/** * Verifies the RSA signature * @param fd File descriptor to the boot image * @param length Length of the boot image without the signature block * @param bs The boot signature block */ static int verify_signature(int fd, uint64_t length, const BootSignature *bs) { int rc = -1; EVP_PKEY *pkey = NULL; RSA *rsa = NULL; unsigned char digest[SHA256_DIGEST_LENGTH]; if (!bs) { goto vs_done; } if (hash_image(fd, length, bs->authenticatedAttributes, digest) == -1) { goto vs_done; } if ((pkey = X509_get_pubkey(bs->certificate)) == NULL) { ERR_print_errors(g_error); goto vs_done; } if ((rsa = EVP_PKEY_get1_RSA(pkey)) == NULL) { ERR_print_errors(g_error); goto vs_done; } if (!RSA_verify(NID_sha256, digest, SHA256_DIGEST_LENGTH, bs->signature->data, bs->signature->length, rsa)) { ERR_print_errors(g_error); goto vs_done; } rc = 0; vs_done: if (pkey) { EVP_PKEY_free(pkey); } if (rsa) { RSA_free(rsa); } return rc; }
int main (int argc, char **argv) { FILE *f = NULL, *f_page = NULL; Jbig2Ctx *ctx; uint8_t buf[4096]; jbig2dec_params_t params; int filearg; /* set defaults */ params.mode = render; params.verbose = 1; params.hash = 0; params.output_file = NULL; params.output_format = jbig2dec_format_none; filearg = parse_options(argc, argv, ¶ms); if (params.hash) hash_init(¶ms); switch (params.mode) { case usage: print_usage(); exit (0); break; case dump: fprintf(stderr, "Sorry, segment dump not yet implemented\n"); break; case render: if ((argc - filearg) == 1) /* only one argument--open as a jbig2 file */ { char *fn = argv[filearg]; f = fopen(fn, "rb"); if (f == NULL) { fprintf(stderr, "error opening %s\n", fn); return 1; } } else if ((argc - filearg) == 2) /* two arguments open as separate global and page streams */ { char *fn = argv[filearg]; char *fn_page = argv[filearg+1]; f = fopen(fn, "rb"); if (f == NULL) { fprintf(stderr, "error opening %s\n", fn); return 1; } f_page = fopen(fn_page, "rb"); if (f_page == NULL) { fprintf(stderr, "error opening %s\n", fn_page); return 1; } } else /* any other number of arguments */ return print_usage(); ctx = jbig2_ctx_new(NULL, f_page != NULL ? JBIG2_OPTIONS_EMBEDDED : 0, NULL, error_callback, ¶ms); /* pull the whole file/global stream into memory */ for (;;) { int n_bytes = fread(buf, 1, sizeof(buf), f); if (n_bytes <= 0) break; jbig2_data_in(ctx, buf, n_bytes); } fclose(f); /* if there's a local page stream read that in its entirety */ if (f_page != NULL) { Jbig2GlobalCtx *global_ctx = jbig2_make_global_ctx(ctx); ctx = jbig2_ctx_new(NULL, JBIG2_OPTIONS_EMBEDDED, global_ctx, error_callback, ¶ms); for (;;) { int n_bytes = fread(buf, 1, sizeof(buf), f_page); if (n_bytes <= 0) break; jbig2_data_in(ctx, buf, n_bytes); } fclose(f_page); jbig2_global_ctx_free(global_ctx); } /* retrieve and output the returned pages */ { Jbig2Image *image; /* work around broken CVision embedded streams */ if (f_page != NULL) jbig2_complete_page(ctx); if (params.output_file == NULL) { #ifdef HAVE_LIBPNG params.output_file = make_output_filename(argv[filearg], ".png"); params.output_format = jbig2dec_format_png; #else params.output_file = make_output_filename(argv[filearg], ".pbm"); params.output_format = jbig2dec_format_pbm; #endif } else { int len = strlen(params.output_file); if ((len >= 3) && (params.output_format == jbig2dec_format_none)) /* try to set the output type by the given extension */ set_output_format(¶ms, params.output_file + len - 3); } /* retrieve and write out all the completed pages */ while ((image = jbig2_page_out(ctx)) != NULL) { write_page_image(¶ms, image); if (params.hash) hash_image(¶ms, image); jbig2_release_page(ctx, image); } if (params.hash) write_document_hash(¶ms); } jbig2_ctx_free(ctx); } /* end params.mode switch */ if (params.output_file) free(params.output_file); if (params.hash) hash_free(¶ms); /* fin */ return 0; }