brain-hackers_pepepper-mirror
/
u-boot-brain
mirror of https://github.com/brain-hackers/u-boot-brain
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

lib/ecdsa: Use the 'keydir' argument from mkimage if appropriate 

Keys can be derived from keydir, and the "key-name-hint" property of
the FIT. They can also be specified ad-literam via 'keyfile'. Update
the ECDSA signing path to use the appropriate one.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Alexandru Gagniuc 2021-02-19 12:45:19 -06:00 committed by Tom Rini
parent 824ee745fb
commit eb22759e2b
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/ecdsa/ecdsa-libcrypto.c
View File

@ -140,8 +140,20 @@ static int read_key(struct signer *ctx, const char *key_name)
/* Prepare a 'signer' context that's ready to sign and verify. */
static int prepare_ctx(struct signer *ctx, const struct image_sign_info *info)
{
const char *kname = info->keydir;
int key_len_bytes, ret;
char kname[1024];
memset(ctx, 0, sizeof(*ctx));
if (info->keyfile) {
snprintf(kname, sizeof(kname), "%s", info->keyfile);
} else if (info->keydir && info->keyname) {
snprintf(kname, sizeof(kname), "%s/%s.pem", info->keydir,
info->keyname);
} else {
fprintf(stderr, "keyfile, keyname, or key-name-hint missing\n");
return -EINVAL;
}
ret = alloc_ctx(ctx, info);
if (ret)