16 Feb
2021
16 Feb
'21
6:01 p.m.
Dear Sean Anderson,
In message 20210216164016.635125-1-sean.anderson@seco.com you wrote:
Currently we fail silently if there is an algorithm mismatch. To help distinguish this failure condition.
Signed-off-by: Sean Anderson sean.anderson@seco.com
lib/rsa/rsa-verify.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index e34d3293d1..aee76f42d5 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -447,8 +447,11 @@ static int rsa_verify_with_keynode(struct image_sign_info *info, }
algo = fdt_getprop(blob, node, "algo", NULL);
- if (strcmp(info->name, algo))
- if (strcmp(info->name, algo)) {
debug("%s: Wrong algo: have %s, expected %s", __func__,info->name, algo);- }
If this is considered an error, should that not be a printf() then instead of a debug() which users will never see?
Best regards,
Wolfgang Denk
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd@denx.de
It is impractical for the standard to attempt to constrain the
behavior of code that does not obey the constraints of the standard.
- Doug Gwyn