env: Implement support for encrypting environment
Add function which allows encrypting the whole environment block with
AES-128-CBC. The key for the environment is retrieved by
env_aes_cbc_get_key() function, which must be implemented on a per-board
basis.
Signed-off-by: Marek Vasut <marex@denx.de>
diff --git a/include/environment.h b/include/environment.h
index f797595..08679aea 100644
--- a/include/environment.h
+++ b/include/environment.h
@@ -146,7 +146,12 @@
extern char *env_name_spec;
#endif
+#ifdef CONFIG_ENV_AES
+/* Make sure the payload is multiple of AES block size */
+#define ENV_SIZE ((CONFIG_ENV_SIZE - ENV_HEADER_SIZE) & ~(16 - 1))
+#else
#define ENV_SIZE (CONFIG_ENV_SIZE - ENV_HEADER_SIZE)
+#endif
typedef struct environment_s {
uint32_t crc; /* CRC32 over data bytes */
@@ -154,7 +159,12 @@
unsigned char flags; /* active/obsolete flags */
#endif
unsigned char data[ENV_SIZE]; /* Environment data */
-} env_t;
+} env_t
+#ifdef CONFIG_ENV_AES
+/* Make sure the env is aligned to block size. */
+__attribute__((aligned(16)))
+#endif
+;
#ifdef ENV_IS_EMBEDDED
extern env_t environment;