env: Remove CONFIG_ENV_AES support

This support has been deprecated since v2017.09 due to security issues. We now remove this support. Signed-off-by: Tom Rini <trini@konsulko.com>

env: Remove CONFIG_ENV_AES support
This support has been deprecated since v2017.09 due to security issues. We now remove this support. Signed-off-by: Tom Rini <trini@konsulko.com>
Tom Rini
1 parent 042de609ed
Showing 8 changed files with 2 additions and 180 deletions Side-by-side Diff
env/Kconfig
env/common.c
include/environment.h
tools/env/Makefile
tools/env/aes.c
tools/env/fw_env.c
tools/env/fw_env.h
tools/env/fw_env_main.c
@@ -360,14 +360,6 @@
  
 endchoice
  
-config ENV_AES
-	bool "AES-128 encryption for stored environment (DEPRECATED)"
-	help
-	  Enable this to have the on-device stored environment be encrypted
-	  with AES-128.  The implementation here however has security
-	  complications and is not recommended for use.  Please see
-	  CVE-2017-3225 and CVE-2017-3226 for more details.
-
 config ENV_FAT_INTERFACE
 	string "Name of the block device for the environment"
 	depends on ENV_IS_IN_FAT
@@ -103,52 +103,6 @@
 				H_NOCLEAR | H_INTERACTIVE, 0, nvars, vars);
 }
  
-#ifdef CONFIG_ENV_AES
-#include <uboot_aes.h>
-/**
- * env_aes_cbc_get_key() - Get AES-128-CBC key for the environment
- *
- * This function shall return 16-byte array containing AES-128 key used
- * to encrypt and decrypt the environment. This function must be overridden
- * by the implementer as otherwise the environment encryption will not
- * work.
- */
-__weak uint8_t *env_aes_cbc_get_key(void)
-{
-	return NULL;
-}
-
-static int env_aes_cbc_crypt(env_t *env, const int enc)
-{
-	unsigned char *data = env->data;
-	uint8_t *key;
-	uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
-	uint32_t aes_blocks;
-
-	key = env_aes_cbc_get_key();
-	if (!key)
-		return -EINVAL;
-
-	/* First we expand the key. */
-	aes_expand_key(key, key_exp);
-
-	/* Calculate the number of AES blocks to encrypt. */
-	aes_blocks = ENV_SIZE / AES_KEY_LENGTH;
-
-	if (enc)
-		aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks);
-	else
-		aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks);
-
-	return 0;
-}
-#else
-static inline int env_aes_cbc_crypt(env_t *env, const int enc)
-{
-	return 0;
-}
-#endif
-
 /*
  * Check if CRC is valid and (if yes) import the environment.
  * Note that "buf" may or may not be aligned.
@@ -156,7 +110,6 @@
 int env_import(const char *buf, int check)
 {
 	env_t *ep = (env_t *)buf;
-	int ret;
  
 	if (check) {
 		uint32_t crc;
@@ -169,14 +122,6 @@
 		}
 	}
  
-	/* Decrypt the env if desired. */
-	ret = env_aes_cbc_crypt(ep, 0);
-	if (ret) {
-		pr_err("Failed to decrypt env!\n");
-		set_default_env("!import failed");
-		return ret;
-	}
-
 	if (himport_r(&env_htab, (char *)ep->data, ENV_SIZE, '\0', 0, 0,
 			0, NULL)) {
 		gd->flags |= GD_FLG_ENV_READY;
@@ -242,7 +187,6 @@
 {
 	char *res;
 	ssize_t	len;
-	int ret;
  
 	res = (char *)env_out->data;
 	len = hexport_r(&env_htab, '\0', 0, &res, ENV_SIZE, 0, NULL);
@@ -250,11 +194,6 @@
 		pr_err("Cannot export environment: errno = %d\n", errno);
 		return 1;
 	}
-
-	/* Encrypt the env if desired. */
-	ret = env_aes_cbc_crypt(env_out, 1);
-	if (ret)
-		return ret;
  
 	env_out->crc = crc32(0, env_out->data, ENV_SIZE);
  
@@ -143,12 +143,7 @@
 # define ENV_HEADER_SIZE	(sizeof(uint32_t))
 #endif
  
-#ifdef CONFIG_ENV_AES
-/* Make sure the payload is multiple of AES block size */
-#define ENV_SIZE ((CONFIG_ENV_SIZE - ENV_HEADER_SIZE) & ~(16 - 1))
-#else
 #define ENV_SIZE (CONFIG_ENV_SIZE - ENV_HEADER_SIZE)
-#endif
  
 typedef struct environment_s {
 	uint32_t	crc;		/* CRC32 over data bytes	*/
@@ -156,12 +151,7 @@
 	unsigned char	flags;		/* active/obsolete flags	*/
 #endif
 	unsigned char	data[ENV_SIZE]; /* Environment data		*/
-} env_t
-#ifdef CONFIG_ENV_AES
-/* Make sure the env is aligned to block size. */
-__attribute__((aligned(16)))
-#endif
-;
+} env_t;
  
 #ifdef ENV_IS_EMBEDDED
 extern env_t environment;
@@ -25,7 +25,7 @@
  
 lib-y += fw_env.o \
 	crc32.o ctype.o linux_string.o \
-	env_attr.o env_flags.o aes.o
+	env_attr.o env_flags.o
  
 fw_printenv-objs := fw_env_main.o $(lib-y)
  
-#include "../../lib/aes.c"
@@ -111,8 +111,6 @@
 	.flag_scheme = FLAG_NONE,
 };
  
-static int env_aes_cbc_crypt(char *data, const int enc, uint8_t *key);
-
 static int HaveRedundEnv = 0;
  
 static unsigned char active_flag = 1;
@@ -217,34 +215,6 @@
 	return NULL;
 }
  
-int parse_aes_key(char *key, uint8_t *bin_key)
-{
-	char tmp[5] = { '0', 'x', 0, 0, 0 };
-	unsigned long ul;
-	int i;
-
-	if (strnlen(key, 64) != 32) {
-		fprintf(stderr,
-			"## Error: '-a' option requires 16-byte AES key\n");
-		return -1;
-	}
-
-	for (i = 0; i < 16; i++) {
-		tmp[2] = key[0];
-		tmp[3] = key[1];
-		errno = 0;
-		ul = strtoul(tmp, NULL, 16);
-		if (errno) {
-			fprintf(stderr,
-				"## Error: '-a' option requires valid AES key\n");
-			return -1;
-		}
-		bin_key[i] = ul & 0xff;
-		key += 2;
-	}
-	return 0;
-}
-
 /*
  * Print the current definition of one, or more, or all
  * environment variables
@@ -313,16 +283,6 @@
 	if (!opts)
 		opts = &default_opts;
  
-	if (opts->aes_flag) {
-		ret = env_aes_cbc_crypt(environment.data, 1,
-					opts->aes_key);
-		if (ret) {
-			fprintf(stderr,
-				"Error: can't encrypt env for flash\n");
-			return ret;
-		}
-	}
-
 	/*
 	 * Update CRC
 	 */
@@ -976,28 +936,6 @@
 	return rc;
 }
  
-/* Encrypt or decrypt the environment before writing or reading it. */
-static int env_aes_cbc_crypt(char *payload, const int enc, uint8_t *key)
-{
-	uint8_t *data = (uint8_t *)payload;
-	const int len = usable_envsize;
-	uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
-	uint32_t aes_blocks;
-
-	/* First we expand the key. */
-	aes_expand_key(key, key_exp);
-
-	/* Calculate the number of AES blocks to encrypt. */
-	aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
-
-	if (enc)
-		aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks);
-	else
-		aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks);
-
-	return 0;
-}
-
 static int flash_write (int fd_current, int fd_target, int dev_target)
 {
 	int rc;
@@ -1182,13 +1120,6 @@
  
 	crc0 = crc32 (0, (uint8_t *) environment.data, ENV_SIZE);
  
