fix: plat/marvell: a3700: Remove encryption password

According to "openssl" manual: -K key The actual key to use: this must be represented as a string comprised only of hex digits. If only the key is specified, the IV must additionally specified using the -iv option. When both a key and a password are specified, the key given with the -K option will be used and the IV generated from the password will be taken. It does not make much sense to specify both key and password. This patch removes "-k 0" parameter from the encryption command since we are already using "-K" and "-iv" for the key and IV. Change-Id: Ia333cedaa3207e643c95d2ec7c229f50eeab96db Signed-off-by: Konstantin Porotchkin <kostap@marvell.com> Reviewed-on: http://vgitil04.il.marvell.com:8080/60745 Reviewed-by: Igal Liberman <igall@marvell.com> Tested-by: iSoC Platform CI <ykjenk@marvell.com> Reviewed-by: Sharon Habet <sharonh@marvell.com>
2018-11-06 18:10:33 +02:00 · 2018-11-06 18:10:33 +02:00 · 076374c9b9
parent a6febeab81
commit 076374c9b9
1 changed files with 2 additions and 2 deletions
--- a/plat/marvell/a3700/common/a3700_common.mk
+++ b/plat/marvell/a3700/common/a3700_common.mk
@ -159,12 +159,12 @@ ifeq ($(MARVELL_SECURE_BOOT),1)
 	@truncate -s %16 $(WTMI_MULTI_IMG)
 	@openssl enc -aes-256-cbc -e -in $(WTMI_MULTI_IMG) \
 	-out $(WTMI_ENC_IMG) \
-	-K `cat $(IMAGESPATH)/aes-256.txt` -k 0 -nosalt \
+	-K `cat $(IMAGESPATH)/aes-256.txt` -nosalt \
 	-iv `cat $(IMAGESPATH)/iv.txt` -p
 	@truncate -s %16 $(BUILD_PLAT)/$(BOOT_IMAGE);
 	@openssl enc -aes-256-cbc -e -in $(BUILD_PLAT)/$(BOOT_IMAGE) \
 	-out $(BUILD_PLAT)/$(BOOT_ENC_IMAGE) \
-	-K `cat $(IMAGESPATH)/aes-256.txt` -k 0 -nosalt \
+	-K `cat $(IMAGESPATH)/aes-256.txt` -nosalt \
 	-iv `cat $(IMAGESPATH)/iv.txt` -p
 endif
 	$(DOIMAGETOOL) $(DOIMAGE_FLAGS)