* (C) Copyright 2001 Sysgo Real-Time Solutions, GmbH <www.elinos.com>
* Andreas Heppel <aheppel@sysgo.de>
*
- * SPDX-License-Identifier: GPL-2.0+
+ * SPDX-License-Identifier: GPL-2.0+
*/
#include <common.h>
.change_ok = env_flags_validate,
};
-static uchar __env_get_char_spec(int index)
+__weak uchar env_get_char_spec(int index)
{
return *((uchar *)(gd->env_addr + index));
}
-uchar env_get_char_spec(int)
- __attribute__((weak, alias("__env_get_char_spec")));
static uchar env_get_char_init(int index)
{
}
if (himport_r(&env_htab, (char *)default_environment,
- sizeof(default_environment), '\0', flags,
+ sizeof(default_environment), '\0', flags, 0,
0, NULL) == 0)
error("Environment import failed: errno = %d\n", errno);
gd->flags |= GD_FLG_ENV_READY;
+ gd->flags |= GD_FLG_ENV_DEFAULT;
}
*/
return himport_r(&env_htab, (const char *)default_environment,
sizeof(default_environment), '\0',
- H_NOCLEAR | H_INTERACTIVE, nvars, vars);
+ H_NOCLEAR | H_INTERACTIVE, 0, nvars, vars);
}
-#ifndef CONFIG_SPL_BUILD
+#ifdef CONFIG_ENV_AES
+#include <aes.h>
+/**
+ * env_aes_cbc_get_key() - Get AES-128-CBC key for the environment
+ *
+ * This function shall return 16-byte array containing AES-128 key used
+ * to encrypt and decrypt the environment. This function must be overridden
+ * by the implementer as otherwise the environment encryption will not
+ * work.
+ */
+__weak uint8_t *env_aes_cbc_get_key(void)
+{
+ return NULL;
+}
+
+static int env_aes_cbc_crypt(env_t *env, const int enc)
+{
+ unsigned char *data = env->data;
+ uint8_t *key;
+ uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
+ uint32_t aes_blocks;
+
+ key = env_aes_cbc_get_key();
+ if (!key)
+ return -EINVAL;
+
+ /* First we expand the key. */
+ aes_expand_key(key, key_exp);
+
+ /* Calculate the number of AES blocks to encrypt. */
+ aes_blocks = ENV_SIZE / AES_KEY_LENGTH;
+
+ if (enc)
+ aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks);
+ else
+ aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks);
+
+ return 0;
+}
+#else
+static inline int env_aes_cbc_crypt(env_t *env, const int enc)
+{
+ return 0;
+}
+#endif
+
/*
* Check if CRC is valid and (if yes) import the environment.
* Note that "buf" may or may not be aligned.
int env_import(const char *buf, int check)
{
env_t *ep = (env_t *)buf;
+ int ret;
if (check) {
uint32_t crc;
}
}
- if (himport_r(&env_htab, (char *)ep->data, ENV_SIZE, '\0', 0,
+ /* Decrypt the env if desired. */
+ ret = env_aes_cbc_crypt(ep, 0);
+ if (ret) {
+ error("Failed to decrypt env!\n");
+ set_default_env("!import failed");
+ return ret;
+ }
+
+ if (himport_r(&env_htab, (char *)ep->data, ENV_SIZE, '\0', 0, 0,
0, NULL)) {
gd->flags |= GD_FLG_ENV_READY;
return 1;
return 0;
}
-#endif
+
+/* Emport the environment and generate CRC for it. */
+int env_export(env_t *env_out)
+{
+ char *res;
+ ssize_t len;
+ int ret;
+
+ res = (char *)env_out->data;
+ len = hexport_r(&env_htab, '\0', 0, &res, ENV_SIZE, 0, NULL);
+ if (len < 0) {
+ error("Cannot export environment: errno = %d\n", errno);
+ return 1;
+ }
+
+ /* Encrypt the env if desired. */
+ ret = env_aes_cbc_crypt(env_out, 1);
+ if (ret)
+ return ret;
+
+ env_out->crc = crc32(0, env_out->data, ENV_SIZE);
+
+ return 0;
+}
void env_relocate(void)
{