From patchwork Fri Dec  1 14:04:01 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michal Simek <michal.simek@xilinx.com>
X-Patchwork-Id: 843505
X-Patchwork-Delegate: monstr@monstr.eu
Return-Path: <u-boot-bounces@lists.denx.de>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=lists.denx.de
	(client-ip=81.169.180.215; helo=lists.denx.de;
	envelope-from=u-boot-bounces@lists.denx.de;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=monstr-eu.20150623.gappssmtp.com
	header.i=@monstr-eu.20150623.gappssmtp.com
	header.b="P2yF/+JW"; dkim-atps=neutral
Received: from lists.denx.de (dione.denx.de [81.169.180.215])
	by ozlabs.org (Postfix) with ESMTP id 3ypGH01gq9z9t6m
	for <incoming@patchwork.ozlabs.org>;
	Sat,  2 Dec 2017 01:04:26 +1100 (AEDT)
Received: by lists.denx.de (Postfix, from userid 105)
	id 3DA65C21FDA; Fri,  1 Dec 2017 14:04:09 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED,
	RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,
	T_DKIM_INVALID autolearn=unavailable
	autolearn_force=no version=3.4.0
Received: from lists.denx.de (localhost [IPv6:::1])
	by lists.denx.de (Postfix) with ESMTP id A177BC21D6A;
	Fri,  1 Dec 2017 14:04:06 +0000 (UTC)
Received: by lists.denx.de (Postfix, from userid 105)
	id 48E98C21C45; Fri,  1 Dec 2017 14:04:04 +0000 (UTC)
Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com
	[74.125.82.66])
	by lists.denx.de (Postfix) with ESMTPS id E742FC21D6A
	for <u-boot@lists.denx.de>; Fri,  1 Dec 2017 14:04:03 +0000 (UTC)
Received: by mail-wm0-f66.google.com with SMTP id f9so3601019wmh.0
	for <u-boot@lists.denx.de>; Fri, 01 Dec 2017 06:04:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=monstr-eu.20150623.gappssmtp.com; s=20150623;
	h=sender:from:to:cc:subject:date:message-id;
	bh=B15dEfiYLwe3uhA2eeDWGNpFLSCHrHLEZ1UmdyGm7D8=;
	b=P2yF/+JWSrMexnmBtTXiNHShJIJHD8xpa7yae6EuG+tdvmL6K1PuLk4XXaU950GqWV
	8SKXraQfDWyR1WxTMpkCfDBUOFzYk/c+z5fIfcPvVuFYWD2VkSJtTtEeNhHo3vrp7vRu
	mufgx8CYrXRa6hq81DKzc2BTvovfFusQmTQxXMgGiMZvhOMXUag1ZlOmBPrw1O0hI94y
	D9DG0wCYQH/5aao56ZKgcuhfiWQm6gNi+ceIG2mGGnM1VQjMPumoy0C8cUR0cVTAQvuI
	Junsc0W0sdsuCLtw6BU7i5nWspyA+e1sk50Q9UVchhY+/N/6abrZvfvnwtSaF61zGjyK
	rKqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id;
	bh=B15dEfiYLwe3uhA2eeDWGNpFLSCHrHLEZ1UmdyGm7D8=;
	b=cobpfsYtv8YkulV9Y4xPaO/Ho3ru6nVI173/5Mjg2V7bfJ1tb9wln4+YI8uLXlfrYV
	uB7RImLxvgYkYec97cQaOrCmmTnX68rdfmCV6Fk3ykTLy2vPF1+QUQiQAE3MTnNXcydh
	1+G2gYbRAvDSGiMe9qeQyZj3SK2gM7z/gOrOFiBDCz8+8QDfK6tKr0++KhifkH96S3vE
	Xc+xmoin8RXacVKFhtCRHMZeci+8jJ2Y0mooDOLr1k7WnuqilXhaqb3v/kNZQPqrGC9l
	81cu0tB2DtRE+CSLq3fbMrEmbdftNaHAxWmeOPmLabpVuTaRVnlHLQ4MS6Hk71hufSmE
	Y1Gg==
X-Gm-Message-State: AJaThX4FgNFLXlPZ/QNlCsfYxpoX6W4emCGY7Agr4jQZ2oM3lP/eFCPw
	QPDVFWfxUsYDs7CH6cVZWBMvuVBP
X-Google-Smtp-Source: 
 AGs4zMYP4zaCS5kZF7EXN2KA6zmlaiVdUv78SElNYCNK0VopV02cAPptbFLDCR0WYL+F05Hrd4lh1Q==
X-Received: by 10.28.39.196 with SMTP id n187mr1463481wmn.114.1512137043234;
	Fri, 01 Dec 2017 06:04:03 -0800 (PST)
Received: from localhost (nat-35.starnet.cz. [178.255.168.35])
	by smtp.gmail.com with ESMTPSA id
	y99sm1226335wmh.0.2017.12.01.06.04.02
	(version=TLS1_2 cipher=AES128-SHA bits=128/128);
	Fri, 01 Dec 2017 06:04:02 -0800 (PST)
From: Michal Simek <michal.simek@xilinx.com>
To: u-boot@lists.denx.de
Date: Fri,  1 Dec 2017 15:04:01 +0100
Message-Id: 
 <16a8e480851ce1566ec6c76d17f8c0da29d88b32.1512137038.git.michal.simek@xilinx.com>
X-Mailer: git-send-email 1.9.1
Subject: [U-Boot] [RFC PATCH] cmd: aes: Extend aes command to use hw engine
	if available.
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
	<mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <http://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
	<mailto:u-boot-request@lists.denx.de?subject=subscribe>
MIME-Version: 1.0
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>

From: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>

Extend aes command to use hw engine for decryption if available
in hardware.

