[U-Boot] [PATCH 1/4] aes: Fix kerneldoc for aes.h

[U-Boot] [PATCH 1/4] aes: Fix kerneldoc for aes.h

[Marek Vasut]

Fix the function annotations in aes.h so they're compatible with kerneldoc.

Signed-off-by: Marek Vasut <marex@denx.de>
---
 include/aes.h | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/include/aes.h b/include/aes.h
index ea06308..c70eda6 100644
--- a/include/aes.h
+++ b/include/aes.h
@@ -25,29 +25,31 @@ enum {
 };
 
 /**
+ * aes_expand_key() - Expand the AES key
+ *
  * Expand a key into a key schedule, which is then used for the other
  * operations.
  *
- * \param key		Key, of length AES_KEY_LENGTH bytes
- * \param expkey	Buffer to place expanded key, AES_EXPAND_KEY_LENGTH
+ * @key		Key, of length AES_KEY_LENGTH bytes
+ * @expkey	Buffer to place expanded key, AES_EXPAND_KEY_LENGTH
  */
 void aes_expand_key(u8 *key, u8 *expkey);
 
 /**
- * Encrypt a single block of data
+ * aes_encrypt() - Encrypt single block of data with AES 128
  *
- * in		Input data
- * expkey	Expanded key to use for encryption (from aes_expand_key())
- * out		Output data
+ * @in		Input data
+ * @expkey	Expanded key to use for encryption (from aes_expand_key())
+ * @out		Output data
  */
 void aes_encrypt(u8 *in, u8 *expkey, u8 *out);
 
 /**
- * Decrypt a single block of data
+ * aes_decrypt() - Decrypt single block of data with AES 128
  *
- * in		Input data
- * expkey	Expanded key to use for decryption (from aes_expand_key())
- * out		Output data
+ * @in		Input data
+ * @expkey	Expanded key to use for decryption (from aes_expand_key())
+ * @out		Output data
  */
 void aes_decrypt(u8 *in, u8 *expkey, u8 *out);
 
-- 
1.8.5.3

[U-Boot] [PATCH 2/4] aes: Move the AES-128-CBC encryption function to common code

[Marek Vasut]

Move the AES-128-CBC encryption function implemented in tegra20-common/crypto.c
into lib/aes.c . This is well re-usable common code. Moreover, clean the code up
a bit and fix the kerneldoc-style annotations.

Signed-off-by: Marek Vasut <marex@denx.de>
---
 arch/arm/cpu/tegra20-common/crypto.c | 72 +-----------------------------------
 include/aes.h                        | 10 +++++
 lib/aes.c                            | 59 +++++++++++++++++++++++++++++
 3 files changed, 71 insertions(+), 70 deletions(-)

diff --git a/arch/arm/cpu/tegra20-common/crypto.c b/arch/arm/cpu/tegra20-common/crypto.c
index 8209f76..b18e67c 100644
--- a/arch/arm/cpu/tegra20-common/crypto.c
+++ b/arch/arm/cpu/tegra20-common/crypto.c
@@ -19,74 +19,6 @@ enum security_op {
 	SECURITY_ENCRYPT	= 1 << 1,	/* Encrypt the data */
 };
 
