[U-Boot] [RFC PATCH] cmd: aes: Extend aes command to use hw engine if available.

Michal Simek michal.simek at xilinx.com
Fri Dec 1 14:04:01 UTC 2017


From: Siva Durga Prasad Paladugu <siva.durga.paladugu at xilinx.com>

Extend aes command to use hw engine for decryption if available
in hardware.

Signed-off-by: Siva Durga Prasad Paladugu <sivadur at xilinx.com>
Signed-off-by: Michal Simek <michal.simek at xilinx.com>
---

 cmd/aes.c           | 55 +++++++++++++++++++++++++++++++++++------------------
 include/uboot_aes.h | 10 ++++++++++
 2 files changed, 47 insertions(+), 18 deletions(-)

diff --git a/cmd/aes.c b/cmd/aes.c
index ee1ae13c06ec..48835129658e 100644
--- a/cmd/aes.c
+++ b/cmd/aes.c
@@ -16,6 +16,11 @@
 
 DECLARE_GLOBAL_DATA_PTR;
 
+__weak int aes_decrypt_hw(u8 *key_ptr, u8 *src_ptr, u8 *dst_ptr, u32 len)
+{
+	return 0;
+}
+
 /**
  * do_aes() - Handle the "aes" command-line command
  * @cmdtp:	Command data struct pointer
@@ -33,8 +38,9 @@ static int do_aes(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
 	uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
 	uint32_t aes_blocks;
 	int enc;
+	bool use_hw = false;
 
-	if (argc != 6)
+	if (argc < 6 || argc > 7)
 		return CMD_RET_USAGE;
 
 	if (!strncmp(argv[1], "enc", 3))
@@ -49,21 +55,31 @@ static int do_aes(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
 	dst_addr = simple_strtoul(argv[4], NULL, 16);
 	len = simple_strtoul(argv[5], NULL, 16);
 
-	key_ptr = (uint8_t *)key_addr;
-	src_ptr = (uint8_t *)src_addr;
-	dst_ptr = (uint8_t *)dst_addr;
+	if (argc == 7)
+		if (!strncmp(argv[6], "hw", 2))
+			use_hw = true;
 
-	/* First we expand the key. */
-	aes_expand_key(key_ptr, key_exp);
+	key_ptr = (uint8_t *)(uintptr_t)key_addr;
+	src_ptr = (uint8_t *)(uintptr_t)src_addr;
+	dst_ptr = (uint8_t *)(uintptr_t)dst_addr;
 
-	/* Calculate the number of AES blocks to encrypt. */
-	aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
+	if (use_hw) {
+		if (!enc)
+			aes_decrypt_hw(key_ptr, src_ptr, dst_ptr, len);
+	} else {
+		/* First we expand the key. */
+		aes_expand_key(key_ptr, key_exp);
 
-	if (enc)
-		aes_cbc_encrypt_blocks(key_exp, src_ptr, dst_ptr, aes_blocks);
-	else
-		aes_cbc_decrypt_blocks(key_exp, src_ptr, dst_ptr, aes_blocks);
+		/* Calculate the number of AES blocks to encrypt. */
+		aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
 
+		if (enc)
+			aes_cbc_encrypt_blocks(key_exp, src_ptr, dst_ptr,
+					       aes_blocks);
+		else
+			aes_cbc_decrypt_blocks(key_exp, src_ptr, dst_ptr,
+					       aes_blocks);
+	}
 	return 0;
 }
 
@@ -75,15 +91,18 @@ static char aes_help_text[] =
 	"                          $key and store the result at address\n"
 	"                          $dst. The $len size must be multiple of\n"
 	"                          16 bytes and $key must be 16 bytes long.\n"
-	"aes dec key src dst len - Decrypt block of data $len bytes long\n"
-	"                          at address $src using a key at address\n"
-	"                          $key and store the result at address\n"
-	"                          $dst. The $len size must be multiple of\n"
-	"                          16 bytes and $key must be 16 bytes long.";
+	"aes dec key src dst len [hw] - Decrypt block of data $len bytes\n"
+	"                               long at address $src using a key at\n"
+	"                               address $key and store the result at\n"
+	"                               address $dst. The $len size must be\n"
+	"                               multiple of 16 bytes and $key must be\n"
+	"                               16 bytes long. The optional hw flag\n"
+	"                               specifies to used hardware engine if\n"
+	"                               supports\n";
 #endif
 
 U_BOOT_CMD(
-	aes, 6, 1, do_aes,
+	aes, 7, 1, do_aes,
 	"AES 128 CBC encryption",
 	aes_help_text
 );
diff --git a/include/uboot_aes.h b/include/uboot_aes.h
index 6315c02aa93d..5198bb98d076 100644
--- a/include/uboot_aes.h
+++ b/include/uboot_aes.h
@@ -91,4 +91,14 @@ void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
  */
 void aes_cbc_decrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
 
+/**
+ * Decrypt the image using hw engine.
+ *
+ * @key_ptr		Key to use
+ * @src_ptr		Source data to decrypt
+ * @dst_ptr		Destination buffer
+ * @len			Length of encrypted image
+ */
+int aes_decrypt_hw(u8 *key_ptr, u8 *src_ptr, u8 *dst_ptr, u32 len);
+
 #endif /* _AES_REF_H_ */
-- 
1.9.1



More information about the U-Boot mailing list