[thirdparty/u-boot.git] / cmd / aes.c

// SPDX-License-Identifier: GPL-2.0+
/*
 * Copyright (C) 2014 Marek Vasut <marex@denx.de>
 *
 * Command for en/de-crypting block of memory with AES-[128/192/256]-CBC cipher.
 */

#include <common.h>
#include <command.h>
#include <uboot_aes.h>
#include <malloc.h>
#include <asm/byteorder.h>
#include <linux/compiler.h>
#include <mapmem.h>

u32 aes_get_key_len(char *command)
{
	u32 key_len = AES128_KEY_LENGTH;

	if (!strcmp(command, "aes.192"))
		key_len = AES192_KEY_LENGTH;
	else if (!strcmp(command, "aes.256"))
		key_len = AES256_KEY_LENGTH;

	return key_len;
}

/**
 * do_aes() - Handle the "aes" command-line command
 * @cmdtp:	Command data struct pointer
 * @flag:	Command flag
 * @argc:	Command-line argument count
 * @argv:	Array of command-line arguments
 *
 * Returns zero on success, CMD_RET_USAGE in case of misuse and negative
 * on error.
 */
static int do_aes(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
{
	uint32_t key_addr, iv_addr, src_addr, dst_addr, len;
	uint8_t *key_ptr, *iv_ptr, *src_ptr, *dst_ptr;
	u8 key_exp[AES256_EXPAND_KEY_LENGTH];
	u32 aes_blocks, key_len;
	int enc;

	if (argc != 7)
		return CMD_RET_USAGE;

	key_len = aes_get_key_len(argv[0]);

	if (!strncmp(argv[1], "enc", 3))
		enc = 1;
	else if (!strncmp(argv[1], "dec", 3))
		enc = 0;
	else
		return CMD_RET_USAGE;

	key_addr = hextoul(argv[2], NULL);
	iv_addr = hextoul(argv[3], NULL);
	src_addr = hextoul(argv[4], NULL);
	dst_addr = hextoul(argv[5], NULL);
	len = hextoul(argv[6], NULL);

	key_ptr = (uint8_t *)map_sysmem(key_addr, key_len);
	iv_ptr = (uint8_t *)map_sysmem(iv_addr, 128 / 8);
	src_ptr = (uint8_t *)map_sysmem(src_addr, len);
	dst_ptr = (uint8_t *)map_sysmem(dst_addr, len);

	/* First we expand the key. */
	aes_expand_key(key_ptr, key_len, key_exp);

	/* Calculate the number of AES blocks to encrypt. */
	aes_blocks = DIV_ROUND_UP(len, AES_BLOCK_LENGTH);

	if (enc)
		aes_cbc_encrypt_blocks(key_len, key_exp, iv_ptr, src_ptr,
				       dst_ptr, aes_blocks);
	else
		aes_cbc_decrypt_blocks(key_len, key_exp, iv_ptr, src_ptr,
				       dst_ptr, aes_blocks);

	unmap_sysmem(key_ptr);
	unmap_sysmem(iv_ptr);
	unmap_sysmem(src_ptr);
	unmap_sysmem(dst_ptr);

	return 0;
}

/***************************************************/
U_BOOT_LONGHELP(aes,
	"[.128,.192,.256] enc key iv src dst len - Encrypt block of data $len bytes long\n"
	"                             at address $src using a key at address\n"
	"                             $key with initialization vector at address\n"
	"                             $iv. Store the result at address $dst.\n"
	"                             The $len size must be multiple of 16 bytes.\n"
	"                             The $key and $iv must be 16 bytes long.\n"
	"aes [.128,.192,.256] dec key iv src dst len - Decrypt block of data $len bytes long\n"
	"                             at address $src using a key at address\n"
	"                             $key with initialization vector at address\n"
	"                             $iv. Store the result at address $dst.\n"
	"                             The $len size must be multiple of 16 bytes.\n"
	"                             The $key and $iv must be 16 bytes long.");

