Home Explore Help
Sign In
coolsoul
/
u-boot
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

aes: Move the AES-128-CBC encryption function to common code

Move the AES-128-CBC encryption function implemented in
tegra20-common/crypto.c into lib/aes.c . This is well re-usable common
code. Moreover, clean the code up a bit and fix the kerneldoc-style
annotations.

Signed-off-by: Marek Vasut <marex@denx.de>
Marek Vasut 11 years ago
parent
957ba85ce9
commit
6e7b9f4fa0
3 changed files with 64 additions and 70 deletions
Split View Show Diff Stats
  1. 2 70
      arch/arm/cpu/tegra20-common/crypto.c
  2. 10 0
      include/aes.h
  3. 52 0
      lib/aes.c

+ 2 - 70
arch/arm/cpu/tegra20-common/crypto.c
View File 

@@ -19,74 +19,6 @@ enum security_op {
 
 	SECURITY_ENCRYPT	= 1 << 1,	/* Encrypt the data */
 
 };
 
 
-static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
 
-{
 
-	u32 i;
 
-
 
-	debug("%s [%d] @0x%08x", name, num_bytes, (u32)data);
 
-	for (i = 0; i < num_bytes; i++) {
 
-		if (i % 16 == 0)
 
-			debug(" = ");
 
-		debug("%02x", data[i]);
 
-		if ((i+1) % 16 != 0)
 
-			debug(" ");
 
-	}
 
-	debug("\n");
 
-}
 
-
 
-/**
 
- * Apply chain data to the destination using EOR
 
- *
 
- * Each array is of length AES_AES_KEY_LENGTH.
 
- *
 
- * \param cbc_chain_data	Chain data
 
- * \param src			Source data
 
- * \param dst			Destination data, which is modified here
 
- */
 
-static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
 
-{
 
-	int i;
 
-
 
-	for (i = 0; i < 16; i++)
 
-		*dst++ = *src++ ^ *cbc_chain_data++;
 
-}
 
-
 
-/**
 
- * Encrypt some data with AES.
 
- *
 
- * \param key_schedule		Expanded key to use
 
- * \param src			Source data to encrypt
 
- * \param dst			Destination buffer
 
- * \param num_aes_blocks	Number of AES blocks to encrypt
 
- */
 
-static void encrypt_object(u8 *key_schedule, u8 *src, u8 *dst,
 
-			   u32 num_aes_blocks)
 
-{
 
-	u8 tmp_data[AES_KEY_LENGTH];
 
-	u8 *cbc_chain_data;
 
-	u32 i;
 
-
 
-	cbc_chain_data = zero_key;	/* Convenient array of 0's for IV */
 
-
 
-	for (i = 0; i < num_aes_blocks; i++) {
 
-		debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
 
-		debug_print_vector("AES Src", AES_KEY_LENGTH, src);
 
-
 
-		/* Apply the chain data */
 
-		apply_cbc_chain_data(cbc_chain_data, src, tmp_data);
 
-		debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
 
-
 
-		/* encrypt the AES block */
 
-		aes_encrypt(tmp_data, key_schedule, dst);
 
-		debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
 
-
 
-		/* Update pointers for next loop. */
 
-		cbc_chain_data = dst;
 
-		src += AES_KEY_LENGTH;
 
-		dst += AES_KEY_LENGTH;
 
-	}
 
-}
 
-
 
 /**
 
  * Shift a vector left by one bit
 
  *
 
@@ -129,7 +61,7 @@ static void sign_object(u8 *key, u8 *key_schedule, u8 *src, u8 *dst,
 
 	for (i = 0; i < AES_KEY_LENGTH; i++)
 
 		tmp_data[i] = 0;
 
 
-	encrypt_object(key_schedule, tmp_data, left, 1);
 
+	aes_cbc_encrypt_blocks(key_schedule, tmp_data, left, 1);
 
 	debug_print_vector("AES(key, nonce)", AES_KEY_LENGTH, left);
 
 
 	left_shift_vector(left, k1, sizeof(left));
 
@@ -193,7 +125,7 @@ static int encrypt_and_sign(u8 *key, enum security_op oper, u8 *src,
 
 	if (oper & SECURITY_ENCRYPT) {
 
 		/* Perform this in place, resulting in src being encrypted. */
 
 		debug("encrypt_and_sign: begin encryption\n");
 
-		encrypt_object(key_schedule, src, src, num_aes_blocks);
 
+		aes_cbc_encrypt_blocks(key_schedule, src, src, num_aes_blocks);
 
 		debug("encrypt_and_sign: end encryption\n");
 
 	}

+ 10 - 0
include/aes.h
View File 

@@ -53,4 +53,14 @@ void aes_encrypt(u8 *in, u8 *expkey, u8 *out);
 
  */
 
 void aes_decrypt(u8 *in, u8 *expkey, u8 *out);
 
 
+/**
 
+ * aes_cbc_encrypt_blocks() - Encrypt multiple blocks of data with AES CBC.
 
+ *
 
+ * @key_exp		Expanded key to use
 
+ * @src			Source data to encrypt
 
+ * @dst			Destination buffer
 
+ * @num_aes_blocks	Number of AES blocks to encrypt
 
+ */
 
+void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
 
+
 
 #endif /* _AES_REF_H_ */

+ 52 - 0
lib/aes.c
View File 

@@ -580,3 +580,55 @@ void aes_decrypt(u8 *in, u8 *expkey, u8 *out)
 
 
 	memcpy(out, state, sizeof(state));
 
 }
 
+
 
+static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
 
+{
 
+#ifdef DEBUG
 
+	printf("%s [%d] @0x%08x", name, num_bytes, (u32)data);
 
+	print_buffer(0, data, 1, num_bytes, 16);
 
+#endif
 
+}
 
+
 
+/**
 
+ * Apply chain data to the destination using EOR
 
+ *
 
+ * Each array is of length AES_KEY_LENGTH.
 
+ *
 
+ * @cbc_chain_data	Chain data
 
+ * @src			Source data
 
+ * @dst			Destination data, which is modified here
 
+ */
 
+static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
 
+{
 
+	int i;
 
+
 
+	for (i = 0; i < AES_KEY_LENGTH; i++)
 
+		*dst++ = *src++ ^ *cbc_chain_data++;
 
+}
 
+
 
+void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks)
 
+{
 
+	u8 zero_key[AES_KEY_LENGTH] = { 0 };
 
+	u8 tmp_data[AES_KEY_LENGTH];
 
+	/* Convenient array of 0's for IV */
 
+	u8 *cbc_chain_data = zero_key;
 
+	u32 i;
 
+
 
+	for (i = 0; i < num_aes_blocks; i++) {
 
+		debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
 
+		debug_print_vector("AES Src", AES_KEY_LENGTH, src);
 
+
 
+		/* Apply the chain data */
 
+		apply_cbc_chain_data(cbc_chain_data, src, tmp_data);
 
+		debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
 
+
 
+		/* Encrypt the AES block */
 
+		aes_encrypt(tmp_data, key_exp, dst);
 
+		debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
 
+
 
+		/* Update pointers for next loop. */
 
+		cbc_chain_data = dst;
 
+		src += AES_KEY_LENGTH;
 
+		dst += AES_KEY_LENGTH;
 
+	}
 
+}