Signed-off-by: Siva Durga Prasad Paladugu <sivadur@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
---

 cmd/aes.c           | 55 +++++++++++++++++++++++++++++++++++------------------
 include/uboot_aes.h | 10 ++++++++++
 2 files changed, 47 insertions(+), 18 deletions(-)

diff --git a/cmd/aes.c b/cmd/aes.c
index ee1ae13c06ec..48835129658e 100644
--- a/cmd/aes.c
+++ b/cmd/aes.c
@@ -16,6 +16,11 @@
 
 DECLARE_GLOBAL_DATA_PTR;
 
+__weak int aes_decrypt_hw(u8 *key_ptr, u8 *src_ptr, u8 *dst_ptr, u32 len)
+{
+	return 0;
+}
+
 /**
  * do_aes() - Handle the "aes" command-line command
  * @cmdtp:	Command data struct pointer
@@ -33,8 +38,9 @@ static int do_aes(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
 	uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
 	uint32_t aes_blocks;
 	int enc;
+	bool use_hw = false;
 
-	if (argc != 6)
+	if (argc < 6 || argc > 7)
 		return CMD_RET_USAGE;
 
 	if (!strncmp(argv[1], "enc", 3))
@@ -49,21 +55,31 @@ static int do_aes(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
 	dst_addr = simple_strtoul(argv[4], NULL, 16);
 	len = simple_strtoul(argv[5], NULL, 16);
 
-	key_ptr = (uint8_t *)key_addr;
-	src_ptr = (uint8_t *)src_addr;
-	dst_ptr = (uint8_t *)dst_addr;
+	if (argc == 7)
+		if (!strncmp(argv[6], "hw", 2))
+			use_hw = true;
 
-	/* First we expand the key. */
-	aes_expand_key(key_ptr, key_exp);
+	key_ptr = (uint8_t *)(uintptr_t)key_addr;
+	src_ptr = (uint8_t *)(uintptr_t)src_addr;
+	dst_ptr = (uint8_t *)(uintptr_t)dst_addr;
 
-	/* Calculate the number of AES blocks to encrypt. */
-	aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
+	if (use_hw) {
+		if (!enc)
+			aes_decrypt_hw(key_ptr, src_ptr, dst_ptr, len);
+	} else {
+		/* First we expand the key. */
+		aes_expand_key(key_ptr, key_exp);
 
-	if (enc)
-		aes_cbc_encrypt_blocks(key_exp, src_ptr, dst_ptr, aes_blocks);
-	else
-		aes_cbc_decrypt_blocks(key_exp, src_ptr, dst_ptr, aes_blocks);
+		/* Calculate the number of AES blocks to encrypt. */
+		aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
 
+		if (enc)
+			aes_cbc_encrypt_blocks(key_exp, src_ptr, dst_ptr,
+					       aes_blocks);
+		else
+			aes_cbc_decrypt_blocks(key_exp, src_ptr, dst_ptr,
+					       aes_blocks);
+	}
 	return 0;
 }
 
@@ -75,15 +91,18 @@ static char aes_help_text[] =
 	"                          $key and store the result at address\n"
 	"                          $dst. The $len size must be multiple of\n"
 	"                          16 bytes and $key must be 16 bytes long.\n"
-	"aes dec key src dst len - Decrypt block of data $len bytes long\n"
-	"                          at address $src using a key at address\n"
-	"                          $key and store the result at address\n"
-	"                          $dst. The $len size must be multiple of\n"
-	"                          16 bytes and $key must be 16 bytes long.";
+	"aes dec key src dst len [hw] - Decrypt block of data $len bytes\n"
+	"                               long at address $src using a key at\n"
+	"                               address $key and store the result at\n"
+	"                               address $dst. The $len size must be\n"
+	"                               multiple of 16 bytes and $key must be\n"
+	"                               16 bytes long. The optional hw flag\n"
+	"                               specifies to used hardware engine if\n"
+	"                               supports\n";
 #endif
 
 U_BOOT_CMD(
-	aes, 6, 1, do_aes,
+	aes, 7, 1, do_aes,
 	"AES 128 CBC encryption",
 	aes_help_text
 );
diff --git a/include/uboot_aes.h b/include/uboot_aes.h
index 6315c02aa93d..5198bb98d076 100644
--- a/include/uboot_aes.h
+++ b/include/uboot_aes.h
@@ -91,4 +91,14 @@ void aes_cbc_encrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
  */
 void aes_cbc_decrypt_blocks(u8 *key_exp, u8 *src, u8 *dst, u32 num_aes_blocks);
 
+/**
+ * Decrypt the image using hw engine.
+ *
+ * @key_ptr		Key to use
+ * @src_ptr		Source data to decrypt
+ * @dst_ptr		Destination buffer
+ * @len			Length of encrypted image
+ */
+int aes_decrypt_hw(u8 *key_ptr, u8 *src_ptr, u8 *dst_ptr, u32 len);
+
 #endif /* _AES_REF_H_ */