[1/2] handlers: fix size of encrypted UBI image

Message ID	1517828774-1661-1-git-send-email-achille.fouilleul@gadz.org
State	Accepted
Headers	show Return-Path: <swupdate+bncBDJPL24HZQNRBLPV4DJQKGQEZ4LHMIA@googlegroups.com> Sender: swupdate@googlegroups.com MIME-Version: 1.0 Received-SPF: pass (google.com: domain of achille.fouilleul@gadz.org designates 2a00:1450:400c:c09::22f as permitted sender) client-ip=2a00:1450:400c:c09::22f; From: Achille Fouilleul <achille.fouilleul@gadz.org> To: swupdate@googlegroups.com Cc: Achille Fouilleul <achille.fouilleul@gadz.org> Subject: [swupdate] [PATCH 1/2] handlers: fix size of encrypted UBI image Date: Mon, 5 Feb 2018 12:06:13 +0100 Message-Id: <1517828774-1661-1-git-send-email-achille.fouilleul@gadz.org> Content-Type: text/plain; charset="UTF-8" Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com
Series	[1/2] handlers: fix size of encrypted UBI image \| expand [1/2] handlers: fix size of encrypted UBI image [2/2] cpio_utils: support compression of encrypted artifacts

Message ID

1517828774-1661-1-git-send-email-achille.fouilleul@gadz.org

State

Accepted

Headers

Sender: swupdate@googlegroups.com
MIME-Version: 1.0
Received-SPF: pass (google.com: domain of achille.fouilleul@gadz.org
	designates 2a00:1450:400c:c09::22f as permitted sender)
	client-ip=2a00:1450:400c:c09::22f; 
From: Achille Fouilleul <achille.fouilleul@gadz.org>
To: swupdate@googlegroups.com
Cc: Achille Fouilleul <achille.fouilleul@gadz.org>
Subject: [swupdate] [PATCH 1/2] handlers: fix size of encrypted UBI image
Date: Mon,  5 Feb 2018 12:06:13 +0100
Message-Id: <1517828774-1661-1-git-send-email-achille.fouilleul@gadz.org>
Content-Type: text/plain; charset="UTF-8"
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
	contact swupdate+owners@googlegroups.com

Series

[1/2] handlers: fix size of encrypted UBI image | expand

Comments

Stefano Babic Feb. 6, 2018, 10:58 a.m. UTC | #1

Hi Achille,

On 05/02/2018 12:06, Achille Fouilleul wrote:
> Signed-off-by: Achille Fouilleul <achille.fouilleul@gadz.org>
> ---
>  handlers/ubivol_handler.c | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/handlers/ubivol_handler.c b/handlers/ubivol_handler.c
> index 25ac837..8ba5958 100644
> --- a/handlers/ubivol_handler.c
> +++ b/handlers/ubivol_handler.c
> @@ -19,6 +19,7 @@
>  #include "handler.h"
>  #include "flash.h"
>  #include "util.h"
> +#include "sslapi.h"
>  
>  void ubi_handler(void);
>  
> @@ -43,6 +44,17 @@ static int update_volume(libubi_t libubi, struct img_type *img,
>  	char sbuf[128];
>  
>  	bytes = img->size;
> +	if (img->is_encrypted) {
> +		if (img->compressed) {
> +			ERROR("Decryption of compressed UBI images not supported");
> +			return -1;
> +		}
> +		if (bytes < AES_BLOCK_SIZE) {
> +			ERROR("Encrypted image size (%lld) too small", bytes);
> +			return -1;
> +		}
> +		bytes -= AES_BLOCK_SIZE;
> +	}
>  
>  	if (!libubi) {
>  		ERROR("Request to write into UBI, but no UBI on system");
> 

Acked-by: Stefano Babic <sbabic@denx.de>

Best regards,
Stefano Babic

diff --git a/handlers/ubivol_handler.c b/handlers/ubivol_handler.c
index 25ac837..8ba5958 100644
--- a/handlers/ubivol_handler.c
+++ b/handlers/ubivol_handler.c
@@ -19,6 +19,7 @@ 
 #include "handler.h"
 #include "flash.h"
 #include "util.h"
+#include "sslapi.h"
 
 void ubi_handler(void);
 
@@ -43,6 +44,17 @@  static int update_volume(libubi_t libubi, struct img_type *img,
 	char sbuf[128];
 
 	bytes = img->size;
+	if (img->is_encrypted) {
+		if (img->compressed) {
+			ERROR("Decryption of compressed UBI images not supported");
+			return -1;
+		}
+		if (bytes < AES_BLOCK_SIZE) {
+			ERROR("Encrypted image size (%lld) too small", bytes);
+			return -1;
+		}
+		bytes -= AES_BLOCK_SIZE;
+	}
 
 	if (!libubi) {
 		ERROR("Request to write into UBI, but no UBI on system");

[1/2] handlers: fix size of encrypted UBI image

Commit Message

Comments

Patch