[U-Boot] [PATCH 2/2] rsa: Return immediately if required-key verification fails
Simon Glass
sjg at chromium.org
Fri Sep 27 01:48:50 UTC 2019
On Wed, 18 Sep 2019 at 08:05, Philippe Reynes
<philippe.reynes at softathome.com> wrote:
>
> From: Daniele Alessandrelli <daniele.alessandrelli at gmail.com>
>
> Currently, if image verification with a required key fails, rsa_verify()
> code tries to find another key to verify the FIT image. This however, is
> not the intended behavior as the documentation says that required keys
> "must be verified for the image / configuration to be considered valid".
>
> This patch fixes the issue by making rsa_verify() return immediately if
> the verification of a required key fails.
>
> Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli at gmail.com>
> ---
> lib/rsa/rsa-verify.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
Reviewed-by: Simon Glass <sjg at chromium.org>
More information about the U-Boot
mailing list