summaryrefslogtreecommitdiff
path: root/ubifs-utils/mkfs.ubifs
diff options
context:
space:
mode:
authorRichard Weinberger <richard@nod.at>2018-10-18 16:36:50 +0200
committerDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2018-11-01 12:38:52 +0100
commitda82ebd573055605f5266034271ca743db9f13f2 (patch)
tree586fde3f5e6e71d59ae7b6647e9c49e9ca8b0216 /ubifs-utils/mkfs.ubifs
parentc17525f6fa07f38b32a7d6a37d8c19bf64205e95 (diff)
mkfs.ubifs: Pass source/dest key len to key derive function
fscrypto is using the max key lenth (64), so we cannot use the AES-128-ECB len. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Diffstat (limited to 'ubifs-utils/mkfs.ubifs')
-rw-r--r--ubifs-utils/mkfs.ubifs/crypto.c4
-rw-r--r--ubifs-utils/mkfs.ubifs/crypto.h2
-rw-r--r--ubifs-utils/mkfs.ubifs/mkfs.ubifs.c2
3 files changed, 4 insertions, 4 deletions
diff --git a/ubifs-utils/mkfs.ubifs/crypto.c b/ubifs-utils/mkfs.ubifs/crypto.c
index a20bd56..f249b49 100644
--- a/ubifs-utils/mkfs.ubifs/crypto.c
+++ b/ubifs-utils/mkfs.ubifs/crypto.c
@@ -277,7 +277,7 @@ ssize_t encrypt_aes256_cbc_cts(const void *plaintext, size_t size,
}
ssize_t derive_key_aes(const void *deriving_key, const void *source_key,
- void *derived_key)
+ size_t source_key_len, void *derived_key)
{
const EVP_CIPHER *cipher;
size_t aes_key_len;
@@ -289,7 +289,7 @@ ssize_t derive_key_aes(const void *deriving_key, const void *source_key,
}
aes_key_len = EVP_CIPHER_key_length(cipher);
- return do_encrypt(cipher, source_key, aes_key_len, deriving_key,
+ return do_encrypt(cipher, source_key, source_key_len, deriving_key,
aes_key_len, NULL, 0, derived_key);
}
diff --git a/ubifs-utils/mkfs.ubifs/crypto.h b/ubifs-utils/mkfs.ubifs/crypto.h
index 4e59700..5bff70f 100644
--- a/ubifs-utils/mkfs.ubifs/crypto.h
+++ b/ubifs-utils/mkfs.ubifs/crypto.h
@@ -57,7 +57,7 @@ ssize_t encrypt_aes256_cbc_cts(const void *plaintext, size_t size,
const void *key, void *ciphertext);
ssize_t derive_key_aes(const void *deriving_key, const void *source_key,
- void *derived_key);
+ size_t source_key_len, void *derived_key);
struct cipher *get_cipher(const char *name);
diff --git a/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c b/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
index a43b2a1..c315e36 100644
--- a/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
+++ b/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
@@ -526,7 +526,7 @@ static unsigned char *calc_fscrypt_subkey(struct fscrypt_context *fctx)
int ret;
unsigned char *new_key = xmalloc(FS_MAX_KEY_SIZE);
- ret = derive_key_aes(fctx->nonce, fscrypt_masterkey, new_key);
+ ret = derive_key_aes(fctx->nonce, fscrypt_masterkey, FS_MAX_KEY_SIZE, new_key);
if (ret < 0) {
err_msg("derive_key_aes failed: %i\n", ret);