[U-Boot] RSA verify code and required keys

[Daniele Alessandrelli]

Hi,

I was looking at the RSA image authentication code and I'm a bit
puzzled by the following line of codes in lib/rsa/rsa-verify.c
(https://gitlab.denx.de/u-boot/u-boot/blob/master/lib/rsa/rsa-verify.c#L440):

436         /* See if we must use a particular key */
437         if (info->required_keynode != -1) {
438                 ret = rsa_verify_with_keynode(info, hash, sig, sig_len,
439                         info->required_keynode);
440                 if (!ret)
441                         return ret;
442         }
443
444         /* Look for a key that matches our hint */
445         snprintf(name, sizeof(name), "key-%s", info->keyname);
446         node = fdt_subnode_offset(blob, sig_node, name);
447         ret = rsa_verify_with_keynode(info, hash, sig, sig_len, node);
448         if (!ret)
449                 return ret;

If I understand it correctly, at Line 440 we check if verification
with the required key succeeded and if so we return otherwise we
continue, trying other keys.

Is that the intended behavior? Shouldn't the code return in any case
(thus making the FIT verification process fail if the image couldn't
be verified with the required key)? Or am I missing something?

Regards,
Daniele