[PATCH] lib: rsa: rsa-verify: don't look for keys in the FIT image
In the function rsa_verify_hash, if the "main" key doesn't work, u-boot try others keys. But it searches those keys in the FIT image instead of the u-boot device tree.
Signed-off-by: Philippe Reynes philippe.reynes@softathome.com --- lib/rsa/rsa-verify.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 0ab0f629d0..e34d3293d1 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -522,10 +522,10 @@ int rsa_verify_hash(struct image_sign_info *info, return ret;
/* No luck, so try each of the keys in turn */ - for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node, + for (ndepth = 0, noffset = fdt_next_node(blob, sig_node, &ndepth); (noffset >= 0) && (ndepth > 0); - noffset = fdt_next_node(info->fit, noffset, &ndepth)) { + noffset = fdt_next_node(blob, noffset, &ndepth)) { if (ndepth == 1 && noffset != node) { ret = rsa_verify_with_keynode(info, hash, sig, sig_len,
On 1/12/21 12:18 PM, Philippe Reynes wrote:
Hi Philippe,
In the function rsa_verify_hash, if the "main" key doesn't work, u-boot try others keys. But it searches those keys in the FIT image instead of the u-boot device tree.
Signed-off-by: Philippe Reynes philippe.reynes@softathome.com
lib/rsa/rsa-verify.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 0ab0f629d0..e34d3293d1 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -522,10 +522,10 @@ int rsa_verify_hash(struct image_sign_info *info, return ret;
/* No luck, so try each of the keys in turn */
for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node,
for (ndepth = 0, noffset = fdt_next_node(blob, sig_node, &ndepth); (noffset >= 0) && (ndepth > 0);
noffset = fdt_next_node(info->fit, noffset, &ndepth)) {
noffset = fdt_next_node(blob, noffset, &ndepth)) { if (ndepth == 1 && noffset != node) { ret = rsa_verify_with_keynode(info, hash, sig, sig_len,
I was looking at this code ot too long ago and didn't notice the inconsistency. I think it would be better to use 'info->fdt_blob' and get rid of 'blob' completely.
Alex
Hi Alex
Le 12/01/2021 à 19:30, Alex G. a écrit :
On 1/12/21 12:18 PM, Philippe Reynes wrote:
Hi Philippe,
In the function rsa_verify_hash, if the "main" key doesn't work, u-boot try others keys. But it searches those keys in the FIT image instead of the u-boot device tree.
Signed-off-by: Philippe Reynes philippe.reynes@softathome.com
lib/rsa/rsa-verify.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 0ab0f629d0..e34d3293d1 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -522,10 +522,10 @@ int rsa_verify_hash(struct image_sign_info *info, return ret; /* No luck, so try each of the keys in turn */ - for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node, + for (ndepth = 0, noffset = fdt_next_node(blob, sig_node, &ndepth); (noffset >= 0) && (ndepth > 0); - noffset = fdt_next_node(info->fit, noffset, &ndepth)) { + noffset = fdt_next_node(blob, noffset, &ndepth)) { if (ndepth == 1 && noffset != node) { ret = rsa_verify_with_keynode(info, hash, sig, sig_len,
I was looking at this code ot too long ago and didn't notice the inconsistency. I think it would be better to use 'info->fdt_blob' and get rid of 'blob' completely.
The variable blob is also used in function rsa_verify_with_keynode. So it is the coding style for this part of code. If you prefer to change this coding style and remove this variable blob to use directly info->fdt_blob or rename this variable blob to fdt_blob, I can send another patch to change it. What other people (and you) think about this proposal ?
Alex
Regards, Philippe
Hi ,
On Tue, 12 Jan 2021 at 11:19, Philippe Reynes philippe.reynes@softathome.com wrote:
In the function rsa_verify_hash, if the "main" key doesn't work, u-boot try others keys. But it searches those keys in the FIT image instead of the u-boot device tree.
Signed-off-by: Philippe Reynes philippe.reynes@softathome.com
lib/rsa/rsa-verify.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 0ab0f629d0..e34d3293d1 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -522,10 +522,10 @@ int rsa_verify_hash(struct image_sign_info *info, return ret;
/* No luck, so try each of the keys in turn */
for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node,
for (ndepth = 0, noffset = fdt_next_node(blob, sig_node, &ndepth); (noffset >= 0) && (ndepth > 0);
noffset = fdt_next_node(info->fit, noffset, &ndepth)) {
noffset = fdt_next_node(blob, noffset, &ndepth)) { if (ndepth == 1 && noffset != node) { ret = rsa_verify_with_keynode(info, hash, sig, sig_len,
Reviewed-by: Simon Glass sjg@chromium.org
But I wonder how this is not caught by tests? Can you look into that please? We are obviously missing a test case.
- Simon
On Tue, Jan 12, 2021 at 07:18:54PM +0100, Philippe Reynes wrote:
In the function rsa_verify_hash, if the "main" key doesn't work, u-boot try others keys. But it searches those keys in the FIT image instead of the u-boot device tree.
Signed-off-by: Philippe Reynes philippe.reynes@softathome.com Reviewed-by: Simon Glass sjg@chromium.org
Applied to u-boot/master, thanks!
participants (5)
-
Alex G. -
Philippe REYNES -
Philippe Reynes
-
Simon Glass -
Tom Rini