-	if (opts->aes_flag) {
-		ret = env_aes_cbc_crypt(environment.data, 0,
-					opts->aes_key);
-		if (ret)
-			goto open_cleanup;
-	}
-
 	crc0_ok = (crc0 == *environment.crc);
 	if (!HaveRedundEnv) {
 		if (!crc0_ok) {
@@ -1244,13 +1175,6 @@
  
 		crc1 = crc32 (0, (uint8_t *) redundant->data, ENV_SIZE);
  
-		if (opts->aes_flag) {
-			ret = env_aes_cbc_crypt(redundant->data, 0,
-						opts->aes_key);
-			if (ret)
-				goto open_cleanup;
-		}
-
 		crc1_ok = (crc1 == redundant->crc);
 		flag1 = redundant->flags;
  
@@ -1497,9 +1421,6 @@
 	usable_envsize = CUR_ENVSIZE - sizeof(uint32_t);
 	if (HaveRedundEnv)
 		usable_envsize -= sizeof(char);
-
-	if (opts->aes_flag)
-		usable_envsize &= ~(AES_KEY_LENGTH - 1);
  
 	return 0;
 }
@@ -6,7 +6,6 @@
  */
  
 #include <stdint.h>
-#include <uboot_aes.h>
  
 /*
  * Programs using the library must check which API is available,
  
@@ -19,12 +18,8 @@
 #ifdef CONFIG_FILE
 	char *config_file;
 #endif
-	int aes_flag; /* Is AES encryption used? */
-	uint8_t aes_key[AES_KEY_LENGTH];
 	char *lockname;
 };
-
-int parse_aes_key(char *key, uint8_t *bin_key);
  
 /**
  * fw_printenv() - print one or several environment variables
@@ -43,7 +43,6 @@
 static int do_printenv;
  
