]> www.infradead.org Git - mtd-utils.git/commitdiff
projects / mtd-utils.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2651d8e)
mkfs.ubifs: Use correct sizes for keys and hash lengths
authorRichard Weinberger <richard@nod.at>
Thu, 18 Oct 2018 14:37:10 +0000 (16:37 +0200)
committerDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>
Thu, 1 Nov 2018 11:41:42 +0000 (12:41 +0100)
This works currently by chance since the sizes match, but
that might change with different cipher setups.

Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
ubifs-utils/mkfs.ubifs/crypto.c patch | blob | history
ubifs-utils/mkfs.ubifs/fscrypt.c patch | blob | history

diff --git a/ubifs-utils/mkfs.ubifs/crypto.c b/ubifs-utils/mkfs.ubifs/crypto.c
index ec414531e94a46d8dd9354998fe4b78c0eb182de..7d35ae7473bac9dc8fa51dca8ab350601f7d3693 100644 (file)
--- a/ubifs-utils/mkfs.ubifs/crypto.c
+++ b/ubifs-utils/mkfs.ubifs/crypto.c
@@ -119,7 +119,7 @@ static size_t gen_essiv_salt(const void *iv, size_t iv_len, const void *key, siz
                return -1;
        }
 
-       ret = do_encrypt(cipher, iv, iv_len, sha256, EVP_CIPHER_key_length(cipher), NULL, 0, salt);
+       ret = do_encrypt(cipher, iv, iv_len, sha256, EVP_MD_size(EVP_sha256()), NULL, 0, salt);
        if (ret != iv_len)
                errmsg("Unable to compute ESSIV salt, return value %zi instead of %zi", ret, iv_len);
 
diff --git a/ubifs-utils/mkfs.ubifs/fscrypt.c b/ubifs-utils/mkfs.ubifs/fscrypt.c
index 2fc0ae8b35098c076f48f7caad363de2cd3fa935..b9f9acc17c1748f8ebd9f450b2738ad0605789d6 100644 (file)
--- a/ubifs-utils/mkfs.ubifs/fscrypt.c
+++ b/ubifs-utils/mkfs.ubifs/fscrypt.c
@@ -31,7 +31,7 @@ unsigned char *calc_fscrypt_subkey(struct fscrypt_context *fctx)
        int ret;
        unsigned char *new_key = xmalloc(FS_MAX_KEY_SIZE);
 
-       ret = derive_key_aes(fctx->nonce, fscrypt_masterkey, FS_MAX_KEY_SIZE, new_key);
+       ret = derive_key_aes(fctx->nonce, fscrypt_masterkey, fscrypt_cipher->key_length, new_key);
        if (ret < 0) {
                err_msg("derive_key_aes failed: %i\n", ret);
 
@@ -202,7 +202,7 @@ static int load_master_key(const char *key_file, struct cipher *fsc)
                return -1;
        }
 
-       keysize = read(kf, fscrypt_masterkey, sizeof(fscrypt_masterkey));
+       keysize = read(kf, fscrypt_masterkey, fsc->key_length);
        if (keysize < 0) {
                sys_errmsg("read '%s'", key_file);
                goto fail;
Unnamed repository; edit this file 'description' to name the repository.