brain-hackers_pepepper-mirror
/
u-boot-brain
mirror of https://github.com/brain-hackers/u-boot-brain
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

rsa: sig: fix config signature check for fit with padding 

The signature check on config node is broken on fit with padding.
To compute the signature for config node, U-Boot compute the
signature on all properties of requested node for this config,
except for the property "data". But, when padding is used for
binary in a fit, there isn't a property "data" but two properties:
"data-offset" and "data-size". So to fix the check of signature,
we also don't use the properties "data-offset" and "data-size"
when checking the signature on config node.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit is contained in:
Philippe Reynes 2020-04-29 15:26:17 +02:00 committed by Tom Rini
parent eb7690e81f
commit c522949a29
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/image-fit-sig.c
View File

@ -249,7 +249,7 @@ static int fit_config_check_sig(const void *fit, int noffset,
int required_keynode, int conf_noffset,
char **err_msgp)
{
char * const exc_prop[] = {"data"};
char * const exc_prop[] = {"data", "data-size", "data-position"};
const char *prop, *end, *name;
struct image_sign_info info;
const uint32_t *strings;