diff options
author | Konstantin Porotchkin <kostap@marvell.com> | 2018-11-06 18:10:33 +0200 |
---|---|---|
committer | Kostya Porotchkin <kostap@marvell.com> | 2018-11-07 14:30:47 +0200 |
commit | f13d6bafc843b2dfba48f584d3ead450c2068aa2 (patch) | |
tree | 991921d119543657d6fe463252ca35661cdf1904 | |
parent | f76092b1d1fd90935d407ebb353e079f4398b618 (diff) |
fix: plat/marvell: a3700: Remove encryption password
According to "openssl" manual:
-K key
The actual key to use: this must be represented as a string
comprised only of hex digits. If only the key is specified,
the IV must additionally specified using the -iv option.
When both a key and a password are specified, the key given
with the -K option will be used and the IV generated from the
password will be taken.
It does not make much sense to specify both key and password.
This patch removes "-k 0" parameter from the encryption command
since we are already using "-K" and "-iv" for the key and IV.
Change-Id: Ia333cedaa3207e643c95d2ec7c229f50eeab96db
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-on: http://vgitil04.il.marvell.com:8080/60745
Reviewed-by: Igal Liberman <igall@marvell.com>
Tested-by: iSoC Platform CI <ykjenk@marvell.com>
Reviewed-by: Sharon Habet <sharonh@marvell.com>
-rw-r--r-- | plat/marvell/a3700/common/a3700_common.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/plat/marvell/a3700/common/a3700_common.mk b/plat/marvell/a3700/common/a3700_common.mk index 2e26fd3a..c6e96018 100644 --- a/plat/marvell/a3700/common/a3700_common.mk +++ b/plat/marvell/a3700/common/a3700_common.mk @@ -164,12 +164,12 @@ ifeq ($(MARVELL_SECURE_BOOT),1) @truncate -s %16 $(WTMI_MULTI_IMG) @openssl enc -aes-256-cbc -e -in $(WTMI_MULTI_IMG) \ -out $(WTMI_ENC_IMG) \ - -K `cat $(IMAGESPATH)/aes-256.txt` -k 0 -nosalt \ + -K `cat $(IMAGESPATH)/aes-256.txt` -nosalt \ -iv `cat $(IMAGESPATH)/iv.txt` -p @truncate -s %16 $(BUILD_PLAT)/$(BOOT_IMAGE); @openssl enc -aes-256-cbc -e -in $(BUILD_PLAT)/$(BOOT_IMAGE) \ -out $(BUILD_PLAT)/$(BOOT_ENC_IMAGE) \ - -K `cat $(IMAGESPATH)/aes-256.txt` -k 0 -nosalt \ + -K `cat $(IMAGESPATH)/aes-256.txt` -nosalt \ -iv `cat $(IMAGESPATH)/iv.txt` -p endif $(DOIMAGETOOL) $(DOIMAGE_FLAGS) |