mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-11-10 15:14:43 +00:00
aes: Move the AES-128-CBC encryption function to common code
Move the AES-128-CBC encryption function implemented in tegra20-common/crypto.c into lib/aes.c . This is well re-usable common code. Moreover, clean the code up a bit and fix the kerneldoc-style annotations. Signed-off-by: Marek Vasut <marex@denx.de>
This commit is contained in:
Marek Vasut
Tom Rini
parent
957ba85ce9
commit
6e7b9f4fa0
3 changed files with 64 additions and 70 deletions
|
|
@ -19,74 +19,6 @@ enum security_op {
|
|||
SECURITY_ENCRYPT = 1 << 1, /* Encrypt the data */
|
||||
};
|
||||
|
||||
static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
|
||||
{
|
||||
u32 i;
|
||||
|
||||
debug("%s [%d] @0x%08x", name, num_bytes, (u32)data);
|
||||
for (i = 0; i < num_bytes; i++) {
|
||||
if (i % 16 == 0)
|
||||
debug(" = ");
|
||||
debug("%02x", data[i]);
|
||||
if ((i+1) % 16 != 0)
|
||||
debug(" ");
|
||||
}
|
||||
debug("\n");
|
||||
}
|
||||
|
||||
/**
|
||||
* Apply chain data to the destination using EOR
|
||||
*
|
||||
* Each array is of length AES_AES_KEY_LENGTH.
|
||||
*
|
||||
* \param cbc_chain_data Chain data
|
||||
* \param src Source data
|
||||
* \param dst Destination data, which is modified here
|
||||
*/
|
||||
static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < 16; i++)
|
||||
*dst++ = *src++ ^ *cbc_chain_data++;
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypt some data with AES.
|
||||
*
|
||||
* \param key_schedule Expanded key to use
|
||||
* \param src Source data to encrypt
|
||||
* \param dst Destination buffer
|
||||
* \param num_aes_blocks Number of AES blocks to encrypt
|
||||
*/
|
||||
static void encrypt_object(u8 *key_schedule, u8 *src, u8 *dst,
|
||||
u32 num_aes_blocks)
|
||||
{
|
||||
u8 tmp_data[AES_KEY_LENGTH];
|
||||
u8 *cbc_chain_data;
|
||||
u32 i;
|
||||
|
||||
cbc_chain_data = zero_key; /* Convenient array of 0's for IV */
|
||||
|
||||
for (i = 0; i < num_aes_blocks; i++) {
|
||||
debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
|
||||
debug_print_vector("AES Src", AES_KEY_LENGTH, src);
|
||||
|
||||
/* Apply the chain data */
|
||||
apply_cbc_chain_data(cbc_chain_data, src, tmp_data);
|
||||
debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
|
||||
|
||||
/* encrypt the AES block */
|
||||
aes_encrypt(tmp_data, key_schedule, dst);
|
||||
debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
|
||||
|
||||
/* Update pointers for next loop. */
|
||||
cbc_chain_data = dst;
|
||||
src += AES_KEY_LENGTH;
|
||||
dst += AES_KEY_LENGTH;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Shift a vector left by one bit
|
||||
*
|
||||
|
|
@ -129,7 +61,7 @@ static void sign_object(u8 *key, u8 *key_schedule, u8 *src, u8 *dst,
|
|||
for (i = 0; i < AES_KEY_LENGTH; i++)
|
||||
tmp_data[i] = 0;
|
||||
|
||||
encrypt_object(key_schedule, tmp_data, left, 1);
|
||||
aes_cbc_encrypt_blocks(key_schedule, tmp_data, left, 1);
|
||||
debug_print_vector("AES(key, nonce)", AES_KEY_LENGTH, left);
|
||||
|
||||
left_shift_vector(left, k1, sizeof(left));
|
||||
|
|
@ -193,7 +125,7 @@ static int encrypt_and_sign(u8 *key, enum security_op oper, u8 *src,
|
|||
if (oper & SECURITY_ENCRYPT) {
|
||||
/* Perform this in place, resulting in src being encrypted. */
|
||||
debug("encrypt_and_sign: begin encryption\n");
|
||||
encrypt_object(key_schedule, src, src, num_aes_blocks);
|
||||
aes_cbc_encrypt_blocks(key_schedule, src, src, num_aes_blocks);
|
||||
debug("encrypt_and_sign: end encryption\n");
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -53,4 +53,14 @@ void aes_encrypt(u8 *in, u8 *expkey, u8 *out);
|
|||
*/
|
||||
void aes_decrypt(u8 *in, u8 *expkey, u8 *out);
|
||||
|
||||
/**
|
||||
* aes_cbc_encrypt_blocks() - Encrypt multiple blocks of data with AES CBC.
|
||||
*
|
||||
* @key_exp Expanded key to use
|
||||
* @src Source data to encrypt
|
||||
* @dst Destination buffer
|
||||
* @num_aes_blocks Number of AES blocks to encrypt
|
||||
*/
|
||||
void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
|
||||
|
||||
#endif /* _AES_REF_H_ */
|
||||
|
|
|
|||
52
lib/aes.c
52
lib/aes.c
|
|
@ -580,3 +580,55 @@ void aes_decrypt(u8 *in, u8 *expkey, u8 *out)
|
|||
|
||||
memcpy(out, state, sizeof(state));
|
||||
}
|
||||
|
||||
static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
|
||||
{
|
||||
#ifdef DEBUG
|
||||
printf("%s [%d] @0x%08x", name, num_bytes, (u32)data);
|
||||
print_buffer(0, data, 1, num_bytes, 16);
|
||||
#endif
|
||||
}
|
||||
|
||||
/**
|
||||
* Apply chain data to the destination using EOR
|
||||
*
|
||||
* Each array is of length AES_KEY_LENGTH.
|
||||
*
|
||||
* @cbc_chain_data Chain data
|
||||
* @src Source data
|
||||
* @dst Destination data, which is modified here
|
||||
*/
|
||||
static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < AES_KEY_LENGTH; i++)
|
||||
*dst++ = *src++ ^ *cbc_chain_data++;
|
||||
}
|
||||
|
||||
void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks)
|
||||
{
|
||||
u8 zero_key[AES_KEY_LENGTH] = { 0 };
|
||||
u8 tmp_data[AES_KEY_LENGTH];
|
||||
/* Convenient array of 0's for IV */
|
||||
u8 *cbc_chain_data = zero_key;
|
||||
u32 i;
|
||||
|
||||
for (i = 0; i < num_aes_blocks; i++) {
|
||||
debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
|
||||
debug_print_vector("AES Src", AES_KEY_LENGTH, src);
|
||||
|
||||
/* Apply the chain data */
|
||||
apply_cbc_chain_data(cbc_chain_data, src, tmp_data);
|
||||
debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
|
||||
|
||||
/* Encrypt the AES block */
|
||||
aes_encrypt(tmp_data, key_exp, dst);
|
||||
debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
|
||||
|
||||
/* Update pointers for next loop. */
|
||||
cbc_chain_data = dst;
|
||||
src += AES_KEY_LENGTH;
|
||||
dst += AES_KEY_LENGTH;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue