On Thu, Mar 12, 2015 at 03:22:23PM +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> this will allow to compare a md with the original one
>
> When calling this do not call final
>
> For RSA_SIGN verification final does not exist only verify
> as final will be for signing
>
> Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@xxxxxxxxxxxx>
> ---
> crypto/digest.c | 23 ++++++++++++++++++++++-
> crypto/hmac.c | 1 +
> crypto/internal.h | 2 ++
> crypto/md5.c | 1 +
> crypto/sha1.c | 1 +
> crypto/sha2.c | 2 ++
> crypto/sha4.c | 2 ++
> include/digest.h | 6 ++++++
> 8 files changed, 37 insertions(+), 1 deletion(-)
>
> diff --git a/crypto/digest.c b/crypto/digest.c
> index c06089d..98c3607 100644
> --- a/crypto/digest.c
> +++ b/crypto/digest.c
> @@ -26,6 +26,8 @@
> #include <module.h>
> #include <linux/err.h>
>
> +#include "internal.h"
> +
> static LIST_HEAD(digests);
>
> static struct digest_algo *digest_algo_get_by_name(const char *name);
> @@ -37,9 +39,28 @@ static int dummy_init(struct digest *d)
>
> static void dummy_free(struct digest *d) {}
>
> +int digest_generic_verity(struct digest *d, const unsigned char *md)
s/verity/verify/
> +{
> + int ret;
> + int len = digest_length(d);
> + unsigned char *tmp;
> +
> + tmp = xmalloc(sizeof(len));
sizeof(len) is not what you want.
> +
> + ret = digest_final(d, tmp);
> + if (ret)
> + goto end;
> +
> + ret = memcmp(md, tmp, len);
ret = ret ? -EINVAL : 0;
To consistently return an error code.
Sascha
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox
