From da82ebd573055605f5266034271ca743db9f13f2 Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Thu, 18 Oct 2018 16:36:50 +0200
Subject: mkfs.ubifs: Pass source/dest key len to key derive function

fscrypto is using the max key lenth (64), so we cannot use the
AES-128-ECB len.

Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
---
 ubifs-utils/mkfs.ubifs/crypto.c     | 4 ++--
 ubifs-utils/mkfs.ubifs/crypto.h     | 2 +-
 ubifs-utils/mkfs.ubifs/mkfs.ubifs.c | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'ubifs-utils')

diff --git a/ubifs-utils/mkfs.ubifs/crypto.c b/ubifs-utils/mkfs.ubifs/crypto.c
index a20bd56..f249b49 100644
--- a/ubifs-utils/mkfs.ubifs/crypto.c
+++ b/ubifs-utils/mkfs.ubifs/crypto.c
@@ -277,7 +277,7 @@ ssize_t encrypt_aes256_cbc_cts(const void *plaintext, size_t size,
 }
 
 ssize_t derive_key_aes(const void *deriving_key, const void *source_key,
-		       void *derived_key)
+		       size_t source_key_len, void *derived_key)
 {
 	const EVP_CIPHER *cipher;
 	size_t aes_key_len;
@@ -289,7 +289,7 @@ ssize_t derive_key_aes(const void *deriving_key, const void *source_key,
 	}
 	aes_key_len = EVP_CIPHER_key_length(cipher);
 
-	return do_encrypt(cipher, source_key, aes_key_len, deriving_key,
+	return do_encrypt(cipher, source_key, source_key_len, deriving_key,
 			  aes_key_len, NULL, 0, derived_key);
 }
 
diff --git a/ubifs-utils/mkfs.ubifs/crypto.h b/ubifs-utils/mkfs.ubifs/crypto.h
index 4e59700..5bff70f 100644
--- a/ubifs-utils/mkfs.ubifs/crypto.h
+++ b/ubifs-utils/mkfs.ubifs/crypto.h
@@ -57,7 +57,7 @@ ssize_t encrypt_aes256_cbc_cts(const void *plaintext, size_t size,
 			       const void *key, void *ciphertext);
 
 ssize_t derive_key_aes(const void *deriving_key, const void *source_key,
-		       void *derived_key);
+		       size_t source_key_len, void *derived_key);
 
 
 struct cipher *get_cipher(const char *name);
diff --git a/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c b/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
index a43b2a1..c315e36 100644
--- a/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
+++ b/ubifs-utils/mkfs.ubifs/mkfs.ubifs.c
@@ -526,7 +526,7 @@ static unsigned char *calc_fscrypt_subkey(struct fscrypt_context *fctx)
 	int ret;
 	unsigned char *new_key = xmalloc(FS_MAX_KEY_SIZE);
 
-	ret = derive_key_aes(fctx->nonce, fscrypt_masterkey, new_key);
+	ret = derive_key_aes(fctx->nonce, fscrypt_masterkey, FS_MAX_KEY_SIZE, new_key);
 	if (ret < 0) {
 		err_msg("derive_key_aes failed: %i\n", ret);
 
-- 
cgit v1.2.3