diff options
| author | Michael Brown <mcb30@ipxe.org> | 2015-07-25 00:16:32 +0100 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2015-07-27 17:23:34 +0100 |
| commit | 09824eca31dd0fe7ad63d2ea0185370a6fd1dea9 (patch) | |
| tree | 322e9f057b4d41b181b1ed7956fa6b757906287a /src/include/ipxe | |
| parent | cbb07f0ef7d9c2512f70b37384a7d529f74af4c6 (diff) | |
| download | ipxe-09824eca31dd0fe7ad63d2ea0185370a6fd1dea9.tar.gz | |
[crypto] Replace AES implementation
Replace the AES implementation from AXTLS with a dedicated iPXE
implementation which is slightly smaller and around 1000% faster.
This implementation has been verified using the existing self-tests
based on the NIST AES test vectors.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/include/ipxe')
| -rw-r--r-- | src/include/ipxe/aes.h | 43 | ||||
| -rw-r--r-- | src/include/ipxe/errfile.h | 2 |
2 files changed, 32 insertions, 13 deletions
diff --git a/src/include/ipxe/aes.h b/src/include/ipxe/aes.h index 91e7483af..0432e43ee 100644 --- a/src/include/ipxe/aes.h +++ b/src/include/ipxe/aes.h @@ -1,30 +1,49 @@ #ifndef _IPXE_AES_H #define _IPXE_AES_H -FILE_LICENCE ( GPL2_OR_LATER ); +/** @file + * + * AES algorithm + * + */ -struct cipher_algorithm; +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); -/** Basic AES blocksize */ +#include <ipxe/crypto.h> + +/** AES blocksize */ #define AES_BLOCKSIZE 16 -#include "crypto/axtls/crypto.h" +/** Maximum number of AES rounds */ +#define AES_MAX_ROUNDS 15 + +/** AES matrix */ +union aes_matrix { + /** Viewed as an array of bytes */ + uint8_t byte[16]; + /** Viewed as an array of four-byte columns */ + uint32_t column[4]; +} __attribute__ (( packed )); + +/** AES round keys */ +struct aes_round_keys { + /** Round keys */ + union aes_matrix key[AES_MAX_ROUNDS]; +}; /** AES context */ struct aes_context { - /** AES context for AXTLS */ - AES_CTX axtls_ctx; - /** Cipher is being used for decrypting */ - int decrypting; + /** Encryption keys */ + struct aes_round_keys encrypt; + /** Decryption keys */ + struct aes_round_keys decrypt; + /** Number of rounds */ + unsigned int rounds; }; /** AES context size */ #define AES_CTX_SIZE sizeof ( struct aes_context ) -/* AXTLS functions */ -extern void axtls_aes_encrypt ( const AES_CTX *ctx, uint32_t *data ); -extern void axtls_aes_decrypt ( const AES_CTX *ctx, uint32_t *data ); - extern struct cipher_algorithm aes_algorithm; extern struct cipher_algorithm aes_ecb_algorithm; extern struct cipher_algorithm aes_cbc_algorithm; diff --git a/src/include/ipxe/errfile.h b/src/include/ipxe/errfile.h index 6553cd875..de50fab98 100644 --- a/src/include/ipxe/errfile.h +++ b/src/include/ipxe/errfile.h @@ -264,7 +264,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); #define ERRFILE_imgmgmt ( ERRFILE_OTHER | 0x00050000 ) #define ERRFILE_pxe_tftp ( ERRFILE_OTHER | 0x00060000 ) #define ERRFILE_pxe_udp ( ERRFILE_OTHER | 0x00070000 ) -#define ERRFILE_axtls_aes ( ERRFILE_OTHER | 0x00080000 ) +#define ERRFILE_aes ( ERRFILE_OTHER | 0x00080000 ) #define ERRFILE_cipher ( ERRFILE_OTHER | 0x00090000 ) #define ERRFILE_image_cmd ( ERRFILE_OTHER | 0x000a0000 ) #define ERRFILE_uri_test ( ERRFILE_OTHER | 0x000b0000 ) |