LM
/
u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

image: Return destination node for add_verify_data() method 

It is useful to know where the verification data was written. Update the
API to return this.

Signed-off-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Simon Glass 2021-11-12 12:28:11 -07:00
parent 99f844ba3a
commit c033dc8c0c
6 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/image.h
View File

@ -1243,7 +1243,8 @@ struct crypto_algo {
*
* @info: Specifies key and FIT information
* @keydest: Destination FDT blob for public key data
* @return: 0, on success, -ve on error
* @return: node offset within the FDT blob where the data was written,
* or -ve on error
*/
int (*add_verify_data)(struct image_sign_info *info, void *keydest);

5
include/u-boot/ecdsa.h
View File

@ -44,8 +44,9 @@ int ecdsa_sign(struct image_sign_info *info, const struct image_region region[],
*
* @info: Specifies key and FIT information
* @keydest: Destination FDT blob for public key data
* @return: 0, on success, -ENOSPC if the keydest FDT blob ran out of space,
* other -ve value on error
* @return: node offset within the FDT blob where the data was written on
* success, -ENOSPC if the keydest FDT blob ran out of space, other -ve
* value on other error
*/
int ecdsa_add_verify_data(struct image_sign_info *info, void *keydest);

5
include/u-boot/rsa.h
View File

@ -61,8 +61,9 @@ int rsa_sign(struct image_sign_info *info,
*
* @info: Specifies key and FIT information
* @keydest: Destination FDT blob for public key data
* @return: 0, on success, -ENOSPC if the keydest FDT blob ran out of space,
other -ve value on error
* @return: node offset within the FDT blob where the data was written on
* success, -ENOSPC if the keydest FDT blob ran out of space, other -ve
* value on other error
*/
int rsa_add_verify_data(struct image_sign_info *info, void *keydest);

4
lib/ecdsa/ecdsa-libcrypto.c
View File

@ -301,7 +301,7 @@ static int do_add(struct signer *ctx, void *fdt, const char *key_node_name)
if (ret < 0)
return ret;
return 0;
return key_node;
}
int ecdsa_add_verify_data(struct image_sign_info *info, void *fdt)
@ -313,7 +313,7 @@ int ecdsa_add_verify_data(struct image_sign_info *info, void *fdt)
fdt_key_name = info->keyname ? info->keyname : "default-key";
ret = prepare_ctx(&ctx, info);
if (ret >= 0)
do_add(&ctx, fdt, fdt_key_name);
ret = do_add(&ctx, fdt, fdt_key_name);
free_ctx(&ctx);
return ret;

3
lib/rsa/rsa-sign.c
View File

@ -703,5 +703,8 @@ err_get_pub_key:
if (info->engine_id)
rsa_engine_remove(e);
if (ret)
return ret;
return node;
}

5
tools/image-host.c
View File

@ -267,7 +267,7 @@ static int fit_image_process_sig(const char *keydir, const char *keyfile,
*/
if (keydest) {
ret = info.crypto->add_verify_data(&info, keydest);
if (ret) {
if (ret < 0) {
printf("Failed to add verification data for '%s' signature node in '%s' image node\n",
node_name, image_name);
return ret;
@ -1037,11 +1037,10 @@ static int fit_config_process_sig(const char *keydir, const char *keyfile,
/* Write the public key into the supplied FDT file */
if (keydest) {
ret = info.crypto->add_verify_data(&info, keydest);
if (ret) {
if (ret < 0) {
printf("Failed to add verification data for '%s' signature node in '%s' configuration node\n",
node_name, conf_name);
}
return ret;
}
return 0;