Hi,
On Mon, 2 Sept 2024 at 07:33, Chia-Wei Wang chiawei_wang@aspeedtech.com wrote:
The padding algorithm is not mandatory for all signing algorithm.
For example, ECDSA does not require a padding method. The RSA case which needs PKCS padding, the belonging info->crypto() also has the check on the validity of info->padding().
Is that in rsa_verify_key() ?
Thus, remove the info->padding check from the upper, general layer.
Signed-off-by: Chia-Wei Wang chiawei_wang@aspeedtech.com
boot/image-fit-sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Simon Glass sjg@chromium.org
diff --git a/boot/image-fit-sig.c b/boot/image-fit-sig.c index fe328df4a85..d06e6cc8ed6 100644 --- a/boot/image-fit-sig.c +++ b/boot/image-fit-sig.c @@ -95,7 +95,7 @@ static int fit_image_setup_verify(struct image_sign_info *info, info->required_keynode = required_keynode; printf("%s:%s", algo_name, info->keyname);
if (!info->checksum || !info->crypto || !info->padding) {
if (!info->checksum || !info->crypto) { *err_msgp = "Unknown signature algorithm"; return -1; }-- 2.25.1
Regards, Simon