 static struct option long_options[] = {
-	{"aes", required_argument, NULL, 'a'},
 	{"config", required_argument, NULL, 'c'},
 	{"help", no_argument, NULL, 'h'},
 	{"script", required_argument, NULL, 's'},
@@ -70,9 +69,6 @@
 		"\n"
 		" -h, --help           print this help.\n"
 		" -v, --version        display version\n"
-#ifdef CONFIG_ENV_AES
-		" -a, --aes            aes key to access environment\n"
-#endif
 #ifdef CONFIG_FILE
 		" -c, --config         configuration file, default:" CONFIG_FILE "\n"
 #endif
@@ -89,9 +85,6 @@
 		"\n"
 		" -h, --help           print this help.\n"
 		" -v, --version        display version\n"
-#ifdef CONFIG_ENV_AES
-		" -a, --aes            aes key to access environment\n"
-#endif
 #ifdef CONFIG_FILE
 		" -c, --config         configuration file, default:" CONFIG_FILE "\n"
 #endif
@@ -130,13 +123,6 @@
 	while ((c = getopt_long(argc, argv, ":a:c:l:h:v", long_options, NULL)) !=
 	       EOF) {
 		switch (c) {
-		case 'a':
-			if (parse_aes_key(optarg, env_opts.aes_key)) {
-				fprintf(stderr, "AES key parse error\n");
-				exit(EXIT_FAILURE);
-			}
-			env_opts.aes_flag = 1;
-			break;
 #ifdef CONFIG_FILE
 		case 'c':
 			env_opts.config_file = optarg;
...	...	@@ -360,14 +360,6 @@
360	360
361	361	endchoice
362	362
363		-config ENV_AES
364		- bool "AES-128 encryption for stored environment (DEPRECATED)"
365		- help
366		- Enable this to have the on-device stored environment be encrypted
367		- with AES-128. The implementation here however has security
368		- complications and is not recommended for use. Please see
369		- CVE-2017-3225 and CVE-2017-3226 for more details.
370		-
371	363	config ENV_FAT_INTERFACE
372	364	string "Name of the block device for the environment"
373	365	depends on ENV_IS_IN_FAT
...	...	@@ -103,52 +103,6 @@
103	103	H_NOCLEAR \| H_INTERACTIVE, 0, nvars, vars);
104	104	}
105	105
106		-#ifdef CONFIG_ENV_AES
107		-#include <uboot_aes.h>
108		-/**
109		- * env_aes_cbc_get_key() - Get AES-128-CBC key for the environment
110		- *
111		- * This function shall return 16-byte array containing AES-128 key used
112		- * to encrypt and decrypt the environment. This function must be overridden
113		- * by the implementer as otherwise the environment encryption will not
114		- * work.
115		- */
116		-__weak uint8_t *env_aes_cbc_get_key(void)
117		-{
118		- return NULL;
119		-}
120		-
121		-static int env_aes_cbc_crypt(env_t *env, const int enc)
122		-{
123		- unsigned char *data = env->data;
124		- uint8_t *key;
125		- uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
126		- uint32_t aes_blocks;
127		-
128		- key = env_aes_cbc_get_key();
129		- if (!key)
130		- return -EINVAL;
131		-
132		- /* First we expand the key. */
133		- aes_expand_key(key, key_exp);
134		-
135		- /* Calculate the number of AES blocks to encrypt. */
136		- aes_blocks = ENV_SIZE / AES_KEY_LENGTH;
137		-
138		- if (enc)
139		- aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks);
140		- else
141		- aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks);
142		-
143		- return 0;
144		-}
145		-#else
146		-static inline int env_aes_cbc_crypt(env_t *env, const int enc)
147		-{
148		- return 0;
149		-}
150		-#endif
151		-
152	106	/*
153	107	* Check if CRC is valid and (if yes) import the environment.
154	108	* Note that "buf" may or may not be aligned.
...	...	@@ -156,7 +110,6 @@
156	110	int env_import(const char *buf, int check)
157	111	{
158	112	env_t ep = (env_t )buf;
159		- int ret;
160	113
161	114	if (check) {
162	115	uint32_t crc;
...	...	@@ -169,14 +122,6 @@
169	122	}
170	123	}
171	124
172		- /* Decrypt the env if desired. */
