mkimage: fit: include image cipher in configuration signature

This patch addresses issue #2 for signed configurations.

-----8<-----

Including the image cipher properties in the configuration signature
prevents an attacker from modifying cipher, key or iv properties.

Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>

diff --git a/tools/image-host.c b/tools/image-host.c
index e5417be..3d52593 100644 (file)
--- a/tools/image-host.c
+++ b/tools/image-host.c
@@ -744,6 +744,23 @@ static int fit_config_get_hash_list(void *fit, int conf_noffset,
                        return -ENOMSG;
                }
 
+               /* Add this image's cipher node if present */
+               noffset = fdt_subnode_offset(fit, image_noffset,
+                                            FIT_CIPHER_NODENAME);
+               if (noffset != -FDT_ERR_NOTFOUND) {
+                       if (noffset < 0) {
+                               printf("Failed to get cipher node in configuration '%s/%s' image '%s': %s\n",
+                                      conf_name, sig_name, iname,
+                                      fdt_strerror(noffset));
+                               return -EIO;
+                       }
+                       ret = fdt_get_path(fit, noffset, path, sizeof(path));
+                       if (ret < 0)
+                               goto err_path;
+                       if (strlist_add(node_inc, path))
+                               goto err_mem;
+               }
+
                image_count++;
        }