leandrof/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib: rsa: rsa-verify: don't look for keys in the FIT image

Browse Source 
In the function rsa_verify_hash, if the "main" key doesn't
work, u-boot try others keys. But it searches those keys
in the FIT image instead of the u-boot device tree.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Philippe Reynes 2021-01-12 19:18:54 +01:00 committed by Tom Rini
parent a7a029d14d
commit 040fad3791
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/rsa/rsa-verify.c
View File

@ -522,10 +522,10 @@ int rsa_verify_hash(struct image_sign_info *info,
return ret; return ret;
/* No luck, so try each of the keys in turn */ /* No luck, so try each of the keys in turn */
for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node, for (ndepth = 0, noffset = fdt_next_node(blob, sig_node,
&ndepth); &ndepth);
(noffset >= 0) && (ndepth > 0); (noffset >= 0) && (ndepth > 0);
noffset = fdt_next_node(info->fit, noffset, &ndepth)) { noffset = fdt_next_node(blob, noffset, &ndepth)) {
if (ndepth == 1 && noffset != node) { if (ndepth == 1 && noffset != node) {
ret = rsa_verify_with_keynode(info, hash, ret = rsa_verify_with_keynode(info, hash,
sig, sig_len, sig, sig_len,