mkimage: ecdsa: add nodes to signature/key node

Add the "required", "algo", and "key-name-hint" nodes to the
signature/key node if ecdsa256 is used.

This change is mainly copy&paste from rsa_add_verify_data which already
adds these nodes.

Signed-off-by: Matthias Pritschet <matthias.pritschet@itk-engineering.de>

diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c
index e9aa2a1cf34448e55c581b199c1838595133b847..1c5dde60691dc8f2023a772702abe30e2a5e13d4 100644 (file)
--- a/lib/ecdsa/ecdsa-libcrypto.c
+++ b/lib/ecdsa/ecdsa-libcrypto.c
@@ -272,7 +272,8 @@ int ecdsa_verify(struct image_sign_info *info,
        return ret;
 }
 
-static int do_add(struct signer *ctx, void *fdt, const char *key_node_name)
+static int do_add(struct signer *ctx, void *fdt, const char *key_node_name,
+                 struct image_sign_info *info)
 {
        int signature_node, key_node, ret, key_bits;
        const char *curve_name;
@@ -322,6 +323,11 @@ static int do_add(struct signer *ctx, void *fdt, const char *key_node_name)
        point = EC_KEY_get0_public_key(ctx->ecdsa_key);
        EC_POINT_get_affine_coordinates(group, point, x, y, NULL);
 
+       ret = fdt_setprop_string(fdt, key_node, FIT_KEY_HINT,
+                                info->keyname);
+       if (ret < 0)
+               return ret;
+
        ret = fdt_setprop_string(fdt, key_node, "ecdsa,curve", curve_name);
        if (ret < 0)
                return ret;
@@ -334,6 +340,16 @@ static int do_add(struct signer *ctx, void *fdt, const char *key_node_name)
        if (ret < 0)
                return ret;
 
+       ret = fdt_setprop_string(fdt, key_node, FIT_ALGO_PROP,
+                                info->name);
+       if (ret < 0)
+               return ret;
+
+       ret = fdt_setprop_string(fdt, key_node, FIT_KEY_REQUIRED,
+                                info->require_keys);
+       if (ret < 0)
+               return ret;
+
        return key_node;
 }
 
@@ -346,7 +362,7 @@ int ecdsa_add_verify_data(struct image_sign_info *info, void *fdt)
        fdt_key_name = info->keyname ? info->keyname : "default-key";
        ret = prepare_ctx(&ctx, info);
        if (ret >= 0) {
-               ret = do_add(&ctx, fdt, fdt_key_name);
+               ret = do_add(&ctx, fdt, fdt_key_name, info);
                if (ret < 0)
                        ret = ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
        }