Remove x509 library parameter

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>

diff --git a/src/evmctl.c b/src/evmctl.c
index abcc4f8..278894f 100644 (file)
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -71,6 +71,7 @@ static int digest;
 static int digsig;
 static char *keypass;
 static int sigfile;
+static int x509 = 1;
 static int modsig;
 static char *uuid_str = "+";
 static char *search_type;
@@ -860,7 +861,7 @@ static int cmd_import(struct command *cmd)
 
        inkey = g_argv[optind++];
        if (!inkey) {
-               inkey = params.x509 ? "/etc/keys/x509_evm.der" :
+               inkey = x509 ? "/etc/keys/x509_evm.der" :
                               "/etc/keys/pubkey_evm.pem";
        } else
                ring = g_argv[optind++];
@@ -870,11 +871,11 @@ static int cmd_import(struct command *cmd)
        else
                id = atoi(ring);
 
-       key = read_pub_key(inkey);
+       key = read_pub_key(inkey, x509);
        if (!key)
                return 1;
 
-       if (params.x509) {
+       if (x509) {
                pub = file2bin(inkey, NULL, &len);
                if (!pub)
                        goto out;
@@ -886,7 +887,7 @@ static int cmd_import(struct command *cmd)
 
        log_info("Importing public key %s from file %s into keyring %d\n", name, inkey, id);
 
-       id = add_key(params.x509 ? "asymmetric" : "user", params.x509 ? NULL : name, pub, len, id);
+       id = add_key(x509 ? "asymmetric" : "user", x509 ? NULL : name, pub, len, id);
        if (id < 0) {
                log_err("add_key failed\n");
                err = id;
@@ -894,7 +895,7 @@ static int cmd_import(struct command *cmd)
                log_info("keyid: %d\n", id);
                printf("%d\n", id);
        }
-       if (params.x509)
+       if (x509)
                free(pub);
 out:
        RSA_free(key);
@@ -1606,7 +1607,7 @@ int main(int argc, char *argv[])
                        uuid_str = optarg ?: "+";
                        break;
                case '1':
-                       params.x509 = 0;
+                       x509 = 0;
                        break;
                case 'k':
                        params.keyfile = optarg;
@@ -1625,7 +1626,7 @@ int main(int argc, char *argv[])
                }
        }
 
-       if (params.x509)
+       if (x509)
                sign_hash = sign_hash_v2;
        else
                sign_hash = sign_hash_v1;

diff --git a/src/libevm.c b/src/libevm.c
index abf6abb..4d0af50 100644 (file)
--- a/src/libevm.c
+++ b/src/libevm.c
@@ -99,7 +99,6 @@ const struct RSA_ASN1_template RSA_ASN1_templates[PKEY_HASH__LAST] = {
 struct libevm_params params = {
        .verbose = LOG_INFO - 1,
        .hash_algo = "sha1",
-       .x509 = 1,
 };
 
 void do_dump(FILE *fp, const void *ptr, int len, bool cr)
@@ -291,7 +290,7 @@ int ima_calc_hash(const char *file, uint8_t *hash)
        return mdlen;
 }
 
-RSA *read_pub_key(const char *keyfile)
+RSA *read_pub_key(const char *keyfile, int x509)
 {
        FILE *fp;
        RSA *key = NULL;
@@ -304,7 +303,7 @@ RSA *read_pub_key(const char *keyfile)
                return NULL;
        }
 
-       if (params.x509) {
+       if (x509) {
                crt = d2i_X509_fp(fp, NULL);
                if (!crt) {
                        log_err("d2i_X509_fp() failed\n");
@@ -344,7 +343,7 @@ int verify_hash_v1(const unsigned char *hash, int size, unsigned char *sig, int
        log_info("hash: ");
        log_dump(hash, size);
 
-       key = read_pub_key(keyfile);
+       key = read_pub_key(keyfile, 0);
        if (!key)
                return 1;
 
@@ -386,7 +385,7 @@ int verify_hash_v2(const unsigned char *hash, int size, unsigned char *sig, int
        log_info("hash: ");
        log_dump(hash, size);
 
-       key = read_pub_key(keyfile);
+       key = read_pub_key(keyfile, 1);
        if (!key)
                return 1;
 
@@ -460,21 +459,22 @@ static int get_hash_algo_from_sig(unsigned char *sig)
 int verify_hash(const unsigned char *hash, int size, unsigned char *sig, int siglen)
 {
        char *key;
+       int x509;
 
        /* Get signature type from sig header */
        if (sig[0] == DIGSIG_VERSION_1) {
                params.verify_hash = verify_hash_v1;
                /* Read pubkey from RSA key */
-               params.x509 = 0;
+               x509 = 0;
        } else if (sig[0] == DIGSIG_VERSION_2) {
                params.verify_hash = verify_hash_v2;
                /* Read pubkey from x509 cert */
-               params.x509 = 1;
+               x509 = 1;
        } else
                return -1;
 
        /* Determine what key to use for verification*/
-       key = params.keyfile ? : params.x509 ?
+       key = params.keyfile ? : x509 ?
                        "/etc/keys/x509_evm.der" :
                        "/etc/keys/pubkey_evm.pem";
 

diff --git a/src/libevm.h b/src/libevm.h
index 1481e9b..4cbf826 100644 (file)
--- a/src/libevm.h
+++ b/src/libevm.h
@@ -128,7 +128,6 @@ typedef int (*verify_hash_fn_t)(const unsigned char *hash, int size, unsigned ch
 struct libevm_params {
        int verbose;
        const char *hash_algo;
-       int x509;
        char *keyfile;
        verify_hash_fn_t verify_hash;
 };
@@ -146,7 +145,7 @@ void dump(const void *ptr, int len);
 int get_filesize(const char *filename);
 int ima_calc_hash(const char *file, uint8_t *hash);
 int get_hash_algo(const char *algo);
-RSA *read_pub_key(const char *keyfile);
+RSA *read_pub_key(const char *keyfile, int x509);
 
 int verify_hash(const unsigned char *hash, int size, unsigned char *sig, int siglen);
 int ima_verify_signature(const char *file, unsigned char *sig, int siglen);