It was a mess, a mix of crypto_* and cbc_mac calls. I made everything call crypto
functions, and also separate key setup from cryptographic operations, this will
be useful to speed up the code in the upcoming commits. Drop support for "usbotp"
key, since the crypto code for that was never mainlined and we can always get the
keys from a device as long as we have code execution (using the DCP debug registers).
Change-Id: I7aa24d12207ffb744225d1b9cc7cb1dc7281dd22
The old code had some annoying way of dealing with padding by adding explicit
instructions to the stream, which is 1) ugly 2) not in par with freescale
tools. The trick, which this new version implements, is to put the useful length
of the section in the section header, and the actual (with padding) length in
the boot tag. This way the tools can just ignore padding instruction by
reading the section header, and the bootloader can still load the image because
it uses the boot tags.
Also correctly handle the case where the first section does not start right
after the header (there is a bug in freescale tools for this case by the way).
There is an ambiguity in the way the padding instructions should be encrypted:
the bootloader should logically treat them as regular instruction of the section
stream, but it appears the freescale tools do not generate them as part of the
stream and instead encrypt them like boot tags, which is stupid because there
is no way the bootloader could decrypt them, and anyway we don't care because
the bootloader doesn't decrypt them at all.
Change-Id: Iabdc1d1f9f82d374779bf03efb75c2c3998f5b5d
Now always generate a "make.db" file which aims at being the exact
representation of the file, ie running sbtoelf and elftosb using
the generated command file should produce the exact same file
(except for the random paddings). We still miss the support
for some option parsing to achieve that though.
Change-Id: Ib7d6b241f7855fd35225df8ab8e0711f69d9ee5a
