diff options
| author | Philippe Reynes <philippe.reynes@softathome.com> | 2021-01-12 19:18:54 +0100 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2021-01-27 17:03:16 -0500 |
| commit | 040fad3791fe05b985516a68c9437847173da56a (patch) | |
| tree | d0a2b09c319c2085528befe712588b7887947370 /lib | |
| parent | a7a029d14de44bdcd050181ec5544b1ae3728c8a (diff) | |
| download | u-boot-040fad3791fe05b985516a68c9437847173da56a.tar.gz u-boot-040fad3791fe05b985516a68c9437847173da56a.tar.xz u-boot-040fad3791fe05b985516a68c9437847173da56a.zip | |
lib: rsa: rsa-verify: don't look for keys in the FIT image
In the function rsa_verify_hash, if the "main" key doesn't
work, u-boot try others keys. But it searches those keys
in the FIT image instead of the u-boot device tree.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/rsa/rsa-verify.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 0ab0f629d0..e34d3293d1 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -522,10 +522,10 @@ int rsa_verify_hash(struct image_sign_info *info, return ret; /* No luck, so try each of the keys in turn */ - for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node, + for (ndepth = 0, noffset = fdt_next_node(blob, sig_node, &ndepth); (noffset >= 0) && (ndepth > 0); - noffset = fdt_next_node(info->fit, noffset, &ndepth)) { + noffset = fdt_next_node(blob, noffset, &ndepth)) { if (ndepth == 1 && noffset != node) { ret = rsa_verify_with_keynode(info, hash, sig, sig_len, |