treewide: validate unified uImage.FIT images before flashing

Prevent flashing truncated or otherwise corrupted uImage.FIT images
by verifying checksums and hashes of all sub-images before flashing
using the newly packaged fit_check_sign tool.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

package/utils/fitblk/Makefile

@@ -16,6 +16,7 @@ define Package/fitblk
   SECTION:=base
   CATEGORY:=Base system
   TITLE:=fitblk firmware release tool
+  DEPENDS:=+fit-check-sign
 endef
 
 define Package/fitblk/description

package/utils/fitblk/files/fit.sh

@@ -61,3 +61,13 @@ fit_do_upgrade() {
 		;;
 	esac
 }
+
+fit_check_image() {
+	local magic="$(get_magic_long "$1")"
+	[ "$magic" != "d00dfeed" ] && {
+		echo "Invalid image type."
+		return 74
+	}
+
+	fit_check_sign -f "$1" >/dev/null || return 74
+}