/* * Copyright 2018-2020 NXP * SPDX-License-Identifier: Apache-2.0 */ /* Common Key store implementation between keystore_a7x and keystore_pc */ /* ************************************************************************** */ /* Includes */ /* ************************************************************************** */ #include #if SSS_HAVE_A71XX #include #include /* ************************************************************************** */ /* Local Defines */ /* ************************************************************************** */ /* ************************************************************************** */ /* Structures and Typedefs */ /* ************************************************************************** */ /* ************************************************************************** */ /* Global Variables */ /* ************************************************************************** */ /* ************************************************************************** */ /* Static function declarations */ /* ************************************************************************** */ /* ************************************************************************** */ /* Public Functions */ /* ************************************************************************** */ sss_status_t ks_common_extId_to_int_index(keyStoreTable_t *keystore_shadow, uint32_t extId, uint16_t *intIndex) { uint32_t i; bool found_entry = FALSE; sss_status_t retval = isValidKeyStoreShadow(keystore_shadow); if (retval != kStatus_SSS_Success) { return kStatus_SSS_Fail; } for (i = 0; i < keystore_shadow->maxEntries; i++) { keyIdAndTypeIndexLookup_t *keyEntry = &keystore_shadow->entries[i]; if (keyEntry->extKeyId == extId) { *intIndex = keyEntry->keyIntIndex; found_entry = TRUE; break; } } retval = (found_entry == TRUE) ? kStatus_SSS_Success : kStatus_SSS_Fail; return retval; } sss_status_t ks_common_get_keyType_from_keyid( keyStoreTable_t *keystore_shadow, uint32_t keyId, uint32_t *keyType, uint32_t *cipherType) { sss_status_t retval = kStatus_SSS_Fail; uint8_t i; bool found_entry = FALSE; retval = isValidKeyStoreShadow(keystore_shadow); if (retval != kStatus_SSS_Success) goto cleanup; for (i = 0; i < keystore_shadow->maxEntries; i++) { keyIdAndTypeIndexLookup_t *keyEntry = &keystore_shadow->entries[i]; if (keyEntry->extKeyId == keyId) { *keyType = keyEntry->keyPart; *cipherType = keyEntry->cipherType; found_entry = TRUE; break; } } if (!found_entry) { retval = kStatus_SSS_Fail; } cleanup: return retval; } sss_status_t ks_common_check_available_int_index(keyStoreTable_t *keystore_shadow, uint8_t object_type, uint8_t cipher_type, uint16_t *next_free_index, uint16_t keyLen) { sss_status_t retval = kStatus_SSS_Success; uint32_t i; *next_free_index = 0; uint32_t max_index = 0; uint8_t slots_req = 1; uint16_t keyLen_roundoff = 0; uint16_t slots_used = 0; uint8_t slots_found = 0; uint8_t slots_id = 0; uint8_t slots_len = 0; uint32_t j = 1; uint32_t consider_keyentry = 0; uint8_t key_shadow[19] = { 0, }; /* Change logic using bits later */ retval = isValidKeyStoreShadow(keystore_shadow); if (retval != kStatus_SSS_Success) goto cleanup; if (object_type == kSSS_KeyPart_Default && cipher_type == kSSS_CipherType_Binary) max_index = KS_N_CERTIFCATES; else if (object_type == kSSS_KeyPart_Pair && cipher_type == kSSS_CipherType_EC_NIST_P) max_index = KS_N_ECC_KEY_PAIRS; else if (object_type == kSSS_KeyPart_Public && cipher_type == kSSS_CipherType_EC_NIST_P) max_index = KS_N_ECC_PUB_KEYS; else if (object_type == kSSS_KeyPart_Pair && cipher_type == kSSS_CipherType_RSA) max_index = KS_N_RSA_KEY_PAIRS; else if (object_type == kSSS_KeyPart_Default && (cipher_type == kSSS_CipherType_AES || cipher_type == kSSS_CipherType_HMAC)) { #if SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM max_index = KS_N_AES_KEYS; if (keyLen > 64) { retval = kStatus_SSS_Fail; goto cleanup; } #elif SSS_HAVE_A71CL || SSS_HAVE_SE050_L max_index = KS_N_SYM_KEYS; #endif keyLen_roundoff = ((keyLen / 16) * 16) + ((keyLen % 16) == 0 ? 0 : 16); slots_req = (keyLen_roundoff / 16); } else { retval = kStatus_SSS_Fail; goto cleanup; } for (i = 0; i < keystore_shadow->maxEntries; i++) { keyIdAndTypeIndexLookup_t *keyEntry = &keystore_shadow->entries[i]; consider_keyentry = 0; if ((keyEntry->keyPart & 0x0F) == object_type) { if (object_type == kSSS_KeyPart_Default && (cipher_type == kSSS_CipherType_AES || cipher_type == kSSS_CipherType_HMAC)) { if (keyEntry->cipherType == kSSS_CipherType_AES || keyEntry->cipherType == kSSS_CipherType_HMAC) { slots_used++; consider_keyentry = 1; } } else { if (keyEntry->cipherType == cipher_type) { slots_used++; consider_keyentry = 1; } } if (slots_used == max_index - (slots_req - 1)) { retval = kStatus_SSS_Fail; goto cleanup; } if (consider_keyentry) { if (keyEntry->extKeyId != 0) { j = 1; slots_id = keyEntry->keyIntIndex & 0x0F; slots_len = (keyEntry->keyIntIndex & 0xF0) >> 4; key_shadow[slots_id] = 1; while (j < slots_len) { key_shadow[slots_id + j] = 1; j++; } } } } } /* Make sure required slots are in sequence */ for (i = 0; i < max_index; i++) { if (key_shadow[i] == 0) { uint8_t valid_slot = 1; j = 1; while (j < slots_req) { if ((key_shadow[i + j] != 0) || ((i + j) >= max_index)) { valid_slot = 0; } j++; } if (valid_slot) { slots_found = 1; *next_free_index = i; break; } } } if (slots_found == 0) { retval = kStatus_SSS_Fail; goto cleanup; } if (object_type == kSSS_KeyPart_Default && (cipher_type == kSSS_CipherType_AES || cipher_type == kSSS_CipherType_HMAC)) { (*next_free_index) = (*next_free_index) | (slots_req << 4); } cleanup: return retval; } #endif