robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
Browse Source

[crypto] Enable both DER and PEM formats by default 

Enable both IMAGE_DER and IMAGE_PEM by default, and drag in the
relevant objects only when image_asn1() is present in the binary.

This allows "imgverify" to transparently use either DER or PEM
signature files.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 7 years ago
parent
b7e43b0335
commit
942b798c8d
5 changed files with 83 additions and 43 deletions
Split View Show Diff Stats
  1. 0
    6
      src/config/config.c
  2. 39
    0
      src/config/config_asn1.c
  3. 2
    2
      src/config/general.h
  4. 0
    35
      src/core/image.c
  5. 42
    0
      src/crypto/asn1.c

+ 0
- 6
src/config/config.c View File 

@@ -188,12 +188,6 @@ REQUIRE_OBJECT ( pnm );
188 188 
 #ifdef IMAGE_PNG
189 189 
 REQUIRE_OBJECT ( png );
190 190 
 #endif
191 
-#ifdef IMAGE_DER
192 
-REQUIRE_OBJECT ( der );
193 
-#endif
194 
-#ifdef IMAGE_PEM
195 
-REQUIRE_OBJECT ( pem );
196 
-#endif
197 191
198 192 
 /*
199 193 
  * Drag in all requested commands

+ 39
- 0
src/config/config_asn1.c View File 

@@ -0,0 +1,39 @@
1 
+/*
2 
+ * This program is free software; you can redistribute it and/or
3 
+ * modify it under the terms of the GNU General Public License as
4 
+ * published by the Free Software Foundation; either version 2 of the
5 
+ * License, or (at your option) any later version.
6 
+ *
7 
+ * This program is distributed in the hope that it will be useful, but
8 
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
9 
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
10 
+ * General Public License for more details.
11 
+ *
12 
+ * You should have received a copy of the GNU General Public License
13 
+ * along with this program; if not, write to the Free Software
14 
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15 
+ * 02110-1301, USA.
16 
+ *
17 
+ * You can also choose to distribute this program under the terms of
18 
+ * the Unmodified Binary Distribution Licence (as given in the file
19 
+ * COPYING.UBDL), provided that you have satisfied its requirements.
20 
+ */
21 
+
22 
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
23 
+
24 
+#include <config/general.h>
25 
+
26 
+/** @file
27 
+ *
28 
+ * ASN.1 file format configuration
29 
+ *
30 
+ */
31 
+
32 
+PROVIDE_REQUIRING_SYMBOL();
33 
+
34 
+#ifdef IMAGE_DER
35 
+REQUIRE_OBJECT ( der );
36 
+#endif
37 
+#ifdef IMAGE_PEM
38 
+REQUIRE_OBJECT ( pem );
39 
+#endif

+ 2
- 2
src/config/general.h View File 

@@ -112,8 +112,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
112 112 
 //#define	IMAGE_SDI		/* SDI image support */
113 113 
 //#define	IMAGE_PNM		/* PNM image support */
114 114 
 //#define	IMAGE_PNG		/* PNG image support */
115 
-//#define	IMAGE_DER		/* DER image support */
116 
-//#define	IMAGE_PEM		/* PEM image support */
115 
+#define	IMAGE_DER		/* DER image support */
116 
+#define	IMAGE_PEM		/* PEM image support */
117 117
118 118 
 /*
119 119 
  * Command-line commands to include

+ 0
- 35
src/core/image.c View File 

@@ -505,38 +505,3 @@ int image_pixbuf ( struct image *image, struct pixel_buffer **pixbuf ) {
505 505
506 506 
 	return 0;
507 507 
 }
508 
-
509 
-/**
510 
- * Extract ASN.1 object from image
511 
- *
512 
- * @v image		Image
513 
- * @v offset		Offset within image
514 
- * @v cursor		ASN.1 cursor to fill in
515 
- * @ret next		Offset to next image, or negative error
516 
- *
517 
- * The caller is responsible for eventually calling free() on the
518 
- * allocated ASN.1 cursor.
519 
- */
520 
-int image_asn1 ( struct image *image, size_t offset,
521 
-		 struct asn1_cursor **cursor ) {
522 
-	int next;
523 
-	int rc;
524 
-
525 
-	/* Sanity check */
526 
-	assert ( offset <= image->len );
527 
-
528 
-	/* Check that this image can be used to extract an ASN.1 object */
529 
-	if ( ! ( image->type && image->type->asn1 ) )
530 
-		return -ENOTSUP;
531 
-
532 
-	/* Try creating ASN.1 cursor */
533 
-	next = image->type->asn1 ( image, offset, cursor );
534 
-	if ( next < 0 ) {
535 
-		rc = next;
536 
-		DBGC ( image, "IMAGE %s could not extract ASN.1 object: %s\n",
537 
-		       image->name, strerror ( rc ) );
538 
-		return rc;
539 
-	}
540 
-
541 
-	return next;
542 
-}

+ 42
- 0
src/crypto/asn1.c View File 

@@ -31,6 +31,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
31 31 
 #include <errno.h>
32 32 
 #include <time.h>
33 33 
 #include <ipxe/tables.h>
34 
+#include <ipxe/image.h>
34 35 
 #include <ipxe/asn1.h>
35 36
36 37 
 /** @file
 
@@ -838,3 +839,44 @@ int asn1_wrap ( struct asn1_builder *builder, unsigned int type ) {
838 839
839 840 
 	return 0;
840 841 
 }
842 
+
843 
+/**
844 
+ * Extract ASN.1 object from image
845 
+ *
846 
+ * @v image		Image
847 
+ * @v offset		Offset within image
848 
+ * @v cursor		ASN.1 cursor to fill in
849 
+ * @ret next		Offset to next image, or negative error
850 
+ *
851 
+ * The caller is responsible for eventually calling free() on the
852 
+ * allocated ASN.1 cursor.
853 
+ */
854 
+int image_asn1 ( struct image *image, size_t offset,
855 
+		 struct asn1_cursor **cursor ) {
856 
+	int next;
857 
+	int rc;
858 
+
859 
+	/* Sanity check */
860 
+	assert ( offset <= image->len );
861 
+
862 
+	/* Check that this image can be used to extract an ASN.1 object */
863 
+	if ( ! ( image->type && image->type->asn1 ) )
864 
+		return -ENOTSUP;
865 
+
866 
+	/* Try creating ASN.1 cursor */
867 
+	next = image->type->asn1 ( image, offset, cursor );
868 
+	if ( next < 0 ) {
869 
+		rc = next;
870 
+		DBGC ( image, "IMAGE %s could not extract ASN.1 object: %s\n",
871 
+		       image->name, strerror ( rc ) );
872 
+		return rc;
873 
+	}
874 
+
875 
+	return next;
876 
+}
877 
+
878 
+/* Drag in objects via image_asn1() */
879 
+REQUIRING_SYMBOL ( image_asn1 );
880 
+
881 
+/* Drag in ASN.1 image formats */
882 
+REQUIRE_OBJECT ( config_asn1 );

Write Preview
Loading…
Cancel
Save