imgcrypt_8c_source.html

 /*
  * Copyright (C) 2024 Michael Brown <mbrown@fensystems.co.uk>.
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License as
  * published by the Free Software Foundation; either version 2 of the
  * License, or any later version.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  * 02110-1301, USA.
  *
  * You can also choose to distribute this program under the terms of
  * the Unmodified Binary Distribution Licence (as given in the file
  * COPYING.UBDL), provided that you have satisfied its requirements.
  */

 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

 #include <string.h>
 #include <syslog.h>
 #include <ipxe/image.h>
 #include <ipxe/cms.h>
 #include <ipxe/privkey.h>
 #include <usr/imgcrypt.h>

 /** @file
  *
  * Image encryption management
  *
  */

 /**
  * Decrypt image using downloaded envelope
  *
  * @v image             Image to decrypt
  * @v envelope          Image containing decryption key
  * @v name              Decrypted image name (or NULL to use default)
  * @ret rc              Return status code
  */
 int imgdecrypt ( struct image *image, struct image *envelope,
                  const char *name ) {
         struct cms_message *cms;
         int rc;

         /* Parse envelope */
         if ( ( rc = cms_message ( envelope, &cms ) ) != 0 )
                 goto err_parse;

         /* Decrypt image */
         if ( ( rc = cms_decrypt ( cms, image, name, &private_key ) ) != 0 )
                 goto err_decrypt;

         /* Drop reference to message */
         cms_put ( cms );
         cms = NULL;

         /* Record decryption */
         syslog ( LOG_NOTICE, "Image \"%s\" decrypted OK\n", image->name );

         return 0;

  err_decrypt:
         cms_put ( cms );
  err_parse:
         syslog ( LOG_ERR, "Image \"%s\" decryption failed: %s\n",
                  image->name, strerror ( rc ) );
         return rc;
 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14

name
const char * name
Definition: ath9k_hw.c:1984

image
An executable image.
Definition: image.h:24

LOG_ERR
#define LOG_ERR
Error: error conditions.
Definition: syslog.h:35

cms_message
A CMS message.
Definition: cms.h:55

privkey.h
Private key.

image.h
Executable images.

imgdecrypt
int imgdecrypt(struct image *image, struct image *envelope, const char *name)
Decrypt image using downloaded envelope.
Definition: imgcrypt.c:47

syslog.h
System logger.

strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78

FILE_LICENCE
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)

cms_put
static void cms_put(struct cms_message *cms)
Drop reference to CMS message.
Definition: cms.h:94

cms_decrypt
int cms_decrypt(struct cms_message *cms, struct image *image, const char *name, struct private_key *private_key)
Decrypt CMS message.
Definition: cms.c:1059

syslog
#define syslog(priority, fmt,...)
Write message to system log.
Definition: syslog.h:93

private_key
A private key.
Definition: privkey.h:16

imgcrypt.h
Image encryption management.

cms.h
Cryptographic Message Syntax (PKCS #7)

image::name
char * name
Name.
Definition: image.h:34

NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321

string.h
String functions.

LOG_NOTICE
#define LOG_NOTICE
Notice: normal but significant conditions.
Definition: syslog.h:41