U_BOOT_CMD(
	aes, 7, 1, do_aes,
	"AES 128/192/256 CBC encryption",
	aes_help_text
);
Commit	Line	Data
83d290c5	1	// SPDX-License-Identifier: GPL-2.0+
b401b73d MV	2	/*
	3	* Copyright (C) 2014 Marek Vasut <marex@denx.de>
	4	*
8302d170	5	* Command for en/de-crypting block of memory with AES-[128/192/256]-CBC cipher.
b401b73d MV	6	*/
	7
	8	#include <common.h>
	9	#include <command.h>
b80c0b99	10	#include <uboot_aes.h>
b401b73d MV	11	#include <malloc.h>
	12	#include <asm/byteorder.h>
	13	#include <linux/compiler.h>
ed7ea058	14	#include <mapmem.h>
b401b73d	15
8302d170 PR	16	u32 aes_get_key_len(char *command)
	17	{
	18	u32 key_len = AES128_KEY_LENGTH;
	19
	20	if (!strcmp(command, "aes.192"))
	21	key_len = AES192_KEY_LENGTH;
	22	else if (!strcmp(command, "aes.256"))
	23	key_len = AES256_KEY_LENGTH;
	24
	25	return key_len;
	26	}
	27
b401b73d MV	28	/**
	29	* do_aes() - Handle the "aes" command-line command
	30	* @cmdtp: Command data struct pointer
	31	* @flag: Command flag
	32	* @argc: Command-line argument count
	33	* @argv: Array of command-line arguments
	34	*
	35	* Returns zero on success, CMD_RET_USAGE in case of misuse and negative
	36	* on error.
	37	*/
09140113	38	static int do_aes(struct cmd_tbl cmdtp, int flag, int argc, char const argv[])
b401b73d	39	{
af09eba6 АМ	40	uint32_t key_addr, iv_addr, src_addr, dst_addr, len;
af09eba6 АМ	41	uint8_t key_ptr, iv_ptr, src_ptr, dst_ptr;
8302d170 PR	42	u8 key_exp[AES256_EXPAND_KEY_LENGTH];
8302d170 PR	43	u32 aes_blocks, key_len;
b401b73d MV	44	int enc;
b401b73d MV	45
af09eba6	46	if (argc != 7)
b401b73d MV	47	return CMD_RET_USAGE;
b401b73d MV	48
8302d170 PR	49	key_len = aes_get_key_len(argv[0]);
8302d170 PR	50
b401b73d MV	51	if (!strncmp(argv[1], "enc", 3))
	52	enc = 1;
	53	else if (!strncmp(argv[1], "dec", 3))
	54	enc = 0;
	55	else
	56	return CMD_RET_USAGE;
	57
7e5f460e SG	58	key_addr = hextoul(argv[2], NULL);
	59	iv_addr = hextoul(argv[3], NULL);
	60	src_addr = hextoul(argv[4], NULL);
	61	dst_addr = hextoul(argv[5], NULL);
	62	len = hextoul(argv[6], NULL);
b401b73d	63
8302d170	64	key_ptr = (uint8_t *)map_sysmem(key_addr, key_len);
ed7ea058 PR	65	iv_ptr = (uint8_t *)map_sysmem(iv_addr, 128 / 8);
	66	src_ptr = (uint8_t *)map_sysmem(src_addr, len);
	67	dst_ptr = (uint8_t *)map_sysmem(dst_addr, len);
b401b73d MV	68
b401b73d MV	69	/* First we expand the key. */
8302d170	70	aes_expand_key(key_ptr, key_len, key_exp);
b401b73d MV	71
b401b73d MV	72	/* Calculate the number of AES blocks to encrypt. */
7012c04e	73	aes_blocks = DIV_ROUND_UP(len, AES_BLOCK_LENGTH);
b401b73d MV	74
b401b73d MV	75	if (enc)
8302d170 PR	76	aes_cbc_encrypt_blocks(key_len, key_exp, iv_ptr, src_ptr,
8302d170 PR	77	dst_ptr, aes_blocks);
b401b73d	78	else
8302d170 PR	79	aes_cbc_decrypt_blocks(key_len, key_exp, iv_ptr, src_ptr,
8302d170 PR	80	dst_ptr, aes_blocks);
b401b73d	81
ed7ea058 PR	82	unmap_sysmem(key_ptr);
	83	unmap_sysmem(iv_ptr);
	84	unmap_sysmem(src_ptr);
	85	unmap_sysmem(dst_ptr);
	86
b401b73d MV	87	return 0;
	88	}
	89
	90	/***************************************************/
3616218b	91	U_BOOT_LONGHELP(aes,
8302d170	92	"[.128,.192,.256] enc key iv src dst len - Encrypt block of data $len bytes long\n"
af09eba6 АМ	93	" at address $src using a key at address\n"
	94	" $key with initialization vector at address\n"
	95	" $iv. Store the result at address $dst.\n"
	96	" The $len size must be multiple of 16 bytes.\n"
	97	" The $key and $iv must be 16 bytes long.\n"
8302d170	98	"aes [.128,.192,.256] dec key iv src dst len - Decrypt block of data $len bytes long\n"
af09eba6 АМ	99	" at address $src using a key at address\n"
	100	" $key with initialization vector at address\n"
	101	" $iv. Store the result at address $dst.\n"
	102	" The $len size must be multiple of 16 bytes.\n"
3616218b	103	" The $key and $iv must be 16 bytes long.");
b401b73d MV	104
b401b73d MV	105	U_BOOT_CMD(
af09eba6	106	aes, 7, 1, do_aes,
8302d170	107	"AES 128/192/256 CBC encryption",
b401b73d MV	108	aes_help_text
b401b73d MV	109	);