Hi Jarkko,
thanks for the review!
> On 12.09.2023, at 19:32, Jarkko Sakkinen wrote:
>
> On Tue Sep 12, 2023 at 2:11 PM EEST, David Gstir wrote:
[...]
>> - /* Payload contains the key. */
>> - desc->control0 |= MXS_DCP_CONTROL0_PAYLOAD_KEY;
>> + if (key_referenced) {
>> + /* Set OTP key bit
DCP is capable to performing AES with hardware-bound keys.
These keys are not stored in main memory and are therefore not directly
accessible by the operating system.
So instead of feeding the key into DCP, we need to place a
reference to such a key before initiating the crypto operation.
Keys
On Tue Sep 12, 2023 at 2:11 PM EEST, David Gstir wrote:
> @@ -101,6 +102,7 @@ struct dcp_async_ctx {
> struct crypto_skcipher *fallback;
> unsigned intkey_len;
> uint8_t key[AES_KEYSIZE_128];
> + bool
On Tue Sep 12, 2023 at 2:11 PM EEST, David Gstir wrote:
> DCP is capable to performing AES with hardware-bound keys.
> These keys are not stored in main memory and are therefore not directly
> accessible by the operating system.
>
> So instead of feeding the key into DCP, we need to place a
>