Both the signature and the public key are stored as DTS nodes
in the FIT image and SPL/U-Boot DTBs.
Like the RSA signing & verification do, this patch either creates
the nodes or overwirte the content automatically.
Signed-off-by: Chia-Wei Wang <chiawei_w...@aspeedtech.com>
---
lib/ecdsa/ecdsa-libcrypto.c | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)
diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c
index 5fa9be10b4b..cd0c09ca6e4 100644
--- a/lib/ecdsa/ecdsa-libcrypto.c
+++ b/lib/ecdsa/ecdsa-libcrypto.c
@@ -281,15 +281,26 @@ static int do_add(struct signer *ctx, void *fdt, const
char *key_node_name)
BIGNUM *x, *y;
signature_node = fdt_subnode_offset(fdt, 0, FIT_SIG_NODENAME);
- if (signature_node < 0) {
- fprintf(stderr, "Could not find 'signature node: %s\n",
- fdt_strerror(signature_node));
- return signature_node;
+ if (signature_node == -FDT_ERR_NOTFOUND) {
+ signature_node = fdt_add_subnode(fdt, 0, FIT_SIG_NODENAME);
+ if (signature_node < 0) {
+ fprintf(stderr, "Could not find 'signature node: %s\n",
+ fdt_strerror(signature_node));
+ return signature_node;
+ }
}
- key_node = fdt_add_subnode(fdt, signature_node, key_node_name);
- if (key_node < 0) {
- fprintf(stderr, "Could not create '%s' node: %s\n",
+ /* Either create or overwrite the named key node */
+ key_node = fdt_subnode_offset(fdt, signature_node, key_node_name);
+ if (key_node == -FDT_ERR_NOTFOUND) {
+ key_node = fdt_add_subnode(fdt, signature_node, key_node_name);
+ if (key_node < 0) {
+ fprintf(stderr, "Could not create '%s' node: %s\n",
+ key_node_name, fdt_strerror(key_node));
+ return key_node;
+ }
+ } else if (key_node < 0) {
+ fprintf(stderr, "cannot select '%s' node: %s\n",
key_node_name, fdt_strerror(key_node));
return key_node;
}
--
2.25.1
