[PATCH] lib: rsa: check algo match in rsa_verify_with_keynode

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] lib: rsa: check algo match in rsa_verify_with_keynode

Matthieu CASTET
The algo name should match between the FIT's signature node and the
U-Boot's control FDT.

If we do not check it, U-Boot's control FDT can expect sha512 hash but
nothing will prevent to accept image with sha1 hash if the signature is correct.

Signed-off-by: Matthieu CASTET <[hidden email]>
---
 lib/rsa/rsa-verify.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 2057f6819d..b9c800c7dc 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -439,12 +439,17 @@ static int rsa_verify_with_keynode(struct image_sign_info *info,
  struct key_prop prop;
  int length;
  int ret = 0;
+ const char *algo;
 
  if (node < 0) {
  debug("%s: Skipping invalid node", __func__);
  return -EBADF;
  }
 
+ algo = fdt_getprop(blob, node, "algo", NULL);
+ if (strcmp(info->name, algo))
+ return -EFAULT;
+
  prop.num_bits = fdtdec_get_int(blob, node, "rsa,num-bits", 0);
 
  prop.n0inv = fdtdec_get_int(blob, node, "rsa,n0-inverse", 0);
--
2.28.0

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] lib: rsa: check algo match in rsa_verify_with_keynode

Tom Rini-4
On Wed, Sep 23, 2020 at 07:11:44PM +0200, Matthieu CASTET wrote:

> The algo name should match between the FIT's signature node and the
> U-Boot's control FDT.
>
> If we do not check it, U-Boot's control FDT can expect sha512 hash but
> nothing will prevent to accept image with sha1 hash if the signature is correct.
>
> Signed-off-by: Matthieu CASTET <[hidden email]>

Applied to u-boot/master, thanks!

--
Tom

signature.asc (673 bytes) Download Attachment