/*-------------------------------------------------------------------- * Append data to a signature */ void smp_append_sign(struct smp_signctx *ctx, const void *ptr, uint32_t len) { struct SHA256Context cx; unsigned char sign[SHA256_LEN]; if (len != 0) { SHA256_Update(&ctx->ctx, ptr, len); ctx->ss->length += len; } cx = ctx->ctx; SHA256_Update(&cx, &ctx->ss->length, sizeof(ctx->ss->length)); SHA256_Final(sign, &cx); memcpy(SIGN_END(ctx), sign, sizeof sign); XXXAZ(smp_chk_sign(ctx)); }
int smp_valid_silo(struct smp_sc *sc) { struct smp_ident *si; int i, j; assert(strlen(SMP_IDENT_STRING) < sizeof si->ident); if (smp_chk_sign(&sc->idn)) return (1); si = sc->ident; if (strcmp(si->ident, SMP_IDENT_STRING)) return (2); if (si->byte_order != 0x12345678) return (3); if (si->size != sizeof *si) return (4); if (si->major_version != 2) return (5); if (si->mediasize != sc->mediasize) return (7); if (si->granularity != sc->granularity) return (8); if (si->align < sizeof(void*)) return (9); if (!PWR2(si->align)) return (10); sc->align = si->align; sc->unique = si->unique; /* XXX: Sanity check stuff[6] */ assert(si->stuff[SMP_BAN1_STUFF] > sizeof *si + SHA256_LEN); assert(si->stuff[SMP_BAN2_STUFF] > si->stuff[SMP_BAN1_STUFF]); assert(si->stuff[SMP_SEG1_STUFF] > si->stuff[SMP_BAN2_STUFF]); assert(si->stuff[SMP_SEG2_STUFF] > si->stuff[SMP_SEG1_STUFF]); assert(si->stuff[SMP_SPC_STUFF] > si->stuff[SMP_SEG2_STUFF]); assert(si->stuff[SMP_END_STUFF] == sc->mediasize); assert(smp_stuff_len(sc, SMP_SEG1_STUFF) > 65536); assert(smp_stuff_len(sc, SMP_SEG1_STUFF) == smp_stuff_len(sc, SMP_SEG2_STUFF)); assert(smp_stuff_len(sc, SMP_BAN1_STUFF) > 65536); assert(smp_stuff_len(sc, SMP_BAN1_STUFF) == smp_stuff_len(sc, SMP_BAN2_STUFF)); smp_def_sign(sc, &sc->ban1, si->stuff[SMP_BAN1_STUFF], "BAN 1"); smp_def_sign(sc, &sc->ban2, si->stuff[SMP_BAN2_STUFF], "BAN 2"); smp_def_sign(sc, &sc->seg1, si->stuff[SMP_SEG1_STUFF], "SEG 1"); smp_def_sign(sc, &sc->seg2, si->stuff[SMP_SEG2_STUFF], "SEG 2"); /* We must have one valid BAN table */ i = smp_chk_sign(&sc->ban1); j = smp_chk_sign(&sc->ban2); if (i && j) return (100 + i * 10 + j); /* We must have one valid SEG table */ i = smp_chk_sign(&sc->seg1); j = smp_chk_sign(&sc->seg2); if (i && j) return (200 + i * 10 + j); return (0); }
int smp_chk_signspace(struct smp_signspace *spc) { return (smp_chk_sign(&spc->ctx)); }