dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-28 06:33:36 +02:00
Code Releases Activity

ima-evm-utils: Remove indirect call to subfunctions in verify_hash

Browse Source 
This is more human understandable and also will improve handling of
the sources by cscope.

Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Vitaly Chikunov 2019-07-19 00:35:08 +03:00 committed by Mimi Zohar
parent 388f807a0f
commit 3359563dbe
2 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/imaevm.h
View File

@ -188,9 +188,6 @@ struct signature_v2_hdr {
uint8_t sig[0]; /* signature payload */
} __packed;
typedef int (*verify_hash_fn_t)(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen, const char *keyfile);
struct libevm_params {
int verbose;
int x509;

10
src/libimaevm.c
View File

@ -572,22 +572,18 @@ static int get_hash_algo_from_sig(unsigned char *sig)
int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig,
int siglen)
{
const char *key = NULL;
verify_hash_fn_t verify_hash;
/* Get signature type from sig header */
if (sig[0] == DIGSIG_VERSION_1) {
verify_hash = verify_hash_v1;
const char *key = NULL;
/* Read pubkey from RSA key */
if (!params.keyfile)
key = "/etc/keys/pubkey_evm.pem";
return verify_hash_v1(file, hash, size, sig, siglen, key);
} else if (sig[0] == DIGSIG_VERSION_2) {
verify_hash = verify_hash_v2;
return verify_hash_v2(file, hash, size, sig, siglen, NULL);
} else
return -1;
return verify_hash(file, hash, size, sig, siglen, key);
}
int ima_verify_signature(const char *file, unsigned char *sig, int siglen,