+ Simon On 10/6/21 10:47 AM, Angelo Dureghello wrote:
Fix final error message fromVerification failed for '<NULL>' hash node in 'conf@1' config node to Verification failed for 'signature@1' hash node in 'conf@1' config node Signed-off-by: Angelo Dureghello <angelo.dureghe...@timesys.com> --- common/image-fit-sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/image-fit-sig.c b/common/image-fit-sig.c index b979cd2a4b..4f2a6ef214 100644 --- a/common/image-fit-sig.c +++ b/common/image-fit-sig.c @@ -166,8 +166,8 @@ static int fit_image_verify_sig(const void *fit, int image_noffset, } else { puts("+ "); verified = 1; - break; } + break;
This would stop checking after the first signature- node. It seems counter-intuitive, as I would expect all signatures to be checked.
In my mind, the 'break;' clause should only happen when fit_image_check_sig() returns an error. I have no idea why it happened on success. Simon, any thoughts?
Alex
