recovery init: check the update package before setting a key and/or formatting

The recovery init checks if the configured update package exists and it is valid
before setting a new key and/or formatting the rootfs partition.

This change avoids getting non-booting devices after performing a firmware
update with a non-existing or invalid update package.

https://jira.digi.com/browse/DEL-3959

Signed-off-by: Tatiana Leon <tatiana.leon@digi.com>

meta-digi-dey/recipes-core/recovery/recovery-initramfs/recovery-initramfs-init

@@ -254,13 +254,17 @@ format_emmc_block() {
 #
 # Get absolute path of update package searching in local media
 #
-# @param ${1}  - SWU package name
+# @param ${1}  - SWU package
 #------------------------------------------------------------------------------
 swu_package_path() {
+	# Check whether the package is local and get the absolute path.
+	if echo "${1}" | grep -qs '^file://'; then
+		local pkg_name="$(basename ${1})"
+
 		for i in ${UPDATE_MOUNT_DIR} $(echo ${USB_MOUNT_DIR}/*); do
 			echo $i | grep -qs "${USB_MOUNT_DIR}/\*" && continue
-		if [ -f "${i}/${1}" ]; then
-			swu_abspath="${i}/${1}"
+			if [ -f "${i}/${pkg_name}" ]; then
+				swu_abspath="${i}/${pkg_name}"
 				break
 			fi
 		done
@@ -268,7 +272,38 @@ swu_package_path() {
 		if [ -n "${swu_abspath}" ]; then
 			echo "${swu_abspath}"
 		else
-		quit_with_error "Unable to find update package '${1}'"
+			quit_with_error "Unable to find update package '${pkg_name}'"
+		fi
+	else
+		echo "${1}"
+	fi
+}
+
+#------------------------------------------------------------------------------
+# Function - check_swu_package
+#
+# Check if the update package is a valid one and get its absolute path
+#
+# @param ${1}  - SWU package
+#------------------------------------------------------------------------------
+check_swu_package() {
+	log "Checking update package '$(basename ${1})'"
+
+	if [ -z "${1}" ]; then
+		quit_with_error "Firmware update package not specified"
+	fi
+
+	update_package="$(swu_package_path ${1})"
+
+	# Check software update package.
+	if [ -f "${PUBLIC_KEY}" ]; then
+		swupdate -c -i "${update_package}" -k "${PUBLIC_KEY}"
+	else
+		swupdate -c -i "${update_package}"
+	fi
+
+	if [ "$?" != "0" ]; then
+		quit_with_error "Invalid update package '$(basename ${1})'"
 	fi
 }
 
@@ -395,11 +430,17 @@ for arg in ${COMMAND}; do
 	esac
 done
 
+# Sanity checks.
+if [ -n "${update_package_bool}" ]; then
+	check_swu_package "${update_package}"
+fi
+
 # Check if encryption key command is configured.
 if [ -n "${encryption_key_bool}" ]; then
 	log "Trustfence encryption key setup requested (new key: ${encryption_key:-random})"
 	psplash_message "Configuring new encryption key..."
 	psplash_progress "0"
+
 	trustfence-tool "--newkey${encryption_key:+=${encryption_key}}"
 	if [ "$?" = "0" ]; then
 		psplash_progress "10"
@@ -425,9 +466,7 @@ if [ -n "${update_package_bool}" ]; then
 	log "Firmware update requested"
 	psplash_message "Updating firmware..."
 	psplash_progress "0"
-	if [ -z "${update_package}" ]; then
-		quit_with_error "Firmware update package not specified"
-	else
+
 	# Format the UBI volume before updating.
 	if [ "$(is_nand)" = "yes" ]; then
 		psplash_message "Formatting rootfs partition..."
@@ -435,11 +474,6 @@ if [ -n "${update_package_bool}" ]; then
 		psplash_progress "0"
 	fi
 
-		# Check whether the package is local and get the absolute path
-		if echo "${update_package}" | grep -qs '^file://'; then
-			update_package="$(swu_package_path $(basename ${update_package}))"
-		fi
-
 	log "Update package location: ${update_package}"
 	# Execute the progress binary.
 	progress -wp &
@@ -455,7 +489,6 @@ if [ -n "${update_package_bool}" ]; then
 		quit_with_error "Error executing the firmware update"
 	fi
 fi
-fi
 
 # Check if wipe update patition command is configured.
 if [ -n "${wipe_update_bool}" ]; then