From 6e7b9f4fa0aed88051d6700afa510430b5d3fb69 Mon Sep 17 00:00:00 2001 From: Marek Vasut Date: Wed, 5 Mar 2014 19:58:37 +0100 Subject: aes: Move the AES-128-CBC encryption function to common code Move the AES-128-CBC encryption function implemented in tegra20-common/crypto.c into lib/aes.c . This is well re-usable common code. Moreover, clean the code up a bit and fix the kerneldoc-style annotations. Signed-off-by: Marek Vasut --- arch/arm/cpu/tegra20-common/crypto.c | 72 +----------------------------------- 1 file changed, 2 insertions(+), 70 deletions(-) (limited to 'arch/arm/cpu/tegra20-common') diff --git a/arch/arm/cpu/tegra20-common/crypto.c b/arch/arm/cpu/tegra20-common/crypto.c index 8209f76..b18e67c 100644 --- a/arch/arm/cpu/tegra20-common/crypto.c +++ b/arch/arm/cpu/tegra20-common/crypto.c @@ -19,74 +19,6 @@ enum security_op { SECURITY_ENCRYPT = 1 << 1, /* Encrypt the data */ }; -static void debug_print_vector(char *name, u32 num_bytes, u8 *data) -{ - u32 i; - - debug("%s [%d] @0x%08x", name, num_bytes, (u32)data); - for (i = 0; i < num_bytes; i++) { - if (i % 16 == 0) - debug(" = "); - debug("%02x", data[i]); - if ((i+1) % 16 != 0) - debug(" "); - } - debug("\n"); -} - -/** - * Apply chain data to the destination using EOR - * - * Each array is of length AES_AES_KEY_LENGTH. - * - * \param cbc_chain_data Chain data - * \param src Source data - * \param dst Destination data, which is modified here - */ -static void apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst) -{ - int i; - - for (i = 0; i < 16; i++) - *dst++ = *src++ ^ *cbc_chain_data++; -} - -/** - * Encrypt some data with AES. - * - * \param key_schedule Expanded key to use - * \param src Source data to encrypt - * \param dst Destination buffer - * \param num_aes_blocks Number of AES blocks to encrypt - */ -static void encrypt_object(u8 *key_schedule, u8 *src, u8 *dst, - u32 num_aes_blocks) -{ - u8 tmp_data[AES_KEY_LENGTH]; - u8 *cbc_chain_data; - u32 i; - - cbc_chain_data = zero_key; /* Convenient array of 0's for IV */ - - for (i = 0; i < num_aes_blocks; i++) { - debug("encrypt_object: block %d of %d\n", i, num_aes_blocks); - debug_print_vector("AES Src", AES_KEY_LENGTH, src); - - /* Apply the chain data */ - apply_cbc_chain_data(cbc_chain_data, src, tmp_data); - debug_print_vector("AES Xor", AES_KEY_LENGTH, tmp_data); - - /* encrypt the AES block */ - aes_encrypt(tmp_data, key_schedule, dst); - debug_print_vector("AES Dst", AES_KEY_LENGTH, dst); - - /* Update pointers for next loop. */ - cbc_chain_data = dst; - src += AES_KEY_LENGTH; - dst += AES_KEY_LENGTH; - } -} - /** * Shift a vector left by one bit * @@ -129,7 +61,7 @@ static void sign_object(u8 *key, u8 *key_schedule, u8 *src, u8 *dst, for (i = 0; i < AES_KEY_LENGTH; i++) tmp_data[i] = 0; - encrypt_object(key_schedule, tmp_data, left, 1); + aes_cbc_encrypt_blocks(key_schedule, tmp_data, left, 1); debug_print_vector("AES(key, nonce)", AES_KEY_LENGTH, left); left_shift_vector(left, k1, sizeof(left)); @@ -193,7 +125,7 @@ static int encrypt_and_sign(u8 *key, enum security_op oper, u8 *src, if (oper & SECURITY_ENCRYPT) { /* Perform this in place, resulting in src being encrypted. */ debug("encrypt_and_sign: begin encryption\n"); - encrypt_object(key_schedule, src, src, num_aes_blocks); + aes_cbc_encrypt_blocks(key_schedule, src, src, num_aes_blocks); debug("encrypt_and_sign: end encryption\n"); } -- cgit v1.1 From 53eb768dfb97269ccec60d34321252b1ee1850d9 Mon Sep 17 00:00:00 2001 From: Stephen Warren Date: Fri, 18 Apr 2014 10:28:58 -0600 Subject: aes: make apply_cbc_chain_data non-static MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Tegra's crypto.c uses apply_cbc_chain_data() to sign the