[nrf fromlist] boot: Replace boot_encrypt by boot_enc_encrypt and boot_enc_decrypt

de-nordic · de-nordic · commit 611edce83c26 · 2024-09-25T12:49:24.000Z
To be able to implement encryption with API that requires different calls for encryption and encryption, the boot_encrypt needs to be replaced with encryption/decryption specific functions. Upstream PR: mcu-tools/mcuboot#2017 Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
diff --git a/boot/boot_serial/src/boot_serial_encryption.c b/boot/boot_serial/src/boot_serial_encryption.c
@@ -171,7 +171,7 @@ decrypt_region_inplace(struct boot_loader_state *state,
                     blk_sz = tlv_off - (off + bytes_copied);
                 }
             }
-            boot_encrypt(BOOT_CURR_ENC(state), slot,
+            boot_enc_decrypt(BOOT_CURR_ENC(state), slot,
                     (off + bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
                     blk_off, &buf[idx]);
         }
diff --git a/boot/bootutil/include/bootutil/enc_key.h b/boot/bootutil/include/bootutil/enc_key.h
@@ -59,7 +59,9 @@ int boot_enc_load(struct enc_key_data *enc_state, int slot,
         const struct image_header *hdr, const struct flash_area *fap,
         struct boot_status *bs);
 bool boot_enc_valid(struct enc_key_data *enc_state, int slot);
-void boot_encrypt(struct enc_key_data *enc_state, int slot,
+void boot_enc_encrypt(struct enc_key_data *enc_state, int slot,
+        uint32_t off, uint32_t sz, uint32_t blk_off, uint8_t *buf);
+void boot_enc_decrypt(struct enc_key_data *enc_state, int slot,
         uint32_t off, uint32_t sz, uint32_t blk_off, uint8_t *buf);
 void boot_enc_zeroize(struct enc_key_data *enc_state);
 
diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
@@ -663,14 +663,13 @@ boot_enc_valid(struct enc_key_data *enc_state, int slot)
 }
 
 void
-boot_encrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
+boot_enc_encrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
              uint32_t sz, uint32_t blk_off, uint8_t *buf)
 {
-    struct enc_key_data *enc;
+    struct enc_key_data *enc = &enc_state[slot];
     uint8_t nonce[16];
 
-    /* boot_copy_region will call boot_encrypt with sz = 0 when skipping over
-       the TLVs. */
+    /* Nothing to do with size == 0 */
     if (sz == 0) {
        return;
     }
@@ -682,11 +681,33 @@ boot_encrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
     nonce[14] = (uint8_t)(off >> 8);
     nonce[15] = (uint8_t)off;
 
-    enc = &enc_state[slot];
     assert(enc->valid == 1);
     bootutil_aes_ctr_encrypt(&enc->aes_ctr, nonce, buf, sz, blk_off, buf);
 }
 
+void
+boot_enc_decrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
+             uint32_t sz, uint32_t blk_off, uint8_t *buf)
+{
+    struct enc_key_data *enc = &enc_state[slot];
+    uint8_t nonce[16];
+
+    /* Nothing to do with size == 0 */
+    if (sz == 0) {
+       return;
+    }
+
+    memset(nonce, 0, 12);
+    off >>= 4;
+    nonce[12] = (uint8_t)(off >> 24);
+    nonce[13] = (uint8_t)(off >> 16);
+    nonce[14] = (uint8_t)(off >> 8);
+    nonce[15] = (uint8_t)off;
+
+    assert(enc->valid == 1);
+    bootutil_aes_ctr_decrypt(&enc->aes_ctr, nonce, buf, sz, blk_off, buf);
+}
+
 /**
  * Clears encrypted state after use.
  */
diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
@@ -162,8 +162,8 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
 
             if (off >= hdr_size && off < tlv_off) {
                 blk_off = (off - hdr_size) & 0xf;
-                boot_encrypt(enc_state, slot, off - hdr_size,
-                             blk_sz, blk_off, tmp_buf);
+                boot_enc_decrypt(enc_state, slot, off - hdr_size,
+                                 blk_sz, blk_off, tmp_buf);
             }
         }
 #endif
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
@@ -1676,9 +1676,15 @@ boot_copy_region(struct boot_loader_state *state,
                         blk_sz = tlv_off - abs_off;
                     }
                 }
-                boot_encrypt(BOOT_CURR_ENC(state), source_slot,
-                        (abs_off + idx) - hdr->ih_hdr_size, blk_sz,
-                        blk_off, &buf[idx]);
+                if (source_slot == 0) {
+                    boot_enc_encrypt(BOOT_CURR_ENC(state), source_slot,
+                            (abs_off + idx) - hdr->ih_hdr_size, blk_sz,
+                            blk_off, &buf[idx]);
+                } else {
+                    boot_enc_decrypt(BOOT_CURR_ENC(state), source_slot,
+                            (abs_off + idx) - hdr->ih_hdr_size, blk_sz,
+                            blk_off, &buf[idx]);
+                }
             }
         }
 #endif
@@ -3184,10 +3190,9 @@ boot_decrypt_and_copy_image_to_sram(struct boot_loader_state *state,
              * Part of the chunk is encrypted payload */
             blk_sz = tlv_off - (bytes_copied);
         }
-        boot_encrypt(BOOT_CURR_ENC(state), slot,
-            (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
-            blk_off, cur_dst);
-
+        boot_enc_decrypt(BOOT_CURR_ENC(state), slot,
+                (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
+                blk_off, cur_dst);
         bytes_copied += chunk_sz;
     }
     rc = 0;

Original file line number	Diff line number	Diff line change
`@@ -171,7 +171,7 @@ decrypt_region_inplace(struct boot_loader_state *state,`
`171`	`171`	`blk_sz = tlv_off - (off + bytes_copied);`
`172`	`172`	`}`
`173`	`173`	`}`
`174`		`- boot_encrypt(BOOT_CURR_ENC(state), slot,`
	`174`	`+ boot_enc_decrypt(BOOT_CURR_ENC(state), slot,`
`175`	`175`	`(off + bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,`
`176`	`176`	`blk_off, &buf[idx]);`
`177`	`177`	`}`
Original file line number	Diff line number	Diff line change
`@@ -162,8 +162,8 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,`
`162`	`162`
`163`	`163`	`if (off >= hdr_size && off < tlv_off) {`
`164`	`164`	`blk_off = (off - hdr_size) & 0xf;`
`165`		`- boot_encrypt(enc_state, slot, off - hdr_size,`
`166`		`- blk_sz, blk_off, tmp_buf);`
	`165`	`+ boot_enc_decrypt(enc_state, slot, off - hdr_size,`
	`166`	`+ blk_sz, blk_off, tmp_buf);`
`167`	`167`	`}`
`168`	`168`	`}`
`169`	`169`	`#endif`
Original file line number	Diff line number	Diff line change
`@@ -1676,9 +1676,15 @@ boot_copy_region(struct boot_loader_state *state,`
`1676`	`1676`	`blk_sz = tlv_off - abs_off;`
`1677`	`1677`	`}`
`1678`	`1678`	`}`
`1679`		`- boot_encrypt(BOOT_CURR_ENC(state), source_slot,`
`1680`		`- (abs_off + idx) - hdr->ih_hdr_size, blk_sz,`
`1681`		`- blk_off, &buf[idx]);`
	`1679`	`+ if (source_slot == 0) {`
	`1680`	`+ boot_enc_encrypt(BOOT_CURR_ENC(state), source_slot,`
	`1681`	`+ (abs_off + idx) - hdr->ih_hdr_size, blk_sz,`
	`1682`	`+ blk_off, &buf[idx]);`
	`1683`	`+ } else {`
	`1684`	`+ boot_enc_decrypt(BOOT_CURR_ENC(state), source_slot,`
	`1685`	`+ (abs_off + idx) - hdr->ih_hdr_size, blk_sz,`
	`1686`	`+ blk_off, &buf[idx]);`
	`1687`	`+ }`
`1682`	`1688`	`}`
`1683`	`1689`	`}`
`1684`	`1690`	`#endif`
`@@ -3184,10 +3190,9 @@ boot_decrypt_and_copy_image_to_sram(struct boot_loader_state *state,`
`3184`	`3190`	`* Part of the chunk is encrypted payload */`
`3185`	`3191`	`blk_sz = tlv_off - (bytes_copied);`
`3186`	`3192`	`}`
`3187`		`- boot_encrypt(BOOT_CURR_ENC(state), slot,`
`3188`		`- (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,`
`3189`		`- blk_off, cur_dst);`
`3190`		`-`
	`3193`	`+ boot_enc_decrypt(BOOT_CURR_ENC(state), slot,`
	`3194`	`+ (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,`
	`3195`	`+ blk_off, cur_dst);`
`3191`	`3196`	`bytes_copied += chunk_sz;`
`3192`	`3197`	`}`
`3193`	`3198`	`rc = 0;`