Select the key for signature verification based on the board ID
Change-Id: I0a6f2270d157acf225a0f5cf64a72c781dfa2554
diff --git a/arch/arm/lib/bootb.c b/arch/arm/lib/bootb.c
index 66ba42c..34f10b2 100644
--- a/arch/arm/lib/bootb.c
+++ b/arch/arm/lib/bootb.c
@@ -1,5 +1,4 @@
#include <boot.h>
-#include <c2k_otp.h>
#include <common.h>
#include <command.h>
#include <init.h>
@@ -134,6 +133,7 @@
const struct rsa_public_key *public_key = NULL;
u8 *sig, hash[20];
u32 image_len, sig_offset;
+ int board_id;
image_len = _get_le_uint32(image_ptr);
if (image_len > max_image_len) {
@@ -154,7 +154,8 @@
image_ptr += sig_offset;
sig = image_ptr;
- if (rsa_get_public_key(OPTIMUS_BOARD_ID, &public_key) != 0) {
+ board_id = get_board_id();
+ if (rsa_get_public_key(board_id, &public_key) != 0) {
printf("ERROR: could not verify barebox image (no public key)\n");
return -1;
}
diff --git a/commands/bootm.c b/commands/bootm.c
index eb48bba..c193819 100644
--- a/commands/bootm.c
+++ b/commands/bootm.c
@@ -214,6 +214,7 @@
uint32_t total_image_len, sig_offset, verity_table_len;
uint8_t sb_header[SB_HEADER_LEN], verity_info[SB_INFO_LEN], *verity_table;
uint8_t hash[SHA1_SUM_LEN], sig[SB_SIG_LEN];
+ int board_id;
fd = open(filename, O_RDONLY);
if (fd < 0) {
@@ -230,6 +231,8 @@
goto err_out;
}
+ board_id = get_board_id();
+
if (!legacy_format) {
if (secure_boot) {
puts (" Authenticating Image ... ");
@@ -331,7 +334,7 @@
goto err_out;
}
- if (rsa_get_public_key(OPTIMUS_BOARD_ID, &public_key) != 0) {
+ if (rsa_get_public_key(board_id, &public_key) != 0) {
printf("Could not get public key!\n");
goto err_out;
}
