/*
* Copyright (C) 2014 Marek Vasut <marex@denx.de>
*
- * Command for en/de-crypting block of memory with AES-128-CBC cipher.
+ * Command for en/de-crypting block of memory with AES-[128/192/256]-CBC cipher.
*/
#include <common.h>
#include <linux/compiler.h>
#include <mapmem.h>
+u32 aes_get_key_len(char *command)
+{
+ u32 key_len = AES128_KEY_LENGTH;
+
+ if (!strcmp(command, "aes.192"))
+ key_len = AES192_KEY_LENGTH;
+ else if (!strcmp(command, "aes.256"))
+ key_len = AES256_KEY_LENGTH;
+
+ return key_len;
+}
+
/**
* do_aes() - Handle the "aes" command-line command
* @cmdtp: Command data struct pointer
{
uint32_t key_addr, iv_addr, src_addr, dst_addr, len;
uint8_t *key_ptr, *iv_ptr, *src_ptr, *dst_ptr;
- uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
- uint32_t aes_blocks;
+ u8 key_exp[AES256_EXPAND_KEY_LENGTH];
+ u32 aes_blocks, key_len;
int enc;
if (argc != 7)
return CMD_RET_USAGE;
+ key_len = aes_get_key_len(argv[0]);
+
if (!strncmp(argv[1], "enc", 3))
enc = 1;
else if (!strncmp(argv[1], "dec", 3))
dst_addr = simple_strtoul(argv[5], NULL, 16);
len = simple_strtoul(argv[6], NULL, 16);
- key_ptr = (uint8_t *)map_sysmem(key_addr, 128 / 8);
+ key_ptr = (uint8_t *)map_sysmem(key_addr, key_len);
iv_ptr = (uint8_t *)map_sysmem(iv_addr, 128 / 8);
src_ptr = (uint8_t *)map_sysmem(src_addr, len);
dst_ptr = (uint8_t *)map_sysmem(dst_addr, len);
/* First we expand the key. */
- aes_expand_key(key_ptr, key_exp);
+ aes_expand_key(key_ptr, key_len, key_exp);
/* Calculate the number of AES blocks to encrypt. */
- aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
+ aes_blocks = DIV_ROUND_UP(len, AES_BLOCK_LENGTH);
if (enc)
- aes_cbc_encrypt_blocks(key_exp, iv_ptr, src_ptr, dst_ptr,
- aes_blocks);
+ aes_cbc_encrypt_blocks(key_len, key_exp, iv_ptr, src_ptr,
+ dst_ptr, aes_blocks);
else
- aes_cbc_decrypt_blocks(key_exp, iv_ptr, src_ptr, dst_ptr,
- aes_blocks);
+ aes_cbc_decrypt_blocks(key_len, key_exp, iv_ptr, src_ptr,
+ dst_ptr, aes_blocks);
unmap_sysmem(key_ptr);
unmap_sysmem(iv_ptr);
/***************************************************/
#ifdef CONFIG_SYS_LONGHELP
static char aes_help_text[] =
- "enc key iv src dst len - Encrypt block of data $len bytes long\n"
+ "[.128,.192,.256] enc key iv src dst len - Encrypt block of data $len bytes long\n"
" at address $src using a key at address\n"
" $key with initialization vector at address\n"
" $iv. Store the result at address $dst.\n"
" The $len size must be multiple of 16 bytes.\n"
" The $key and $iv must be 16 bytes long.\n"
- "aes dec key iv src dst len - Decrypt block of data $len bytes long\n"
+ "aes [.128,.192,.256] dec key iv src dst len - Decrypt block of data $len bytes long\n"
" at address $src using a key at address\n"
" $key with initialization vector at address\n"
" $iv. Store the result at address $dst.\n"
U_BOOT_CMD(
aes, 7, 1, do_aes,
- "AES 128 CBC encryption",
+ "AES 128/192/256 CBC encryption",
aes_help_text
);
projects / oweals / u-boot.git / blobdiff