Commit 052b8792 authored by Luis R. Rodriguez's avatar Luis R. Rodriguez

crda: separate crda_verify_db_signature() implementations

This will allow us to handle the error codes more cleanly
and in a readible manner. This change should have no
functional change.
Signed-off-by: 's avatarLuis R. Rodriguez <mcgrof@do-not-panic.com>
parent 385be3f8
......@@ -50,14 +50,17 @@ void *crda_get_file_ptr(uint8_t *db, int dblen, int structlen, uint32_t ptr)
}
/*
* crda_verify_db_signature():
*
* Checks the validity of the signature found on the regulatory
* database against the array 'keys'. Returns 1 if there exists
* at least one key in the array such that the signature is valid
* against that key; 0 otherwise.
*/
#ifdef USE_OPENSSL
int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
{
#ifdef USE_OPENSSL
RSA *rsa;
uint8_t hash[SHA_DIGEST_LENGTH];
unsigned int i;
......@@ -105,9 +108,18 @@ int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
}
closedir(pubkey_dir);
}
#endif
if (!ok)
fprintf(stderr, "Database signature verification failed.\n");
out:
return ok;
}
#endif /* USE_OPENSSL */
#ifdef USE_GCRYPT
int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
{
gcry_mpi_t mpi_e, mpi_n;
gcry_sexp_t rsa, signature, data;
uint8_t hash[20];
......@@ -150,18 +162,21 @@ int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
ok = gcry_pk_verify(signature, data, rsa) == 0;
}
#endif
#if defined(USE_OPENSSL) || defined(USE_GCRYPT)
if (!ok)
fprintf(stderr, "Database signature verification failed.\n");
out:
return ok;
#else
}
#endif /* USE_GCRYPT */
#if !defined(USE_OPENSSL) && !defined(USE_GCRYPT)
int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
{
return 1;
#endif
}
#endif
static void reg_rule2rd(uint8_t *db, int dblen,
uint32_t ruleptr, struct ieee80211_reg_rule *rd_reg_rule)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment