diff options
| author | Alexandru Gagniuc <mr.nuke.me@gmail.com> | 2021-02-19 12:45:19 -0600 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2021-04-14 15:23:01 -0400 |
| commit | eb22759e2be9c45b0f39ee7ab028e6e4144ce629 (patch) | |
| tree | b7f091c51e3ff9e37a354fe63c0a1a55abc8e359 /lib | |
| parent | 824ee745fbcaa73ad74a30f992aaf2e732a5a325 (diff) | |
| download | u-boot-eb22759e2be9c45b0f39ee7ab028e6e4144ce629.tar.gz u-boot-eb22759e2be9c45b0f39ee7ab028e6e4144ce629.tar.bz2 u-boot-eb22759e2be9c45b0f39ee7ab028e6e4144ce629.zip | |
lib/ecdsa: Use the 'keydir' argument from mkimage if appropriate
Keys can be derived from keydir, and the "key-name-hint" property of
the FIT. They can also be specified ad-literam via 'keyfile'. Update
the ECDSA signing path to use the appropriate one.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/ecdsa/ecdsa-libcrypto.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c index 322880963f..1757a14562 100644 --- a/lib/ecdsa/ecdsa-libcrypto.c +++ b/lib/ecdsa/ecdsa-libcrypto.c @@ -140,8 +140,20 @@ static int read_key(struct signer *ctx, const char *key_name) /* Prepare a 'signer' context that's ready to sign and verify. */ static int prepare_ctx(struct signer *ctx, const struct image_sign_info *info) { - const char *kname = info->keydir; int key_len_bytes, ret; + char kname[1024]; + + memset(ctx, 0, sizeof(*ctx)); + + if (info->keyfile) { + snprintf(kname, sizeof(kname), "%s", info->keyfile); + } else if (info->keydir && info->keyname) { + snprintf(kname, sizeof(kname), "%s/%s.pem", info->keydir, + info->keyname); + } else { + fprintf(stderr, "keyfile, keyname, or key-name-hint missing\n"); + return -EINVAL; + } ret = alloc_ctx(ctx, info); if (ret) |