iPXE
|
Image trust management. More...
#include <stdlib.h>
#include <errno.h>
#include <time.h>
#include <syslog.h>
#include <ipxe/uaccess.h>
#include <ipxe/image.h>
#include <ipxe/cms.h>
#include <ipxe/validator.h>
#include <ipxe/monojob.h>
#include <usr/imgtrust.h>
Go to the source code of this file.
Functions | |
FILE_LICENCE (GPL2_OR_LATER_OR_UBDL) | |
int | imgverify (struct image *image, struct image *signature, const char *name) |
Verify image using downloaded signature. |
Image trust management.
Definition in file imgtrust.c.
FILE_LICENCE | ( | GPL2_OR_LATER_OR_UBDL | ) |
Verify image using downloaded signature.
image | Image to verify |
signature | Image containing signature |
name | Required common name, or NULL to allow any name |
rc | Return status code |
Definition at line 51 of file imgtrust.c.
References cms_signer_info::chain, cms_put(), cms_verify(), create_validator(), asn1_cursor::data, image::data, data, free, image_asn1(), image_trust(), image_untrust(), cms_signature::info, info, asn1_cursor::len, image::len, cms_signer_info::list, list_for_each_entry, LOG_ERR, LOG_NOTICE, monojob, monojob_wait(), image::name, next, NULL, rc, sig, strerror(), syslog, and time.
Referenced by imgverify_exec().
{ struct asn1_cursor *data; struct cms_signature *sig; struct cms_signer_info *info; time_t now; int next; int rc; /* Mark image as untrusted */ image_untrust ( image ); /* Get raw signature data */ next = image_asn1 ( signature, 0, &data ); if ( next < 0 ) { rc = next; goto err_asn1; } /* Parse signature */ if ( ( rc = cms_signature ( data->data, data->len, &sig ) ) != 0 ) goto err_parse; /* Free raw signature data */ free ( data ); data = NULL; /* Complete all certificate chains */ list_for_each_entry ( info, &sig->info, list ) { if ( ( rc = create_validator ( &monojob, info->chain ) ) != 0 ) goto err_create_validator; if ( ( rc = monojob_wait ( NULL, 0 ) ) != 0 ) goto err_validator_wait; } /* Use signature to verify image */ now = time ( NULL ); if ( ( rc = cms_verify ( sig, image->data, image->len, name, now, NULL, NULL ) ) != 0 ) goto err_verify; /* Drop reference to signature */ cms_put ( sig ); sig = NULL; /* Mark image as trusted */ image_trust ( image ); syslog ( LOG_NOTICE, "Image \"%s\" signature OK\n", image->name ); return 0; err_verify: err_validator_wait: err_create_validator: cms_put ( sig ); err_parse: free ( data ); err_asn1: syslog ( LOG_ERR, "Image \"%s\" signature bad: %s\n", image->name, strerror ( rc ) ); return rc; }