Commit 98dba2c3 authored by Marek Vasut's avatar Marek Vasut

mxssb: Don't explicitly supply IV to sb_aes_reinit

There is no need to pass the IV explicitly as another argument,
the function can pull this information from the image context.
Signed-off-by: Marek Vasut's avatarMarek Vasut <marex@denx.de>
parent a5c11e6c
......@@ -202,10 +202,12 @@ static int sb_aes_deinit(EVP_CIPHER_CTX *ctx)
return EVP_CIPHER_CTX_cleanup(ctx);
}
static int sb_aes_reinit(struct sb_image_ctx *ictx, uint8_t *iv)
static int sb_aes_reinit(struct sb_image_ctx *ictx)
{
int ret;
EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx;
struct sb_boot_image_header *sb_header = &ictx->payload;
uint8_t *iv = sb_header->iv;
ret = sb_aes_deinit(ctx);
if (!ret)
......@@ -290,10 +292,10 @@ static time_t sb_get_timestamp(void)
return seconds_to_now - seconds_to_2000;
}
static void sb_encrypt_sb_header(struct sb_image_ctx *ictx,
struct sb_boot_image_header *sb_header)
static void sb_encrypt_sb_header(struct sb_image_ctx *ictx)
{
EVP_MD_CTX *md_ctx = &ictx->md_ctx;
struct sb_boot_image_header *sb_header = &ictx->payload;
uint8_t *sb_header_ptr = (uint8_t *)sb_header;
/* Encrypt the header, compute the digest. */
......@@ -368,8 +370,6 @@ static void sb_emit_data(uint8_t *image, size_t *offset, void *data, size_t len)
static int sb_create_image(struct sb_image_ctx *ictx)
{
struct sb_boot_image_header *sb_header = &ictx->payload;
/* Start image-wide crypto. */
EVP_MD_CTX_init(&ictx->md_ctx);
EVP_DigestInit(&ictx->md_ctx, EVP_sha1());
......@@ -378,7 +378,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
* SB image header.
*/
sb_aes_init(ictx, NULL);
sb_encrypt_sb_header(ictx, sb_header);
sb_encrypt_sb_header(ictx);
/*
......@@ -392,7 +392,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
/*
* Key dictionary.
*/
sb_aes_reinit(ictx, sb_header->iv);
sb_aes_reinit(ictx);
sb_encrypt_key_dictionary_key(ictx, sb_section_header_cbc_mac);
......@@ -406,7 +406,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
while (sctx) {
cctx = sctx->cmd;
sb_aes_reinit(ictx, sb_header->iv);
sb_aes_reinit(ictx);
while (cctx) {
ccmd = &cctx->payload;
......@@ -414,7 +414,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
sb_encrypt_tag(ictx, cctx);
if (ccmd->header.tag == ROM_TAG_CMD) {
sb_aes_reinit(ictx, sb_header->iv);
sb_aes_reinit(ictx);
} else if (ccmd->header.tag == ROM_LOAD_CMD) {
sb_aes_encrypt(ictx, cctx->data, cctx->data, cctx->length);
EVP_DigestUpdate(&ictx->md_ctx, cctx->data, cctx->length);
......@@ -429,7 +429,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
/*
* Dump the SHA1 of the whole image.
*/
sb_aes_reinit(ictx, sb_header->iv);
sb_aes_reinit(ictx);
EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL);
sb_aes_encrypt(ictx, ictx->digest, ictx->digest, sizeof(ictx->digest));
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment