Browse Source

[crypto] Enable both DER and PEM formats by default

Enable both IMAGE_DER and IMAGE_PEM by default, and drag in the
relevant objects only when image_asn1() is present in the binary.

This allows "imgverify" to transparently use either DER or PEM
signature files.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 8 years ago
parent
commit
942b798c8d
5 changed files with 83 additions and 43 deletions
  1. 0
    6
      src/config/config.c
  2. 39
    0
      src/config/config_asn1.c
  3. 2
    2
      src/config/general.h
  4. 0
    35
      src/core/image.c
  5. 42
    0
      src/crypto/asn1.c

+ 0
- 6
src/config/config.c View File

@@ -188,12 +188,6 @@ REQUIRE_OBJECT ( pnm );
188 188
 #ifdef IMAGE_PNG
189 189
 REQUIRE_OBJECT ( png );
190 190
 #endif
191
-#ifdef IMAGE_DER
192
-REQUIRE_OBJECT ( der );
193
-#endif
194
-#ifdef IMAGE_PEM
195
-REQUIRE_OBJECT ( pem );
196
-#endif
197 191
 
198 192
 /*
199 193
  * Drag in all requested commands

+ 39
- 0
src/config/config_asn1.c View File

@@ -0,0 +1,39 @@
1
+/*
2
+ * This program is free software; you can redistribute it and/or
3
+ * modify it under the terms of the GNU General Public License as
4
+ * published by the Free Software Foundation; either version 2 of the
5
+ * License, or (at your option) any later version.
6
+ *
7
+ * This program is distributed in the hope that it will be useful, but
8
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
9
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
10
+ * General Public License for more details.
11
+ *
12
+ * You should have received a copy of the GNU General Public License
13
+ * along with this program; if not, write to the Free Software
14
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15
+ * 02110-1301, USA.
16
+ *
17
+ * You can also choose to distribute this program under the terms of
18
+ * the Unmodified Binary Distribution Licence (as given in the file
19
+ * COPYING.UBDL), provided that you have satisfied its requirements.
20
+ */
21
+
22
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
23
+
24
+#include <config/general.h>
25
+
26
+/** @file
27
+ *
28
+ * ASN.1 file format configuration
29
+ *
30
+ */
31
+
32
+PROVIDE_REQUIRING_SYMBOL();
33
+
34
+#ifdef IMAGE_DER
35
+REQUIRE_OBJECT ( der );
36
+#endif
37
+#ifdef IMAGE_PEM
38
+REQUIRE_OBJECT ( pem );
39
+#endif

+ 2
- 2
src/config/general.h View File

@@ -112,8 +112,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
112 112
 //#define	IMAGE_SDI		/* SDI image support */
113 113
 //#define	IMAGE_PNM		/* PNM image support */
114 114
 //#define	IMAGE_PNG		/* PNG image support */
115
-//#define	IMAGE_DER		/* DER image support */
116
-//#define	IMAGE_PEM		/* PEM image support */
115
+#define	IMAGE_DER		/* DER image support */
116
+#define	IMAGE_PEM		/* PEM image support */
117 117
 
118 118
 /*
119 119
  * Command-line commands to include

+ 0
- 35
src/core/image.c View File

@@ -505,38 +505,3 @@ int image_pixbuf ( struct image *image, struct pixel_buffer **pixbuf ) {
505 505
 
506 506
 	return 0;
507 507
 }
508
-
509
-/**
510
- * Extract ASN.1 object from image
511
- *
512
- * @v image		Image
513
- * @v offset		Offset within image
514
- * @v cursor		ASN.1 cursor to fill in
515
- * @ret next		Offset to next image, or negative error
516
- *
517
- * The caller is responsible for eventually calling free() on the
518
- * allocated ASN.1 cursor.
519
- */
520
-int image_asn1 ( struct image *image, size_t offset,
521
-		 struct asn1_cursor **cursor ) {
522
-	int next;
523
-	int rc;
524
-
525
-	/* Sanity check */
526
-	assert ( offset <= image->len );
527
-
528
-	/* Check that this image can be used to extract an ASN.1 object */
529
-	if ( ! ( image->type && image->type->asn1 ) )
530
-		return -ENOTSUP;
531
-
532
-	/* Try creating ASN.1 cursor */
533
-	next = image->type->asn1 ( image, offset, cursor );
534
-	if ( next < 0 ) {
535
-		rc = next;
536
-		DBGC ( image, "IMAGE %s could not extract ASN.1 object: %s\n",
537
-		       image->name, strerror ( rc ) );
538
-		return rc;
539
-	}
540
-
541
-	return next;
542
-}

+ 42
- 0
src/crypto/asn1.c View File

@@ -31,6 +31,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
31 31
 #include <errno.h>
32 32
 #include <time.h>
33 33
 #include <ipxe/tables.h>
34
+#include <ipxe/image.h>
34 35
 #include <ipxe/asn1.h>
35 36
 
36 37
 /** @file
@@ -838,3 +839,44 @@ int asn1_wrap ( struct asn1_builder *builder, unsigned int type ) {
838 839
 
839 840
 	return 0;
840 841
 }
842
+
843
+/**
844
+ * Extract ASN.1 object from image
845
+ *
846
+ * @v image		Image
847
+ * @v offset		Offset within image
848
+ * @v cursor		ASN.1 cursor to fill in
849
+ * @ret next		Offset to next image, or negative error
850
+ *
851
+ * The caller is responsible for eventually calling free() on the
852
+ * allocated ASN.1 cursor.
853
+ */
854
+int image_asn1 ( struct image *image, size_t offset,
855
+		 struct asn1_cursor **cursor ) {
856
+	int next;
857
+	int rc;
858
+
859
+	/* Sanity check */
860
+	assert ( offset <= image->len );
861
+
862
+	/* Check that this image can be used to extract an ASN.1 object */
863
+	if ( ! ( image->type && image->type->asn1 ) )
864
+		return -ENOTSUP;
865
+
866
+	/* Try creating ASN.1 cursor */
867
+	next = image->type->asn1 ( image, offset, cursor );
868
+	if ( next < 0 ) {
869
+		rc = next;
870
+		DBGC ( image, "IMAGE %s could not extract ASN.1 object: %s\n",
871
+		       image->name, strerror ( rc ) );
872
+		return rc;
873
+	}
874
+
875
+	return next;
876
+}
877
+
878
+/* Drag in objects via image_asn1() */
879
+REQUIRING_SYMBOL ( image_asn1 );
880
+
881
+/* Drag in ASN.1 image formats */
882
+REQUIRE_OBJECT ( config_asn1 );

Loading…
Cancel
Save