rsa: Collect keys on list

Currently there is no way to iterate over all available RSA keys.
This patch collects all keys on a list so we can add an iterator
in the next step.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>

1 files changed, 4 insertions, 21 deletions

diff --git a/common/image-fit.c b/common/image-fit.c
index 38a372ff52..152d066f47 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -255,10 +255,8 @@ static struct digest *fit_alloc_digest(struct device_node *sig_node,
 static int fit_check_rsa_signature(struct device_node *sig_node,
 				   enum hash_algo algo, void *hash)
 {
-	struct rsa_public_key *key;
+	const struct rsa_public_key *key;
 	const char *key_name;
-	char *key_path;
-	struct device_node *key_node;
 	int sig_len;
 	const char *sig_value;
 	int ret;
@@ -275,22 +273,9 @@ static int fit_check_rsa_signature(struct device_node *sig_node,
 	}
 
 	key = rsa_get_key(key_name);
-	if (IS_ERR(key)) {
-		key_path = xasprintf("/signature/key-%s", key_name);
-		key_node = of_find_node_by_path(key_path);
-		if (!key_node) {
-			pr_info("failed to find key node %s\n", key_path);
-			free(key_path);
-			return -ENOENT;
-		}
-		free(key_path);
-
-		key = rsa_of_read_key(key_node);
-
-		if (IS_ERR(key)) {
-			pr_info("failed to read key in %s\n", key_node->full_name);
-			return -ENOENT;
-		}
+	if (!key) {
+		pr_err("No such key: %s\n", key_name);
+		return -ENOENT;
 	}
 
 	ret = rsa_verify(key, sig_value, sig_len, hash, algo);
@@ -299,8 +284,6 @@ static int fit_check_rsa_signature(struct device_node *sig_node,
 	else
 		pr_info("image signature OK\n");
 
-	rsa_key_free(key);
-
 	return ret;
 }