libubootenv: adapt patches to v0.3.5

https://onedigi.atlassian.net/browse/DEL-8885 Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
2023-12-26 14:24:34 +01:00 · 2023-12-26 14:24:34 +01:00 · 148b4974a4
parent 5457c89a9e
commit 148b4974a4
5 changed files with 128 additions and 132 deletions
--- a/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0001-Implement-support-for-environment-encryption-by-CAAM.patch
+++ b/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0001-Implement-support-for-environment-encryption-by-CAAM.patch
@ -28,10 +28,10 @@ Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
 create mode 100644 src/md5.h

 diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
-index 4b71bc588827..d7e38a12feed 100644
+index ababe0f..fb1efa2 100644
 --- a/src/CMakeLists.txt
 +++ b/src/CMakeLists.txt
-@@ -1,6 +1,8 @@
+@@ -4,6 +4,8 @@
 cmake_minimum_required (VERSION 2.6)
 # Sources and private headers
 SET(libubootenv_SOURCES
@ -42,7 +42,7 @@ index 4b71bc588827..d7e38a12feed 100644
 )
 diff --git a/src/caam_keyblob.h b/src/caam_keyblob.h
 new file mode 100644
-index 000000000000..e313e87a3854
+index 0000000..e313e87
 --- /dev/null
 +++ b/src/caam_keyblob.h
@@ -0,0 +1,42 @@
@ -90,7 +90,7 @@ index 000000000000..e313e87a3854
 +#endif /* CAAM_KEYBLOB_H */
 diff --git a/src/md5.c b/src/md5.c
 new file mode 100644
-index 000000000000..47ae8bf34a4d
+index 0000000..47ae8bf
 --- /dev/null
 +++ b/src/md5.c
@@ -0,0 +1,275 @@
@ -371,7 +371,7 @@ index 000000000000..47ae8bf34a4d
 +}
 diff --git a/src/md5.h b/src/md5.h
 new file mode 100644
-index 000000000000..02a9a9d23e34
+index 0000000..02a9a9d
 --- /dev/null
 +++ b/src/md5.h
@@ -0,0 +1,24 @@
@ -400,13 +400,13 @@ index 000000000000..02a9a9d23e34
 +
 +#endif /* _MD5_H */
 diff --git a/src/uboot_env.c b/src/uboot_env.c
-index 30c39ebf6fa9..2fd08f5a07db 100644
+index ae85c7e..750b736 100644
 --- a/src/uboot_env.c
 +++ b/src/uboot_env.c
-@@ -33,11 +33,21 @@
- #include <sys/wait.h>
+@@ -34,11 +34,21 @@
 #include <sys/ioctl.h>
 #include <zlib.h>
+ #include <yaml.h>
 +#include <arpa/inet.h>
 #include <mtd/mtd-user.h>
 #include <mtd/ubi-user.h>
@ -425,8 +425,8 @@ index 30c39ebf6fa9..2fd08f5a07db 100644
 #define UBI_MAX_VOLUME			128
 
 #define DEVICE_MTD_NAME 		"/dev/mtd"
-@@ -844,6 +854,105 @@ static int set_obsolete_flag(struct uboot_flash_env *dev)
- 	return ret;
+@@ -1028,6 +1038,105 @@ const struct uboot_version_info *libuboot_version_info(void)
+ 	return &libinfo;
 }
 
 +static int is_env_encrypted(void)
@ -531,7 +531,7 @@ index 30c39ebf6fa9..2fd08f5a07db 100644
 int libuboot_env_store(struct uboot_ctx *ctx)
 {
 	struct var_entry *entry;
-@@ -919,6 +1028,15 @@ int libuboot_env_store(struct uboot_ctx *ctx)
+@@ -1103,6 +1212,15 @@ int libuboot_env_store(struct uboot_ctx *ctx)
 		((struct uboot_env_redund *)image)->flags = flags;
 	}
 
