projects / platform / kernel / u-boot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a6982a6)
fit: cipher: aes: allow to read the IV in the FIT image
authorPhilippe Reynes <philippe.reynes@softathome.com>
Thu, 17 Sep 2020 13:01:47 +0000 (15:01 +0200)
committerTom Rini <trini@konsulko.com>
Tue, 13 Oct 2020 01:30:38 +0000 (21:30 -0400)
This commit add the support in u-boot to read the IV
in the FIT image instead of u-boot device tree.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
common/image-cipher.c patch | blob | history

diff --git a/common/image-cipher.c b/common/image-cipher.c
index 09869f7..4ca9eec 100644 (file)
--- a/common/image-cipher.c
+++ b/common/image-cipher.c
@@ -94,9 +94,11 @@ static int fit_image_setup_decrypt(struct image_cipher_info *info,
                return -1;
        }
 
+       info->iv = fdt_getprop(fit, cipher_noffset, "iv", NULL);
        info->ivname = fdt_getprop(fit, cipher_noffset, "iv-name-hint", NULL);
-       if (!info->ivname) {
-               printf("Can't get IV name\n");
+
+       if (!info->iv && !info->ivname) {
+               printf("Can't get IV or IV name\n");
                return -1;
        }
 
@@ -120,8 +122,12 @@ static int fit_image_setup_decrypt(struct image_cipher_info *info,
         * Search the cipher node in the u-boot fdt
         * the path should be: /cipher/key-<algo>-<key>-<iv>
         */
-       snprintf(node_path, sizeof(node_path), "/%s/key-%s-%s-%s",
-                FIT_CIPHER_NODENAME, algo_name, info->keyname, info->ivname);
+       if (info->ivname)
+               snprintf(node_path, sizeof(node_path), "/%s/key-%s-%s-%s",
+                        FIT_CIPHER_NODENAME, algo_name, info->keyname, info->ivname);
+       else
+               snprintf(node_path, sizeof(node_path), "/%s/key-%s-%s",
+                        FIT_CIPHER_NODENAME, algo_name, info->keyname);
 
        noffset = fdt_path_offset(fdt, node_path);
        if (noffset < 0) {
@@ -137,10 +143,12 @@ static int fit_image_setup_decrypt(struct image_cipher_info *info,
        }
 
        /* read iv */
-       info->iv = fdt_getprop(fdt, noffset, "iv", NULL);
        if (!info->iv) {
-               printf("Can't get IV in cipher node '%s'\n", node_path);
-               return -1;
+               info->iv = fdt_getprop(fdt, noffset, "iv", NULL);
+               if (!info->iv) {
+                       printf("Can't get IV in cipher node '%s'\n", node_path);
+                       return -1;
+               }
        }
 
        return 0;
Domain: System / Kernel;