LFU-192-6 Uboot: Add command to provision encryption key

command actions: generate the MPPubK and generate PKEK as hash(MPPUBK). read the encrypted key from RAM and decrypt using PKEK. encapsulate the key in black blob and add 20 bytes TAG to black blob. Tested on: IMX8MM IMX8MN Signed-off-by: Gaurav Jain <gaurav.jain@nxp.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> (cherry picked from commit 2ad52ac95ffb991d7efb61084b690c02176ce499)
author: Gaurav Jain <gaurav.jain@nxp.com> 2021-07-26 19:29:36 +0530
committer: Ye Li <ye.li@nxp.com> 2022-04-06 18:04:50 +0800
commit: 12f90b0849f680a0825d48086db1f025dc858bfc (patch)
tree: 7eb34b2915025563660b56873363890fbb09f1fc /include
parent: cfe483a6c6219f1327fe31220e7c854ebc11e837 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/include/fsl_sec.h b/include/fsl_sec.h
index e0aed957794..f9e0d2e322e 100644
--- a/include/fsl_sec.h
+++ b/include/fsl_sec.h
@@ -28,7 +28,16 @@
 #error Neither CONFIG_SYS_FSL_SEC_LE nor CONFIG_SYS_FSL_SEC_BE is defined
 #endif
 
+#define BLOB_OVERHEAD		(32 + 16)
 #define BLOB_SIZE(x)		((x) + 32 + 16) /* Blob buffer size */
+#define AES256_KEY_SZ		32
+
+#define NONCE_SIZE		6
+#define ICV_SIZE		6
+#define CCM_OVERHEAD		(NONCE_SIZE + ICV_SIZE)
+#define TAG_SIZE		20
+#define MAX_BLOB_SIZE		(AES256_KEY_SZ + CCM_OVERHEAD +\
+				BLOB_OVERHEAD + TAG_SIZE)
 
 /* Security Engine Block (MS = Most Sig., LS = Least Sig.) */
 #if CONFIG_SYS_FSL_SEC_COMPAT >= 4
author	Gaurav Jain <gaurav.jain@nxp.com>	2021-07-26 19:29:36 +0530
committer	Ye Li <ye.li@nxp.com>	2022-04-06 18:04:50 +0800
commit	12f90b0849f680a0825d48086db1f025dc858bfc (patch)
tree	7eb34b2915025563660b56873363890fbb09f1fc /include
parent	cfe483a6c6219f1327fe31220e7c854ebc11e837 (diff)