You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by cc...@apache.org on 2020/01/06 19:01:29 UTC
[mynewt-artifact] branch master updated: image: Try ALL enc keys
when verifying hash
This is an automated email from the ASF dual-hosted git repository.
ccollins pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-artifact.git
The following commit(s) were added to refs/heads/master by this push:
new 17f5c27 image: Try ALL enc keys when verifying hash
17f5c27 is described below
commit 17f5c27a372b00fc54a5c4c132a4ba6661524236
Author: Christopher Collins <cc...@apache.org>
AuthorDate: Thu Jan 2 10:01:39 2020 -0800
image: Try ALL enc keys when verifying hash
Before this commit, the image verification procedure would fail early if
decryption failed. The procedure is supposed to try all the keys and
report success if any of them works.
---
image/verify.go | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/image/verify.go b/image/verify.go
index 49d1a1d..7096621 100644
--- a/image/verify.go
+++ b/image/verify.go
@@ -123,12 +123,12 @@ func (img *Image) VerifyHash(privEncKeys []sec.PrivEncKey) (int, error) {
for i, key := range privEncKeys {
dec, err := Decrypt(*img, key)
if err != nil {
- return -1, err
- }
-
- hashErr = dec.verifyHashDecrypted()
- if hashErr == nil {
- return i, nil
+ hashErr = err
+ } else {
+ hashErr = dec.verifyHashDecrypted()
+ if hashErr == nil {
+ return i, nil
+ }
}
}