diff options
| author | Matthias Pritschet <matthias.pritschet@itk-engineering.de> | 2024-08-27 18:00:54 +0200 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2024-10-07 21:30:50 -0600 |
| commit | b67436d31969e6d6b76b39849da276506058b900 (patch) | |
| tree | 71b1c12c5987c7ec6479b75c155b5438063f4b13 /lib/ecdsa/ecdsa-libcrypto.c | |
| parent | 57668b01353db647e4497129274024341e2d6b18 (diff) | |
mkimage: ecdsa: add signature/key nodes to dtb if missing
If the signature/key node(s) are not yet present in the U-Boot device
tree, ecdsa_add_verify_data simply fails if it can't find the nodes.
This behaviour differs from rsa_add_verify_data, wich does add the missing
nodes and proceeds in that case.
This change is mainly copy&paste from rsa_add_verify_data to add the
same behaviour to ecdsa_add_verify_data.
Signed-off-by: Matthias Pritschet <matthias.pritschet@itk-engineering.de>
Diffstat (limited to 'lib/ecdsa/ecdsa-libcrypto.c')
| -rw-r--r-- | lib/ecdsa/ecdsa-libcrypto.c | 36 |
1 files changed, 29 insertions, 7 deletions
diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c index 403dfe0b97c..e9aa2a1cf34 100644 --- a/lib/ecdsa/ecdsa-libcrypto.c +++ b/lib/ecdsa/ecdsa-libcrypto.c @@ -281,16 +281,35 @@ static int do_add(struct signer *ctx, void *fdt, const char *key_node_name) BIGNUM *x, *y; signature_node = fdt_subnode_offset(fdt, 0, FIT_SIG_NODENAME); - if (signature_node < 0) { - fprintf(stderr, "Could not find 'signature node: %s\n", + if (signature_node == -FDT_ERR_NOTFOUND) { + signature_node = fdt_add_subnode(fdt, 0, FIT_SIG_NODENAME); + if (signature_node < 0) { + if (signature_node != -FDT_ERR_NOSPACE) { + fprintf(stderr, "Couldn't create signature node: %s\n", + fdt_strerror(signature_node)); + } + return signature_node; + } + } else if (signature_node < 0) { + fprintf(stderr, "Cannot select keys signature_node: %s\n", fdt_strerror(signature_node)); return signature_node; } - key_node = fdt_add_subnode(fdt, signature_node, key_node_name); - if (key_node < 0) { - fprintf(stderr, "Could not create '%s' node: %s\n", - key_node_name, fdt_strerror(key_node)); + /* Either create or overwrite the named key node */ + key_node = fdt_subnode_offset(fdt, signature_node, key_node_name); + if (key_node == -FDT_ERR_NOTFOUND) { + key_node = fdt_add_subnode(fdt, signature_node, key_node_name); + if (key_node < 0) { + if (key_node != -FDT_ERR_NOSPACE) { + fprintf(stderr, "Could not create key subnode: %s\n", + fdt_strerror(key_node)); + } + return key_node; + } + } else if (key_node < 0) { + fprintf(stderr, "Cannot select keys key_node: %s\n", + fdt_strerror(key_node)); return key_node; } @@ -326,8 +345,11 @@ int ecdsa_add_verify_data(struct image_sign_info *info, void *fdt) fdt_key_name = info->keyname ? info->keyname : "default-key"; ret = prepare_ctx(&ctx, info); - if (ret >= 0) + if (ret >= 0) { ret = do_add(&ctx, fdt, fdt_key_name); + if (ret < 0) + ret = ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO; + } free_ctx(&ctx); return ret; |