This is more human understandable and also will improve handling of
the sources by cscope.
Signed-off-by: Vitaly Chikunov <vt@xxxxxxxxxxxx>
---
src/imaevm.h | 3 ---
src/libimaevm.c | 10 +++-------
2 files changed, 3 insertions(+), 10 deletions(-)
diff --git a/src/imaevm.h b/src/imaevm.h
index 36050f4..0414433 100644
--- a/src/imaevm.h
+++ b/src/imaevm.h
@@ -188,9 +188,6 @@ struct signature_v2_hdr {
uint8_t sig[0]; /* signature payload */
} __packed;
-
-typedef int (*verify_hash_fn_t)(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen, const char *keyfile);
-
struct libevm_params {
int verbose;
int x509;
diff --git a/src/libimaevm.c b/src/libimaevm.c
index afd2105..97b7167 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -572,22 +572,18 @@ static int get_hash_algo_from_sig(unsigned char *sig)
int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig,
int siglen)
{
- const char *key = NULL;
- verify_hash_fn_t verify_hash;
-
/* Get signature type from sig header */
if (sig[0] == DIGSIG_VERSION_1) {
- verify_hash = verify_hash_v1;
+ const char *key = NULL;
/* Read pubkey from RSA key */
if (!params.keyfile)
key = "/etc/keys/pubkey_evm.pem";
+ return verify_hash_v1(file, hash, size, sig, siglen, key);
} else if (sig[0] == DIGSIG_VERSION_2) {
- verify_hash = verify_hash_v2;
+ return verify_hash_v2(file, hash, size, sig, siglen, NULL);
} else
return -1;
-
- return verify_hash(file, hash, size, sig, siglen, key);
}
int ima_verify_signature(const char *file, unsigned char *sig, int siglen,
--
2.11.0
