"91e9a1b575fd8d3a71b2b3f8972243990f82d13e" (history) in projects: optee_os

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched hist:"91 e9a1b575fd8d3a71b2b3f8972243990f82d13e" (Results 1 – 2 of 2) sorted by relevance

/optee_os/core/drivers/crypto/caam/acipher/
H A D	caam_ecc.c	91e9a1b575fd8d3a71b2b3f8972243990f82d13e Thu Jan 04 08:11:01 UTC 2024 Sahil Malhotra <sahil.malhotra@nxp.com> drivers: caam: Fix for TLS1.3 handshake failure There is a limitation on some of i.MX8M series platforms. When the input is marked as a hash value, it is moved first into the Class 2 Context Register, which is only 40 bytes long. From there, it is copied into the PKHA. If HASH is more than 40bytes, extra bytes become zero, which is not proper message representative,so signatures generation/verification go wrong. This makes a limitation when the hash size is longer than 40 bytes and the signature component/private key size is longer than 40 bytes As a workaround when the input is marked as a message representative, then a different path is taken to bring the value into CAAM, and the value stays intact. CFG_NXP_CAAM_C2_CTX_REG_WA config flag is added to enable/disable this workaround. Currently it is enabled by default for i.MX8M platforms. Fixes: 4b383f736e9e ("drivers: caam: implement NXP CAAM Driver - DSA") Fixes: 503b5c013761 ("drivers: caam: implement NXP CAAM Driver - ECC") Link: https://github.com/OP-TEE/optee_os/issues/6492 Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Acked-by: Clement Faure <clement.faure@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
/optee_os/core/drivers/crypto/caam/
H A D	crypto.mk	91e9a1b575fd8d3a71b2b3f8972243990f82d13e Thu Jan 04 08:11:01 UTC 2024 Sahil Malhotra <sahil.malhotra@nxp.com> drivers: caam: Fix for TLS1.3 handshake failure There is a limitation on some of i.MX8M series platforms. When the input is marked as a hash value, it is moved first into the Class 2 Context Register, which is only 40 bytes long. From there, it is copied into the PKHA. If HASH is more than 40bytes, extra bytes become zero, which is not proper message representative,so signatures generation/verification go wrong. This makes a limitation when the hash size is longer than 40 bytes and the signature component/private key size is longer than 40 bytes As a workaround when the input is marked as a message representative, then a different path is taken to bring the value into CAAM, and the value stays intact. CFG_NXP_CAAM_C2_CTX_REG_WA config flag is added to enable/disable this workaround. Currently it is enabled by default for i.MX8M platforms. Fixes: 4b383f736e9e ("drivers: caam: implement NXP CAAM Driver - DSA") Fixes: 503b5c013761 ("drivers: caam: implement NXP CAAM Driver - ECC") Link: https://github.com/OP-TEE/optee_os/issues/6492 Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Acked-by: Clement Faure <clement.faure@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>