iPXE
Functions
imgtrust.c File Reference

Image trust management. More...

#include <stdlib.h>
#include <errno.h>
#include <time.h>
#include <syslog.h>
#include <ipxe/uaccess.h>
#include <ipxe/image.h>
#include <ipxe/cms.h>
#include <ipxe/validator.h>
#include <ipxe/monojob.h>
#include <usr/imgtrust.h>

Go to the source code of this file.

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
int imgverify (struct image *image, struct image *signature, const char *name)
 Verify image using downloaded signature.

Detailed Description

Image trust management.

Definition in file imgtrust.c.

Function Documentation

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL  )
int imgverify ( struct image image,
struct image signature,
const char *  name 
)

Verify image using downloaded signature.

Parameters:
imageImage to verify
signatureImage containing signature
nameRequired common name, or NULL to allow any name
Return values:
rcReturn status code

Definition at line 51 of file imgtrust.c.

References cms_signer_info::chain, cms_put(), cms_verify(), create_validator(), asn1_cursor::data, image::data, data, free, image_asn1(), image_trust(), image_untrust(), cms_signature::info, info, asn1_cursor::len, image::len, cms_signer_info::list, list_for_each_entry, LOG_ERR, LOG_NOTICE, monojob, monojob_wait(), image::name, next, NULL, rc, sig, strerror(), syslog, and time.

Referenced by imgverify_exec().

                                   {
        struct asn1_cursor *data;
        struct cms_signature *sig;
        struct cms_signer_info *info;
        time_t now;
        int next;
        int rc;

        /* Mark image as untrusted */
        image_untrust ( image );

        /* Get raw signature data */
        next = image_asn1 ( signature, 0, &data );
        if ( next < 0 ) {
                rc = next;
                goto err_asn1;
        }

        /* Parse signature */
        if ( ( rc = cms_signature ( data->data, data->len, &sig ) ) != 0 )
                goto err_parse;

        /* Free raw signature data */
        free ( data );
        data = NULL;

        /* Complete all certificate chains */
        list_for_each_entry ( info, &sig->info, list ) {
                if ( ( rc = create_validator ( &monojob, info->chain ) ) != 0 )
                        goto err_create_validator;
                if ( ( rc = monojob_wait ( NULL, 0 ) ) != 0 )
                        goto err_validator_wait;
        }

        /* Use signature to verify image */
        now = time ( NULL );
        if ( ( rc = cms_verify ( sig, image->data, image->len,
                                 name, now, NULL, NULL ) ) != 0 )
                goto err_verify;

        /* Drop reference to signature */
        cms_put ( sig );
        sig = NULL;

        /* Mark image as trusted */
        image_trust ( image );
        syslog ( LOG_NOTICE, "Image \"%s\" signature OK\n", image->name );

        return 0;

 err_verify:
 err_validator_wait:
 err_create_validator:
        cms_put ( sig );
 err_parse:
        free ( data );
 err_asn1:
        syslog ( LOG_ERR, "Image \"%s\" signature bad: %s\n",
                 image->name, strerror ( rc ) );
        return rc;
}
Generated on Sat Feb 16 2019 13:01:22 for iPXE by   doxygen 1.7.6.1