diff options
| author | Richard Weinberger <richard@nod.at> | 2018-10-18 16:36:50 +0200 |
|---|---|---|
| committer | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2018-11-01 12:38:52 +0100 |
| commit | da82ebd573055605f5266034271ca743db9f13f2 (patch) | |
| tree | 586fde3f5e6e71d59ae7b6647e9c49e9ca8b0216 /ubifs-utils | |
| parent | c17525f6fa07f38b32a7d6a37d8c19bf64205e95 (diff) | |
mkfs.ubifs: Pass source/dest key len to key derive function
fscrypto is using the max key lenth (64), so we cannot use the
AES-128-ECB len.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Diffstat (limited to 'ubifs-utils')
| -rw-r--r-- | ubifs-utils/mkfs.ubifs/crypto.c | 4 | ||||
| -rw-r--r-- | ubifs-utils/mkfs.ubifs/crypto.h | 2 | ||||
| -rw-r--r-- | ubifs-utils/mkfs.ubifs/mkfs.ubifs.c | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/ubifs-utils/mkfs.ubifs/crypto.c b/ubifs-utils/mkfs.ubifs/crypto.c index a20bd56..f249b49 100644 --- a/ubifs-utils/mkfs.ubifs/crypto.c +++ b/ubifs-utils/mkfs.ubifs/crypto.c @@ -277,7 +277,7 @@ ssize_t encrypt_aes256_cbc_cts(const void *plaintext, size_t size, } ssize_t derive_key_aes(const void *deriving_key, const void *source_key, - void *derived_key) + size_t source_key_len, void *derived_key) { const EVP_CIPHER *cipher; size_t aes_key_len; @@ -289,7 +289,7 @@ ssize_t derive_key_aes(const void *deriving_key, const void *source_key, } aes_key_len = EVP_CIPHER_key_length(cipher); - return do_encrypt(cipher, source_key, aes_key_len, deriving_key, + return do_encrypt(cipher, source_key, source_key_len, deriving_key, aes_key_len, NULL, 0, derived_key); } diff --git a/ubifs-utils/mkfs.ubifs/crypto.h b/ubifs-utils/mkfs.ubifs/crypto.h index 4e59700..5bff70f 100644 --- a/ubifs-utils/mkfs.ubifs/crypto.h +++ b/ubifs-utils/mkfs.ubifs/crypto.h @@ -57,7 +57,7 @@ ssize_t encrypt_aes256_cbc_cts(const void *plaintext, size_t size, const void *key, void *ciphertext); ssize_t derive_key_aes(const void *deriving_key, const void *source_key, - void *derived_key); + size_t source_key_len, void *derived_key); struct cipher *get_cipher(const char *name); diff --git a/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c b/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c index a43b2a1..c315e36 100644 --- a/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c +++ b/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c @@ -526,7 +526,7 @@ static unsigned char *calc_fscrypt_subkey(struct fscrypt_context *fctx) int ret; unsigned char *new_key = xmalloc(FS_MAX_KEY_SIZE); - ret = derive_key_aes(fctx->nonce, fscrypt_masterkey, new_key); + ret = derive_key_aes(fctx->nonce, fscrypt_masterkey, FS_MAX_KEY_SIZE, new_key); if (ret < 0) { err_msg("derive_key_aes failed: %i\n", ret); |