boot: Replace boot_encrypt by boot_enc_encrypt and boot_enc_decrypt

de-nordic · de-nordic · commit 4e606d7fe509 · 2024-08-02T11:19:23.000Z
To be able to implement encryption with API that requires different
calls for encryption and encryption, the boot_encrypt
needs to be replaced with encryption/decryption specific functions.

Signed-off-by: Dominik Ermel &lt;dominik.ermel@nordicsemi.no&gt;
diff --git a/boot/boot_serial/src/boot_serial_encryption.c b/boot/boot_serial/src/boot_serial_encryption.c
@@ -171,7 +171,7 @@ decrypt_region_inplace(struct boot_loader_state *state,
                     blk_sz = tlv_off - (off + bytes_copied);
                 }
             }
-            boot_encrypt(BOOT_CURR_ENC(state), slot,
+            boot_enc_decrypt(BOOT_CURR_ENC(state), slot,
                     (off + bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
                     blk_off, &buf[idx]);
         }
diff --git a/boot/bootutil/include/bootutil/enc_key.h b/boot/bootutil/include/bootutil/enc_key.h
@@ -71,7 +71,9 @@ int boot_enc_load(struct enc_key_data *enc_state, int slot,
         struct boot_status *bs);
 bool boot_enc_valid(struct enc_key_data *enc_state, int image_index,
         const struct flash_area *fap);
-void boot_encrypt(struct enc_key_data *enc_state, int slot,
+void boot_enc_encrypt(struct enc_key_data *enc_state, int slot,
+        uint32_t off, uint32_t sz, uint32_t blk_off, uint8_t *buf);
+void boot_enc_decrypt(struct enc_key_data *enc_state, int slot,
         uint32_t off, uint32_t sz, uint32_t blk_off, uint8_t *buf);
 void boot_enc_zeroize(struct enc_key_data *enc_state);
 
diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
@@ -698,14 +698,13 @@ boot_enc_valid(struct enc_key_data *enc_state, int image_index,
 }
 
 void
-boot_encrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
+boot_enc_encrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
              uint32_t sz, uint32_t blk_off, uint8_t *buf)
 {
-    struct enc_key_data *enc;
+    struct enc_key_data *enc = &enc_state[slot];
     uint8_t nonce[16];
 
-    /* boot_copy_region will call boot_encrypt with sz = 0 when skipping over
-       the TLVs. */
+    /* Nothing to do with size == 0 */
     if (sz == 0) {
        return;
     }
@@ -717,11 +716,33 @@ boot_encrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
     nonce[14] = (uint8_t)(off >> 8);
     nonce[15] = (uint8_t)off;
 
-    enc = &enc_state[slot];
     assert(enc->valid == 1);
     bootutil_aes_ctr_encrypt(&enc->aes_ctr, nonce, buf, sz, blk_off, buf);
 }
 
+void
+boot_enc_decrypt(struct enc_key_data *enc_state, int slot, uint32_t off,
+             uint32_t sz, uint32_t blk_off, uint8_t *buf)
+{
+    struct enc_key_data *enc = &enc_state[slot];
+    uint8_t nonce[16];
+
+    /* Nothing to do with size == 0 */
+    if (sz == 0) {
+       return;
+    }
+
+    memset(nonce, 0, 12);
+    off >>= 4;
+    nonce[12] = (uint8_t)(off >> 24);
+    nonce[13] = (uint8_t)(off >> 16);
+    nonce[14] = (uint8_t)(off >> 8);
+    nonce[15] = (uint8_t)off;
+
+    assert(enc->valid == 1);
+    bootutil_aes_ctr_decrypt(&enc->aes_ctr, nonce, buf, sz, blk_off, buf);
+}
+
 /**
  * Clears encrypted state after use.
  */
diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
@@ -153,8 +153,8 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
 
             if (off >= hdr_size && off < tlv_off) {
                 blk_off = (off - hdr_size) & 0xf;
-                boot_encrypt(enc_state, slot, off - hdr_size,
-                             blk_sz, blk_off, tmp_buf);
+                boot_enc_decrypt(enc_state, slot, off - hdr_size,
+                                 blk_sz, blk_off, tmp_buf);
             }
         }
 #endif
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
@@ -1292,7 +1292,13 @@ boot_copy_region(struct boot_loader_state *state,
                             blk_sz = tlv_off - abs_off;
                         }
                     }
-                    boot_encrypt(BOOT_CURR_ENC(state), source_slot,
+                }
+                if (source_slot == 0) {
+                    boot_enc_encrypt(BOOT_CURR_ENC(state), source_slot,
+                            (abs_off + idx) - hdr->ih_hdr_size, blk_sz,
+                            blk_off, &buf[idx]);
+                } else {
+                    boot_enc_decrypt(BOOT_CURR_ENC(state), source_slot,
                             (abs_off + idx) - hdr->ih_hdr_size, blk_sz,
                             blk_off, &buf[idx]);
                 }
@@ -2773,10 +2779,9 @@ boot_decrypt_and_copy_image_to_sram(struct boot_loader_state *state,
              * Part of the chunk is encrypted payload */
             blk_sz = tlv_off - (bytes_copied);
         }
-        boot_encrypt(BOOT_CURR_ENC(state), slot,
-            (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
-            blk_off, cur_dst);
-
+        boot_enc_decrypt(BOOT_CURR_ENC(state), slot,
+                (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,
+                blk_off, cur_dst);
         bytes_copied += chunk_sz;
     }
     rc = 0;

Original file line number	Diff line number	Diff line change
`@@ -171,7 +171,7 @@ decrypt_region_inplace(struct boot_loader_state *state,`
`171`	`171`	`blk_sz = tlv_off - (off + bytes_copied);`
`172`	`172`	`}`
`173`	`173`	`}`
`174`		`- boot_encrypt(BOOT_CURR_ENC(state), slot,`
	`174`	`+ boot_enc_decrypt(BOOT_CURR_ENC(state), slot,`
`175`	`175`	`(off + bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,`
`176`	`176`	`blk_off, &buf[idx]);`
`177`	`177`	`}`
Original file line number	Diff line number	Diff line change
`@@ -153,8 +153,8 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,`
`153`	`153`
`154`	`154`	`if (off >= hdr_size && off < tlv_off) {`
`155`	`155`	`blk_off = (off - hdr_size) & 0xf;`
`156`		`- boot_encrypt(enc_state, slot, off - hdr_size,`
`157`		`- blk_sz, blk_off, tmp_buf);`
	`156`	`+ boot_enc_decrypt(enc_state, slot, off - hdr_size,`
	`157`	`+ blk_sz, blk_off, tmp_buf);`
`158`	`158`	`}`
`159`	`159`	`}`
`160`	`160`	`#endif`
Original file line number	Diff line number	Diff line change
`@@ -1292,7 +1292,13 @@ boot_copy_region(struct boot_loader_state *state,`
`1292`	`1292`	`blk_sz = tlv_off - abs_off;`
`1293`	`1293`	`}`
`1294`	`1294`	`}`
`1295`		`- boot_encrypt(BOOT_CURR_ENC(state), source_slot,`
	`1295`	`+ }`
	`1296`	`+ if (source_slot == 0) {`
	`1297`	`+ boot_enc_encrypt(BOOT_CURR_ENC(state), source_slot,`
	`1298`	`+ (abs_off + idx) - hdr->ih_hdr_size, blk_sz,`
	`1299`	`+ blk_off, &buf[idx]);`
	`1300`	`+ } else {`
	`1301`	`+ boot_enc_decrypt(BOOT_CURR_ENC(state), source_slot,`
`1296`	`1302`	`(abs_off + idx) - hdr->ih_hdr_size, blk_sz,`
`1297`	`1303`	`blk_off, &buf[idx]);`
`1298`	`1304`	`}`
`@@ -2773,10 +2779,9 @@ boot_decrypt_and_copy_image_to_sram(struct boot_loader_state *state,`
`2773`	`2779`	`* Part of the chunk is encrypted payload */`
`2774`	`2780`	`blk_sz = tlv_off - (bytes_copied);`
`2775`	`2781`	`}`
`2776`		`- boot_encrypt(BOOT_CURR_ENC(state), slot,`
`2777`		`- (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,`
`2778`		`- blk_off, cur_dst);`
`2779`		`-`
	`2782`	`+ boot_enc_decrypt(BOOT_CURR_ENC(state), slot,`
	`2783`	`+ (bytes_copied + idx) - hdr->ih_hdr_size, blk_sz,`
	`2784`	`+ blk_off, cur_dst);`
`2780`	`2785`	`bytes_copied += chunk_sz;`
`2781`	`2786`	`}`
`2782`	`2787`	`rc = 0;`