Message ID | 20200520210029.1138-2-bastiangermann@fishpost.de |
---|---|
State | Accepted |
Headers | show |
Series | [1/2] Move swupdate_dgst_init to the right place | expand |
On 20.05.20 23:00, Bastian Germann wrote: > In mbedTLS's swupdate_verify_file implementation, hide the public key > operations behind an ifdef, analogous to the OpenSSL based > implementation. > > Signed-off-by: Bastian Germann <bastiangermann@fishpost.de> > --- > corelib/verify_signature_mbedtls.c | 12 +++++------- > 1 file changed, 5 insertions(+), 7 deletions(-) > > diff --git a/corelib/verify_signature_mbedtls.c b/corelib/verify_signature_mbedtls.c > index 4c964c4..e87576b 100644 > --- a/corelib/verify_signature_mbedtls.c > +++ b/corelib/verify_signature_mbedtls.c > @@ -109,25 +109,23 @@ int swupdate_HASH_compare(const unsigned char *hash1, const unsigned char *hash2 > int swupdate_dgst_init(struct swupdate_cfg *sw, const char *keyfile) > { > struct swupdate_digest *dgst; > - int error; > > dgst = calloc(1, sizeof(*dgst)); > if (!dgst) { > return -ENOMEM; > } > > +#ifdef CONFIG_SIGNED_IMAGES > mbedtls_pk_init(&dgst->mbedtls_pk_context); > > - error = mbedtls_pk_parse_public_keyfile(&dgst->mbedtls_pk_context, keyfile); > + int error = mbedtls_pk_parse_public_keyfile(&dgst->mbedtls_pk_context, keyfile); > if (error) { > ERROR("mbedtls_pk_parse_public_keyfile: %d", error); > - goto fail; > + free(dgst); > + return -EIO; > } > +#endif > > sw->dgst = dgst; > return 0; > - > -fail: > - free(dgst); > - return -EIO; > } > Acked-by: Stefano Babic <sbabic@denx.de> Best regards, Stefano Babic
diff --git a/corelib/verify_signature_mbedtls.c b/corelib/verify_signature_mbedtls.c index 4c964c4..e87576b 100644 --- a/corelib/verify_signature_mbedtls.c +++ b/corelib/verify_signature_mbedtls.c @@ -109,25 +109,23 @@ int swupdate_HASH_compare(const unsigned char *hash1, const unsigned char *hash2 int swupdate_dgst_init(struct swupdate_cfg *sw, const char *keyfile) { struct swupdate_digest *dgst; - int error; dgst = calloc(1, sizeof(*dgst)); if (!dgst) { return -ENOMEM; } +#ifdef CONFIG_SIGNED_IMAGES mbedtls_pk_init(&dgst->mbedtls_pk_context); - error = mbedtls_pk_parse_public_keyfile(&dgst->mbedtls_pk_context, keyfile); + int error = mbedtls_pk_parse_public_keyfile(&dgst->mbedtls_pk_context, keyfile); if (error) { ERROR("mbedtls_pk_parse_public_keyfile: %d", error); - goto fail; + free(dgst); + return -EIO; } +#endif sw->dgst = dgst; return 0; - -fail: - free(dgst); - return -EIO; }
In mbedTLS's swupdate_verify_file implementation, hide the public key operations behind an ifdef, analogous to the OpenSSL based implementation. Signed-off-by: Bastian Germann <bastiangermann@fishpost.de> --- corelib/verify_signature_mbedtls.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-)