Skip to content

Commit 566f3b9

Browse files
dgarskedanielinux
dgarske
authored and
danielinux
committed
Cleanup duplicate code in aes_init.
1 parent 708b797 commit 566f3b9

File tree

1 file changed

+42
-51
lines changed

1 file changed

+42
-51
lines changed

src/libwolfboot.c

Lines changed: 42 additions & 51 deletions
Original file line numberDiff line numberDiff line change
@@ -1573,68 +1573,37 @@ Aes aes_dec, aes_enc;
15731573
*/
15741574
int aes_init(void)
15751575
{
1576-
#if defined(WOLFBOOT_RENESAS_TSIP)
1577-
int ret;
1578-
int devId = RENESAS_DEVID + 1;
1579-
wrap_enc_key_t* enc_key =(wrap_enc_key_t*)RENESAS_TSIP_INSTALLEDENCKEY_ADDR;
1580-
1581-
/* required to properly setup the crypto callback defaults */
1582-
wolfCrypt_Init(); /* has logic to support being called multiple times */
1583-
1584-
XMEMSET(&aes_enc, 0, sizeof(aes_enc));
1585-
XMEMSET(&aes_dec, 0, sizeof(aes_dec));
1586-
wc_AesInit(&aes_enc, NULL, devId);
1587-
wc_AesInit(&aes_dec, NULL, devId);
1588-
1589-
/* Unwrap key and get key index */
1590-
#if ENCRYPT_KEY_SIZE == 32
1591-
ret = R_TSIP_GenerateAes256KeyIndex(enc_key->wufpk, enc_key->initial_vector,
1592-
enc_key->encrypted_user_key, &aes_enc.ctx.tsip_keyIdx);
1593-
#else
1594-
ret = R_TSIP_GenerateAes128KeyIndex(enc_key->wufpk, enc_key->initial_vector,
1595-
enc_key->encrypted_user_key, &aes_enc.ctx.tsip_keyIdx);
1596-
#endif
1597-
if (ret == TSIP_SUCCESS) {
1598-
aes_enc.ctx.keySize = ENCRYPT_KEY_SIZE;
1599-
1600-
/* copy to decryption key */
1601-
XMEMCPY(&aes_dec.ctx, &aes_enc.ctx, sizeof(aes_enc.ctx));
1602-
1603-
/* register AES crypto callback */
1604-
wc_CryptoCb_RegisterDevice(devId, wc_tsip_AesCipher, NULL);
1605-
1606-
/* AES_ENCRYPTION is used for both directions in CTR
1607-
* IV is set later with "wc_AesSetIV" */
1608-
wc_AesSetKeyDirect(&aes_enc, enc_key->encrypted_user_key,
1609-
ENCRYPT_KEY_SIZE, NULL, AES_ENCRYPTION);
1610-
wc_AesSetKeyDirect(&aes_dec, enc_key->encrypted_user_key,
1611-
ENCRYPT_KEY_SIZE, NULL, AES_ENCRYPTION);
1576+
int devId;
1577+
uint8_t *stored_nonce;
1578+
uint8_t *key;
1579+
uint8_t ff[ENCRYPT_KEY_SIZE];
16121580

1613-
/* set IV nonce use in aes_set_iv */
1614-
XMEMCPY(encrypt_iv_nonce, enc_key->initial_vector, ENCRYPT_NONCE_SIZE);
1615-
encrypt_initialized = 1;
1616-
}
1581+
#ifdef WOLFBOOT_RENESAS_TSIP
1582+
int ret;
1583+
wrap_enc_key_t* enc_key;
1584+
devId = RENESAS_DEVID + 1;
1585+
enc_key =(wrap_enc_key_t*)RENESAS_TSIP_INSTALLEDENCKEY_ADDR;
1586+
key = enc_key->encrypted_user_key;
1587+
stored_nonce = enc_key->initial_vector;
1588+
wolfCrypt_Init(); /* required to setup the crypto callback defaults */
16171589
#else
1618-
1590+
devId = INVALID_DEVID;
16191591
#if defined(MMU) || defined(UNIT_TEST)
1620-
uint8_t *key = ENCRYPT_KEY;
1592+
key = ENCRYPT_KEY;
16211593
#else
1622-
uint8_t *key = (uint8_t *)(WOLFBOOT_PARTITION_BOOT_ADDRESS +
1594+
key = (uint8_t*)(WOLFBOOT_PARTITION_BOOT_ADDRESS +
16231595
ENCRYPT_TMP_SECRET_OFFSET);
16241596
#endif
1625-
uint8_t ff[ENCRYPT_KEY_SIZE];
1626-
uint8_t* stored_nonce;
1627-
16281597
#ifdef NVM_FLASH_WRITEONCE
16291598
key -= WOLFBOOT_SECTOR_SIZE * nvm_select_fresh_sector(PART_BOOT);
16301599
#endif
1631-
16321600
stored_nonce = key + ENCRYPT_KEY_SIZE;
1601+
#endif
16331602

16341603
XMEMSET(&aes_enc, 0, sizeof(aes_enc));
16351604
XMEMSET(&aes_dec, 0, sizeof(aes_dec));
1636-
wc_AesInit(&aes_enc, NULL, INVALID_DEVID);
1637-
wc_AesInit(&aes_dec, NULL, INVALID_DEVID);
1605+
wc_AesInit(&aes_enc, NULL, devId);
1606+
wc_AesInit(&aes_dec, NULL, devId);
16381607

16391608
/* Check against 'all 0xff' or 'all zero' cases */
16401609
XMEMSET(ff, 0xFF, ENCRYPT_KEY_SIZE);
@@ -1644,15 +1613,37 @@ int aes_init(void)
16441613
if (XMEMCMP(key, ff, ENCRYPT_KEY_SIZE) == 0)
16451614
return -1;
16461615

1616+
#ifdef WOLFBOOT_RENESAS_TSIP
1617+
/* Unwrap key and get key index */
1618+
#if ENCRYPT_KEY_SIZE == 32
1619+
ret = R_TSIP_GenerateAes256KeyIndex(enc_key->wufpk, enc_key->initial_vector,
1620+
enc_key->encrypted_user_key, &aes_enc.ctx.tsip_keyIdx);
1621+
#else
1622+
ret = R_TSIP_GenerateAes128KeyIndex(enc_key->wufpk, enc_key->initial_vector,
1623+
enc_key->encrypted_user_key, &aes_enc.ctx.tsip_keyIdx);
1624+
#endif
1625+
if (ret != TSIP_SUCCESS) {
1626+
return -1;
1627+
}
1628+
/* set encryption key size */
1629+
aes_enc.ctx.keySize = ENCRYPT_KEY_SIZE;
1630+
1631+
/* copy TSIP ctx to decryption key */
1632+
XMEMCPY(&aes_dec.ctx, &aes_enc.ctx, sizeof(aes_enc.ctx));
1633+
1634+
/* register AES crypto callback */
1635+
wc_CryptoCb_RegisterDevice(devId, wc_tsip_AesCipher, NULL);
1636+
#endif /* WOLFBOOT_RENESAS_TSIP */
1637+
16471638
/* AES_ENCRYPTION is used for both directions in CTR
16481639
* IV is set later with "wc_AesSetIV" */
16491640
wc_AesSetKeyDirect(&aes_enc, key, ENCRYPT_KEY_SIZE, NULL, AES_ENCRYPTION);
16501641
wc_AesSetKeyDirect(&aes_dec, key, ENCRYPT_KEY_SIZE, NULL, AES_ENCRYPTION);
16511642

1652-
/* set IV nonce use in aes_set_iv */
1643+
/* Set global IV nonce used in aes_set_iv */
16531644
XMEMCPY(encrypt_iv_nonce, stored_nonce, ENCRYPT_NONCE_SIZE);
16541645
encrypt_initialized = 1;
1655-
#endif
1646+
16561647
return 0;
16571648
}
16581649

0 commit comments

Comments
 (0)