diff mbox series

[xfstests] fscrypt-crypt-util: fix KDF contexts for SM8650

Message ID 20250118072336.605023-1-ebiggers@kernel.org (mailing list archive)
State New
Headers show
Series [xfstests] fscrypt-crypt-util: fix KDF contexts for SM8650 | expand

Commit Message

Eric Biggers Jan. 18, 2025, 7:23 a.m. UTC
From: Eric Biggers <ebiggers@google.com>

Update the KDF contexts to match those actually used on SM8650.  This
turns out to be needed for the hardware-wrapped key tests generic/368
and generic/369 to pass on the SM8650 HDK (now that I have one to
actually test it).  Apparently the contexts changed between the
prototype version I tested a couple years ago and the final version.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 src/fscrypt-crypt-util.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


base-commit: dec8cfb46ba0f19d29d13412841f68ebf119a452

Comments

Eric Biggers Feb. 10, 2025, 8:40 p.m. UTC | #1
On Fri, Jan 17, 2025 at 11:23:36PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> Update the KDF contexts to match those actually used on SM8650.  This
> turns out to be needed for the hardware-wrapped key tests generic/368
> and generic/369 to pass on the SM8650 HDK (now that I have one to
> actually test it).  Apparently the contexts changed between the
> prototype version I tested a couple years ago and the final version.
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  src/fscrypt-crypt-util.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

Ping.  Zorro, could you apply this please?  Thanks!

- Eric
Zorro Lang Feb. 11, 2025, 4:06 a.m. UTC | #2
On Mon, Feb 10, 2025 at 12:40:39PM -0800, Eric Biggers wrote:
> On Fri, Jan 17, 2025 at 11:23:36PM -0800, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > Update the KDF contexts to match those actually used on SM8650.  This
> > turns out to be needed for the hardware-wrapped key tests generic/368
> > and generic/369 to pass on the SM8650 HDK (now that I have one to
> > actually test it).  Apparently the contexts changed between the
> > prototype version I tested a couple years ago and the final version.
> > 
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > ---
> >  src/fscrypt-crypt-util.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> Ping.  Zorro, could you apply this please?  Thanks!

Sure Eric. I don't have a hardware to give it a test, but other cases which
use fscrypt-crypt-util test passed. And I trust you much on this change, so

Reviewed-by: Zorro Lang <zlang@redhat.com>

> 
> - Eric
>
diff mbox series

Patch

diff --git a/src/fscrypt-crypt-util.c b/src/fscrypt-crypt-util.c
index 4dde1d4a..f51b3669 100644
--- a/src/fscrypt-crypt-util.c
+++ b/src/fscrypt-crypt-util.c
@@ -2278,21 +2278,21 @@  static void hw_kdf(const u8 *master_key, size_t master_key_size,
 static void derive_inline_encryption_key(const u8 *master_key,
 					 size_t master_key_size,
 					 u8 inlinecrypt_key[INLINECRYPT_KEY_SIZE])
 {
 	static const u8 ctx[36] =
-		"inline encryption key\0\0\0\0\0\0\x03\x43\0\x82\x50\0\0\0\0";
+		"inline encryption key\0\0\0\0\0\0\x02\x43\0\x82\x50\0\0\0\0";
 
 	hw_kdf(master_key, master_key_size, ctx, sizeof(ctx),
 	       inlinecrypt_key, INLINECRYPT_KEY_SIZE);
 }
 
 static void derive_sw_secret(const u8 *master_key, size_t master_key_size,
 			     u8 sw_secret[SW_SECRET_SIZE])
 {
 	static const u8 ctx[28] =
-		"raw secret\0\0\0\0\0\0\0\0\0\x03\x17\0\x80\x50\0\0\0\0";
+		"raw secret\0\0\0\0\0\0\0\0\0\x02\x17\0\x80\x50\0\0\0\0";
 
 	hw_kdf(master_key, master_key_size, ctx, sizeof(ctx),
 	       sw_secret, SW_SECRET_SIZE);
 }