memcpy(pComInfo->sessionSalt, pKeyParams->sessionSalt, pComInfo->config.sessionSaltSize);
}
+ if(ctrlBitMap & sa_DATA_MODE_KEY_USE_DKEK)
+ {
+ /* Set USE_DKEK flag */
+ pComInfo->config.ctrlBitMap |= sa_DM_CONFIG_USE_DKEK;
+ }
+
return TRUE;
}
@@ -116,9 +122,20 @@ static uint16_t salld_dm_verify_config_params(Sa_CipherMode_e cipherMode, Sa_Aut
/* Common Check */
if((pDataModeConfig->sessionEncKeySize > 32) ||
+#if defined (NSS_LITE2)
+ (pDataModeConfig->priv > 3) ||
+ (pDataModeConfig->sessionMacKeySize > 64))
+#else
(pDataModeConfig->sessionMacKeySize > 32))
+#endif
return (FALSE);
-
+
+#if defined(NSS_LITE) || defined(NSS_LITE2)
+ /* NSS LITE devices do not have Air Cipher Engines */
+ if ((pDataModeConfig->ctrlBitMap & sa_DM_CONFIG_SELECT_AIR_CIPHER_ENG) == sa_DM_CONFIG_SELECT_AIR_CIPHER_ENG)
+ return (FALSE);
+#endif
+
if((authMode == sa_AuthMode_NULL) &&
((cipherMode != sa_CipherMode_GCM) &&
(cipherMode != sa_CipherMode_CCM)))
@@ -153,7 +170,7 @@ static uint16_t salld_dm_verify_config_params(Sa_CipherMode_e cipherMode, Sa_Aut
return (FALSE);
break;
-#ifndef NSS_LITE
+#if !defined(NSS_LITE) && !defined(NSS_LITE2)
case sa_CipherMode_KASUMI_F8:
if((pDataModeConfig->ivSize != 8))
return (FALSE);
@@ -213,6 +230,8 @@ static uint16_t salld_dm_verify_config_params(Sa_CipherMode_e cipherMode, Sa_Aut
case sa_AuthMode_SHA1:
case sa_AuthMode_SHA2_224:
case sa_AuthMode_SHA2_256:
+ case sa_AuthMode_SHA2_384:
+ case sa_AuthMode_SHA2_512:
case sa_AuthMode_HMAC_MD5:
case sa_AuthMode_HMAC_SHA1:
case sa_AuthMode_HMAC_SHA2_224:
@@ -221,6 +240,8 @@ static uint16_t salld_dm_verify_config_params(Sa_CipherMode_e cipherMode, Sa_Aut
case sa_AuthMode_CBC_MAC:
case sa_AuthMode_AES_XCBC:
case sa_AuthMode_NULL:
+ case sa_AuthMode_HMAC_SHA2_384:
+ case sa_AuthMode_HMAC_SHA2_512:
break;
default:
else
{
return(sa_ERR_PARAMS);
- }
+ }
+#if defined(NSS_LITE2)
+ txInst->comInfo.config.priv = pDataModeConfig->priv;
+ txInst->comInfo.config.privId = pDataModeConfig->privId;
+#endif
}
/*
@@ -419,10 +444,16 @@ int16_t salld_data_mode_send_data (void *salldInst, void *pktInfo, uint16_t clea
/* Pass the software Info in the packet */
pPktInfo->validBitMap |= sa_PKT_INFO_VALID_SW_INFO;
pPktInfo->swInfo = txInst->swInfo;
-
- if(++txInst->packetLsw == 0)
- txInst->packetMsw++;
-
+
+ if(txInst->packetLsw == 0xFFFFFFFFu)
+ {
+ txInst->packetLsw = 0u;
+ txInst->packetMsw++;
+ }
+ else
+ {
+ txInst->packetLsw++;
+ }
return(sa_ERR_OK);
} /* salld_data_mode_send_data */
Sa_ScReqInfo_t* pScInfo = &txInst->scInfo;
int16_t encCmdlSize, encScSize, encScOffset;
int16_t authCmdlSize, authScSize, authScOffset;
-#ifndef NSS_LITE
+#if !defined(NSS_LITE) && !defined(NSS_LITE2)
int16_t acAlgorithm = SA_AC_ALGORITHM_GSM_A53;
#endif
saDMAReqInfo_t dmaReqInfo;
uint16_t fRandomIV;
uint8_t firstEngId;
uint8_t tagSize;
-
+#ifdef NSS_LITE2
+ uint32_t ctxAttrCtrlBitMap;
+#endif
+
/*
* Calculate the security Context Size and allocate security Context
*
}
}
- if(pScInfo->scBuf == NULL)
+#if !defined(NSS_LITE) && !defined(NSS_LITE2)
+ if (pComInfo->authEngId == SALLD_CMDL_ENGINE_ID_ES1)
+ {
+ if ((pConfig->ctrlBitMap & sa_DM_CONFIG_SELECT_AIR_CIPHER_ENG) == sa_DM_CONFIG_SELECT_AIR_CIPHER_ENG)
+ {
+ pComInfo->authEngId = SALLD_CMDL_ENGINE_ID_ACS1;
+ }
+ }
+#endif
+
+ if(pScInfo->scBuf == (uintptr_t) NULL)
return(sa_ERR_NO_CTX_BUF);
Sa_osalBeginScAccess((void *)pScInfo->scBuf, pScInfo->scSize);
- memset(pScInfo->scBuf, 0, SALLD_BYTE_TO_WORD(pScInfo->scSize));
+ memset((void *) pScInfo->scBuf, 0, SALLD_BYTE_TO_WORD(pScInfo->scSize));
/* Prepare PHP Security Context */
memset(&dmaReqInfo, 0, sizeof(saDMAReqInfo_t));
}
dmaReqInfo.phpEvictSize = SA_CTX_DMA_SIZE_64;
-
- salld_set_sc_phpCommom(&dmaReqInfo, &txInst->destInfo, SA_CTX_PKT_TYPE_NONE,
- pScInfo->scID, pScInfo->scBuf);
-
+
+#ifdef NSS_LITE2
+ if (pConfig->ctrlBitMap & sa_DM_CONFIG_PROMOTE_CHANNEL)
+ {
+ ctxAttrCtrlBitMap = SA_CTX_SA2UL_ALLOW_PROMOTE | SA_CTX_SA2UL_SECURE;
+ }
+ else if (pConfig->ctrlBitMap & sa_DM_CONFIG_DEMOTE_CHANNEL)
+ {
+ ctxAttrCtrlBitMap = SA_CTX_SA2UL_ALLOW_DEMOTE | SA_CTX_SA2UL_SECURE;
+ }
+ else
+ {
+ /* Regular channel, non secure */
+ ctxAttrCtrlBitMap = 0;
+ }
+
+ if (pConfig->ctrlBitMap & sa_DM_CONFIG_USE_SECURE_CTX_FOR_NON_SECURE_CHANNEL)
+ {
+ ctxAttrCtrlBitMap |= SA_CTX_SA2UL_ALLOW_NONSEC | SA_CTX_SA2UL_SECURE;
+ }
+
+ if (pConfig->priv)
+ {
+ /* Set for supervior mode */
+ ctxAttrCtrlBitMap |= SA_CTX_SA2UL_SET_PRIV;
+ }
+
+ salld_set_sc_scctl(&dmaReqInfo, &txInst->destInfo, SA_CTX_PKT_TYPE_NONE,
+ pScInfo->scID, (tword *) pScInfo->scBuf, ctxAttrCtrlBitMap, pConfig->priv, pConfig->privId);
+#else
+ {
+ salld_set_sc_phpCommom(&dmaReqInfo, &txInst->destInfo, SA_CTX_PKT_TYPE_NONE,
+ pScInfo->scID, (tword *) pScInfo->scBuf);
+ }
+#endif
+
/* Prepare Security Context for the encryption Engine */
if (encScSize)
{
- #ifndef NSS_LITE
+ #if !defined(NSS_LITE) && !defined(NSS_LITE2)
if (pComInfo->encEngId == SALLD_CMDL_ENGINE_ID_ACS1)
{
salld_set_sc_acEnc(txInst->cipherMode, pConfig->sessionEncKeySize,
pComInfo->sessionEncKey, NULL, pConfig->enc,
- pScInfo->scBuf + encScOffset,
+ (tword *)pScInfo->scBuf + encScOffset,
&acAlgorithm, SALLD_TEST_SASS_GEN2(sysInst));
}
else
salld_set_sc_enc(sa_PT_NULL, txInst->cipherMode, pConfig->sessionEncKeySize,
pComInfo->sessionEncKey, (uint8_t) pConfig->aadSize, pConfig->enc,
- pScInfo->scBuf + encScOffset);
+ (tword *)pScInfo->scBuf + encScOffset);
}
+
+ if (pConfig->ctrlBitMap & sa_DM_CONFIG_USE_DKEK)
+ {
+ pktWrite8bits_m((tword *)pScInfo->scBuf, encScOffset, SA_ENC_MODE_USE_DKEK);
+ }
}
/* Prepare Security Context for the authentication Engine */
if (authScSize)
{
