diff options
Diffstat (limited to 'src/usr/imgtrust.c')
-rw-r--r-- | src/usr/imgtrust.c | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/src/usr/imgtrust.c b/src/usr/imgtrust.c index a269833a..595ea6b2 100644 --- a/src/usr/imgtrust.c +++ b/src/usr/imgtrust.c @@ -50,30 +50,28 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); */ int imgverify ( struct image *image, struct image *signature, const char *name ) { - size_t len; - void *data; + struct asn1_cursor *data; struct cms_signature *sig; struct cms_signer_info *info; time_t now; + int next; int rc; /* Mark image as untrusted */ image_untrust ( image ); - /* Copy signature to internal memory */ - len = signature->len; - data = malloc ( len ); - if ( ! data ) { - rc = -ENOMEM; - goto err_alloc; + /* Get raw signature data */ + next = image_asn1 ( signature, 0, &data ); + if ( next < 0 ) { + rc = next; + goto err_asn1; } - copy_from_user ( data, signature->data, 0, len ); /* Parse signature */ - if ( ( rc = cms_signature ( data, len, &sig ) ) != 0 ) + if ( ( rc = cms_signature ( data->data, data->len, &sig ) ) != 0 ) goto err_parse; - /* Free internal copy of signature */ + /* Free raw signature data */ free ( data ); data = NULL; @@ -107,7 +105,7 @@ int imgverify ( struct image *image, struct image *signature, cms_put ( sig ); err_parse: free ( data ); - err_alloc: + err_asn1: syslog ( LOG_ERR, "Image \"%s\" signature bad: %s\n", image->name, strerror ( rc ) ); return rc; |