10 May
2019
10 May
'19
3:06 a.m.
On Mon, Apr 22, 2019 at 04:28:01PM -0500, Sam Voss wrote:
Validation of fit image configuration signatures does not seem to do a "fall-back" mechanism as mentioned in doc/uImage.FIT/signature.txt.
The current constraints seem to only allow the following:
- skipping keys not marked "required" (not attempting to validate with them at all)
- checking a key marked required, but if it does not pass the validation entirely fails (no fall-back)
This patch keeps the non-required mechanism, however changes the required key logic to check all keys until a key that can validate the configuration is found. If none is found, an error is raised as before and boot is halted.
Signed-off-by: Sam Voss sam.voss@rockwellcollins.com
This breaks 'make tests' as it doesn't update the tests, please fix, thanks!
--
Tom