diff options
author | Sascha Hauer <s.hauer@pengutronix.de> | 2022-05-04 11:49:28 +0200 |
---|---|---|
committer | Sascha Hauer <s.hauer@pengutronix.de> | 2022-05-04 15:12:31 +0200 |
commit | b2f33a4b95af0566c735cfc188dc8758636c2263 (patch) | |
tree | f1393092fe111ddebcf3c71ff482dcf2f4a840ee /common | |
parent | a05ac5545c43a5420757e0f5529edea95230ced5 (diff) | |
download | barebox-b2f33a4b95af0566c735cfc188dc8758636c2263.tar.gz barebox-b2f33a4b95af0566c735cfc188dc8758636c2263.tar.xz |
rsa: Collect keys on list
Currently there is no way to iterate over all available RSA keys.
This patch collects all keys on a list so we can add an iterator
in the next step.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'common')
-rw-r--r-- | common/image-fit.c | 25 |
1 files changed, 4 insertions, 21 deletions
diff --git a/common/image-fit.c b/common/image-fit.c index 38a372ff52..152d066f47 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -255,10 +255,8 @@ static struct digest *fit_alloc_digest(struct device_node *sig_node, static int fit_check_rsa_signature(struct device_node *sig_node, enum hash_algo algo, void *hash) { - struct rsa_public_key *key; + const struct rsa_public_key *key; const char *key_name; - char *key_path; - struct device_node *key_node; int sig_len; const char *sig_value; int ret; @@ -275,22 +273,9 @@ static int fit_check_rsa_signature(struct device_node *sig_node, } key = rsa_get_key(key_name); - if (IS_ERR(key)) { - key_path = xasprintf("/signature/key-%s", key_name); - key_node = of_find_node_by_path(key_path); - if (!key_node) { - pr_info("failed to find key node %s\n", key_path); - free(key_path); - return -ENOENT; - } - free(key_path); - - key = rsa_of_read_key(key_node); - - if (IS_ERR(key)) { - pr_info("failed to read key in %s\n", key_node->full_name); - return -ENOENT; - } + if (!key) { + pr_err("No such key: %s\n", key_name); + return -ENOENT; } ret = rsa_verify(key, sig_value, sig_len, hash, algo); @@ -299,8 +284,6 @@ static int fit_check_rsa_signature(struct device_node *sig_node, else pr_info("image signature OK\n"); - rsa_key_free(key); - return ret; } |