From d46373c14f91f281057ab95cc38fd374f4acc780 Mon Sep 17 00:00:00 2001
From: Joseph Chen <chenjh@rock-chips.com>
Date: Tue, 31 Mar 2020 15:41:59 +0800
Subject: [PATCH] lib: rsa: generate data to be signed

Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: I125f61051c9c9604903603ef06cd7f368b48f3d8
---
 lib/rsa/rsa-sign.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index c9b240e16c..bdfc2f1521 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -383,6 +383,30 @@ static void rsa_engine_remove(ENGINE *e)
 	}
 }
 
+/*
+ * With this data2sign.bin, we can provide it to who real holds the RAS-private
+ * key to sign current fit image. Then we replace the signature in fit image
+ * with a valid one.
+ */
+static void gen_data2sign(const struct image_region region[], int region_count)
+{
+	char *file = "data2sign.bin";
+	FILE *fd;
+	int i;
+
+	fd = fopen(file, "wb");
+	if (!fd) {
+		fprintf(stderr, "Failed to create %s: %s\n",
+			file, strerror(errno));
+		return -ENOENT;
+	}
+
+	for (i = 0; i < region_count; i++)
+		fwrite(region[i].data, region[i].size, 1, fd);
+
+	fclose(fd);
+}
+
 static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo,
 		const struct image_region region[], int region_count,
 		uint8_t **sigp, uint *sig_size)
@@ -445,6 +469,8 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo,
 	*sigp = sig;
 	*sig_size = size;
 
+	gen_data2sign(region, region_count);
+
 	return 0;
 
 err_sign: