diff options
| author | Michael Brown <mcb30@ipxe.org> | 2012-03-22 13:46:38 +0000 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2012-03-25 00:11:43 +0000 |
| commit | d1465f7b0b4e3df4af1abf65462fe1d89e53a80a (patch) | |
| tree | 603e3d9c50ed2fc089cfb83353404e29f46c1dcc /src/usr/imgtrust.c | |
| parent | 1c127a696215bd75917c3ba836c2db11636b3ffb (diff) | |
| download | ipxe-d1465f7b0b4e3df4af1abf65462fe1d89e53a80a.tar.gz | |
[image] Add the "imgtrust" and "imgverify" commands
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/usr/imgtrust.c')
| -rw-r--r-- | src/usr/imgtrust.c | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/src/usr/imgtrust.c b/src/usr/imgtrust.c new file mode 100644 index 000000000..5ea20265e --- /dev/null +++ b/src/usr/imgtrust.c @@ -0,0 +1,81 @@ +/* + * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +#include <stdlib.h> +#include <errno.h> +#include <time.h> +#include <ipxe/uaccess.h> +#include <ipxe/image.h> +#include <ipxe/cms.h> +#include <usr/imgtrust.h> + +/** @file + * + * Image trust management + * + */ + +/** + * Verify image using downloaded signature + * + * @v image Image to verify + * @v signature Image containing signature + * @v name Required common name, or NULL to allow any name + * @ret rc Return status code + */ +int imgverify ( struct image *image, struct image *signature, + const char *name ) { + size_t len; + void *data; + struct cms_signature sig; + time_t now; + int rc; + + /* Mark image as untrusted */ + image_untrust ( image ); + + /* Copy signature to internal memory */ + len = signature->len; + data = malloc ( len ); + if ( ! data ) { + rc = -ENOMEM; + goto err_alloc; + } + copy_from_user ( data, signature->data, 0, len ); + + /* Parse signature */ + if ( ( rc = cms_parse ( &sig, data, len ) ) != 0 ) + goto err_parse; + + /* Use signature to verify image */ + now = time ( NULL ); + if ( ( rc = cms_verify ( &sig, image->data, image->len, + name, now, NULL ) ) != 0 ) + goto err_verify; + + /* Mark image as trusted */ + image_trust ( image ); + + err_verify: + err_parse: + free ( data ); + err_alloc: + return rc; +} |