173		- ret = env_aes_cbc_crypt(ep, 0);
174		- if (ret) {
175		- pr_err("Failed to decrypt env!\n");
176		- set_default_env("!import failed");
177		- return ret;
178		- }
179		-
180	125	if (himport_r(&env_htab, (char *)ep->data, ENV_SIZE, '\0', 0, 0,
181	126	0, NULL)) {
182	127	gd->flags \|= GD_FLG_ENV_READY;
...	...	@@ -242,7 +187,6 @@
242	187	{
243	188	char *res;
244	189	ssize_t len;
245		- int ret;
246	190
247	191	res = (char *)env_out->data;
248	192	len = hexport_r(&env_htab, '\0', 0, &res, ENV_SIZE, 0, NULL);
...	...	@@ -250,11 +194,6 @@
250	194	pr_err("Cannot export environment: errno = %d\n", errno);
251	195	return 1;
252	196	}
253		-
254		- /* Encrypt the env if desired. */
255		- ret = env_aes_cbc_crypt(env_out, 1);
256		- if (ret)
257		- return ret;
258	197
259	198	env_out->crc = crc32(0, env_out->data, ENV_SIZE);
260	199
...	...	@@ -143,12 +143,7 @@
143	143	# define ENV_HEADER_SIZE (sizeof(uint32_t))
144	144	#endif
145	145
146		-#ifdef CONFIG_ENV_AES
147		-/* Make sure the payload is multiple of AES block size */
148		-#define ENV_SIZE ((CONFIG_ENV_SIZE - ENV_HEADER_SIZE) & ~(16 - 1))
149		-#else
150	146	#define ENV_SIZE (CONFIG_ENV_SIZE - ENV_HEADER_SIZE)
151		-#endif
152	147
153	148	typedef struct environment_s {
154	149	uint32_t crc; /* CRC32 over data bytes */
...	...	@@ -156,12 +151,7 @@
156	151	unsigned char flags; /* active/obsolete flags */
157	152	#endif
158	153	unsigned char data[ENV_SIZE]; /* Environment data */
159		-} env_t
160		-#ifdef CONFIG_ENV_AES
161		-/* Make sure the env is aligned to block size. */
162		-__attribute__((aligned(16)))
163		-#endif
164		-;
	154	+} env_t;
165	155
166	156	#ifdef ENV_IS_EMBEDDED
167	157	extern env_t environment;
...	...	@@ -25,7 +25,7 @@
25	25
26	26	lib-y += fw_env.o \
27	27	crc32.o ctype.o linux_string.o \
28		- env_attr.o env_flags.o aes.o
	28	+ env_attr.o env_flags.o
29	29
30	30	fw_printenv-objs := fw_env_main.o $(lib-y)
31	31
...	...	@@ -111,8 +111,6 @@
111	111	.flag_scheme = FLAG_NONE,
112	112	};
113	113
114		-static int env_aes_cbc_crypt(char data, const int enc, uint8_t key);
115		-
116	114	static int HaveRedundEnv = 0;
117	115
118	116	static unsigned char active_flag = 1;
...	...	@@ -217,34 +215,6 @@
217	215	return NULL;
218	216	}
219	217
220		-int parse_aes_key(char key, uint8_t bin_key)
221		-{
222		- char tmp[5] = { '0', 'x', 0, 0, 0 };
223		- unsigned long ul;
224		- int i;
225		-
226		- if (strnlen(key, 64) != 32) {
227		- fprintf(stderr,
228		- "## Error: '-a' option requires 16-byte AES key\n");
229		- return -1;
230		- }
231		-
232		- for (i = 0; i < 16; i++) {
233		- tmp[2] = key[0];
234		- tmp[3] = key[1];
235		- errno = 0;
236		- ul = strtoul(tmp, NULL, 16);
237		- if (errno) {
238		- fprintf(stderr,
239		- "## Error: '-a' option requires valid AES key\n");
240		- return -1;
241		- }
242		- bin_key[i] = ul & 0xff;
243		- key += 2;
244		- }
245		- return 0;
246		-}
247		-
248	218	/*
249	219	* Print the current definition of one, or more, or all
250	220	* environment variables
...	...	@@ -313,16 +283,6 @@
313	283	if (!opts)
314	284	opts = &default_opts;
315	285
316		- if (opts->aes_flag) {
317		- ret = env_aes_cbc_crypt(environment.data, 1,
318		- opts->aes_key);
319		- if (ret) {
320		- fprintf(stderr,
321		- "Error: can't encrypt env for flash\n");
322		- return ret;
323		- }
324		- }
325		-
326	286	/*
327	287	* Update CRC
328	288	*/
...	...	@@ -976,28 +936,6 @@
976	936	return rc;
977	937	}
978	938
979		-/* Encrypt or decrypt the environment before writing or reading it. */
980		-static int env_aes_cbc_crypt(char payload, const int enc, uint8_t key)
