smallsolar/u-boot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

aes: Use const pointers for read-only parameters

Browse Source 
Update AES function signatures to use const pointers for parameters that
are not modified. This improves type safety and makes it easier to see
which parameters are read-only.

Fix the Nuvoton npcm_ae driver as well since it implements the API.
Really that should be handled by a driver, but leave that for now.

Functions updated:
- aes_expand_key(): key parameter
- aes_encrypt(): in and expkey parameters
- aes_decrypt(): in and expkey parameters
- aes_apply_cbc_chain_data(): cbc_chain_data and src parameters
- aes_cbc_encrypt_blocks(): key_exp, iv, and src parameters
- aes_cbc_decrypt_blocks(): key_exp, iv, and src parameters
- add_round_key(): key parameter (internal)
- debug_print_vector(): data parameter (internal)

Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
This commit is contained in:
Simon Glass
2025-11-14 11:28:34 -07:00
parent 33f5f5cb3f
commit 76aa68ed86
3 changed files with 43 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
drivers/crypto/nuvoton/npcm_aes.c
View File

@@ -102,10 +102,10 @@ static int npcm_aes_init(u8 dec_enc)
return 0; return 0;
} }
static inline void npcm_aes_load_iv(u8 *iv) static inline void npcm_aes_load_iv(const u8 *iv)
{ {
struct npcm_aes_regs *regs = aes_priv->regs; struct npcm_aes_regs *regs = aes_priv->regs;
u32 *p = (u32 *)iv; const u32 *p = (const u32 *)iv;
u32 i; u32 i;
/* Initialization Vector is loaded in 32-bit chunks */ /* Initialization Vector is loaded in 32-bit chunks */
@@ -113,10 +113,10 @@ static inline void npcm_aes_load_iv(u8 *iv)
writel(p[i], &regs->aes_iv_0 + i); writel(p[i], &regs->aes_iv_0 + i);
} }
static inline void npcm_aes_load_key(u8 *key) static inline void npcm_aes_load_key(const u8 *key)
{ {
struct npcm_aes_regs *regs = aes_priv->regs; struct npcm_aes_regs *regs = aes_priv->regs;
u32 *p = (u32 *)key; const u32 *p = (const u32 *)key;
u32 i; u32 i;
/* The key can be loaded either via the configuration or by using sideband /* The key can be loaded either via the configuration or by using sideband
@@ -140,7 +140,7 @@ static inline void npcm_aes_load_key(u8 *key)
} }
} }
static inline void npcm_aes_write(u32 *in) static inline void npcm_aes_write(const u32 *in)
{ {
struct npcm_aes_regs *regs = aes_priv->regs; struct npcm_aes_regs *regs = aes_priv->regs;
u32 i; u32 i;
@@ -160,7 +160,7 @@ static inline void npcm_aes_read(u32 *out)
out[i] = readl(&regs->aes_fifo_data); out[i] = readl(&regs->aes_fifo_data);
} }
static void npcm_aes_feed(u32 num_aes_blocks, u32 *datain, u32 *dataout) static void npcm_aes_feed(u32 num_aes_blocks, const u32 *datain, u32 *dataout)
{ {
struct npcm_aes_regs *regs = aes_priv->regs; struct npcm_aes_regs *regs = aes_priv->regs;
u32 aes_datablk; u32 aes_datablk;
@@ -235,14 +235,14 @@ static void npcm_aes_feed(u32 num_aes_blocks, u32 *datain, u32 *dataout)
} }
} }
void aes_expand_key(u8 *key, u32 key_size, u8 *expkey) void aes_expand_key(const u8 *key, u32 key_size, u8 *expkey)
{ {
/* npcm hw expands the key automatically, just copy it */ /* npcm hw expands the key automatically, just copy it */
memcpy(expkey, key, SIZE_AES_BLOCK * 2); memcpy(expkey, key, SIZE_AES_BLOCK * 2);
} }
void aes_cbc_encrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst, void aes_cbc_encrypt_blocks(u32 key_size, const u8 *key_exp, const u8 *iv,
u32 num_aes_blocks) const u8 *src, u8 *dst, u32 num_aes_blocks)
{ {
if (npcm_aes_init(AES_OP_ENCRYPT)) if (npcm_aes_init(AES_OP_ENCRYPT))
return; return;
@@ -254,8 +254,8 @@ void aes_cbc_encrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst,
npcm_aes_feed(num_aes_blocks, (u32 *)src, (u32 *)dst); npcm_aes_feed(num_aes_blocks, (u32 *)src, (u32 *)dst);
} }
void aes_cbc_decrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst, void aes_cbc_decrypt_blocks(u32 key_size, const u8 *key_exp, const u8 *iv,
u32 num_aes_blocks) const u8 *src, u8 *dst, u32 num_aes_blocks)
{ {
if (npcm_aes_init(AES_OP_DECRYPT)) if (npcm_aes_init(AES_OP_DECRYPT))
return; return;

42
include/uboot_aes.h
View File

@@ -44,67 +44,67 @@ enum {
* Expand a key into a key schedule, which is then used for the other * Expand a key into a key schedule, which is then used for the other
* operations. * operations.
* *
* @key Key * @key Key (not modified)
* @key_size Size of the key (in bits) * @key_size Size of the key (in bits)
* @expkey Buffer to place expanded key, AES_EXPAND_KEY_LENGTH * @expkey Buffer to place expanded key, AES_EXPAND_KEY_LENGTH
*/ */
void aes_expand_key(u8 *key, u32 key_size, u8 *expkey); void aes_expand_key(const u8 *key, u32 key_size, u8 *expkey);
/** /**
* aes_encrypt() - Encrypt single block of data with AES 128 * aes_encrypt() - Encrypt single block of data with AES 128
* *
* @key_size Size of the aes key (in bits) * @key_size Size of the aes key (in bits)
* @in Input data * @in Input data (not modified)
* @expkey Expanded key to use for encryption (from aes_expand_key()) * @expkey Expanded key to use for encryption (from aes_expand_key(), not modified)
* @out Output data * @out Output data
*/ */
void aes_encrypt(u32 key_size, u8 *in, u8 *expkey, u8 *out); void aes_encrypt(u32 key_size, const u8 *in, const u8 *expkey, u8 *out);
/** /**
* aes_decrypt() - Decrypt single block of data with AES 128 * aes_decrypt() - Decrypt single block of data with AES 128
* *
* @key_size Size of the aes key (in bits) * @key_size Size of the aes key (in bits)
* @in Input data * @in Input data (not modified)
* @expkey Expanded key to use for decryption (from aes_expand_key()) * @expkey Expanded key to use for decryption (from aes_expand_key(), not modified)
* @out Output data * @out Output data
*/ */
void aes_decrypt(u32 key_size, u8 *in, u8 *expkey, u8 *out); void aes_decrypt(u32 key_size, const u8 *in, const u8 *expkey, u8 *out);
/** /**
* Apply chain data to the destination using EOR * Apply chain data to the destination using EOR
* *
* Each array is of length AES_BLOCK_LENGTH. * Each array is of length AES_BLOCK_LENGTH.
* *
* @cbc_chain_data Chain data * @cbc_chain_data Chain data (not modified)
* @src Source data * @src Source data (not modified)
* @dst Destination data, which is modified here * @dst Destination data, which is modified here
*/ */
void aes_apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst); void aes_apply_cbc_chain_data(const u8 *cbc_chain_data, const u8 *src, u8 *dst);
/** /**
* aes_cbc_encrypt_blocks() - Encrypt multiple blocks of data with AES CBC. * aes_cbc_encrypt_blocks() - Encrypt multiple blocks of data with AES CBC.
* *
* @key_size Size of the aes key (in bits) * @key_size Size of the aes key (in bits)
* @key_exp Expanded key to use * @key_exp Expanded key to use (not modified)
* @iv Initialization vector * @iv Initialization vector (not modified)
* @src Source data to encrypt * @src Source data to encrypt (not modified)
* @dst Destination buffer * @dst Destination buffer
* @num_aes_blocks Number of AES blocks to encrypt * @num_aes_blocks Number of AES blocks to encrypt
*/ */
void aes_cbc_encrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst, void aes_cbc_encrypt_blocks(u32 key_size, const u8 *key_exp, const u8 *iv,
u32 num_aes_blocks); const u8 *src, u8 *dst, u32 num_aes_blocks);
/** /**
* Decrypt multiple blocks of data with AES CBC. * Decrypt multiple blocks of data with AES CBC.
* *
* @key_size Size of the aes key (in bits) * @key_size Size of the aes key (in bits)
* @key_exp Expanded key to use * @key_exp Expanded key to use (not modified)
* @iv Initialization vector * @iv Initialization vector (not modified)
* @src Source data to decrypt * @src Source data to decrypt (not modified)
* @dst Destination buffer * @dst Destination buffer
* @num_aes_blocks Number of AES blocks to decrypt * @num_aes_blocks Number of AES blocks to decrypt
*/ */
void aes_cbc_decrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst, void aes_cbc_decrypt_blocks(u32 key_size, const u8 *key_exp, const u8 *iv,
u32 num_aes_blocks); const u8 *src, u8 *dst, u32 num_aes_blocks);
#endif /* _AES_REF_H_ */ #endif /* _AES_REF_H_ */

