From b4cdf0523125ff1e68623c6b98be48914989a2ce Mon Sep 17 00:00:00 2001
From: Adam Michalski <a.michalski2@partner.samsung.com>
Date: Mon, 15 Jul 2024 17:32:38 +0200
Subject: [PATCH] Fix: isu-generator: Check whether the public key actually
 exists

Before using the PUBKEY variable, check whether the public key
actually exists or not.

Change-Id: Icc561e283c4326e39e1f36bf2f50cda7ec09b846
(cherry picked from commit fa33dd18e55387ff69aa580284cb1cefc233a3ce)
---
 src/systemd_generator/isu-generator | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/src/systemd_generator/isu-generator b/src/systemd_generator/isu-generator
index 8d69fc2..5cb8874 100755
--- a/src/systemd_generator/isu-generator
+++ b/src/systemd_generator/isu-generator
@@ -136,7 +136,8 @@ isu_prepare_system()
 	# verify signature and checksum before considering ISU package for application on the system
 	cksum_sign_path="$isu_pkg_dir/checksum.sha256.sign"
 	cksum_path="${cksum_sign_path%.sign}"
-	if [ "$PUBKEY" ]; then
+
+	if [ "$PUBKEY" -a -r "$PUBKEY" ]; then
 		if ! openssl dgst -sha256 -verify "$PUBKEY" -signature "$cksum_sign_path" "$cksum_path"; then
 			log "Public key verification failed for $cksum_path"
 			return 1
@@ -193,11 +194,6 @@ isu_prepare()
 
 # Entry point
 
-if [ "$PUBKEY" -a ! -r "$PUBKEY" ]; then
-	echo "Public key specified but not readable: $PUBKEY"
-	exit 1
-fi
-
 if [ -z "$1" ]; then
 	echo "Please specify unitdir(s) as decribed in systemd.generator (1 or 3 arguments)"
 	exit 1
-- 
2.7.4