- #ifndef NSS_LITE
+ #if !defined(NSS_LITE) && !defined(NSS_LITE2)
if (pComInfo->authEngId == SALLD_CMDL_ENGINE_ID_ACS1)
{
salld_set_sc_acAuth(txInst->authMode, pConfig->sessionMacKeySize,
pComInfo->sessionMacKey,
- pScInfo->scBuf + authScOffset,
+ (tword *) pScInfo->scBuf + authScOffset,
&acAlgorithm,
pConfig->enc?SA_KASUMI_AUTH_DIR1:SA_KASUMI_AUTH_DIR0,
SALLD_TEST_SASS_GEN2(sysInst));
{
salld_set_sc_enc(sa_PT_NULL, txInst->authMode, pConfig->sessionMacKeySize,
pComInfo->sessionMacKey, (uint8_t) pConfig->aadSize, FALSE,
- pScInfo->scBuf + authScOffset);
+ (tword *) pScInfo->scBuf + authScOffset);
}
else
{
salld_set_sc_auth(txInst->authMode, pConfig->sessionMacKeySize,
pComInfo->sessionMacKey,
- pScInfo->scBuf + authScOffset);
+ (tword *) pScInfo->scBuf + authScOffset);
}
}
}
-
+
if ((pComInfo->encEngId == SALLD_CMDL_ENGINE_NONE) && (pComInfo->authEngId == SALLD_CMDL_ENGINE_NONE))
{
firstEngId = SALLD_CMDL_FINAL_ENGINE_ID;
}
+ else if ((pComInfo->encEngId == SALLD_CMDL_ENGINE_NONE))
+ {
+ firstEngId = pComInfo->authEngId;
+ }
+ else if ((pComInfo->authEngId == SALLD_CMDL_ENGINE_NONE))
+ {
+ firstEngId = pComInfo->encEngId;
+ }
else
{
firstEngId = pConfig->enc1st?pComInfo->encEngId:pComInfo->authEngId;
#ifdef SALLD_DATA_MODE_USE_PHP
/* Construct the Data Mode specific Security Context */
{
- tword* ctxIn = pScInfo->scBuf + SALLD_BYTE_TO_WORD(SA_CTX_PHP_COMMON_SIZE);
+ tword* ctxIn = (tword *)(pScInfo->scBuf + SALLD_BYTE_TO_WORD(SA_CTX_PHP_COMMON_SIZE));
pktWrite16bits_m(ctxIn, SALLD_FIELDOFFSET(saCtxProtoDm_t, firstEngIdTagSize),
SALLD_MK_UINT16(firstEngId, tagSize));
#endif
/* Security Context swizzling */
- salld_swiz_128(pScInfo->scBuf, pScInfo->scBuf, pScInfo->scSize);
+ salld_swiz_128((uint8_t*) pScInfo->scBuf, (uint8_t*) pScInfo->scBuf, pScInfo->scSize);
Sa_osalEndScAccess((void *)pScInfo->scBuf, pScInfo->scSize);
/* Prepare the SW Info Words */
#ifndef SALLD_DATA_MODE_USE_PHP
- salld_set_swInfo(firstEngId, 0,
- &txInst->destInfo,
- pScInfo, &txInst->swInfo, tagSize);
+ #if defined(NSS_LITE2)
+ salld_set_swInfo2(firstEngId, 0,
+ &txInst->destInfo,
+ pScInfo, &txInst->swInfo, tagSize);
+ #else
+ salld_set_swInfo(firstEngId, 0,
+ &txInst->destInfo,
+ pScInfo, &txInst->swInfo, tagSize);
+ #endif
#else
- /* Data packets enter PHP engine */
- salld_set_swInfo(SALLD_CMDL_ENGINE_SRTP_AC_HPS1, 0,
- &txInst->destInfo,
- pScInfo, &txInst->swInfo, 0);
+ /* Data packets enter PHP engine */
+ salld_set_swInfo(SALLD_CMDL_ENGINE_SRTP_AC_HPS1, 0,
+ &txInst->destInfo,
+ pScInfo, &txInst->swInfo, 0);
#endif
/* Store the scBuf internally as offset to suppor multiprocess */
- pScInfo->scBuf = (uint8_t*) sa_CONV_ADDR_TO_OFFSET(salldLObj.scPoolBaseAddr, pScInfo->scBuf);
+ pScInfo->scBuf = (uintptr_t) sa_CONV_ADDR_TO_OFFSET(salldLObj.scPoolBaseAddr, pScInfo->scBuf);
return (sa_ERR_OK);
}