#define FIT_IMAGES_PATH "/images"
#define FIT_CONFS_PATH "/configurations"
-/* hash/signature node */
+/* hash/signature/key node */
#define FIT_HASH_NODENAME "hash"
#define FIT_ALGO_PROP "algo"
#define FIT_VALUE_PROP "value"
#define FIT_IGNORE_PROP "uboot-ignore"
#define FIT_SIG_NODENAME "signature"
+#define FIT_KEY_REQUIRED "required"
+#define FIT_KEY_HINT "key-name-hint"
/* cipher node */
#define FIT_CIPHER_NODENAME "cipher"
int fit_check_format(const void *fit);
int fit_conf_find_compat(const void *fit, const void *fdt);
+
+/**
+ * fit_conf_get_node - get node offset for configuration of a given unit name
+ * @fit: pointer to the FIT format image header
+ * @conf_uname: configuration node unit name (NULL to use default)
+ *
+ * fit_conf_get_node() finds a configuration (within the '/configurations'
+ * parent node) of a provided unit name. If configuration is found its node
+ * offset is returned to the caller.
+ *
+ * When NULL is provided in second argument fit_conf_get_node() will search
+ * for a default configuration node instead. Default configuration node unit
+ * name is retrieved from FIT_DEFAULT_PROP property of the '/configurations'
+ * node.
+ *
+ * returns:
+ * configuration node offset when found (>=0)
+ * negative number on failure (FDT_ERR_* code)
+ */
int fit_conf_get_node(const void *fit, const char *conf_uname);
+
int fit_conf_get_prop_node_count(const void *fit, int noffset,
const char *prop_name);
int fit_conf_get_prop_node_index(const void *fit, int noffset,
int required_keynode; /* Node offset of key to use: -1=any */
const char *require_keys; /* Value for 'required' property */
const char *engine_id; /* Engine to use for signing */
+ /*
+ * Note: the following two fields are always valid even w/o
+ * RSA_VERIFY_WITH_PKEY in order to make sure this structure is
+ * the same on target and host. Otherwise, vboot test may fail.
+ */
+ const void *key; /* Pointer to public key in DER */
+ int keylen; /* Length of public key */
};
/* A part of an image, used for hashing */