diff options
Diffstat (limited to 'lib/libsecureboot/openpgp/opgp_sig.c')
| -rw-r--r-- | lib/libsecureboot/openpgp/opgp_sig.c | 39 |
1 files changed, 24 insertions, 15 deletions
diff --git a/lib/libsecureboot/openpgp/opgp_sig.c b/lib/libsecureboot/openpgp/opgp_sig.c index fcf4a708c4c3..8846296d7122 100644 --- a/lib/libsecureboot/openpgp/opgp_sig.c +++ b/lib/libsecureboot/openpgp/opgp_sig.c @@ -26,8 +26,6 @@ * RCSid: * from: signer.c,v 1.10 2018/03/23 01:14:30 sjg * - * @(#) Copyright (c) 2012 Simon J. Gerraty - * * This file is provided in the hope that it will * be of use. There is absolutely NO WARRANTY. * Permission to copy, redistribute or otherwise @@ -40,8 +38,6 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD$"); - #include "../libsecureboot-priv.h" #ifdef _STANDALONE #define warnx printf @@ -75,7 +71,7 @@ initialize (void) #include <openssl/err.h> /** - * @brief intialize OpenSSL + * @brief initialize OpenSSL */ void initialize(void) @@ -343,8 +339,19 @@ openpgp_verify(const char *filename, mlen = br_sha256_SIZE; hash_oid = BR_HASH_OID_SHA256; break; + case 9: /* sha384 */ + md = &br_sha384_vtable; + mlen = br_sha384_SIZE; + hash_oid = BR_HASH_OID_SHA384; + break; + case 10: /* sha512 */ + md = &br_sha512_vtable; + mlen = br_sha512_SIZE; + hash_oid = BR_HASH_OID_SHA512; + break; default: warnx("unsupported hash algorithm: %s", hname); + rc = -1; goto oops; } md->init(&mctx.vtable); @@ -464,20 +471,22 @@ verify_asc(const char *sigfile, int flags) size_t n; unsigned char *fdata, *sdata; size_t fbytes, sbytes; - + + fdata = NULL; if ((sdata = read_file(sigfile, &sbytes))) { n = strlcpy(pbuf, sigfile, sizeof(pbuf)); - if ((cp = strrchr(pbuf, '.'))) - *cp = '\0'; - if ((fdata = read_file(pbuf, &fbytes))) { - if (openpgp_verify(pbuf, fdata, fbytes, sdata, - sbytes, flags)) { - free(fdata); - fdata = NULL; + if (n < sizeof(pbuf)) { + if ((cp = strrchr(pbuf, '.'))) + *cp = '\0'; + if ((fdata = read_file(pbuf, &fbytes))) { + if (openpgp_verify(pbuf, fdata, fbytes, sdata, + sbytes, flags)) { + free(fdata); + fdata = NULL; + } } } - } else - fdata = NULL; + } free(sdata); return (fdata); } |