chunk and
send using initialize, update and finalize staging method.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: If277b2b375a404fe44b0858006c8ba6316a5ce23
show more ...
|
| #
dcb144f1 |
| 28-Apr-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
fix(intel): extending to support large file size for AES encryption and decryption
This patch is to extend to support large file size
for AES encryption and decryption. The large file
will be split
fix(intel): extending to support large file size for AES encryption and decryption
This patch is to extend to support large file size
for AES encryption and decryption. The large file
will be split into smaller chunk and send using
initialize, update and finalize staging method.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ie2ceaf247e0d7082aad84faf399fbd18d129c36a
show more ...
|
| #
fe5637f2 |
| 30-Aug-2021 |
Boon Khai Ng <boon.khai.ng@intel.com> |
fix(intel): update certificate mask for FPGA Attestation
Update the certificate mask to 0xff to cover all certificate
in Agilex family.
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-o
fix(intel): update certificate mask for FPGA Attestation
Update the certificate mask to 0xff to cover all certificate
in Agilex family.
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Id40bc3aa4b3e4f7568a58581bbb03a75b0f20a0b
show more ...
|
| #
7e25eb87 |
| 10-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support ECDSA HASH Verification
Supporting the command to send digital signature verification
request on a data blob. This include ECC algorithm such as
NISP P-256, NISP P-384, Brainpoo
feat(intel): support ECDSA HASH Verification
Supporting the command to send digital signature verification
request on a data blob. This include ECC algorithm such as
NISP P-256, NISP P-384, Brainpool 256 and, Branpool 384
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ic86f531bfe7cc7606699f2b064ac677aaf806a76
show more ...
|
| #
69254105 |
| 10-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support ECDSA HASH Signing
Supporting the command to send digital signature signing
request on a data blob. This include ECC algorithm such as
NISP P-256, NISP P-384, Brainpool 256 and,
feat(intel): support ECDSA HASH Signing
Supporting the command to send digital signature signing
request on a data blob. This include ECC algorithm such as
NISP P-256, NISP P-384, Brainpool 256 and, Branpool 384
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I12cf0f1ceaf07c33a110eae398d3ad82a9b13d38
show more ...
|
| #
49446866 |
| 10-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support ECDH request
This command sends the request on generating a share secret on
Diffie-Hellman key exchange.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-
feat(intel): support ECDH request
This command sends the request on generating a share secret on
Diffie-Hellman key exchange.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ic7c8470cf036ea8c17bf87401f49936950b3e1d6
show more ...
|
| #
58305060 |
| 11-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support ECDSA SHA-2 Data Signature Verification
This command support ECC based signature verification on a blob.
Supported ECC algorithm are NISP P-256, NISP P-384, Brainpool 256
and Br
feat(intel): support ECDSA SHA-2 Data Signature Verification
This command support ECC based signature verification on a blob.
Supported ECC algorithm are NISP P-256, NISP P-384, Brainpool 256
and Brainpool 384.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I7f43d2a69bbe6693ec1bb90f32b817cf00f9f5ae
show more ...
|
| #
07912da1 |
| 10-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support ECDSA SHA-2 Data Signing
This command support ECC based signing on a blob. Supported ECC algorithm
are NISP P-256, NISP P-384, Brainpool 256 and Brainpool 384.
Signed-off-by: S
feat(intel): support ECDSA SHA-2 Data Signing
This command support ECC based signing on a blob. Supported ECC algorithm
are NISP P-256, NISP P-384, Brainpool 256 and Brainpool 384.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I82f95ddafa6b62f8cd882fce9a3e63e469c85067
show more ...
|
| #
d2fee94a |
| 10-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support ECDSA Get Public Key
To support the ECDSA feature and send the command
as a request to get the public key
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Si
feat(intel): support ECDSA Get Public Key
To support the ECDSA feature and send the command
as a request to get the public key
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I9d7bb5b6ab8ef7d4f3ceb21ff0068baf3175a1ac
show more ...
|
| #
537ff052 |
| 09-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support session based SDOS encrypt and decrypt
Extends existing Secure Data Object Service (SDOS) encryption and
decryption mailbox command to include session id and context id. The
new
feat(intel): support session based SDOS encrypt and decrypt
Extends existing Secure Data Object Service (SDOS) encryption and
decryption mailbox command to include session id and context id. The
new format requires an opened crypto service session.
A separated SMC function ID is introduced for the new format and it is
only supported by Agilex.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I2627750e8337c1af66217e9cb45981a9e06e7d19
show more ...
|
| #
6726390e |
| 10-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support AES Crypt Service
Enable Support for AES Crypt Service to send request
to encrypt or decrypt a blob. Command will send a memory
location that SDM will read and also memory locat
feat(intel): support AES Crypt Service
Enable Support for AES Crypt Service to send request
to encrypt or decrypt a blob. Command will send a memory
location that SDM will read and also memory location that
SDM will write back after encryption or decryption operation.
Response will be sent back after the crypto operation is done,
and data is written back to the destination
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I86ea4ff64dda2fbb1000591e30fa8cb2640ce954
show more ...
|
| #
c05ea296 |
| 10-May-2022 |
Sieu Mun Tang <sieu.mun.tang@intel.com> |
feat(intel): support HMAC SHA-2 MAC verify request
This command sends request on checking the integrity and authenticity
of a blob by comparing the calculated MAC with tagged MAC. The
comparison res
feat(intel): support HMAC SHA-2 MAC verify request
This command sends request on checking the integrity and authenticity
of a blob by comparing the calculated MAC with tagged MAC. The
comparison result will be returned in response.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ifefdf67f088d7612d2ec2459d71faf2ec8181222
show more ...
|