vboot2: Split keyblock checking and signature validation
This is necessary for the next change, which adds keyblock hash checking.
Also clean up some other assorted comments, and move the diagnostic
check of root key to see if it's the checked-in one earlier in
firmware preamble validation so it's closer to where the root key is
No functional or higher-level API changes; just shuffling around code
under the covers.
TEST=make -j runtests
Signed-off-by: Randall Spangler <email@example.com>
Reviewed-by: Bill Richardson <firstname.lastname@example.org>
7 files changed