A mirror of http://git.infradead.org/mtd-utils.git https://git.infraroot.at/mtd-utils.git/atom?h=v2.3.1 2024-11-11T09:32:45+00:00 2024-11-11T09:32:45+00:00 Zhihao Cheng chengzhihao1@huawei.com 2024-11-11T08:36:32+00:00 urn:sha1:e7e19cd9d8cc0f54ca463c4aebf7c4ef5e4f84f8 Split common source files into common dir from mkfs.ubifs, this is a preparation for importing libubifs(from linux kernel) to replace current UBIFS libs. Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2019-11-10T14:29:59+00:00 David Oberhollenzer david.oberhollenzer@sigma-star.at 2019-11-10T12:37:20+00:00 urn:sha1:64255d88391b8a531f0d358e22bdf12c0c79cd5d Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2019-11-10T13:22:53+00:00 David Oberhollenzer david.oberhollenzer@sigma-star.at 2019-11-10T13:17:33+00:00 urn:sha1:46c16855b1bed2704549d834acd2e9812ff3bf1e What originally cought my attention was that gen_essiv_salt has a size_t return type and error paths that return -1 on failure. Further investigation revealed that the error value is never checked for. The encrypt_block function doesn't use the return value in any way and simply continues onward. Furthermore, the gen_essiv_salt function has an error case that emits an error message but returns success state. This patch modifes gen_essiv_salt to return an error status in all error branches, changes the return type to ssize_t and adds a check to encrypt_block if gen_essiv_salt fails. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2018-11-09T13:24:39+00:00 Richard Weinberger richard@nod.at 2018-11-07T20:21:07+00:00 urn:sha1:9ddc6f08c9ecd0a6328ffbef3c444e0a00b2768a We need to check for AES being in 128-cbc mode and not 256-cbc. fscrypt supports only 128-cbc and 256-xts so far. Signed-off-by: Richard Weinberger <richard@nod.at> Tested-by: Heiko Schocher <hsdenx.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2018-11-01T11:42:25+00:00 Richard Weinberger richard@nod.at 2018-10-18T14:37:15+00:00 urn:sha1:13eef731cf3911e5a60891a236d69ce4802e5326 Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2018-11-01T11:42:01+00:00 Richard Weinberger richard@nod.at 2018-10-18T14:37:12+00:00 urn:sha1:9c8caf5aca7527235afcbbb813e9bf490a239dee ...if none is given. To be compatible with fscryptctl. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2018-11-01T11:41:54+00:00 Richard Weinberger richard@nod.at 2018-10-18T14:37:11+00:00 urn:sha1:922a6e998538a1ea57682d0d3373cb4d19e9dc02 In XTS mode we don't need ESSIV, just use the block number as tweak. Also apply EVP_EncryptFinal(). Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2018-11-01T11:41:42+00:00 Richard Weinberger richard@nod.at 2018-10-18T14:37:10+00:00 urn:sha1:c573dc0021310e1956da638ecf654d65043a42ca This works currently by chance since the sizes match, but that might change with different cipher setups. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2018-11-01T11:41:34+00:00 Richard Weinberger richard@nod.at 2018-10-18T14:37:09+00:00 urn:sha1:2651d8e09509a7614a66a25e6489d943fd93376b No longer hard code AES-128-CBC, we support AES-256-XTS too. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2018-11-01T11:41:25+00:00 Richard Weinberger richard@nod.at 2018-10-18T14:37:08+00:00 urn:sha1:d9421785a18fdfae0ada62ecbfcbbdd28c4e0fde The key length can be very long, for example in xts mode. So we have to use the right sizes for block and iv lengths. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>