mirror of
https://git.openwrt.org/openwrt/openwrt.git
synced 2025-04-28 19:07:42 +00:00
390e00355e
Add fit-check-sign package which allows validating a uImage.FIT. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
93 lines
3.1 KiB
Diff
93 lines
3.1 KiB
Diff
From patchwork Sat Mar 29 03:13:01 2025
|
|
Content-Type: text/plain; charset="utf-8"
|
|
MIME-Version: 1.0
|
|
Content-Transfer-Encoding: 7bit
|
|
X-Patchwork-Submitter: Daniel Golle <daniel@makrotopia.org>
|
|
X-Patchwork-Id: 2066665
|
|
Return-Path: <u-boot-bounces@lists.denx.de>
|
|
X-Original-To: incoming@patchwork.ozlabs.org
|
|
Delivered-To: patchwork-incoming@legolas.ozlabs.org
|
|
Date: Sat, 29 Mar 2025 03:13:01 +0000
|
|
From: Daniel Golle <daniel@makrotopia.org>
|
|
To: Tom Rini <trini@konsulko.com>, Simon Glass <sjg@chromium.org>,
|
|
Chia-Wei Wang <chiawei_wang@aspeedtech.com>,
|
|
Daniel Golle <daniel@makrotopia.org>, u-boot@lists.denx.de
|
|
Cc: Thomas =?iso-8859-1?q?H=FChn?= <thomas.huehn@hs-nordhausen.de>
|
|
Subject: [PATCH 2/2] tools/fit_check_sign: make key optional
|
|
Message-ID:
|
|
<1f0c5a1f7e84f638f921278284ff6245d78e730d.1743217745.git.daniel@makrotopia.org>
|
|
References:
|
|
<bf6a90e864b713db41bf788797554649eeaa0732.1743217745.git.daniel@makrotopia.org>
|
|
MIME-Version: 1.0
|
|
Content-Disposition: inline
|
|
In-Reply-To:
|
|
<bf6a90e864b713db41bf788797554649eeaa0732.1743217745.git.daniel@makrotopia.org>
|
|
X-BeenThere: u-boot@lists.denx.de
|
|
X-Mailman-Version: 2.1.39
|
|
Precedence: list
|
|
List-Id: U-Boot discussion <u-boot.lists.denx.de>
|
|
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
|
|
<mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
|
|
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
|
|
List-Post: <mailto:u-boot@lists.denx.de>
|
|
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
|
|
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
|
|
<mailto:u-boot-request@lists.denx.de?subject=subscribe>
|
|
Errors-To: u-boot-bounces@lists.denx.de
|
|
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
|
|
|
|
Allow invoking fit_check_sig without the key parameter, allowing to
|
|
validate only checksums and hashes for unsigned images.
|
|
|
|
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
---
|
|
tools/fit_check_sign.c | 15 ++++++---------
|
|
1 file changed, 6 insertions(+), 9 deletions(-)
|
|
|
|
--- a/tools/fit_check_sign.c
|
|
+++ b/tools/fit_check_sign.c
|
|
@@ -45,7 +45,7 @@ int main(int argc, char **argv)
|
|
char *config_name = NULL;
|
|
char cmdname[256];
|
|
int ret;
|
|
- void *key_blob;
|
|
+ void *key_blob = NULL;
|
|
int c;
|
|
|
|
strncpy(cmdname, *argv, sizeof(cmdname) - 1);
|
|
@@ -70,18 +70,15 @@ int main(int argc, char **argv)
|
|
fprintf(stderr, "%s: Missing fdt file\n", *argv);
|
|
usage(*argv);
|
|
}
|
|
- if (!keyfile) {
|
|
- fprintf(stderr, "%s: Missing key file\n", *argv);
|
|
- usage(*argv);
|
|
- }
|
|
|
|
ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false, true);
|
|
if (ffd < 0)
|
|
return EXIT_FAILURE;
|
|
- kfd = mmap_fdt(cmdname, keyfile, 0, &key_blob, &ksbuf, false, true);
|
|
- if (kfd < 0)
|
|
- return EXIT_FAILURE;
|
|
-
|
|
+ if (keyfile) {
|
|
+ kfd = mmap_fdt(cmdname, keyfile, 0, &key_blob, &ksbuf, false, true);
|
|
+ if (kfd < 0)
|
|
+ return EXIT_FAILURE;
|
|
+ }
|
|
image_set_host_blob(key_blob);
|
|
ret = fit_check_sign(fit_blob, key_blob, config_name);
|
|
if (!ret) {
|
|
@@ -93,7 +90,9 @@ int main(int argc, char **argv)
|
|
}
|
|
|
|
(void) munmap((void *)fit_blob, fsbuf.st_size);
|
|
- (void) munmap((void *)key_blob, ksbuf.st_size);
|
|
+
|
|
+ if (keyfile)
|
|
+ (void) munmap((void *)key_blob, ksbuf.st_size);
|
|
|
|
close(ffd);
|
|
close(kfd);
|