@ -547,7 +547,7 @@ index 30c39ebf6fa9..2fd08f5a07db 100644
 	*(uint32_t *)image = crc32(0, (uint8_t *)data, ctx->size - offsetdata);
 
 	copy = ctx->redundant ? (ctx->current ? 0 : 1) : 0;
-@@ -984,6 +1102,13 @@ static int libuboot_load(struct uboot_ctx *ctx)
+@@ -1167,6 +1285,13 @@ static int libuboot_load(struct uboot_ctx *ctx)
 		}
 		crc = *(uint32_t *)(buf[i] + offsetcrc);
 		dev->crc = crc32(0, (uint8_t *)data, usable_envsize);
@ -561,7 +561,7 @@ index 30c39ebf6fa9..2fd08f5a07db 100644
 		crcenv[i] = dev->crc == crc;
 		if (ctx->redundant)
 			dev->flags = *(uint8_t *)(buf[i] + offsetflags);
-@@ -1264,6 +1389,11 @@ int libuboot_read_config(struct uboot_ctx *ctx, const char *config)
+@@ -1773,6 +1898,11 @@ int libuboot_read_config_ext(struct uboot_ctx **ctxlist, const char *config)
 			break;
 		}
 	}
@ -573,7 +573,7 @@ index 30c39ebf6fa9..2fd08f5a07db 100644
 	if (ndev == 0)
 		retval = -EINVAL;
 
-@@ -1461,6 +1591,7 @@ int libuboot_initialize(struct uboot_ctx **out,
+@@ -2042,6 +2172,7 @@ int libuboot_initialize(struct uboot_ctx **out,
 		return -ENOMEM;
 
 	ctx->valid = false;
@ -582,10 +582,10 @@ index 30c39ebf6fa9..2fd08f5a07db 100644
 
 	if (ret < 0) {
 diff --git a/src/uboot_private.h b/src/uboot_private.h
-index 4b7a9f9602a6..22c8c14ce8cc 100644
+index 40e5446..ee2d305 100644
 --- a/src/uboot_private.h
 +++ b/src/uboot_private.h
-@@ -111,10 +111,14 @@ LIST_HEAD(vars, var_entry);
+@@ -114,10 +114,14 @@ LIST_HEAD(vars, var_entry);
 struct uboot_ctx {
 	/** true if the environment is redundant */
 	bool redundant;
--- a/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0002-Implement-U-Boot-environment-access-functions.patch
+++ b/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0002-Implement-U-Boot-environment-access-functions.patch
@ -18,10 +18,10 @@ Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
 2 files changed, 119 insertions(+)

 diff --git a/src/libuboot.h b/src/libuboot.h
-index bfcaeb1d609f..b15969f89174 100644
+index 3ed3244..e83b3a5 100644
 --- a/src/libuboot.h
 +++ b/src/libuboot.h
-@@ -159,6 +159,29 @@ const char *libuboot_getname(void *entry);
+@@ -201,6 +201,29 @@ const char *libuboot_getname(void *entry);
  */
 const char *libuboot_getvalue(void *entry);
 
@ -52,11 +52,11 @@ index bfcaeb1d609f..b15969f89174 100644
 }
 #endif
 diff --git a/src/uboot_env.c b/src/uboot_env.c
-index 2fd08f5a07db..87f831b0cdc7 100644
+index 750b736..b7ad4c4 100644
 --- a/src/uboot_env.c
 +++ b/src/uboot_env.c
-@@ -1632,3 +1632,99 @@ void libuboot_close(struct uboot_ctx *ctx) {
- void libuboot_exit(struct uboot_ctx *ctx) {
+@@ -2234,3 +2234,99 @@ void libuboot_exit(struct uboot_ctx *ctx)
+ 
 	free(ctx);
 }
 +
--- a/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0003-tools-env-add-support-to-set-dynamic-location-of-env.patch
+++ b/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0003-tools-env-add-support-to-set-dynamic-location-of-env.patch
@ -27,10 +27,10 @@ Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
 2 files changed, 90 insertions(+), 2 deletions(-)

 diff --git a/src/uboot_env.c b/src/uboot_env.c
-index 87f831b0cdc7..539e22f9a8ac 100644
+index b7ad4c4..924a6cf 100644
 --- a/src/uboot_env.c
 +++ b/src/uboot_env.c
-@@ -431,6 +431,73 @@ static int check_env_device(struct uboot_ctx *ctx, struct uboot_flash_env *dev)
+@@ -591,6 +591,73 @@ static int check_env_device(struct uboot_flash_env *dev)
 	return 0;
 }
 
