bootutil: Fix bootutil_find_key return value The return value of bootutil_find_key is used as the key_id in the bootutil_img_validate function, and negative key_id value used in case of errors. If MCUBOOT_HW_KEY is set, than the key hash is read by boot_retrieve_public_key_hash function, but the exceptation is only to return nonzero on failure, so its error code should not be propagated up to the caller. Instead, bootutil_find_key should return -1 in case of a platform error. Change-Id: I8e2bd12a5cf53787e10ae45c2ab556e8a856692d Signed-off-by: Mark Horvath <mark.horvath@arm.com>

commit: 7ebf0e8277e8e7745a336d46b3e76f3bbf9ce0a2 [log] [tgz]
author: Mark Horvath <mark.horvath@arm.com> Fri Feb 19 09:55:35 2021 +0100
committer: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no> Fri Nov 25 17:54:03 2022 +0100
tree: 5f70b9d8cfce78ff84486ad0688a4ba1f8f26b85
parent: 82ee5d0bb9ac68c14033b102705904ee9991ee3d [diff] [blame]
diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
index e8a3cc2..fd4f4ce 100644
--- a/boot/bootutil/src/image_validate.c
+++ b/boot/bootutil/src/image_validate.c

@@ -247,7 +247,7 @@
 
     rc = boot_retrieve_public_key_hash(image_index, key_hash, &key_hash_size);
     if (rc) {
-        return rc;
+        return -1;
     }
 
     /* Adding hardening to avoid this potential attack:
commit	7ebf0e8277e8e7745a336d46b3e76f3bbf9ce0a2	[log] [tgz]
author	Mark Horvath <mark.horvath@arm.com>	Fri Feb 19 09:55:35 2021 +0100
committer	Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>	Fri Nov 25 17:54:03 2022 +0100
tree	5f70b9d8cfce78ff84486ad0688a4ba1f8f26b85
parent	82ee5d0bb9ac68c14033b102705904ee9991ee3d [diff] [blame]