[PATCH 27/41] Drop #ifdef PKCS11 in set_aes_key
5 views
Skip to first unread message
Stefano Babic
Jul 22, 2025, 2:08:42 AM7/22/25
to swup...@googlegroups.com, Stefano Babic
The #ifdef here forbids to build with multiple crypto libraries. Rewrite
the function to detect if it is an AES key or a PKCS#11 URL, and
allocate the key on the heap to work for both cases.
Signed-off-by: Stefano Babic <stefan...@swupdate.org>
---
core/cpio_utils.c | 2 +-
core/util.c | 59 +++++++++++++++++++++++++++--------------------
include/util.h | 2 +-
3 files changed, 36 insertions(+), 27 deletions(-)
diff --git a/core/cpio_utils.c b/core/cpio_utils.c
index 1eeb7165..df08dd32 100644
--- a/core/cpio_utils.c
+++ b/core/cpio_utils.c
@@ -604,7 +604,7 @@ int copyfile(struct swupdate_copy *args)
}
if (args->encrypted) {
- aes_key = get_aes_key();
+ aes_key = (unsigned char *)get_aes_key();
if (args->imgivt && strlen(args->imgivt)) {
if (!is_hex_str(args->imgivt) || ascii_to_bin(ivtbuf, sizeof(ivtbuf), args->imgivt)) {
ERROR("Invalid image ivt");
diff --git a/core/util.c b/core/util.c
index c106a94e..9d87e04c 100644
--- a/core/util.c
+++ b/core/util.c
@@ -39,15 +39,12 @@
/*
* key is 256 bit for max aes_256
+ * or is a pkcs#11 URL
* keylen is the actual aes key length
* ivt is 128 bit
*/
struct decryption_key {
-#ifdef CONFIG_PKCS11
- char * key;
-#else
- unsigned char key[AES_256_KEY_LEN];
-#endif
+ char *key;
char keylen;
unsigned char ivt[AES_BLK_SIZE];
};
@@ -548,7 +545,7 @@ int load_decryption_key(char *fname)
return 0;
}
-unsigned char *get_aes_key(void) {
+char *get_aes_key(void) {
if (!aes_key)
return NULL;
return aes_key->key;
@@ -587,6 +584,7 @@ int set_aes_key(const char *key, const char *ivt)
{
int ret;
size_t keylen;
+ bool is_pkcs11 = false;
/*
* Allocates the global structure just once
@@ -603,28 +601,39 @@ int set_aes_key(const char *key, const char *ivt)
}
ret = ascii_to_bin(aes_key->ivt, sizeof(aes_key->ivt), ivt);
-#ifdef CONFIG_PKCS11
- keylen = strlen(key) + 1;
- aes_key->key = malloc(keylen);
+ keylen = strlen(key);
+
+ if (!strcmp("pkcs11", key)) {
+ is_pkcs11 = true;
+ aes_key->keylen = keylen;
+
+ } else {
+ switch (keylen) {
+ case AES_128_KEY_LEN * 2:
+ case AES_192_KEY_LEN * 2:
+ case AES_256_KEY_LEN * 2:
+ // valid hex string size for AES 128/192/256
+ aes_key->keylen = keylen / 2;
+ break;
+ default:
+ ERROR("Invalid aes_key length");
+ return -EINVAL;
+ }
+ }
+
+ if (aes_key->key)
+ free(aes_key->key);
+
+ aes_key->key = calloc(1, keylen + 1);
if (!aes_key->key)
return -ENOMEM;
- strncpy(aes_key->key, key, keylen);
-#else
- keylen = strlen(key);
- switch (keylen) {
- case AES_128_KEY_LEN * 2:
- case AES_192_KEY_LEN * 2:
- case AES_256_KEY_LEN * 2:
- // valid hex string size for AES 128/192/256
- aes_key->keylen = keylen / 2;
- break;
- default:
- ERROR("Invalid aes_key length");
- return -EINVAL;
+
+ if (is_pkcs11) {
+ strncpy(aes_key->key, key, keylen);
+ } else {
+ ret |= !is_hex_str(key);
+ ret |= ascii_to_bin((unsigned char *)aes_key->key, aes_key->keylen, key);
}
- ret |= !is_hex_str(key);
- ret |= ascii_to_bin(aes_key->key, aes_key->keylen, key);
-#endif
if (ret) {
ERROR("Invalid aes_key");
diff --git a/include/util.h b/include/util.h
index 04c5ea34..008ad79f 100644
--- a/include/util.h
+++ b/include/util.h
@@ -289,7 +289,7 @@ void set_fwenv_config(const char *fname);
/* Decryption key functions */
int load_decryption_key(char *fname);
-unsigned char *get_aes_key(void);
+char *get_aes_key(void);
char get_aes_keylen(void);
unsigned char *get_aes_ivt(void);
int set_aes_key(const char *key, const char *ivt);
--
2.43.0
the function to detect if it is an AES key or a PKCS#11 URL, and
allocate the key on the heap to work for both cases.
Signed-off-by: Stefano Babic <stefan...@swupdate.org>
---
core/cpio_utils.c | 2 +-
core/util.c | 59 +++++++++++++++++++++++++++--------------------
include/util.h | 2 +-
3 files changed, 36 insertions(+), 27 deletions(-)
diff --git a/core/cpio_utils.c b/core/cpio_utils.c
index 1eeb7165..df08dd32 100644
--- a/core/cpio_utils.c
+++ b/core/cpio_utils.c
@@ -604,7 +604,7 @@ int copyfile(struct swupdate_copy *args)
}
if (args->encrypted) {
- aes_key = get_aes_key();
+ aes_key = (unsigned char *)get_aes_key();
if (args->imgivt && strlen(args->imgivt)) {
if (!is_hex_str(args->imgivt) || ascii_to_bin(ivtbuf, sizeof(ivtbuf), args->imgivt)) {
ERROR("Invalid image ivt");
diff --git a/core/util.c b/core/util.c
index c106a94e..9d87e04c 100644
--- a/core/util.c
+++ b/core/util.c
@@ -39,15 +39,12 @@
/*
* key is 256 bit for max aes_256
+ * or is a pkcs#11 URL
* keylen is the actual aes key length
* ivt is 128 bit
*/
struct decryption_key {
-#ifdef CONFIG_PKCS11
- char * key;
-#else
- unsigned char key[AES_256_KEY_LEN];
-#endif
+ char *key;
char keylen;
unsigned char ivt[AES_BLK_SIZE];
};
@@ -548,7 +545,7 @@ int load_decryption_key(char *fname)
return 0;
}
-unsigned char *get_aes_key(void) {
+char *get_aes_key(void) {
if (!aes_key)
return NULL;
return aes_key->key;
@@ -587,6 +584,7 @@ int set_aes_key(const char *key, const char *ivt)
{
int ret;
size_t keylen;
+ bool is_pkcs11 = false;
/*
* Allocates the global structure just once
@@ -603,28 +601,39 @@ int set_aes_key(const char *key, const char *ivt)
}
ret = ascii_to_bin(aes_key->ivt, sizeof(aes_key->ivt), ivt);
-#ifdef CONFIG_PKCS11
- keylen = strlen(key) + 1;
- aes_key->key = malloc(keylen);
+ keylen = strlen(key);
+
+ if (!strcmp("pkcs11", key)) {
+ is_pkcs11 = true;
+ aes_key->keylen = keylen;
+
+ } else {
+ switch (keylen) {
+ case AES_128_KEY_LEN * 2:
+ case AES_192_KEY_LEN * 2:
+ case AES_256_KEY_LEN * 2:
+ // valid hex string size for AES 128/192/256
+ aes_key->keylen = keylen / 2;
+ break;
+ default:
+ ERROR("Invalid aes_key length");
+ return -EINVAL;
+ }
+ }
+
+ if (aes_key->key)
+ free(aes_key->key);
+
+ aes_key->key = calloc(1, keylen + 1);
if (!aes_key->key)
return -ENOMEM;
- strncpy(aes_key->key, key, keylen);
-#else
- keylen = strlen(key);
- switch (keylen) {
- case AES_128_KEY_LEN * 2:
- case AES_192_KEY_LEN * 2:
- case AES_256_KEY_LEN * 2:
- // valid hex string size for AES 128/192/256
- aes_key->keylen = keylen / 2;
- break;
- default:
- ERROR("Invalid aes_key length");
- return -EINVAL;
+
+ if (is_pkcs11) {
+ strncpy(aes_key->key, key, keylen);
+ } else {
+ ret |= !is_hex_str(key);
+ ret |= ascii_to_bin((unsigned char *)aes_key->key, aes_key->keylen, key);
}
- ret |= !is_hex_str(key);
- ret |= ascii_to_bin(aes_key->key, aes_key->keylen, key);
-#endif
if (ret) {
ERROR("Invalid aes_key");
diff --git a/include/util.h b/include/util.h
index 04c5ea34..008ad79f 100644
--- a/include/util.h
+++ b/include/util.h
@@ -289,7 +289,7 @@ void set_fwenv_config(const char *fname);
/* Decryption key functions */
int load_decryption_key(char *fname);
-unsigned char *get_aes_key(void);
+char *get_aes_key(void);
char get_aes_keylen(void);
unsigned char *get_aes_ivt(void);
int set_aes_key(const char *key, const char *ivt);
--
2.43.0
Stefano Babic
Jul 24, 2025, 9:22:23 AM7/24/25
to swup...@googlegroups.com, Stefano Babic, Michael Glembotzki
The #ifdef here forbids to build with multiple crypto libraries. Rewrite
the function to detect if it is an AES key or a PKCS#11 URL, and
allocate the key on the heap to work for both cases.
Signed-off-by: Stefano Babic <stefan...@swupdate.org>
Tested-by: Michael Glembotzki <Michael.G...@iris-sensing.com>
the function to detect if it is an AES key or a PKCS#11 URL, and
allocate the key on the heap to work for both cases.
Signed-off-by: Stefano Babic <stefan...@swupdate.org>
Reply all
Reply to author
Forward
0 new messages