1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017-2020, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <crypto/crypto.h> 8 #include <crypto/internal_aes-gcm.h> 9 #include <string.h> 10 #include <tee_api_types.h> 11 #include <types_ext.h> 12 13 void internal_aes_gcm_set_key(struct internal_aes_gcm_state *state, 14 const struct internal_aes_gcm_key *ek) 15 { 16 #ifdef CFG_AES_GCM_TABLE_BASED 17 internal_aes_gcm_ghash_gen_tbl(&state->ghash_key, ek); 18 #else 19 crypto_aes_enc_block(ek->data, sizeof(ek->data), ek->rounds, 20 state->ctr, state->ghash_key.hash_subkey); 21 #endif 22 } 23 24 static void ghash_update_block(struct internal_aes_gcm_state *state, 25 const void *data) 26 { 27 void *y = state->hash_state; 28 29 internal_aes_gcm_xor_block(y, data); 30 #ifdef CFG_AES_GCM_TABLE_BASED 31 internal_aes_gcm_ghash_mult_tbl(&state->ghash_key, y, y); 32 #else 33 internal_aes_gcm_gfmul(state->ghash_key.hash_subkey, y, y); 34 #endif 35 } 36 37 void internal_aes_gcm_ghash_update(struct internal_aes_gcm_state *state, 38 const void *head, const void *data, 39 size_t num_blocks) 40 { 41 size_t n = 0; 42 43 if (head) 44 ghash_update_block(state, head); 45 46 for (n = 0; n < num_blocks; n++) 47 ghash_update_block(state, 48 (uint8_t *)data + n * TEE_AES_BLOCK_SIZE); 49 } 50 51 TEE_Result internal_aes_gcm_expand_enc_key(const void *key, size_t key_len, 52 struct internal_aes_gcm_key *ek) 53 { 54 size_t ek_len = sizeof(ek->data); 55 56 return crypto_aes_expand_enc_key(key, key_len, ek->data, ek_len, 57 &ek->rounds); 58 } 59