Merge branch '2020-05-15-misc-bugfixes'

- A number of symbol name consistency updates
- JFFS2 bugfix
- Use /* fallthrough */ for now to help at least gcc know when we're
  intentionally not 'break;'ing in a switch statement, we'll adopt
  fallthrough; later on.
- Assorted other fixes

4 files changed, 35 insertions, 10 deletions

diff --git a/lib/Kconfig b/lib/Kconfig
index 868de3bf3b..c3f694afc0 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -363,7 +363,22 @@ config SHA_PROG_HW_ACCEL
 	  is performed in hardware.
 
 config MD5
-	bool
+	bool "Support MD5 algorithm"
+	help
+	  This option enables MD5 support. MD5 is an algorithm designed
+	  in 1991 that produces a 16-byte digest (or checksum) from its input
+	  data. It has a number of vulnerabilities which preclude its use in
+	  security applications, but it can be useful for providing a quick
+	  checksum of a block of data.
+
+config SPL_MD5
+	bool "Support MD5 algorithm in SPL"
+	help
+	  This option enables MD5 support in SPL. MD5 is an algorithm designed
+	  in 1991 that produces a 16-byte digest (or checksum) from its input
+	  data. It has a number of vulnerabilities which preclude its use in
+	  security applications, but it can be useful for providing a quick
+	  checksum of a block of data.
 
 config CRC32C
 	bool
diff --git a/lib/Makefile b/lib/Makefile
index c6f862b0c2..6e688afa68 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -40,7 +40,6 @@ obj-$(CONFIG_GZIP_COMPRESSED) += gzip.o
 obj-$(CONFIG_GENERATE_SMBIOS_TABLE) += smbios.o
 obj-$(CONFIG_IMAGE_SPARSE) += image-sparse.o
 obj-y += ldiv.o
-obj-$(CONFIG_MD5) += md5.o
 obj-$(CONFIG_XXHASH) += xxhash.o
 obj-y += net_utils.o
 obj-$(CONFIG_PHYSMEM) += physmem.o
@@ -59,6 +58,7 @@ obj-$(CONFIG_TPM_V2) += tpm-v2.o
 endif
 
 obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/
+obj-$(CONFIG_$(SPL_)MD5) += md5.o
 obj-$(CONFIG_$(SPL_)RSA) += rsa/
 obj-$(CONFIG_SHA1) += sha1.o
 obj-$(CONFIG_SHA256) += sha256.o
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 580c744709..40ca1e1f57 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -4,7 +4,7 @@
  */
 
 #include "mkimage.h"
-#include <malloc.h>
+#include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 #include <image.h>
@@ -135,9 +135,14 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
 
 	if (engine_id && !strcmp(engine_id, "pkcs11")) {
 		if (keydir)
-			snprintf(key_id, sizeof(key_id),
-				 "pkcs11:%s;object=%s;type=public",
-				 keydir, name);
+			if (strstr(keydir, "object="))
+				snprintf(key_id, sizeof(key_id),
+					 "pkcs11:%s;type=public",
+					 keydir);
+			else
+				snprintf(key_id, sizeof(key_id),
+					 "pkcs11:%s;object=%s;type=public",
+					 keydir, name);
 		else
 			snprintf(key_id, sizeof(key_id),
 				 "pkcs11:object=%s;type=public",
@@ -255,9 +260,14 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
 
 	if (engine_id && !strcmp(engine_id, "pkcs11")) {
 		if (keydir)
-			snprintf(key_id, sizeof(key_id),
-				 "pkcs11:%s;object=%s;type=private",
-				 keydir, name);
+			if (strstr(keydir, "object="))
+				snprintf(key_id, sizeof(key_id),
+					 "pkcs11:%s;type=private",
+					 keydir);
+			else
+				snprintf(key_id, sizeof(key_id),
+					 "pkcs11:%s;object=%s;type=private",
+					 keydir, name);
 		else
 			snprintf(key_id, sizeof(key_id),
 				 "pkcs11:object=%s;type=private",
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 80e817314b..f7ae174cb0 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -445,7 +445,7 @@ static int rsa_verify_with_keynode(struct image_sign_info *info,
 
 	prop.rr = fdt_getprop(blob, node, "rsa,r-squared", NULL);
 
-	if (!prop.num_bits || !prop.modulus) {
+	if (!prop.num_bits || !prop.modulus || !prop.rr) {
 		debug("%s: Missing RSA key info", __func__);
 		return -EFAULT;
 	}