@ -104,9 +104,9 @@ index 87f831b0cdc7..539e22f9a8ac 100644
 static bool check_compatible_devices(struct uboot_ctx *ctx)
 {
 	if (!ctx->redundant)
-@@ -442,6 +509,12 @@ static bool check_compatible_devices(struct uboot_ctx *ctx)
+@@ -602,6 +669,12 @@ static bool check_compatible_devices(struct uboot_ctx *ctx)
 		return false;
- 	if (ctx->envdevs[0].envsize != ctx->envdevs[1].envsize) 
+ 	if (ctx->envdevs[0].envsize != ctx->envdevs[1].envsize)
 		return false;
 +	if (ctx->envdevs[0].offset == ctx->envdevs[1].offset) {
 +		ctx->dynamic_env = true;
@ -117,7 +117,7 @@ index 87f831b0cdc7..539e22f9a8ac 100644
 
 	return true;
 }
-@@ -488,7 +561,7 @@ static int fileread(struct uboot_flash_env *dev, void *data)
+@@ -648,7 +721,7 @@ static int fileread(struct uboot_flash_env *dev, void *data)
 	return ret;
 }
 
@ -126,7 +126,7 @@ index 87f831b0cdc7..539e22f9a8ac 100644
 {
 	size_t count;
 	size_t blocksize;
-@@ -507,6 +580,17 @@ static int mtdread(struct uboot_flash_env *dev, void *data)
+@@ -667,6 +740,17 @@ static int mtdread(struct uboot_flash_env *dev, void *data)
 		ret = read(dev->fd, data, dev->envsize);
 		break;
 	case MTD_NANDFLASH:
@ -144,7 +144,7 @@ index 87f831b0cdc7..539e22f9a8ac 100644
 		if (dev->offset)
 			if (lseek(dev->fd, dev->offset, SEEK_SET) < 0) {
 				ret = -EIO;
-@@ -582,7 +666,7 @@ static int devread(struct uboot_ctx *ctx, unsigned int copy, void *data)
+@@ -742,7 +826,7 @@ static int devread(struct uboot_ctx *ctx, unsigned int copy, void *data)
 		ret = fileread(dev, data);
 		break;
 	case DEVICE_MTD:
@ -154,10 +154,10 @@ index 87f831b0cdc7..539e22f9a8ac 100644
 	case DEVICE_UBI:
 		ret = ubiread(dev, data);
 diff --git a/src/uboot_private.h b/src/uboot_private.h
-index 22c8c14ce8cc..591df20d6936 100644
+index ee2d305..84bd1bc 100644
 --- a/src/uboot_private.h
 +++ b/src/uboot_private.h
-@@ -113,10 +113,14 @@ struct uboot_ctx {
+@@ -116,10 +116,14 @@ struct uboot_ctx {
 	bool redundant;
 	/** true if the environment is encrypted */
 	bool encrypted;
--- a/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0004-fall-back-to-read-HWID-from-nvmem-device-if-not-avai.patch
+++ b/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0004-fall-back-to-read-HWID-from-nvmem-device-if-not-avai.patch
@ -21,10 +21,10 @@ https://onedigi.atlassian.net/browse/DEL-8444
 1 file changed, 52 insertions(+), 2 deletions(-)

 diff --git a/src/uboot_env.c b/src/uboot_env.c
-index 539e22f9a8ac..86f9b9ebfec2 100644
+index 924a6cf..d507cac 100644
 --- a/src/uboot_env.c
 +++ b/src/uboot_env.c
-@@ -945,6 +945,32 @@ static int is_env_encrypted(void)
+@@ -1129,6 +1129,32 @@ static int is_env_encrypted(void)
 	return access(dt_prop, F_OK) != -1;
 }

