diff options
author | RajithaY <rajithax.yerrumsetty@intel.com> | 2017-04-25 03:31:15 -0700 |
---|---|---|
committer | Rajitha Yerrumchetty <rajithax.yerrumsetty@intel.com> | 2017-05-22 06:48:08 +0000 |
commit | bb756eebdac6fd24e8919e2c43f7d2c8c4091f59 (patch) | |
tree | ca11e03542edf2d8f631efeca5e1626d211107e3 /qemu/roms/ipxe/src/usr/imgtrust.c | |
parent | a14b48d18a9ed03ec191cf16b162206998a895ce (diff) |
Adding qemu as a submodule of KVMFORNFV
This Patch includes the changes to add qemu as a submodule to
kvmfornfv repo and make use of the updated latest qemu for the
execution of all testcase
Change-Id: I1280af507a857675c7f81d30c95255635667bdd7
Signed-off-by:RajithaY<rajithax.yerrumsetty@intel.com>
Diffstat (limited to 'qemu/roms/ipxe/src/usr/imgtrust.c')
-rw-r--r-- | qemu/roms/ipxe/src/usr/imgtrust.c | 114 |
1 files changed, 0 insertions, 114 deletions
diff --git a/qemu/roms/ipxe/src/usr/imgtrust.c b/qemu/roms/ipxe/src/usr/imgtrust.c deleted file mode 100644 index a269833a6..000000000 --- a/qemu/roms/ipxe/src/usr/imgtrust.c +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - * - * You can also choose to distribute this program under the terms of - * the Unmodified Binary Distribution Licence (as given in the file - * COPYING.UBDL), provided that you have satisfied its requirements. - */ - -FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); - -#include <stdlib.h> -#include <errno.h> -#include <time.h> -#include <syslog.h> -#include <ipxe/uaccess.h> -#include <ipxe/image.h> -#include <ipxe/cms.h> -#include <ipxe/validator.h> -#include <ipxe/monojob.h> -#include <usr/imgtrust.h> - -/** @file - * - * Image trust management - * - */ - -/** - * Verify image using downloaded signature - * - * @v image Image to verify - * @v signature Image containing signature - * @v name Required common name, or NULL to allow any name - * @ret rc Return status code - */ -int imgverify ( struct image *image, struct image *signature, - const char *name ) { - size_t len; - void *data; - struct cms_signature *sig; - struct cms_signer_info *info; - time_t now; - int rc; - - /* Mark image as untrusted */ - image_untrust ( image ); - - /* Copy signature to internal memory */ - len = signature->len; - data = malloc ( len ); - if ( ! data ) { - rc = -ENOMEM; - goto err_alloc; - } - copy_from_user ( data, signature->data, 0, len ); - - /* Parse signature */ - if ( ( rc = cms_signature ( data, len, &sig ) ) != 0 ) - goto err_parse; - - /* Free internal copy of signature */ - free ( data ); - data = NULL; - - /* Complete all certificate chains */ - list_for_each_entry ( info, &sig->info, list ) { - if ( ( rc = create_validator ( &monojob, info->chain ) ) != 0 ) - goto err_create_validator; - if ( ( rc = monojob_wait ( NULL, 0 ) ) != 0 ) - goto err_validator_wait; - } - - /* Use signature to verify image */ - now = time ( NULL ); - if ( ( rc = cms_verify ( sig, image->data, image->len, - name, now, NULL, NULL ) ) != 0 ) - goto err_verify; - - /* Drop reference to signature */ - cms_put ( sig ); - sig = NULL; - - /* Mark image as trusted */ - image_trust ( image ); - syslog ( LOG_NOTICE, "Image \"%s\" signature OK\n", image->name ); - - return 0; - - err_verify: - err_validator_wait: - err_create_validator: - cms_put ( sig ); - err_parse: - free ( data ); - err_alloc: - syslog ( LOG_ERR, "Image \"%s\" signature bad: %s\n", - image->name, strerror ( rc ) ); - return rc; -} |