diff options
Diffstat (limited to 'futility/file_type_rwsig.c')
-rw-r--r-- | futility/file_type_rwsig.c | 72 |
1 files changed, 47 insertions, 25 deletions
diff --git a/futility/file_type_rwsig.c b/futility/file_type_rwsig.c index a09782ce..b595e250 100644 --- a/futility/file_type_rwsig.c +++ b/futility/file_type_rwsig.c @@ -58,7 +58,7 @@ static void show_sig(const char *name, const struct vb21_signature *sig) sig->data_size); } -int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) +int ft_show_rwsig(const char *name, void *nuthin) { const struct vb21_signature *sig = 0; const struct vb21_packed_key *pkey = show_option.pkey; @@ -71,6 +71,15 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) uint8_t *data; FmapHeader *fmap; int i; + int fd = -1; + uint8_t *buf; + uint32_t len; + int rv; + + if (futil_open_and_map_file(name, &fd, FILE_RO, &buf, &len)) + return 1; + + rv = 1; VB2_DEBUG("name %s len 0x%08x (%d)\n", name, len, len); @@ -81,7 +90,8 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) show_sig(name, sig); if (!show_option.fv) { printf("No data available to verify\n"); - return show_option.strict; + rv = show_option.strict; + goto done; } data = show_option.fv; data_size = show_option.fv_size; @@ -99,15 +109,15 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) fmap_find_by_name(buf, len, fmap, "KEY_RO", 0); if (pkey) - ft_show_vb21_pubkey(name, (uint8_t *)pkey, - pkey->c.total_size, NULL); + show_vb21_pubkey_buf(name, (uint8_t *)pkey, + pkey->c.total_size, NULL); } sig = (const struct vb21_signature *) fmap_find_by_name(buf, len, fmap, "SIG_RW", &fmaparea); if (!sig) { VB2_DEBUG("No SIG_RW in FMAP.\n"); - return 1; + goto done; } sig_size = fmaparea->area_size; @@ -116,7 +126,7 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) (uint8_t*)sig - buf, sig_size); if (VB2_SUCCESS != vb21_verify_signature(sig, sig_size)) - return 1; + goto done; show_sig(name, sig); data = fmap_find_by_name(buf, len, fmap, "EC_RW", &fmaparea); @@ -129,7 +139,7 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) if (!data) { VB2_DEBUG("No EC_RW in FMAP.\n"); - return 1; + goto done; } } else { /* Or maybe this is just the RW portion, that does not @@ -141,7 +151,7 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) if (len < sig_size) { VB2_DEBUG("File is too small\n"); - return 1; + goto done; } sig = (const struct vb21_signature *)(buf + len - sig_size); @@ -151,13 +161,14 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) data_size = sig->data_size; total_data_size = len - sig_size; } else { - return 1; + goto done; } } if (!pkey) { printf("No public key available to verify with\n"); - return show_option.strict; + rv = show_option.strict; + goto done; } /* We already did this once, so it should work again */ @@ -165,12 +176,12 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) (const uint8_t *)pkey, pkey->c.total_size)) { VB2_DEBUG("Can't unpack pubkey\n"); - return 1; + goto done; } if (data_size > total_data_size) { VB2_DEBUG("Invalid signature data_size: bigger than total area size.\n"); - return 1; + goto done; } /* The sig is destroyed by the verify operation, so make a copy */ @@ -185,7 +196,7 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) (const struct vb2_public_key *)&key, &wb)) { fprintf(stderr, "Signature verification failed\n"); - return 1; + goto done; } } @@ -193,33 +204,46 @@ int ft_show_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) for (i = data_size; i < total_data_size; i++) { if (data[i] != 0xff) { fprintf(stderr, "Padding verification failed\n"); - return 1; + goto done; } } printf("Signature verification succeeded.\n"); - return 0; + rv = 0; +done: + futil_unmap_and_close_file(fd, FILE_RO, buf, len); + return rv; } -int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) +int ft_sign_rwsig(const char *name, void *nuthin) { struct vb21_signature *tmp_sig = 0; struct vb2_public_key *pubkey = 0; struct vb21_packed_key *packedkey = 0; uint8_t *keyb_data = 0; uint32_t keyb_size; - uint8_t* data = buf; /* data to be signed */ - uint32_t r, data_size = len, sig_size = SIGNATURE_RSVD_SIZE; + uint8_t *data; /* data to be signed */ + uint32_t r, data_size, sig_size = SIGNATURE_RSVD_SIZE; int retval = 1; FmapHeader *fmap = NULL; FmapAreaHeader *fmaparea; struct vb21_signature *old_sig = 0; + uint8_t *buf = NULL; + uint32_t len; + int fd = -1; + + if (futil_open_and_map_file(name, &fd, FILE_MODE_SIGN(sign_option), + &buf, &len)) + return 1; + + data = buf; + data_size = len; VB2_DEBUG("name %s len 0x%08x (%d)\n", name, len, len); /* If we don't have a distinct OUTFILE, look for an existing sig */ if (sign_option.inout_file_count < 2) { - fmap = fmap_find(buf, len); + fmap = fmap_find(data, len); if (fmap) { /* This looks like a full image. */ @@ -395,14 +419,12 @@ int ft_sign_rwsig(const char *name, uint8_t *buf, uint32_t len, void *nuthin) /* Finally */ retval = 0; done: - if (tmp_sig) - free(tmp_sig); + futil_unmap_and_close_file(fd, FILE_MODE_SIGN(sign_option), buf, len); + free(tmp_sig); if (pubkey) vb2_public_key_free(pubkey); - if (packedkey) - free(packedkey); - if (keyb_data) - free(keyb_data); + free(packedkey); + free(keyb_data); return retval; } |