verdin-imx8mm: add nfsboot wrapper to env

[oweals/u-boot.git] / lib / rsa / rsa-sign.c

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index fb5e07b56d8a4d2e979fc2284190062830200f23..580c74470939c580f8181583df1d860c7afb8b56 100644 (file)
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -4,6 +4,7 @@
  */
 
 #include "mkimage.h"
+#include <malloc.h>
 #include <stdio.h>
 #include <string.h>
 #include <image.h>
@@ -141,6 +142,15 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
                        snprintf(key_id, sizeof(key_id),
                                 "pkcs11:object=%s;type=public",
                                 name);
+       } else if (engine_id) {
+               if (keydir)
+                       snprintf(key_id, sizeof(key_id),
+                                "%s%s",
+                                keydir, name);
+               else
+                       snprintf(key_id, sizeof(key_id),
+                                "%s",
+                                name);
        } else {
                fprintf(stderr, "Engine not supported\n");
                return -ENOTSUP;
@@ -252,6 +262,15 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
                        snprintf(key_id, sizeof(key_id),
                                 "pkcs11:object=%s;type=private",
                                 name);
+       } else if (engine_id) {
+               if (keydir)
+                       snprintf(key_id, sizeof(key_id),
+                                "%s%s",
+                                keydir, name);
+               else
+                       snprintf(key_id, sizeof(key_id),
+                                "%s",
+                                name);
        } else {
                fprintf(stderr, "Engine not supported\n");
                return -ENOTSUP;
@@ -773,8 +792,8 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
        }
 
        if (!ret) {
-               ret = fdt_setprop_string(keydest, node, "key-name-hint",
-                                info->keyname);
+               ret = fdt_setprop_string(keydest, node, FIT_KEY_HINT,
+                                        info->keyname);
        }
        if (!ret)
                ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits);
@@ -796,7 +815,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
                                         info->name);
        }
        if (!ret && info->require_keys) {
-               ret = fdt_setprop_string(keydest, node, "required",
+               ret = fdt_setprop_string(keydest, node, FIT_KEY_REQUIRED,
                                         info->require_keys);
        }
 done: