Commit 394afd3e authored by Marek Vasut's avatar Marek Vasut

mxssb: Properly add CBC-MAC IV field into image header

Do not abuse the start of image directly as the CBC-MAC IV, but
create separate overlaid field for this purpose.
Signed-off-by: Marek Vasut's avatarMarek Vasut <marex@denx.de>
parent 88395e16
......@@ -459,8 +459,6 @@ static void sb_emit_data(uint8_t *image, size_t *offset, void *data, size_t len)
static int sb_create_image(struct sb_boot_image_header *sb_header,
uint8_t **image)
{
uint8_t *sb_header_ptr = (uint8_t *)sb_header;
unsigned int i;
/* The currect offset in the SB image. */
......@@ -509,7 +507,7 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
struct sb_key_dictionary_key sb_dict_key;
memset(&sb_dict_key, 0, sizeof(sb_dict_key));
sb_aes_reinit(&cipher_ctx, sb_header_ptr);
sb_aes_reinit(&cipher_ctx, sb_header->iv);
sb_encrypt_key_dictionary_key(&cipher_ctx, &md_ctx,
&sb_dict_key, sb_section_header_cbc_mac);
......@@ -523,7 +521,7 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
struct sb_source_entry *src;
struct sb_source_entry *lst = sb_get_boot_list(target_cpu);
sb_aes_reinit(&cipher_ctx, sb_header_ptr);
sb_aes_reinit(&cipher_ctx, sb_header->iv);
for (i = 0; i < sb_get_boot_list_size(target_cpu); i++) {
src = &lst[i];
......@@ -533,7 +531,7 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
sizeof(struct sb_command));
if(src->tag == ROM_TAG_CMD) {
sb_aes_reinit(&cipher_ctx, sb_header_ptr);
sb_aes_reinit(&cipher_ctx, sb_header->iv);
} else if(src->tag == ROM_LOAD_CMD) {
sb_aes_encrypt(&cipher_ctx, src->payload, src->payload, src->length);
EVP_DigestUpdate(&md_ctx, src->payload, src->length);
......@@ -546,7 +544,7 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
*/
uint8_t digest[32];
sb_aes_reinit(&cipher_ctx, sb_header_ptr);
sb_aes_reinit(&cipher_ctx, sb_header->iv);
memset(digest, 0, sizeof(digest));
EVP_DigestFinal(&md_ctx, digest, NULL);
......
......@@ -34,7 +34,13 @@ struct sb_boot_image_version {
};
struct sb_boot_image_header {
uint8_t digest[20]; /* SHA1 of the header. */
union {
uint8_t digest[20]; /* SHA1 of the header. */
struct {
uint8_t iv[16]; /* CBC-MAC initialization vector. */
uint8_t extra[4];
};
};
uint8_t signature1[4]; /* 'STMP' */
uint8_t major_version; /* Major version of the image format. */
uint8_t minor_version; /* Minor version of the image format. */
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment