Age | Commit message (Collapse) | Author |
|
Move this header out of the common header.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Until now, we only support aes128. This commit add the support
of aes192 and aes256.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
In the code, we use the size of the key for the
size of the block. It's true when the key is 128 bits,
but it become false for key of 192 bits and 256 bits.
So to prepare the support of aes192 and 256,
we introduce a constant for the iaes block size.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
AES encryption in CBC mode, in most cases, must be used with random
initialization vector. Using the same key and initialization vector several
times is weak and must be avoided.
Added iv parameter to the aes_cbc_encrypt_blocks and aes_cbc_decrypt_blocks
functions for passing initialization vector.
Command 'aes' now also require the initialization vector parameter.
Signed-off-by: Andrey Mozzhuhin <amozzhuhin@yandex.ru>
|
|
aes.h is a too generic name if this file can
be exported and used by a program.
Rename it to avoid any conflicts with
other files (for example, from openSSL).
Signed-off-by: Stefano Babic <sbabic@denx.de>
|
|
Tegra's crypto.c uses apply_cbc_chain_data() to sign the warm restart
code. This function was recently moved into the core aes.c and made
static, which prevents the Tegra code from compiling. Make it public
again to avoid the compile errors:
arch/arm/cpu/tegra20-common/crypto.c: In function ‘sign_object’:
arch/arm/cpu/tegra20-common/crypto.c:74:3: warning: implicit declaration of function ‘apply_cbc_chain_data’ [-Wimplicit-function-declaration]
arch/arm/cpu/built-in.o: In function `sign_object':
.../arch/arm/cpu/tegra20-common/crypto.c:74: undefined reference to `apply_cbc_chain_data'
.../arch/arm/cpu/tegra20-common/crypto.c:78: undefined reference to `apply_cbc_chain_data'
Fixes: 6e7b9f4fa0ae ("aes: Move the AES-128-CBC encryption function to common code")
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Marek Vasut <marex@denx.de>
|
|
Implement support for encrypting/decrypting the environment block
into the tools/env/fw_* tools. The cipher used is AES 128 CBC and
the implementation depends solely on components internal to U-Boot.
To allow building against the internal AES library, the library did
need minor adjustments to not include U-Boot's headers which are not
wanted to be included and define missing types.
Signed-off-by: Marek Vasut <marex@denx.de>
|
|
Implement a compatible AES-128-CBC decryption function as a counterpart
of the encryption function pulled from tegra20-common/crypto.c .
Signed-off-by: Marek Vasut <marex@denx.de>
|
|
Move the AES-128-CBC encryption function implemented in
tegra20-common/crypto.c into lib/aes.c . This is well re-usable common
code. Moreover, clean the code up a bit and fix the kerneldoc-style
annotations.
Signed-off-by: Marek Vasut <marex@denx.de>
|
|
Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>
|
|
Add support for AES using an implementation from Karl Malbrain.
This offers small code size (around 5KB on ARM) and supports 128-bit
AES only.
Signed-off-by: Yen Lin <yelin@nvidia.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Warren <twarren@nvidia.com>
|