981		-{
982		- uint8_t data = (uint8_t )payload;
983		- const int len = usable_envsize;
984		- uint8_t key_exp[AES_EXPAND_KEY_LENGTH];
985		- uint32_t aes_blocks;
986		-
987		- /* First we expand the key. */
988		- aes_expand_key(key, key_exp);
989		-
990		- /* Calculate the number of AES blocks to encrypt. */
991		- aes_blocks = DIV_ROUND_UP(len, AES_KEY_LENGTH);
992		-
993		- if (enc)
994		- aes_cbc_encrypt_blocks(key_exp, data, data, aes_blocks);
995		- else
996		- aes_cbc_decrypt_blocks(key_exp, data, data, aes_blocks);
997		-
998		- return 0;
999		-}
1000		-
1001	939	static int flash_write (int fd_current, int fd_target, int dev_target)
1002	940	{
1003	941	int rc;
...	...	@@ -1182,13 +1120,6 @@
1182	1120
1183	1121	crc0 = crc32 (0, (uint8_t *) environment.data, ENV_SIZE);
1184	1122
1185		- if (opts->aes_flag) {
1186		- ret = env_aes_cbc_crypt(environment.data, 0,
1187		- opts->aes_key);
1188		- if (ret)
1189		- goto open_cleanup;
1190		- }
1191		-
1192	1123	crc0_ok = (crc0 == *environment.crc);
1193	1124	if (!HaveRedundEnv) {
1194	1125	if (!crc0_ok) {
...	...	@@ -1244,13 +1175,6 @@
1244	1175
1245	1176	crc1 = crc32 (0, (uint8_t *) redundant->data, ENV_SIZE);
1246	1177
1247		- if (opts->aes_flag) {
1248		- ret = env_aes_cbc_crypt(redundant->data, 0,
1249		- opts->aes_key);
1250		- if (ret)
1251		- goto open_cleanup;
1252		- }
1253		-
1254	1178	crc1_ok = (crc1 == redundant->crc);
1255	1179	flag1 = redundant->flags;
1256	1180
...	...	@@ -1497,9 +1421,6 @@
1497	1421	usable_envsize = CUR_ENVSIZE - sizeof(uint32_t);
1498	1422	if (HaveRedundEnv)
1499	1423	usable_envsize -= sizeof(char);
1500		-
1501		- if (opts->aes_flag)
1502		- usable_envsize &= ~(AES_KEY_LENGTH - 1);
1503	1424
1504	1425	return 0;
1505	1426	}
...	...	@@ -6,7 +6,6 @@
6	6	*/
7	7
8	8	#include <stdint.h>
9		-#include <uboot_aes.h>
10	9
11	10	/*
12	11	* Programs using the library must check which API is available,
13	12
...	...	@@ -19,12 +18,8 @@
19	18	#ifdef CONFIG_FILE
20	19	char *config_file;
21	20	#endif
22		- int aes_flag; /* Is AES encryption used? */
23		- uint8_t aes_key[AES_KEY_LENGTH];
24	21	char *lockname;
25	22	};
26		-
27		-int parse_aes_key(char key, uint8_t bin_key);
28	23
29	24	/**
30	25	* fw_printenv() - print one or several environment variables
...	...	@@ -43,7 +43,6 @@
43	43	static int do_printenv;
44	44
45	45	static struct option long_options[] = {
46		- {"aes", required_argument, NULL, 'a'},
47	46	{"config", required_argument, NULL, 'c'},
48	47	{"help", no_argument, NULL, 'h'},
49	48	{"script", required_argument, NULL, 's'},
...	...	@@ -70,9 +69,6 @@
70	69	"\n"
71	70	" -h, --help print this help.\n"
72	71	" -v, --version display version\n"
73		-#ifdef CONFIG_ENV_AES
74		- " -a, --aes aes key to access environment\n"
75		-#endif
76	72	#ifdef CONFIG_FILE
77	73	" -c, --config configuration file, default:" CONFIG_FILE "\n"
78	74	#endif
...	...	@@ -89,9 +85,6 @@
89	85	"\n"
90	86	" -h, --help print this help.\n"
91	87	" -v, --version display version\n"
92		-#ifdef CONFIG_ENV_AES
93		- " -a, --aes aes key to access environment\n"
94		-#endif
95	88	#ifdef CONFIG_FILE
96	89	" -c, --config configuration file, default:" CONFIG_FILE "\n"
97	90	#endif
...	...	@@ -130,13 +123,6 @@
130	123	while ((c = getopt_long(argc, argv, ":a:c:l:h:v", long_options, NULL)) !=
131	124	EOF) {
132	125	switch (c) {
133		- case 'a':
134		- if (parse_aes_key(optarg, env_opts.aes_key)) {
135		- fprintf(stderr, "AES key parse error\n");
136		- exit(EXIT_FAILURE);
137		- }
138		- env_opts.aes_flag = 1;
139		- break;
140	126	#ifdef CONFIG_FILE
141	127	case 'c':
142	128	env_opts.config_file = optarg;