image-fit-sig: skip in tools build if key is missing

Skip signature verification in case no public key was given in order to
allow using fit_check_sign also to validate uImage.FIT images without
signatures. Guarded by USE_HOSTCC macro the behavior on target is
unchanged.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

diff --git a/boot/image-fit-sig.c b/boot/image-fit-sig.c
index a121de6..f23e9d5 100644 (file)
--- a/boot/image-fit-sig.c
+++ b/boot/image-fit-sig.c
@@ -191,6 +191,11 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
        int noffset;
        int key_node;
 
+#ifdef USE_HOSTCC
+       if (!key_blob)
+               return 0;
+#endif
+
        /* Work out what we need to verify */
        *no_sigsp = 1;
        key_node = fdt_subnode_offset(key_blob, 0, FIT_SIG_NODENAME);
@@ -477,6 +482,11 @@ static int fit_config_verify_required_keys(const void *fit, int conf_noffset,
        bool reqd_policy_all = true;
        const char *reqd_mode;
 
+#ifdef USE_HOSTCC
+       if (!key_blob)
+               return 0;
+#endif
+
        /*
         * We don't support this since libfdt considers names with the
         * name root but different @ suffix to be equal