mirror of
				https://xff.cz/git/u-boot/
				synced 2025-10-26 16:13:55 +01:00 
			
		
		
		
	Binaries may be encrypted in a FIT image with AES. This algo needs a key and an IV (Initialization Vector). The IV is provided in a file (pointer by iv-name-hint in the ITS file) when building the ITB file. This commits adds provide an alternative way to manage the IV. If the property iv-name-hint is not provided in the ITS file, the tool mkimage will generate an random IV and store it in the FIT image. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
		
			
				
	
	
		
			47 lines
		
	
	
		
			1.1 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			47 lines
		
	
	
		
			1.1 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /* SPDX-License-Identifier: GPL-2.0+ */
 | |
| /*
 | |
|  * Copyright (c) 2019, Softathome
 | |
|  */
 | |
| 
 | |
| #ifndef _AES_H
 | |
| #define _AES_H
 | |
| 
 | |
| #include <errno.h>
 | |
| #include <image.h>
 | |
| 
 | |
| #if IMAGE_ENABLE_ENCRYPT
 | |
| int image_aes_encrypt(struct image_cipher_info *info,
 | |
| 		      const unsigned char *data, int size,
 | |
| 		      unsigned char **cipher, int *cipher_len);
 | |
| int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest,
 | |
| 			      void *fit, int node_noffset);
 | |
| #else
 | |
| int image_aes_encrypt(struct image_cipher_info *info,
 | |
| 		      const unsigned char *data, int size,
 | |
| 		      unsigned char **cipher, int *cipher_len)
 | |
| {
 | |
| 	return -ENXIO;
 | |
| }
 | |
| 
 | |
| int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest,
 | |
| 			      void *fit, int node_noffset)
 | |
| {
 | |
| 	return -ENXIO;
 | |
| }
 | |
| #endif /* IMAGE_ENABLE_ENCRYPT */
 | |
| 
 | |
| #if IMAGE_ENABLE_DECRYPT
 | |
| int image_aes_decrypt(struct image_cipher_info *info,
 | |
| 		      const void *cipher, size_t cipher_len,
 | |
| 		      void **data, size_t *size);
 | |
| #else
 | |
| int image_aes_decrypt(struct image_cipher_info *info,
 | |
| 		      const void *cipher, size_t cipher_len,
 | |
| 		      void **data, size_t *size)
 | |
| {
 | |
| 	return -ENXIO;
 | |
| }
 | |
| #endif /* IMAGE_ENABLE_DECRYPT */
 | |
| 
 | |
| #endif
 |