From: Vitaly Chikunov <vt@altlinux.org>
To: Mimi Zohar <zohar@linux.vnet.ibm.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
linux-integrity@vger.kernel.org
Subject: [PATCH 1/3] ima-evm-utils: Remove indirect call to subfunctions in verify_hash
Date: Fri, 19 Jul 2019 00:35:08 +0300 [thread overview]
Message-ID: <20190718213510.10829-1-vt@altlinux.org> (raw)
This is more human understandable and also will improve handling of
the sources by cscope.
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
---
src/imaevm.h | 3 ---
src/libimaevm.c | 10 +++-------
2 files changed, 3 insertions(+), 10 deletions(-)
diff --git a/src/imaevm.h b/src/imaevm.h
index 36050f4..0414433 100644
--- a/src/imaevm.h
+++ b/src/imaevm.h
@@ -188,9 +188,6 @@ struct signature_v2_hdr {
uint8_t sig[0]; /* signature payload */
} __packed;
-
-typedef int (*verify_hash_fn_t)(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen, const char *keyfile);
-
struct libevm_params {
int verbose;
int x509;
diff --git a/src/libimaevm.c b/src/libimaevm.c
index afd2105..97b7167 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -572,22 +572,18 @@ static int get_hash_algo_from_sig(unsigned char *sig)
int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig,
int siglen)
{
- const char *key = NULL;
- verify_hash_fn_t verify_hash;
-
/* Get signature type from sig header */
if (sig[0] == DIGSIG_VERSION_1) {
- verify_hash = verify_hash_v1;
+ const char *key = NULL;
/* Read pubkey from RSA key */
if (!params.keyfile)
key = "/etc/keys/pubkey_evm.pem";
+ return verify_hash_v1(file, hash, size, sig, siglen, key);
} else if (sig[0] == DIGSIG_VERSION_2) {
- verify_hash = verify_hash_v2;
+ return verify_hash_v2(file, hash, size, sig, siglen, NULL);
} else
return -1;
-
- return verify_hash(file, hash, size, sig, siglen, key);
}
int ima_verify_signature(const char *file, unsigned char *sig, int siglen,
--
2.11.0
next reply other threads:[~2019-07-18 21:35 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-18 21:35 Vitaly Chikunov [this message]
2019-07-18 21:35 ` [PATCH 2/3] ima-evm-utils: Remove not needed argument from verify_hash_v2 Vitaly Chikunov
2019-07-18 23:23 ` Mimi Zohar
2019-07-18 23:26 ` Vitaly Chikunov
2019-07-18 21:35 ` [PATCH 3/3] ima-evm-utils: Improve OpenSSL error reporting Vitaly Chikunov
2019-07-18 23:23 ` Mimi Zohar
2019-07-18 23:24 ` [PATCH 1/3] ima-evm-utils: Remove indirect call to subfunctions in verify_hash Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190718213510.10829-1-vt@altlinux.org \
--to=vt@altlinux.org \
--cc=dmitry.kasatkin@gmail.com \
--cc=linux-integrity@vger.kernel.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).