@ -57,7 +57,7 @@ index 539e22f9a8ac..86f9b9ebfec2 100644
 #define MAX_HWID_WORDS		4
 static int env_caam_get_keymod(unsigned char output[16])
 {
-@@ -953,12 +979,11 @@ static int env_caam_get_keymod(unsigned char output[16])
+@@ -1137,12 +1163,11 @@ static int env_caam_get_keymod(unsigned char output[16])
 	int fd;
 	uint32_t ocotp_hwid[MAX_HWID_WORDS];
 	char dt_prop[32];
@ -71,7 +71,7 @@ index 539e22f9a8ac..86f9b9ebfec2 100644
 			fd = open(dt_prop, O_RDONLY);
 			if (fd < 0)
 				return fd;
-@@ -969,6 +994,31 @@ static int env_caam_get_keymod(unsigned char output[16])
+@@ -1153,6 +1178,31 @@ static int env_caam_get_keymod(unsigned char output[16])
 			}
 			ocotp_hwid[i] = ntohl(*(uint32_t *)buf);
 			close(fd);
--- a/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0005-Implement-support-for-environment-encryption-for-CCM.patch
+++ b/meta-digi-arm/recipes-bsp/libubootenv/libubootenv/0005-Implement-support-for-environment-encryption-for-CCM.patch
@ -1,4 +1,3 @@
-From 768cac09ee47729e3ef38b477c7a69e5b3d10c60 Mon Sep 17 00:00:00 2001
 From: Mike Engel <Mike.Engel@digi.com>
 Date: Fri, 26 May 2023 11:21:43 +0200
 Subject: [PATCH] Implement support for environment encryption for CCMP1
@ -32,10 +31,10 @@ Signed-off-by: Mike Engel <Mike.Engel@digi.com>
 create mode 100644 src/teec_trace.h

 diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
-index d7e38a1..15dad7a 100644
+index fb1efa2..04353e9 100644
 --- a/src/CMakeLists.txt
 +++ b/src/CMakeLists.txt
-@@ -1,6 +1,10 @@
+@@ -4,6 +4,10 @@
 cmake_minimum_required (VERSION 2.6)
 # Sources and private headers
 SET(libubootenv_SOURCES
@ -48,93 +47,93 @@ index d7e38a1..15dad7a 100644
   uboot_env.c
 diff --git a/src/ta_ccmp1_aes.h b/src/ta_ccmp1_aes.h
 new file mode 100644
-index 0000000..9110cda
+index 0000000..ceab07d
 --- /dev/null
 +++ b/src/ta_ccmp1_aes.h
@@ -0,0 +1,84 @@
-+/*
-+ * Copyright 2023 Digi International Inc
-+ *
-+ * SPDX-License-Identifier:    GPL-2.0+
-+ */
-+
-+#ifndef __TA_CCMP1_AES_H__
-+#define __TA_CCMP1_AES_H__
-+
-+/*
-+ * AES is a stream cipher which works a block at a time, with each block
-+ * in this case being AES_BLOCK_LENGTH bytes.
-+ */
-+
-+enum {
-+	AES_STATECOLS	= 4,	/* columns in the state & expanded key */
-+	AES128_KEYCOLS	= 4,	/* columns in a key for aes128 */
-+	AES192_KEYCOLS	= 6,	/* columns in a key for aes128 */
-+	AES256_KEYCOLS	= 8,	/* columns in a key for aes128 */
-+	AES128_ROUNDS	= 10,	/* rounds in encryption for aes128 */
-+	AES192_ROUNDS	= 12,	/* rounds in encryption for aes192 */
-+	AES256_ROUNDS	= 14,	/* rounds in encryption for aes256 */
-+	AES128_KEY_LENGTH	= 128 / 8,
-+	AES192_KEY_LENGTH	= 192 / 8,
-+	AES256_KEY_LENGTH	= 256 / 8,
-+	AES128_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES128_ROUNDS + 1),
-+	AES192_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES192_ROUNDS + 1),
-+	AES256_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES256_ROUNDS + 1),
-+	AES_BLOCK_LENGTH	= 128 / 8,
-+};
-+
-+struct aes_ctx {
-+	TEEC_Context ctx;
-+	TEEC_Session sess;
-+};
-+
-+/* The function IDs implemented in the associated TA */
-+
-+/*
-+ * TA_AES_CMD_SET_KEY - Allocate resources for the AES ciphering
-+ * param[0] (value) Algorithmus
-+ * param[1] (value) Key size
-+ * param[2] (value) encryption mode (encrypt/decrypt)
-+ * param[3] unused
-+ */
-+#define TA_AES_CMD_PREPARE		0
-+
-+/*
-+ * TA_AES_CMD_SET_KEY - Allocate resources for the AES ciphering
-+ * param[0] (memref) key data, size shall equal key length
-+ * param[1] unused
-+ * param[2] unused
-+ * param[3] unused
-+ */
-+#define TA_AES_CMD_SET_KEY		1
-+
-+/*
-+ * TA_AES_CMD_SET_IV - reset IV
-+ * param[0] (memref) initial vector, size shall equal block length
-+ * param[1] unused
-+ * param[2] unused
-+ * param[3] unused
-+ */
-+#define TA_AES_CMD_SET_IV		2
-+
-+/*
-+ * TA_AES_CMD_CIPHER - Cipher input buffer into output buffer
-+ * param[0] (memref) input buffer
-+ * param[1] (memref) output buffer (shall be bigger than input buffer)
-+ * param[2] unused
-+ * param[3] unused
-+ */
-+#define TA_AES_CMD_CIPHER	3
-+
-+#define TA_AES_MODE_ENCODE	1
-+#define TA_AES_MODE_DECODE	0
-+
-+#define TA_AES_ALGO_CTR		2
-+
-+/* UUID of the TA */
-+#define TA_STM32MP_CRYP_UUID { 0xc2fad363, 0x5d9f, 0x4fc4, \
-+                { 0xa4, 0x17, 0x55, 0x58, 0x41, 0xe0, 0x57, 0x45 } }
-+
+/*
+ * Copyright 2023 Digi International Inc
+ *
+ * SPDX-License-Identifier:    GPL-2.0+
+ */
+
+#ifndef __TA_CCMP1_AES_H__
+#define __TA_CCMP1_AES_H__
+
+/*
+ * AES is a stream cipher which works a block at a time, with each block
+ * in this case being AES_BLOCK_LENGTH bytes.
+ */
+
+enum {
+	AES_STATECOLS	= 4,	/* columns in the state & expanded key */
+	AES128_KEYCOLS	= 4,	/* columns in a key for aes128 */
+	AES192_KEYCOLS	= 6,	/* columns in a key for aes128 */
+	AES256_KEYCOLS	= 8,	/* columns in a key for aes128 */
+	AES128_ROUNDS	= 10,	/* rounds in encryption for aes128 */
+	AES192_ROUNDS	= 12,	/* rounds in encryption for aes192 */
+	AES256_ROUNDS	= 14,	/* rounds in encryption for aes256 */
+	AES128_KEY_LENGTH	= 128 / 8,
+	AES192_KEY_LENGTH	= 192 / 8,
+	AES256_KEY_LENGTH	= 256 / 8,
+	AES128_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES128_ROUNDS + 1),
+	AES192_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES192_ROUNDS + 1),
+	AES256_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES256_ROUNDS + 1),
+	AES_BLOCK_LENGTH	= 128 / 8,
+};
+
+struct aes_ctx {
+	TEEC_Context ctx;
+	TEEC_Session sess;
+};
+
+/* The function IDs implemented in the associated TA */
+
+/*
+ * TA_AES_CMD_SET_KEY - Allocate resources for the AES ciphering
+ * param[0] (value) Algorithmus
+ * param[1] (value) Key size
+ * param[2] (value) encryption mode (encrypt/decrypt)
+ * param[3] unused
+ */
+#define TA_AES_CMD_PREPARE		0
+
+/*
+ * TA_AES_CMD_SET_KEY - Allocate resources for the AES ciphering
+ * param[0] (memref) key data, size shall equal key length
+ * param[1] unused
+ * param[2] unused
+ * param[3] unused
+ */
+#define TA_AES_CMD_SET_KEY		1
+
+/*
+ * TA_AES_CMD_SET_IV - reset IV
+ * param[0] (memref) initial vector, size shall equal block length
+ * param[1] unused
+ * param[2] unused
+ * param[3] unused
+ */
+#define TA_AES_CMD_SET_IV		2
+
+/*
+ * TA_AES_CMD_CIPHER - Cipher input buffer into output buffer
+ * param[0] (memref) input buffer
+ * param[1] (memref) output buffer (shall be bigger than input buffer)
+ * param[2] unused
+ * param[3] unused
+ */
+#define TA_AES_CMD_CIPHER	3
+
+#define TA_AES_MODE_ENCODE	1
+#define TA_AES_MODE_DECODE	0
+
+#define TA_AES_ALGO_CTR		2
+
+/* UUID of the TA */
+#define TA_STM32MP_CRYP_UUID { 0xc2fad363, 0x5d9f, 0x4fc4, \
+                { 0xa4, 0x17, 0x55, 0x58, 0x41, 0xe0, 0x57, 0x45 } }
+
 +#endif /* __TA_CCMP1_AES_H__ */
 \ No newline at end of file
 diff --git a/src/tee.h b/src/tee.h
@ -2576,10 +2575,10 @@ index 0000000..b1e37ec
 +
 +#endif
 diff --git a/src/uboot_env.c b/src/uboot_env.c
-index 86f9b9e..45b356f 100644
+index d507cac..aa33930 100644
 --- a/src/uboot_env.c
 +++ b/src/uboot_env.c
-@@ -41,6 +41,9 @@
+@@ -42,6 +42,9 @@
 #include "md5.h"
 #include "uboot_private.h"
 
