[U-Boot] [RFC PATCH] cmd: aes: Extend aes command to use hw engine if available.
Michal Simek
michal.simek at xilinx.com
Fri Dec 1 14:04:01 UTC 2017
From: Siva Durga Prasad Paladugu <siva.durga.paladugu at xilinx.com>
Extend aes command to use hw engine for decryption if available
in hardware.
Signed-off-by: Siva Durga Prasad Paladugu <sivadur at xilinx.com>
Signed-off-by: Michal Simek <michal.simek at xilinx.com>
---
cmd/aes.c | 55 +++++++++++++++++++++++++++++++++++------------------
include/uboot_aes.h | 10 ++++++++++
2 files changed, 47 insertions(+), 18 deletions(-)
diff --git a/cmd/aes.c b/cmd/aes.c
index ee1ae13c06ec..48835129658e 100644
--- a/cmd/aes.c
+++ b/cmd/aes.c
@@ -16,6 +16,11 @@
DECLARE_GLOBAL_DATA_PTR;
+__weak int aes_decrypt_hw(u8 *key_ptr, u8 *src_ptr, u8 *dst_ptr, u32 len)
+{
+ return 0;
+}
+
/**
* do_aes() - Handle the "aes" command-line command
* @cmdtp: Command data struct pointer
@@ -33,8 +38,9 @@ static int do_aes(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
uint32_t aes_blocks;
int enc;
+ bool use_hw = false;
- if (argc != 6)
+ if (argc < 6 || argc > 7)
return CMD_RET_USAGE;
if (!strncmp(argv[1], "enc", 3))
@@ -49,21 +55,31 @@ static int do_aes(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
dst_addr = simple_strtoul(argv[4], NULL, 16);
len = simple_strtoul(argv[5], NULL, 16);
- key_ptr = (uint8_t *)key_addr;
- src_ptr = (uint8_t *)src_addr;
- dst_ptr = (uint8_t *)dst_addr;
+ if (argc == 7)
+ if (!strncmp(argv[6], "hw", 2))
+ use_hw = true;
- /* First we expand the key. */
- aes_expand_key(key_ptr, key_exp);
+ key_ptr = (uint8_t *)(uintptr_t)key_addr;
+ src_ptr = (uint8_t *)(uintptr_t)src_addr;
+ dst_ptr = (uint8_t *)(uintptr_t)dst_addr;
- /* Calculate the number of AES blocks to encrypt. */
- aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
+ if (use_hw) {
+ if (!enc)
+ aes_decrypt_hw(key_ptr, src_ptr, dst_ptr, len);
+ } else {
+ /* First we expand the key. */
+ aes_expand_key(key_ptr, key_exp);
- if (enc)
- aes_cbc_encrypt_blocks(key_exp, src_ptr, dst_ptr, aes_blocks);
- else
- aes_cbc_decrypt_blocks(key_exp, src_ptr, dst_ptr, aes_blocks);
+ /* Calculate the number of AES blocks to encrypt. */
+ aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
+ if (enc)
+ aes_cbc_encrypt_blocks(key_exp, src_ptr, dst_ptr,
+ aes_blocks);
+ else
+ aes_cbc_decrypt_blocks(key_exp, src_ptr, dst_ptr,
+ aes_blocks);
+ }
return 0;
}
@@ -75,15 +91,18 @@ static char aes_help_text[] =
" $key and store the result at address\n"
" $dst. The $len size must be multiple of\n"
" 16 bytes and $key must be 16 bytes long.\n"
- "aes dec key src dst len - Decrypt block of data $len bytes long\n"
- " at address $src using a key at address\n"
- " $key and store the result at address\n"
- " $dst. The $len size must be multiple of\n"
- " 16 bytes and $key must be 16 bytes long.";
+ "aes dec key src dst len [hw] - Decrypt block of data $len bytes\n"
+ " long at address $src using a key at\n"
+ " address $key and store the result at\n"
+ " address $dst. The $len size must be\n"
+ " multiple of 16 bytes and $key must be\n"
+ " 16 bytes long. The optional hw flag\n"
+ " specifies to used hardware engine if\n"
+ " supports\n";
#endif
U_BOOT_CMD(
- aes, 6, 1, do_aes,
+ aes, 7, 1, do_aes,
"AES 128 CBC encryption",
aes_help_text
);
diff --git a/include/uboot_aes.h b/include/uboot_aes.h
index 6315c02aa93d..5198bb98d076 100644
--- a/include/uboot_aes.h
+++ b/include/uboot_aes.h
@@ -91,4 +91,14 @@ void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
*/
void aes_cbc_decrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
+/**
+ * Decrypt the image using hw engine.
+ *
+ * @key_ptr Key to use
+ * @src_ptr Source data to decrypt
+ * @dst_ptr Destination buffer
+ * @len Length of encrypted image
+ */
+int aes_decrypt_hw(u8 *key_ptr, u8 *src_ptr, u8 *dst_ptr, u32 len);
+
#endif /* _AES_REF_H_ */
--
1.9.1
More information about the U-Boot
mailing list