Commit b8baf3b0 authored by Marek Vasut's avatar Marek Vasut
Browse files

mxssb: Add image key readback during verification

When verifying the image, read the key from the image instead of expecting
a zero key. The FSL tool, even if explicitly told to use zero key, uses a
random key.
Signed-off-by: Marek Vasut's avatarMarek Vasut <>
parent 502a46ec
......@@ -264,6 +264,15 @@ static void sb_encrypt_key_dictionary_key(struct sb_image_ctx *ictx)
EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key));
static void sb_decrypt_key_dictionary_key(struct sb_image_ctx *ictx)
EVP_MD_CTX *md_ctx = &ictx->md_ctx;
EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key));
sb_aes_crypt(ictx, ictx->sb_dict_key.key, image_key,
static void sb_encrypt_tag(struct sb_image_ctx *ictx,
struct sb_cmd_ctx *cctx)
......@@ -1629,23 +1638,15 @@ static int sb_verify_sections_cmds(struct sb_image_ctx *ictx, FILE *fp)
struct sb_key_dictionary_key key;
size = fread(&key, 1, sizeof(key), fp);
if (size != sizeof(key)) {
size = fread(&ictx->sb_dict_key, 1, sizeof(ictx->sb_dict_key), fp);
if (size != sizeof(ictx->sb_dict_key)) {
fprintf(stderr, "ERR: SB key dictionary too short!\n");
return -EINVAL;
sb_aes_reinit(ictx, 1);
if (memcmp(&key, &ictx->sb_dict_key, sizeof(key))) {
"ERR: Key dict entry for section header is invalid!\n");
return -EINVAL;
sb_aes_reinit(ictx, 0);
sb_aes_reinit(ictx, 0);
......@@ -1672,7 +1673,7 @@ static int sb_verify_sections_cmds(struct sb_image_ctx *ictx, FILE *fp)
ret = sb_verify_commands(ictx, sctx, fp);
if (ret)
goto exit;
return ret;
sctx = sctx->sect;
......@@ -1681,8 +1682,6 @@ static int sb_verify_sections_cmds(struct sb_image_ctx *ictx, FILE *fp)
* check if the first TAG command is at sctx->section_offset
sb_aes_reinit(ictx, 1);
return 0;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment