summaryrefslogtreecommitdiff
path: root/cesar/cp
diff options
context:
space:
mode:
authorschodet2009-05-25 14:56:26 +0000
committerschodet2009-05-25 14:56:26 +0000
commit61c1b6f37ba11fcb9ca7243c6404b7dfb49af4fa (patch)
tree5521e2d3a248dc671422d21ea072aa5ad6d60f74 /cesar/cp
parent640c6d0f10f1222ddce5a96b32d3b9582c7864e8 (diff)
* cp/secu (re #368):
- added function to compute hardware decryption key. git-svn-id: svn+ssh://pessac/svn/cesar/trunk@4699 017c9cb6-072f-447c-8318-d5b54f68fe89
Diffstat (limited to 'cesar/cp')
-rw-r--r--cesar/cp/secu/secu.h12
-rw-r--r--cesar/cp/secu/src/secu.c39
-rw-r--r--cesar/cp/secu/test/src/test-aes.c19
3 files changed, 70 insertions, 0 deletions
diff --git a/cesar/cp/secu/secu.h b/cesar/cp/secu/secu.h
index 8dabea4d66..6fa868f829 100644
--- a/cesar/cp/secu/secu.h
+++ b/cesar/cp/secu/secu.h
@@ -290,6 +290,18 @@ void
cp_secu_aes_cbc_decrypt (cp_secu_aes_t *ctx, u32 iv[4],
const u32 *input, u32 *output, int length);
+/**
+ * Generate the decryption key needed by hardware corresponding to the
+ * provided encryption key.
+ * \param enc encryption key
+ * \param dec decryption key
+ *
+ * Keys are in the PB block encryption format which is different from the
+ * payload encryption key format.
+ */
+void
+cp_secu_pbb_dec_gen (cp_key_t enc, cp_key_t *dec);
+
END_DECLS
#endif /* secu__h__ */
diff --git a/cesar/cp/secu/src/secu.c b/cesar/cp/secu/src/secu.c
index 2bda3e57b5..b2b3cc92c8 100644
--- a/cesar/cp/secu/src/secu.c
+++ b/cesar/cp/secu/src/secu.c
@@ -330,3 +330,42 @@ cp_secu_aes_cbc_decrypt (cp_secu_aes_t *ctx, u32 iv[4],
}
}
+/**
+ * Reverse key bits for each four key elements.
+ * \param in input key
+ * \param out output key
+ */
+extern inline void
+cp_secu_pbb_reverse (const u32 *in, u32 *out)
+{
+ u32 iw, ow;
+ uint i, j;
+ for (i = 0; i < 4; i++)
+ {
+ iw = in[i];
+ ow = 0;
+ for (j = 0; j < 32; j++)
+ {
+ ow <<= 1;
+ if (iw & 1)
+ ow |= 1;
+ iw >>= 1;
+ }
+ out[i] = ow;
+ }
+}
+
+void
+cp_secu_pbb_dec_gen (cp_key_t enc, cp_key_t *dec)
+{
+ u32 key[4];
+ cp_secu_aes_t aes;
+ /* Believe me or not, PBB key are in reversed order compared to other
+ * keys. */
+ cp_secu_pbb_reverse (enc.key, key);
+ /* Compute RKEY. */
+ aes_set_key (&aes, key);
+ /* Reverse one more time. */
+ cp_secu_pbb_reverse ((u32 *) aes.drk, dec->key);
+}
+
diff --git a/cesar/cp/secu/test/src/test-aes.c b/cesar/cp/secu/test/src/test-aes.c
index 6f5968a2bc..bf899b8fa1 100644
--- a/cesar/cp/secu/test/src/test-aes.c
+++ b/cesar/cp/secu/test/src/test-aes.c
@@ -264,6 +264,24 @@ test_case_cp_secu_aes_gen_key (test_t test)
test_end;
}
+void
+test_case_cp_secu_aes_pbb (test_t test)
+{
+ uint i;
+ test_case_begin (test, "pbb");
+ test_begin (test, "compute decryption key")
+ {
+ cp_key_t key = {
+ { 0x68a87ed4, 0x654b7514, 0x11a8efd5, 0x3cf2f390 } };
+ cp_key_t expect = {
+ { 0x159f280b, 0x91a47793, 0x1330fc87, 0x6530c66d } };
+ cp_key_t result;
+ cp_secu_pbb_dec_gen (key, &result);
+ for (i = 0; i < 4; i++)
+ test_fail_unless (result.key[i] == expect.key[i]);
+ }
+ test_end;
+}
int
main (void)
{
@@ -275,6 +293,7 @@ main (void)
test_case_cp_secu_aes_in_one_buffer (test);
test_case_cp_secu_aes_crypt (test);
test_case_cp_secu_aes_gen_key (test);
+ test_case_cp_secu_aes_pbb (test);
test_result (test);
return test_nb_failed (test) == 0 ? 0 : 1;