@ -2589,7 +2588,7 @@ index 86f9b9e..45b356f 100644
 /*
  * The BLOB includes a random AES-256 key (32 bytes) and a
  * Message Authentication Code (MAC) (16 bytes)
-@@ -972,7 +975,7 @@ static bool machine_is_compatible(char *machine)
+@@ -1156,7 +1159,7 @@ static bool machine_is_compatible(char *machine)
 }
 
 #define MAX_HWID_WORDS		4
@ -2598,7 +2597,7 @@ index 86f9b9e..45b356f 100644
 {
 	int i;
 	int len;
-@@ -1040,7 +1043,7 @@ static int env_caam_crypt(char *data, unsigned int size, const int enc)
+@@ -1224,7 +1227,7 @@ static int env_caam_crypt(char *data, unsigned int size, const int enc)
 	char *buffer;
 	unsigned char key_modifier[16];
 
@ -2607,7 +2606,7 @@ index 86f9b9e..45b356f 100644
 	if (ret)
 		return ret;
 
-@@ -1087,6 +1090,165 @@ free:
+@@ -1271,6 +1274,165 @@ free:
 	return ret;
 }
 
@ -2667,7 +2666,7 @@ index 86f9b9e..45b356f 100644
 +	TEEC_Result res;
 +
 +	memset(&op, 0, sizeof(op));
-+	
+
 +	op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
 +					 TEEC_NONE, TEEC_NONE, TEEC_NONE);
 +
@ -2773,7 +2772,7 @@ index 86f9b9e..45b356f 100644
 int libuboot_env_store(struct uboot_ctx *ctx)
 {
 	struct var_entry *entry;
-@@ -1163,7 +1325,12 @@ int libuboot_env_store(struct uboot_ctx *ctx)
+@@ -1347,7 +1509,12 @@ int libuboot_env_store(struct uboot_ctx *ctx)
 	}
 
 	if (ctx->encrypted) {
@ -2787,7 +2786,7 @@ index 86f9b9e..45b356f 100644
 		if (ret) {
 			fprintf(stderr,
 				"Error: can't encrypt env for flash\n");
-@@ -1237,7 +1404,12 @@ static int libuboot_load(struct uboot_ctx *ctx)
+@@ -1420,7 +1587,12 @@ static int libuboot_load(struct uboot_ctx *ctx)
 		crc = *(uint32_t *)(buf[i] + offsetcrc);
 		dev->crc = crc32(0, (uint8_t *)data, usable_envsize);
 		if (ctx->encrypted) {
@ -2801,6 +2800,3 @@ index 86f9b9e..45b356f 100644
 			if (ret) {
 				fprintf(stderr, "Error: can't decrypt environment\n");
 				return ret;
-- 
-2.34.1
-