-static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
-{
-	u32 i;
-
-	debug("%s [%d] @0x%08x", name, num_bytes, (u32)data);
-	for (i = 0; i < num_bytes; i++) {
-		if (i % 16 == 0)
-			debug(" = ");
-		debug("%02x", data[i]);
-		if ((i+1) % 16 != 0)
-			debug(" ");
-	}
-	debug("\n");
-}
-
-/**
- * Apply chain data to the destination using EOR
- *
- * Each array is of length AES_AES_KEY_LENGTH.
- *
- * \param cbc_chain_data	Chain data
- * \param src			Source data
- * \param dst			Destination data, which is modified here
- */
-static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
-{
-	int i;
-
-	for (i = 0; i < 16; i++)
-		*dst++ = *src++ ^ *cbc_chain_data++;
-}
-
-/**
- * Encrypt some data with AES.
- *
- * \param key_schedule		Expanded key to use
- * \param src			Source data to encrypt
- * \param dst			Destination buffer
- * \param num_aes_blocks	Number of AES blocks to encrypt
- */
-static void encrypt_object(u8 *key_schedule, u8 *src, u8 *dst,
-			   u32 num_aes_blocks)
-{
-	u8 tmp_data[AES_KEY_LENGTH];
-	u8 *cbc_chain_data;
-	u32 i;
-
-	cbc_chain_data = zero_key;	/* Convenient array of 0's for IV */
-
-	for (i = 0; i < num_aes_blocks; i++) {
-		debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
-		debug_print_vector("AES Src", AES_KEY_LENGTH, src);
-
-		/* Apply the chain data */
-		apply_cbc_chain_data(cbc_chain_data, src, tmp_data);
-		debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
-
-		/* encrypt the AES block */
-		aes_encrypt(tmp_data, key_schedule, dst);
-		debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
-
-		/* Update pointers for next loop. */
-		cbc_chain_data = dst;
-		src += AES_KEY_LENGTH;
-		dst += AES_KEY_LENGTH;
-	}
-}
-
 /**
  * Shift a vector left by one bit
  *
@@ -129,7 +61,7 @@ static void sign_object(u8 *key, u8 *key_schedule, u8 *src, u8 *dst,
 	for (i = 0; i < AES_KEY_LENGTH; i++)
 		tmp_data[i] = 0;
 
-	encrypt_object(key_schedule, tmp_data, left, 1);
+	aes_cbc_encrypt_blocks(key_schedule, tmp_data, left, 1);
 	debug_print_vector("AES(key, nonce)", AES_KEY_LENGTH, left);
 
 	left_shift_vector(left, k1, sizeof(left));
@@ -193,7 +125,7 @@ static int encrypt_and_sign(u8 *key, enum security_op oper, u8 *src,
 	if (oper & SECURITY_ENCRYPT) {
 		/* Perform this in place, resulting in src being encrypted. */
 		debug("encrypt_and_sign: begin encryption\n");
-		encrypt_object(key_schedule, src, src, num_aes_blocks);
+		aes_cbc_encrypt_blocks(key_schedule, src, src, num_aes_blocks);
 		debug("encrypt_and_sign: end encryption\n");
 	}
 
diff --git a/include/aes.h b/include/aes.h
index c70eda6..d9bb387 100644
--- a/include/aes.h
+++ b/include/aes.h
@@ -53,4 +53,14 @@ void aes_encrypt(u8 *in, u8 *expkey, u8 *out);
  */
 void aes_decrypt(u8 *in, u8 *expkey, u8 *out);
 
+/**
+ * aes_cbc_encrypt_blocks() - Encrypt multiple blocks of data with AES CBC.
+ *
+ * @key_exp		Expanded key to use
+ * @src			Source data to encrypt
+ * @dst			Destination buffer
+ * @num_aes_blocks	Number of AES blocks to encrypt
+ */
+void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
+
 #endif /* _AES_REF_H_ */
diff --git a/lib/aes.c b/lib/aes.c
index e996b27..4df5dae 100644
--- a/lib/aes.c
+++ b/lib/aes.c
@@ -580,3 +580,62 @@ void aes_decrypt(u8 *in, u8 *expkey, u8 *out)
 
 	memcpy(out, state, sizeof(state));
 }
+
+static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
+{
+	u32 i;
+
+	debug("%s [%d] @0x%08x", name, num_bytes, (u32)data);
+	for (i = 0; i < num_bytes; i++) {
+		if (i % 16 == 0)
+			debug(" = ");
+		debug("%02x", data[i]);
+		if ((i+1) % 16 != 0)
+			debug(" ");
+	}
+	debug("\n");
+}
+
+/**
+ * Apply chain data to the destination using EOR
+ *
+ * Each array is of length AES_AES_KEY_LENGTH.
+ *
+ * @cbc_chain_data	Chain data
+ * @src			Source data
+ * @dst			Destination data, which is modified here
+ */
+static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
+{
+	int i;
+
+	for (i = 0; i < 16; i++)
+		*dst++ = *src++ ^ *cbc_chain_data++;
+}
+
+void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks)
+{
+	u8 zero_key[AES_KEY_LENGTH] = { 0 };
+	u8 tmp_data[AES_KEY_LENGTH];
+	/* Convenient array of 0's for IV */
+	u8 *cbc_chain_data = zero_key;
+	u32 i;
+
+	for (i = 0; i < num_aes_blocks; i++) {
+		debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
+		debug_print_vector("AES Src", AES_KEY_LENGTH, src);
+
+		/* Apply the chain data */
+		apply_cbc_chain_data(cbc_chain_data, src, tmp_data);
+		debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
+
+		/* Encrypt the AES block */
+		aes_encrypt(tmp_data, key_exp, dst);
+		debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
+
+		/* Update pointers for next loop. */
+		cbc_chain_data = dst;
+		src += AES_KEY_LENGTH;
+		dst += AES_KEY_LENGTH;
+	}
+}
-- 
1.8.5.3

[U-Boot] [PATCH 3/4] aes: Implement AES-128-CBC decryption function

[Marek Vasut]

Implement a compatible AES-128-CBC decryption function as a counterpart
of the encryption function pulled from tegra20-common/crypto.c .

Signed-off-by: Marek Vasut <marex@denx.de>
---
 include/aes.h | 10 ++++++++++
 lib/aes.c     | 28 ++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/include/aes.h b/include/aes.h
index d9bb387..4897e6f 100644
--- a/include/aes.h
+++ b/include/aes.h
@@ -63,4 +63,14 @@ void aes_decrypt(u8 *in, u8 *expkey, u8 *out);
  */
 void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
 
+/**
+ * Decrypt multiple blocks of data with AES CBC.
+ *
+ * @key_exp		Expanded key to use
+ * @src			Source data to decrypt
+ * @dst			Destination buffer
+ * @num_aes_blocks	Number of AES blocks to decrypt
+ */
+void aes_cbc_decrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
+
 #endif /* _AES_REF_H_ */
diff --git a/lib/aes.c b/lib/aes.c
index 4df5dae..8b23e10 100644
--- a/lib/aes.c
+++ b/lib/aes.c
@@ -639,3 +639,31 @@ void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks)
 		dst += AES_KEY_LENGTH;
 	}
 }
+
+void aes_cbc_decrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks)
+{
+	u8 tmp_data[AES_KEY_LENGTH], tmp_block[AES_KEY_LENGTH];
+	/* Convenient array of 0's for IV */
+	u8 cbc_chain_data[AES_KEY_LENGTH] = { 0 };
+	u32 i;
+
+	for (i = 0; i < num_aes_blocks; i++) {
+		debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
+		debug_print_vector("AES Src", AES_KEY_LENGTH, src);
+
+		memcpy(tmp_block, src, AES_KEY_LENGTH);
+
+		/* Decrypt the AES block */
+		aes_decrypt(src, key_exp, tmp_data);
+		debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
+
+		/* Apply the chain data */
+		apply_cbc_chain_data(cbc_chain_data, tmp_data, dst);
+		debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
+
+		/* Update pointers for next loop. */
+		memcpy(cbc_chain_data, tmp_block, AES_KEY_LENGTH);
+		src += AES_KEY_LENGTH;
+		dst += AES_KEY_LENGTH;
+	}
+}
-- 
1.8.5.3

[U-Boot] [PATCH 4/4] aes: Add 'aes' command to access AES-128-CBC

[Marek Vasut]

Add simple 'aes' command, which allows using the AES-128-CBC encryption
and decryption functions from U-Boot command line.

Signed-off-by: Marek Vasut <marex@denx.de>
---
 README           |  1 +
 common/Makefile  |  1 +
 common/cmd_aes.c | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 91 insertions(+)
 create mode 100644 common/cmd_aes.c

diff --git a/README b/README
index fe48ccd..770113d 100644
--- a/README
+++ b/README
@@ -895,6 +895,7 @@ The following options need to be configured:
 		The default command configuration includes all commands
 		except those marked below with a "*".
 
+		CONFIG_CMD_AES		  AES 128 CBC encrypt/decrypt
 		CONFIG_CMD_ASKENV	* ask for env variable
 		CONFIG_CMD_BDI		  bdinfo
 		CONFIG_CMD_BEDBUG	* Include BedBug Debugger
diff --git a/common/Makefile b/common/Makefile
index a83246e..2879304 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -48,6 +48,7 @@ obj-$(CONFIG_ENV_IS_IN_UBI) += env_ubi.o
 obj-$(CONFIG_ENV_IS_NOWHERE) += env_nowhere.o
 
 # command
+obj-$(CONFIG_CMD_AES) += cmd_aes.o
 obj-$(CONFIG_CMD_AMBAPP) += cmd_ambapp.o
 obj-$(CONFIG_SOURCE) += cmd_source.o
 obj-$(CONFIG_CMD_SOURCE) += cmd_source.o
diff --git a/common/cmd_aes.c b/common/cmd_aes.c
new file mode 100644
index 0000000..76da3ef
--- /dev/null
+++ b/common/cmd_aes.c
@@ -0,0 +1,89 @@
+/*
+ * Copyright (C) 2014 Marek Vasut <marex@denx.de>
+ *
+ * Command for en/de-crypting block of memory with AES-128-CBC cipher.
+ *
+ * SPDX-License-Identifier:	GPL-2.0+
+ */
+
+#include <common.h>
+#include <command.h>
+#include <environment.h>
+#include <aes.h>
+#include <malloc.h>
+#include <asm/byteorder.h>
+#include <linux/compiler.h>
+
+DECLARE_GLOBAL_DATA_PTR;
+
+/**
+ * do_aes() - Handle the "aes" command-line command
+ * @cmdtp:	Command data struct pointer
+ * @flag:	Command flag
+ * @argc:	Command-line argument count
+ * @argv:	Array of command-line arguments
+ *
+ * Returns zero on success, CMD_RET_USAGE in case of misuse and negative
+ * on error.
+ */
+static int do_aes(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
+{
+	uint32_t key_addr, src_addr, dst_addr, len;
+	uint8_t *key_ptr, *src_ptr, *dst_ptr;
+	uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
+	uint32_t aes_blocks;
+	int enc;
+
+	if (argc != 6)
+		return CMD_RET_USAGE;
+
+	if (!strncmp(argv[1], "enc", 3))
+		enc = 1;
+	else if (!strncmp(argv[1], "dec", 3))
+		enc = 0;
+	else
+		return CMD_RET_USAGE;
+
+	key_addr = simple_strtoul(argv[2], NULL, 16);
+	src_addr = simple_strtoul(argv[3], NULL, 16);
+	dst_addr = simple_strtoul(argv[4], NULL, 16);
+	len = simple_strtoul(argv[5], NULL, 16);
+
+	key_ptr = (uint8_t *)key_addr;
+	src_ptr = (uint8_t *)src_addr;
+	dst_ptr = (uint8_t *)dst_addr;
+
+	/* First we expand the key. */
+	aes_expand_key(key_ptr, key_exp);
+
+	/* Calculate the number of AES blocks to encrypt. */
+	aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
+
+	if (enc)
+		aes_cbc_encrypt_blocks(key_exp, src_ptr, dst_ptr, aes_blocks);
+	else
+		aes_cbc_decrypt_blocks(key_exp, src_ptr, dst_ptr, aes_blocks);
+
+	return 0;
+}
+
+/***************************************************/
+#ifdef CONFIG_SYS_LONGHELP
+static char aes_help_text[] =
+	"enc key src dst len - Encrypt block of data $len bytes long\n"
+	"                          at address $src using a key at address\n"
+	"                          $key and store the result at address\n"
+	"                          $dst. The $len size must be multiple of\n"
+	"                          16 bytes and $key must be 16 bytes long.\n"
+	"aes dec key src dst len - Decrypt block of data $len bytes long\n"
+	"                          at address $src using a key at address\n"
+	"                          $key and store the result at address\n"
+	"                          $dst. The $len size must be multiple of\n"
+	"                          16 bytes and $key must be 16 bytes long.";
+#endif
+
+U_BOOT_CMD(
+	aes, 6, 1, do_aes,
+	"AES 128 CBC encryption",
+	aes_help_text
+);
-- 
1.8.5.3

[U-Boot] [PATCH 1/4] aes: Fix kerneldoc for aes.h

[Simon Glass]

On 5 February 2014 20:44, Marek Vasut <marex@denx.de> wrote:
> Fix the function annotations in aes.h so they're compatible with kerneldoc.
>
> Signed-off-by: Marek Vasut <marex@denx.de>

Acked-by: Simon Glass <sjg@chromium.org>

[U-Boot] [PATCH 2/4] aes: Move the AES-128-CBC encryption function to common code

[Simon Glass]

