summaryrefslogtreecommitdiff
path: root/common/image-fit.c
diff options
context:
space:
mode:
authorAKASHI Takahiro <takahiro.akashi@linaro.org>2020-02-21 15:12:55 +0900
committerTom Rini <trini@konsulko.com>2020-03-12 08:20:38 -0400
commitb983cc2da0bafd73a4dfc069eb3c3a98677e2d92 (patch)
tree6ea5e39eb92db6a1c1311876a8df52f267a3aeea /common/image-fit.c
parentd08b16edf80aa268985b96b2d9e633909734e7c1 (diff)
lib: rsa: decouple rsa from FIT image verification
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'common/image-fit.c')
-rw-r--r--common/image-fit.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/common/image-fit.c b/common/image-fit.c
index f3bb00c98a..9357e66e1f 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -1269,7 +1269,7 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
int ret;
/* Verify all required signatures */
- if (IMAGE_ENABLE_VERIFY &&
+ if (FIT_IMAGE_ENABLE_VERIFY &&
fit_image_verify_required_sigs(fit, image_noffset, data, size,
gd_fdt_blob(), &verify_all)) {
err_msg = "Unable to verify required signature";
@@ -1291,7 +1291,7 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
&err_msg))
goto error;
puts("+ ");
- } else if (IMAGE_ENABLE_VERIFY && verify_all &&
+ } else if (FIT_IMAGE_ENABLE_VERIFY && verify_all &&
!strncmp(name, FIT_SIG_NODENAME,
strlen(FIT_SIG_NODENAME))) {
ret = fit_image_check_sig(fit, noffset, data,
@@ -1949,7 +1949,7 @@ int fit_image_load(bootm_headers_t *images, ulong addr,
if (image_type == IH_TYPE_KERNEL)
images->fit_uname_cfg = fit_base_uname_config;
- if (IMAGE_ENABLE_VERIFY && images->verify) {
+ if (FIT_IMAGE_ENABLE_VERIFY && images->verify) {
puts(" Verifying Hash Integrity ... ");
if (fit_config_verify(fit, cfg_noffset)) {
puts("Bad Data Hash\n");