lib: rsa: rsa-verify: don't look for keys in the FIT image

In the function rsa_verify_hash, if the "main" key doesn't work, u-boot try others keys. But it searches those keys in the FIT image instead of the u-boot device tree. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org>
author: Philippe Reynes 2021-01-12 19:18:54 +0100
committer: Tom Rini 2021-01-27 17:03:16 -0500
commit: 040fad3791fe05b985516a68c9437847173da56a (patch)
tree: d0a2b09c319c2085528befe712588b7887947370 /lib/rsa
parent: a7a029d14de44bdcd050181ec5544b1ae3728c8a (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 0ab0f629d0c..e34d3293d19 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -522,10 +522,10 @@ int rsa_verify_hash(struct image_sign_info *info,
 			return ret;
 
 		/* No luck, so try each of the keys in turn */
-		for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node,
+		for (ndepth = 0, noffset = fdt_next_node(blob, sig_node,
 							 &ndepth);
 		     (noffset >= 0) && (ndepth > 0);
-		     noffset = fdt_next_node(info->fit, noffset, &ndepth)) {
+		     noffset = fdt_next_node(blob, noffset, &ndepth)) {
 			if (ndepth == 1 && noffset != node) {
 				ret = rsa_verify_with_keynode(info, hash,
 							      sig, sig_len,
author	Philippe Reynes	2021-01-12 19:18:54 +0100
committer	Tom Rini	2021-01-27 17:03:16 -0500
commit	040fad3791fe05b985516a68c9437847173da56a (patch)
tree	d0a2b09c319c2085528befe712588b7887947370 /lib/rsa
parent	a7a029d14de44bdcd050181ec5544b1ae3728c8a (diff)