Changeset View
Changeset View
Standalone View
Standalone View
lib/libsecureboot/vesigned.c
- This file was added.
Property | Old Value | New Value |
---|---|---|
svn:eol-style | null | native \ No newline at end of property |
svn:keywords | null | FreeBSD=%H \ No newline at end of property |
svn:mime-type | null | text/plain \ No newline at end of property |
/*- | |||||
* Copyright (c) 2018, Juniper Networks, Inc. | |||||
* | |||||
* Redistribution and use in source and binary forms, with or without | |||||
* modification, are permitted provided that the following conditions | |||||
* are met: | |||||
* 1. Redistributions of source code must retain the above copyright | |||||
* notice, this list of conditions and the following disclaimer. | |||||
* 2. Redistributions in binary form must reproduce the above copyright | |||||
* notice, this list of conditions and the following disclaimer in the | |||||
* documentation and/or other materials provided with the distribution. | |||||
* | |||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |||||
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |||||
*/ | |||||
#include <sys/cdefs.h> | |||||
__FBSDID("$FreeBSD$"); | |||||
#include <libsecureboot.h> | |||||
#include <vse.h> | |||||
/** | |||||
* @brief | |||||
* verify signed file | |||||
* | |||||
* We look for a signature using the extensions | |||||
* recorded in signature_exts. | |||||
* If we find a match we pass it to a suitable verify method. | |||||
* | |||||
* @return content of verified file or NULL on error. | |||||
*/ | |||||
unsigned char * | |||||
verify_signed(const char *filename, int flags) | |||||
{ | |||||
struct stat st; | |||||
char buf[MAXPATHLEN]; | |||||
const char **se; | |||||
for (se = signature_exts; *se; se++) { | |||||
snprintf(buf, sizeof(buf), "%s.%s", filename, *se); | |||||
if (stat(buf, &st) < 0 || !S_ISREG(st.st_mode)) | |||||
continue; | |||||
DEBUG_PRINTF(5, ("verify_signed: %s\n", buf)); | |||||
#ifdef VE_OPENPGP_SUPPORT | |||||
if (strncmp(*se, "asc", 3) == 0) | |||||
return (verify_asc(buf, flags)); | |||||
#endif | |||||
return (verify_sig(buf, flags)); | |||||
} | |||||
return (NULL); | |||||
} |