Commit 98dba2c3 authored by Marek Vasut's avatar Marek Vasut

mxssb: Don't explicitly supply IV to sb_aes_reinit

There is no need to pass the IV explicitly as another argument,
the function can pull this information from the image context.
Signed-off-by: Marek Vasut's avatarMarek Vasut <marex@denx.de>
parent a5c11e6c
...@@ -202,10 +202,12 @@ static int sb_aes_deinit(EVP_CIPHER_CTX *ctx) ...@@ -202,10 +202,12 @@ static int sb_aes_deinit(EVP_CIPHER_CTX *ctx)
return EVP_CIPHER_CTX_cleanup(ctx); return EVP_CIPHER_CTX_cleanup(ctx);
} }
static int sb_aes_reinit(struct sb_image_ctx *ictx, uint8_t *iv) static int sb_aes_reinit(struct sb_image_ctx *ictx)
{ {
int ret; int ret;
EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx; EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx;
struct sb_boot_image_header *sb_header = &ictx->payload;
uint8_t *iv = sb_header->iv;
ret = sb_aes_deinit(ctx); ret = sb_aes_deinit(ctx);
if (!ret) if (!ret)
...@@ -290,10 +292,10 @@ static time_t sb_get_timestamp(void) ...@@ -290,10 +292,10 @@ static time_t sb_get_timestamp(void)
return seconds_to_now - seconds_to_2000; return seconds_to_now - seconds_to_2000;
} }
static void sb_encrypt_sb_header(struct sb_image_ctx *ictx, static void sb_encrypt_sb_header(struct sb_image_ctx *ictx)
struct sb_boot_image_header *sb_header)
{ {
EVP_MD_CTX *md_ctx = &ictx->md_ctx; EVP_MD_CTX *md_ctx = &ictx->md_ctx;
struct sb_boot_image_header *sb_header = &ictx->payload;
uint8_t *sb_header_ptr = (uint8_t *)sb_header; uint8_t *sb_header_ptr = (uint8_t *)sb_header;
/* Encrypt the header, compute the digest. */ /* Encrypt the header, compute the digest. */
...@@ -368,8 +370,6 @@ static void sb_emit_data(uint8_t *image, size_t *offset, void *data, size_t len) ...@@ -368,8 +370,6 @@ static void sb_emit_data(uint8_t *image, size_t *offset, void *data, size_t len)
static int sb_create_image(struct sb_image_ctx *ictx) static int sb_create_image(struct sb_image_ctx *ictx)
{ {
struct sb_boot_image_header *sb_header = &ictx->payload;
/* Start image-wide crypto. */ /* Start image-wide crypto. */
EVP_MD_CTX_init(&ictx->md_ctx); EVP_MD_CTX_init(&ictx->md_ctx);
EVP_DigestInit(&ictx->md_ctx, EVP_sha1()); EVP_DigestInit(&ictx->md_ctx, EVP_sha1());
...@@ -378,7 +378,7 @@ static int sb_create_image(struct sb_image_ctx *ictx) ...@@ -378,7 +378,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
* SB image header. * SB image header.
*/ */
sb_aes_init(ictx, NULL); sb_aes_init(ictx, NULL);
sb_encrypt_sb_header(ictx, sb_header); sb_encrypt_sb_header(ictx);
/* /*
...@@ -392,7 +392,7 @@ static int sb_create_image(struct sb_image_ctx *ictx) ...@@ -392,7 +392,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
/* /*
* Key dictionary. * Key dictionary.
*/ */
sb_aes_reinit(ictx, sb_header->iv); sb_aes_reinit(ictx);
sb_encrypt_key_dictionary_key(ictx, sb_section_header_cbc_mac); sb_encrypt_key_dictionary_key(ictx, sb_section_header_cbc_mac);
...@@ -406,7 +406,7 @@ static int sb_create_image(struct sb_image_ctx *ictx) ...@@ -406,7 +406,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
while (sctx) { while (sctx) {
cctx = sctx->cmd; cctx = sctx->cmd;
sb_aes_reinit(ictx, sb_header->iv); sb_aes_reinit(ictx);
while (cctx) { while (cctx) {
ccmd = &cctx->payload; ccmd = &cctx->payload;
...@@ -414,7 +414,7 @@ static int sb_create_image(struct sb_image_ctx *ictx) ...@@ -414,7 +414,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
sb_encrypt_tag(ictx, cctx); sb_encrypt_tag(ictx, cctx);
if (ccmd->header.tag == ROM_TAG_CMD) { if (ccmd->header.tag == ROM_TAG_CMD) {
sb_aes_reinit(ictx, sb_header->iv); sb_aes_reinit(ictx);
} else if (ccmd->header.tag == ROM_LOAD_CMD) { } else if (ccmd->header.tag == ROM_LOAD_CMD) {
sb_aes_encrypt(ictx, cctx->data, cctx->data, cctx->length); sb_aes_encrypt(ictx, cctx->data, cctx->data, cctx->length);
EVP_DigestUpdate(&ictx->md_ctx, cctx->data, cctx->length); EVP_DigestUpdate(&ictx->md_ctx, cctx->data, cctx->length);
...@@ -429,7 +429,7 @@ static int sb_create_image(struct sb_image_ctx *ictx) ...@@ -429,7 +429,7 @@ static int sb_create_image(struct sb_image_ctx *ictx)
/* /*
* Dump the SHA1 of the whole image. * Dump the SHA1 of the whole image.
*/ */
sb_aes_reinit(ictx, sb_header->iv); sb_aes_reinit(ictx);
EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL); EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL);
sb_aes_encrypt(ictx, ictx->digest, ictx->digest, sizeof(ictx->digest)); sb_aes_encrypt(ictx, ictx->digest, ictx->digest, sizeof(ictx->digest));
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment