diff options
author | Konstantin Porotchkin <kostap@marvell.com> | 2018-11-06 18:10:33 +0200 |
---|---|---|
committer | Konstantin Porotchkin <kostap@marvell.com> | 2018-11-15 11:29:58 +0200 |
commit | 076374c9b97d47b10ba5c6034817866c08d66ed4 (patch) | |
tree | b54b2c26e47b65795bf5e2085030f7b37aff75ac /plat/marvell | |
parent | a6febeab812269d68ac4dae3e0e6c2adb88fb2aa (diff) |
fix: plat/marvell: a3700: Remove encryption password
According to "openssl" manual:
-K key
The actual key to use: this must be represented as a string
comprised only of hex digits. If only the key is specified,
the IV must additionally specified using the -iv option.
When both a key and a password are specified, the key given
with the -K option will be used and the IV generated from the
password will be taken.
It does not make much sense to specify both key and password.
This patch removes "-k 0" parameter from the encryption command
since we are already using "-K" and "-iv" for the key and IV.
Change-Id: Ia333cedaa3207e643c95d2ec7c229f50eeab96db
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-on: http://vgitil04.il.marvell.com:8080/60745
Reviewed-by: Igal Liberman <igall@marvell.com>
Tested-by: iSoC Platform CI <ykjenk@marvell.com>
Reviewed-by: Sharon Habet <sharonh@marvell.com>
Diffstat (limited to 'plat/marvell')
-rw-r--r-- | plat/marvell/a3700/common/a3700_common.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/plat/marvell/a3700/common/a3700_common.mk b/plat/marvell/a3700/common/a3700_common.mk index ff963949..387562bc 100644 --- a/plat/marvell/a3700/common/a3700_common.mk +++ b/plat/marvell/a3700/common/a3700_common.mk @@ -159,12 +159,12 @@ ifeq ($(MARVELL_SECURE_BOOT),1) @truncate -s %16 $(WTMI_MULTI_IMG) @openssl enc -aes-256-cbc -e -in $(WTMI_MULTI_IMG) \ -out $(WTMI_ENC_IMG) \ - -K `cat $(IMAGESPATH)/aes-256.txt` -k 0 -nosalt \ + -K `cat $(IMAGESPATH)/aes-256.txt` -nosalt \ -iv `cat $(IMAGESPATH)/iv.txt` -p @truncate -s %16 $(BUILD_PLAT)/$(BOOT_IMAGE); @openssl enc -aes-256-cbc -e -in $(BUILD_PLAT)/$(BOOT_IMAGE) \ -out $(BUILD_PLAT)/$(BOOT_ENC_IMAGE) \ - -K `cat $(IMAGESPATH)/aes-256.txt` -k 0 -nosalt \ + -K `cat $(IMAGESPATH)/aes-256.txt` -nosalt \ -iv `cat $(IMAGESPATH)/iv.txt` -p endif $(DOIMAGETOOL) $(DOIMAGE_FLAGS) |