mkimage: ecdsa: add signature/key nodes to dtb if missing

If the signature/key node(s) are not yet present in the U-Boot device
tree, ecdsa_add_verify_data simply fails if it can't find the nodes.
This behaviour differs from rsa_add_verify_data, wich does add the missing
nodes and proceeds in that case.

This change is mainly copy&paste from rsa_add_verify_data to add the
same behaviour to ecdsa_add_verify_data.

Signed-off-by: Matthias Pritschet <matthias.pritschet@itk-engineering.de>

diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c
index 403dfe0b97c97b4c8743302eb96ab7ff1d8faa8d..e9aa2a1cf34448e55c581b199c1838595133b847 100644 (file)
--- a/lib/ecdsa/ecdsa-libcrypto.c
+++ b/lib/ecdsa/ecdsa-libcrypto.c
@@ -281,16 +281,35 @@ static int do_add(struct signer *ctx, void *fdt, const char *key_node_name)
        BIGNUM *x, *y;
 
        signature_node = fdt_subnode_offset(fdt, 0, FIT_SIG_NODENAME);
-       if (signature_node < 0) {
-               fprintf(stderr, "Could not find 'signature node: %s\n",
+       if (signature_node == -FDT_ERR_NOTFOUND) {
+               signature_node = fdt_add_subnode(fdt, 0, FIT_SIG_NODENAME);
+               if (signature_node < 0) {
+                       if (signature_node != -FDT_ERR_NOSPACE) {
+                               fprintf(stderr, "Couldn't create signature node: %s\n",
+                                       fdt_strerror(signature_node));
+                       }
+                       return signature_node;
+               }
+       } else if (signature_node < 0) {
+               fprintf(stderr, "Cannot select keys signature_node: %s\n",
                        fdt_strerror(signature_node));
                return signature_node;
        }
 
-       key_node = fdt_add_subnode(fdt, signature_node, key_node_name);
-       if (key_node < 0) {
-               fprintf(stderr, "Could not create '%s' node: %s\n",
-                       key_node_name, fdt_strerror(key_node));
+       /* Either create or overwrite the named key node */
+       key_node = fdt_subnode_offset(fdt, signature_node, key_node_name);
+       if (key_node == -FDT_ERR_NOTFOUND) {
+               key_node = fdt_add_subnode(fdt, signature_node, key_node_name);
+               if (key_node < 0) {
+                       if (key_node != -FDT_ERR_NOSPACE) {
+                               fprintf(stderr, "Could not create key subnode: %s\n",
+                                       fdt_strerror(key_node));
+                       }
+                       return key_node;
+               }
+       } else if (key_node < 0) {
+               fprintf(stderr, "Cannot select keys key_node: %s\n",
+                       fdt_strerror(key_node));
                return key_node;
        }
 
@@ -326,8 +345,11 @@ int ecdsa_add_verify_data(struct image_sign_info *info, void *fdt)
 
        fdt_key_name = info->keyname ? info->keyname : "default-key";
        ret = prepare_ctx(&ctx, info);
-       if (ret >= 0)
+       if (ret >= 0) {
                ret = do_add(&ctx, fdt, fdt_key_name);
+               if (ret < 0)
+                       ret = ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
+       }
 
        free_ctx(&ctx);
        return ret;