Hi Marek,

On 5 February 2014 20:44, Marek Vasut <marex@denx.de> wrote:
> Move the AES-128-CBC encryption function implemented in tegra20-common/crypto.c
> into lib/aes.c . This is well re-usable common code. Moreover, clean the code up
> a bit and fix the kerneldoc-style annotations.
>
> Signed-off-by: Marek Vasut <marex@denx.de>
> ---
>  arch/arm/cpu/tegra20-common/crypto.c | 72 +-----------------------------------
>  include/aes.h                        | 10 +++++
>  lib/aes.c                            | 59 +++++++++++++++++++++++++++++
>  3 files changed, 71 insertions(+), 70 deletions(-)
>
> diff --git a/arch/arm/cpu/tegra20-common/crypto.c b/arch/arm/cpu/tegra20-common/crypto.c
> index 8209f76..b18e67c 100644
> --- a/arch/arm/cpu/tegra20-common/crypto.c
> +++ b/arch/arm/cpu/tegra20-common/crypto.c
> @@ -19,74 +19,6 @@ enum security_op {
>         SECURITY_ENCRYPT        = 1 << 1,       /* Encrypt the data */
>  };
>
> -static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
> -{
> -       u32 i;
> -
> -       debug("%s [%d] @0x%08x", name, num_bytes, (u32)data);
> -       for (i = 0; i < num_bytes; i++) {
> -               if (i % 16 == 0)
> -                       debug(" = ");
> -               debug("%02x", data[i]);
> -               if ((i+1) % 16 != 0)
> -                       debug(" ");
> -       }
> -       debug("\n");
> -}
> -
> -/**
> - * Apply chain data to the destination using EOR
> - *
> - * Each array is of length AES_AES_KEY_LENGTH.

AES_KEY_LENGTH

> - *
> - * \param cbc_chain_data       Chain data
> - * \param src                  Source data
> - * \param dst                  Destination data, which is modified here
> - */
> -static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
> -{
> -       int i;
> -
> -       for (i = 0; i < 16; i++)

AES_KEY_LENGTH?

> -               *dst++ = *src++ ^ *cbc_chain_data++;
> -}
> -
> -/**
> - * Encrypt some data with AES.
> - *
> - * \param key_schedule         Expanded key to use
> - * \param src                  Source data to encrypt
> - * \param dst                  Destination buffer
> - * \param num_aes_blocks       Number of AES blocks to encrypt
> - */
> -static void encrypt_object(u8 *key_schedule, u8 *src, u8 *dst,
> -                          u32 num_aes_blocks)
> -{
> -       u8 tmp_data[AES_KEY_LENGTH];
> -       u8 *cbc_chain_data;
> -       u32 i;
> -
> -       cbc_chain_data = zero_key;      /* Convenient array of 0's for IV */
> -
> -       for (i = 0; i < num_aes_blocks; i++) {
> -               debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
> -               debug_print_vector("AES Src", AES_KEY_LENGTH, src);
> -
> -               /* Apply the chain data */
> -               apply_cbc_chain_data(cbc_chain_data, src, tmp_data);
> -               debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
> -
> -               /* encrypt the AES block */
> -               aes_encrypt(tmp_data, key_schedule, dst);
> -               debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
> -
> -               /* Update pointers for next loop. */
> -               cbc_chain_data = dst;
> -               src += AES_KEY_LENGTH;
> -               dst += AES_KEY_LENGTH;
> -       }
> -}
> -
>  /**
>   * Shift a vector left by one bit
>   *
> @@ -129,7 +61,7 @@ static void sign_object(u8 *key, u8 *key_schedule, u8 *src, u8 *dst,
>         for (i = 0; i < AES_KEY_LENGTH; i++)
>                 tmp_data[i] = 0;
>
> -       encrypt_object(key_schedule, tmp_data, left, 1);
> +       aes_cbc_encrypt_blocks(key_schedule, tmp_data, left, 1);
>         debug_print_vector("AES(key, nonce)", AES_KEY_LENGTH, left);
>
>         left_shift_vector(left, k1, sizeof(left));
> @@ -193,7 +125,7 @@ static int encrypt_and_sign(u8 *key, enum security_op oper, u8 *src,
>         if (oper & SECURITY_ENCRYPT) {
>                 /* Perform this in place, resulting in src being encrypted. */
>                 debug("encrypt_and_sign: begin encryption\n");
> -               encrypt_object(key_schedule, src, src, num_aes_blocks);
> +               aes_cbc_encrypt_blocks(key_schedule, src, src, num_aes_blocks);
>                 debug("encrypt_and_sign: end encryption\n");
>         }
>
> diff --git a/include/aes.h b/include/aes.h
> index c70eda6..d9bb387 100644
> --- a/include/aes.h
> +++ b/include/aes.h
> @@ -53,4 +53,14 @@ void aes_encrypt(u8 *in, u8 *expkey, u8 *out);
>   */
>  void aes_decrypt(u8 *in, u8 *expkey, u8 *out);
>
> +/**
> + * aes_cbc_encrypt_blocks() - Encrypt multiple blocks of data with AES CBC.
> + *
> + * @key_exp            Expanded key to use
> + * @src                        Source data to encrypt
> + * @dst                        Destination buffer
> + * @num_aes_blocks     Number of AES blocks to encrypt
> + */
> +void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
> +
>  #endif /* _AES_REF_H_ */
> diff --git a/lib/aes.c b/lib/aes.c
> index e996b27..4df5dae 100644
> --- a/lib/aes.c
> +++ b/lib/aes.c
> @@ -580,3 +580,62 @@ void aes_decrypt(u8 *in, u8 *expkey, u8 *out)
>
>         memcpy(out, state, sizeof(state));
>  }
> +
> +static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
> +{
> +       u32 i;
> +
> +       debug("%s [%d] @0x%08x", name, num_bytes, (u32)data);
> +       for (i = 0; i < num_bytes; i++) {
> +               if (i % 16 == 0)
> +                       debug(" = ");
> +               debug("%02x", data[i]);
> +               if ((i+1) % 16 != 0)
> +                       debug(" ");
> +       }
> +       debug("\n");

