From 076374c9b97d47b10ba5c6034817866c08d66ed4 Mon Sep 17 00:00:00 2001 From: Konstantin Porotchkin Date: Tue, 6 Nov 2018 18:10:33 +0200 Subject: [PATCH] fix: plat/marvell: a3700: Remove encryption password According to "openssl" manual: -K key The actual key to use: this must be represented as a string comprised only of hex digits. If only the key is specified, the IV must additionally specified using the -iv option. When both a key and a password are specified, the key given with the -K option will be used and the IV generated from the password will be taken. It does not make much sense to specify both key and password. This patch removes "-k 0" parameter from the encryption command since we are already using "-K" and "-iv" for the key and IV. Change-Id: Ia333cedaa3207e643c95d2ec7c229f50eeab96db Signed-off-by: Konstantin Porotchkin Reviewed-on: http://vgitil04.il.marvell.com:8080/60745 Reviewed-by: Igal Liberman Tested-by: iSoC Platform CI Reviewed-by: Sharon Habet --- plat/marvell/a3700/common/a3700_common.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plat/marvell/a3700/common/a3700_common.mk b/plat/marvell/a3700/common/a3700_common.mk index ff963949..387562bc 100644 --- a/plat/marvell/a3700/common/a3700_common.mk +++ b/plat/marvell/a3700/common/a3700_common.mk @@ -159,12 +159,12 @@ ifeq ($(MARVELL_SECURE_BOOT),1) @truncate -s %16 $(WTMI_MULTI_IMG) @openssl enc -aes-256-cbc -e -in $(WTMI_MULTI_IMG) \ -out $(WTMI_ENC_IMG) \ - -K `cat $(IMAGESPATH)/aes-256.txt` -k 0 -nosalt \ + -K `cat $(IMAGESPATH)/aes-256.txt` -nosalt \ -iv `cat $(IMAGESPATH)/iv.txt` -p @truncate -s %16 $(BUILD_PLAT)/$(BOOT_IMAGE); @openssl enc -aes-256-cbc -e -in $(BUILD_PLAT)/$(BOOT_IMAGE) \ -out $(BUILD_PLAT)/$(BOOT_ENC_IMAGE) \ - -K `cat $(IMAGESPATH)/aes-256.txt` -k 0 -nosalt \ + -K `cat $(IMAGESPATH)/aes-256.txt` -nosalt \ -iv `cat $(IMAGESPATH)/iv.txt` -p endif $(DOIMAGETOOL) $(DOIMAGE_FLAGS) -- 2.30.2