warm restart code. This function was recently moved into the core aes.c and made static, which prevents the Tegra code from compiling. Make it public again to avoid the compile errors: arch/arm/cpu/tegra20-common/crypto.c: In function ‘sign_object’: arch/arm/cpu/tegra20-common/crypto.c:74:3: warning: implicit declaration of function ‘apply_cbc_chain_data’ [-Wimplicit-function-declaration] arch/arm/cpu/built-in.o: In function `sign_object': .../arch/arm/cpu/tegra20-common/crypto.c:74: undefined reference to `apply_cbc_chain_data' .../arch/arm/cpu/tegra20-common/crypto.c:78: undefined reference to `apply_cbc_chain_data' Fixes: 6e7b9f4fa0ae ("aes: Move the AES-128-CBC encryption function to common code") Signed-off-by: Stephen Warren Reviewed-by: Simon Glass Acked-by: Marek Vasut --- arch/arm/cpu/tegra20-common/crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'arch/arm/cpu/tegra20-common') diff --git a/arch/arm/cpu/tegra20-common/crypto.c b/arch/arm/cpu/tegra20-common/crypto.c index b18e67c..0967f3e 100644 --- a/arch/arm/cpu/tegra20-common/crypto.c +++ b/arch/arm/cpu/tegra20-common/crypto.c @@ -74,11 +74,11 @@ static void sign_object(u8 *key, u8 *key_schedule, u8 *src, u8 *dst, /* compute the AES-CMAC value */ for (i = 0; i < num_aes_blocks; i++) { /* Apply the chain data */ - apply_cbc_chain_data(cbc_chain_data, src, tmp_data); + aes_apply_cbc_chain_data(cbc_chain_data, src, tmp_data); /* for the final block, XOR K1 into the IV */ if (i == num_aes_blocks - 1) - apply_cbc_chain_data(tmp_data, k1, tmp_data); + aes_apply_cbc_chain_data(tmp_data, k1, tmp_data); /* encrypt the AES block */ aes_encrypt(tmp_data, key_schedule, dst); -- cgit v1.1 From b149c4c399b111cec1ff7505ca9fabbeeb4fe394 Mon Sep 17 00:00:00 2001 From: Tom Rini Date: Fri, 18 Apr 2014 08:18:23 -0400 Subject: ARM:tegra20: Remove aes debug prints In 6e7b9f4 some of the debug prints for AES code moved into the generic code, so we remove these additional calls. Signed-off-by: Tom Rini Acked-by: Tom Warren --- arch/arm/cpu/tegra20-common/crypto.c | 9 --------- 1 file changed, 9 deletions(-) (limited to 'arch/arm/cpu/tegra20-common') diff --git a/arch/arm/cpu/tegra20-common/crypto.c b/arch/arm/cpu/tegra20-common/crypto.c index 0967f3e..ec95d7c 100644 --- a/arch/arm/cpu/tegra20-common/crypto.c +++ b/arch/arm/cpu/tegra20-common/crypto.c @@ -62,14 +62,11 @@ static void sign_object(u8 *key, u8 *key_schedule, u8 *src, u8 *dst, tmp_data[i] = 0; aes_cbc_encrypt_blocks(key_schedule, tmp_data, left, 1); - debug_print_vector("AES(key, nonce)", AES_KEY_LENGTH, left); left_shift_vector(left, k1, sizeof(left)); - debug_print_vector("L", AES_KEY_LENGTH, left); if ((left[0] >> 7) != 0) /* get MSB of L */ k1[AES_KEY_LENGTH-1] ^= AES_CMAC_CONST_RB; - debug_print_vector("K1", AES_KEY_LENGTH, k1); /* compute the AES-CMAC value */ for (i = 0; i < num_aes_blocks; i++) { @@ -84,16 +81,11 @@ static void sign_object(u8 *key, u8 *key_schedule, u8 *src, u8 *dst, aes_encrypt(tmp_data, key_schedule, dst); debug("sign_obj: block %d of %d\n", i, num_aes_blocks); - debug_print_vector("AES-CMAC Src", AES_KEY_LENGTH, src); - debug_print_vector("AES-CMAC Xor", AES_KEY_LENGTH, tmp_data); - debug_print_vector("AES-CMAC Dst", AES_KEY_LENGTH, dst); /* Update pointers for next loop. */ cbc_chain_data = dst; src += AES_KEY_LENGTH; } - - debug_print_vector("AES-CMAC Hash", AES_KEY_LENGTH, dst); } /** @@ -112,7 +104,6 @@ static int encrypt_and_sign(u8 *key, enum security_op oper, u8 *src, u8 key_schedule[AES_EXPAND_KEY_LENGTH]; debug("encrypt_and_sign: length = %d\n", length); - debug_print_vector("AES key", AES_KEY_LENGTH, key); /* * The only need for a key is for signing/checksum purposes, so -- cgit v1.1