Let user specified hash algo take precedence

After applying previous patch, we will always get hash algo info from
signature and if user specified one on command line, that will be overridden.

This is like breaking old behavior. So keep track whether user specified
hash algo on command line or not. If user did not specify one then get
hash algo info from signature otherwise use the one user provided.

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>

src/evmctl.c

@@ -245,6 +245,7 @@ static int sigdump;
 static int digest;
 static int digsig;
 static const char *hash_algo = "sha1";
+static int user_hash_algo;
 static char *keypass;
 static int sigfile;
 static int modsig;
@@ -1228,7 +1229,7 @@ static int cmd_verify_evm(struct command *cmd)
 	return verify_evm(file, key);
 }
 
-static uint8_t get_hash_algo_from_sig(unsigned char *sig)
+static int get_hash_algo_from_sig(unsigned char *sig)
 {
 	uint8_t hashalgo;
 
@@ -1283,6 +1284,8 @@ static int verify_ima(const char *file, const char *key)
 		return -1;
 	}
 
+	/* If user specified an hash algo on command line, let it override */
+	if (!user_hash_algo) {
 		sig_hash_algo = get_hash_algo_from_sig(sig + 1);
 		if (sig_hash_algo < 0) {
 			log_err("Invalid signature\n");
@@ -1291,6 +1294,7 @@ static int verify_ima(const char *file, const char *key)
 
 		/* Use hash algorithm as retrieved from signature */
 		hash_algo = pkey_hash_algo[sig_hash_algo];
+	}
 
 	hashlen = calc_hash(file, hash);
 	if (hashlen <= 1)
@@ -1688,6 +1692,7 @@ int main(int argc, char *argv[])
 			break;
 		case 'a':
 			hash_algo = optarg;
+			user_hash_algo = 1;
 			break;
 		case 'p':
 			keypass = optarg;