22
lib/aes.c
View File

@@ -498,7 +498,7 @@ static void inv_mix_sub_columns(u8 *state)
* encrypt/decrypt columns of the key * encrypt/decrypt columns of the key
* n.b. you can replace this with byte-wise xor if you wish. * n.b. you can replace this with byte-wise xor if you wish.
*/ */
static void add_round_key(u32 *state, u32 *key) static void add_round_key(u32 *state, const u32 *key)
{ {
int idx; int idx;
@@ -537,7 +537,7 @@ static u32 aes_get_keycols(u32 key_len)
} }
/* produce AES_STATECOLS bytes for each round */ /* produce AES_STATECOLS bytes for each round */
void aes_expand_key(u8 *key, u32 key_len, u8 *expkey) void aes_expand_key(const u8 *key, u32 key_len, u8 *expkey)
{ {
u8 tmp0, tmp1, tmp2, tmp3, tmp4; u8 tmp0, tmp1, tmp2, tmp3, tmp4;
uint idx, aes_rounds, aes_keycols; uint idx, aes_rounds, aes_keycols;
@@ -574,7 +574,7 @@ void aes_expand_key(u8 *key, u32 key_len, u8 *expkey)
} }
/* encrypt one 128 bit block */ /* encrypt one 128 bit block */
void aes_encrypt(u32 key_len, u8 *in, u8 *expkey, u8 *out) void aes_encrypt(u32 key_len, const u8 *in, const u8 *expkey, u8 *out)
{ {
u8 state[AES_STATECOLS * 4]; u8 state[AES_STATECOLS * 4];
u32 round, aes_rounds; u32 round, aes_rounds;
@@ -597,7 +597,7 @@ void aes_encrypt(u32 key_len, u8 *in, u8 *expkey, u8 *out)
memcpy(out, state, sizeof(state)); memcpy(out, state, sizeof(state));
} }
void aes_decrypt(u32 key_len, u8 *in, u8 *expkey, u8 *out) void aes_decrypt(u32 key_len, const u8 *in, const u8 *expkey, u8 *out)
{ {
u8 state[AES_STATECOLS * 4]; u8 state[AES_STATECOLS * 4];
int round, aes_rounds; int round, aes_rounds;
@@ -620,7 +620,7 @@ void aes_decrypt(u32 key_len, u8 *in, u8 *expkey, u8 *out)
memcpy(out, state, sizeof(state)); memcpy(out, state, sizeof(state));
} }
static void debug_print_vector(char *name, u32 num_bytes, u8 *data) static void debug_print_vector(char *name, u32 num_bytes, const u8 *data)
{ {
#ifdef DEBUG #ifdef DEBUG
printf("%s [%d] @0x%p", name, num_bytes, data); printf("%s [%d] @0x%p", name, num_bytes, data);
@@ -628,7 +628,7 @@ static void debug_print_vector(char *name, u32 num_bytes, u8 *data)
#endif #endif
} }
void aes_apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst) void aes_apply_cbc_chain_data(const u8 *cbc_chain_data, const u8 *src, u8 *dst)
{ {
int i; int i;
@@ -636,11 +636,11 @@ void aes_apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst)
*dst++ = *src++ ^ *cbc_chain_data++; *dst++ = *src++ ^ *cbc_chain_data++;
} }
void aes_cbc_encrypt_blocks(u32 key_len, u8 *key_exp, u8 *iv, u8 *src, u8 *dst, void aes_cbc_encrypt_blocks(u32 key_len, const u8 *key_exp, const u8 *iv,
u32 num_aes_blocks) const u8 *src, u8 *dst, u32 num_aes_blocks)
{ {
u8 tmp_data[AES_BLOCK_LENGTH]; u8 tmp_data[AES_BLOCK_LENGTH];
u8 *cbc_chain_data = iv; const u8 *cbc_chain_data = iv;
u32 i; u32 i;
for (i = 0; i < num_aes_blocks; i++) { for (i = 0; i < num_aes_blocks; i++) {
@@ -662,8 +662,8 @@ void aes_cbc_encrypt_blocks(u32 key_len, u8 *key_exp, u8 *iv, u8 *src, u8 *dst,
} }
} }
void aes_cbc_decrypt_blocks(u32 key_len, u8 *key_exp, u8 *iv, u8 *src, u8 *dst, void aes_cbc_decrypt_blocks(u32 key_len, const u8 *key_exp, const u8 *iv,
u32 num_aes_blocks) const u8 *src, u8 *dst, u32 num_aes_blocks)
{ {
u8 tmp_data[AES_BLOCK_LENGTH], tmp_block[AES_BLOCK_LENGTH]; u8 tmp_data[AES_BLOCK_LENGTH], tmp_block[AES_BLOCK_LENGTH];
/* Convenient array of 0's for IV */ /* Convenient array of 0's for IV */