Decrypt CMS message.
- Parameters
-
| cms | CMS message |
| image | Image to decrypt |
| name | Decrypted image name, or NULL to use default |
| private_key | Private key |
- Return values
-
Definition at line 1039 of file cms.c.
1040 {
1042 const unsigned int original_flags =
image->
flags;
1047 size_t final_len;
1048 size_t bulk_len;
1051
1052
1054 DBGC ( cms,
"CMS %p invalid length %zd\n", cms,
image->
len );
1056 goto err_blocksize;
1057 }
1058
1059
1061 goto err_cipher;
1062
1063
1065
1066
1068
1069
1073 }
1074
1075
1078 bulk_len = (
image->
len - final_len );
1080
1081
1083 final_len );
1084
1085
1089 DBGC ( cms,
"CMS %p invalid authentication tag\n", cms );
1092 goto err_auth;
1093 }
1094
1095
1098 goto err_pad;
1099 }
1100
1101
1102
1103
1104
1107 goto err_set_name;
1108 } else {
1110 }
1111
1112
1113
1114
1115
1116
1119
1120
1125 }
1126
1127 return 0;
1128
1129 err_set_name:
1130 err_pad:
1131 err_auth:
1132
1133
1134
1135
1136
1141 }
1143 err_cipher:
1144 err_blocksize:
1146}
struct golan_eq_context ctx
static int cms_cipher(struct cms_message *cms, struct private_key *private_key, void *ctx)
Initialise cipher for CMS decryption.
static int cms_verify_padding(struct cms_message *cms, const void *data, size_t len)
Check CMS padding.
char * image_strip_suffix(struct image *image)
Strip dot suffix from image name, if present.
void unregister_image(struct image *image)
Unregister executable image.
int register_image(struct image *image)
Register executable image.
int image_set_name(struct image *image, const char *name)
Set image name.
static struct image * image_get(struct image *image)
Increment reference count on an image.
#define IMAGE_REGISTERED
Image is registered.
static void image_put(struct image *image)
Decrement reference count on an image.
static int is_block_cipher(struct cipher_algorithm *cipher)
#define cipher_decrypt(cipher, ctx, src, dst, len)
#define cipher_encrypt(cipher, ctx, src, dst, len)
static void cipher_auth(struct cipher_algorithm *cipher, void *ctx, void *auth)
void * memcpy(void *dest, const void *src, size_t len) __nonnull
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
const void * data
Start of data.
size_t len
Length of data.
void(* auth)(void *ctx, void *auth)
Generate authentication tag.
size_t blocksize
Block size.
size_t ctxsize
Context size.
size_t authsize
Authentication tag size.
struct asn1_cursor mac
Cipher authentication tag.
struct image_type * type
Image type, if known.
void * rwdata
Writable data.
References cipher_algorithm::auth, cipher_algorithm::authsize, cipher_algorithm::blocksize, cms_message::cipher, cipher_auth(), cipher_decrypt, cipher_encrypt, cms_cipher(), cms_verify_padding(), ctx, cipher_algorithm::ctxsize, asn1_cursor::data, image::data, DBGC, DBGC_HDA, EACCES_LEN, EACCES_MAC, image::flags, image_get(), image_put(), IMAGE_REGISTERED, image_set_name(), image_strip_suffix(), image_untrust(), is_block_cipher(), asn1_cursor::len, image::len, cms_message::mac, memcmp(), memcpy(), name, NULL, pad_len, rc, register_image(), image::rwdata, image::type, and unregister_image().
Referenced by cms_decrypt_okx(), and imgdecrypt().