Currently we fail silently if there is an algorithm mismatch. To help distinguish this failure condition.
Signed-off-by: Sean Anderson <[email protected]> --- lib/rsa/rsa-verify.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index e34d3293d1..aee76f42d5 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -447,8 +447,11 @@ static int rsa_verify_with_keynode(struct image_sign_info *info, } algo = fdt_getprop(blob, node, "algo", NULL); - if (strcmp(info->name, algo)) + if (strcmp(info->name, algo)) { + debug("%s: Wrong algo: have %s, expected %s", __func__, + info->name, algo); return -EFAULT; + } prop.num_bits = fdtdec_get_int(blob, node, "rsa,num-bits", 0); -- 2.25.1