Can we use print_buffer() here?

> +}
> +
> +/**
> + * Apply chain data to the destination using EOR
> + *
> + * Each array is of length AES_AES_KEY_LENGTH.
> + *
> + * @cbc_chain_data     Chain data
> + * @src                        Source data
> + * @dst                        Destination data, which is modified here
> + */
> +static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
> +{
> +       int i;
> +
> +       for (i = 0; i < 16; i++)
> +               *dst++ = *src++ ^ *cbc_chain_data++;
> +}
> +
> +void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks)
> +{
> +       u8 zero_key[AES_KEY_LENGTH] = { 0 };
> +       u8 tmp_data[AES_KEY_LENGTH];
> +       /* Convenient array of 0's for IV */
> +       u8 *cbc_chain_data = zero_key;
> +       u32 i;
> +
> +       for (i = 0; i < num_aes_blocks; i++) {
> +               debug("encrypt_object: block %d of %d\n", i, num_aes_blocks);
> +               debug_print_vector("AES Src", AES_KEY_LENGTH, src);
> +
> +               /* Apply the chain data */
> +               apply_cbc_chain_data(cbc_chain_data, src, tmp_data);
> +               debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data);
> +
> +               /* Encrypt the AES block */
> +               aes_encrypt(tmp_data, key_exp, dst);
> +               debug_print_vector("AES Dst", AES_KEY_LENGTH, dst);
> +
> +               /* Update pointers for next loop. */
> +               cbc_chain_data = dst;
> +               src += AES_KEY_LENGTH;
> +               dst += AES_KEY_LENGTH;
> +       }
> +}
> --
> 1.8.5.3
>
> _______________________________________________
> U-Boot mailing list
> U-Boot at lists.denx.de
> http://lists.denx.de/mailman/listinfo/u-boot

Regards,
Simon

[U-Boot] [PATCH 2/4] aes: Move the AES-128-CBC encryption function to common code

[Marek Vasut]

On Sunday, February 16, 2014 at 12:30:54 AM, Simon Glass wrote:
> Hi Marek,
> 
> On 5 February 2014 20:44, Marek Vasut <marex@denx.de> wrote:
> > Move the AES-128-CBC encryption function implemented in
> > tegra20-common/crypto.c into lib/aes.c . This is well re-usable common
> > code. Moreover, clean the code up a bit and fix the kerneldoc-style
> > annotations.
> > 
> > Signed-off-by: Marek Vasut <marex@denx.de>

Fixed all and V2 is out, thanks!

Best regards,
Marek Vasut