Verify image using downloaded signature.
- Parameters
-
image | Image to verify |
signature | Image containing signature |
name | Required common name, or NULL to allow any name |
- Return values
-
Definition at line 51 of file imgtrust.c.
82 goto err_create_validator;
84 goto err_validator_wait;
105 err_create_validator:
struct arbelprm_rc_send_wqe rc
userptr_t data
Raw file image.
uint32_t next
Next descriptor address.
int monojob_wait(const char *string, unsigned long timeout)
Wait for single foreground job to complete.
static void cms_put(struct cms_signature *sig)
Drop reference to CMS signature.
int image_asn1(struct image *image, size_t offset, struct asn1_cursor **cursor)
Extract ASN.1 object from image.
#define LOG_ERR
Error: error conditions.
int create_validator(struct interface *job, struct x509_chain *chain, struct x509_root *root)
Instantiate a certificate validator.
#define list_for_each_entry(pos, head, member)
Iterate over entries in a list.
static void image_untrust(struct image *image)
Set image as untrusted.
char * strerror(int errno)
Retrieve string representation of error number.
static void(* free)(struct refcnt *refcnt))
size_t len
Length of raw file image.
struct list_head list
List of signer information blocks.
#define syslog(priority, fmt,...)
Write message to system log.
int cms_verify(struct cms_signature *sig, userptr_t data, size_t len, const char *name, time_t time, struct x509_chain *store, struct x509_root *root)
Verify CMS signature.
uint8_t data[48]
Additional event data.
static void image_trust(struct image *image)
Set image as trusted.
int64_t time_t
Seconds since the Epoch.
uint64_t time
Current time.
#define NULL
NULL pointer (VOID *)
#define LOG_NOTICE
Notice: normal but significant conditions.
References cms_put(), cms_verify(), create_validator(), data, image::data, free, image_asn1(), image_trust(), image_untrust(), info, image::len, cms_signer_info::list, list_for_each_entry, LOG_ERR, LOG_NOTICE, monojob, monojob_wait(), image::name, name, next, NULL, rc, sig, signature, strerror(), syslog, and time.
Referenced by imgverify_exec().