libcamera: pub_key: Gracefully handle failures to load public key

If the public key fails to load, PubKey::isValid() function returns
false. The only user of the PubKey class, the IPAManager class, doesn't
check that condition, and still calls the PubKey::verify() function,
which leads to a crash.

Fix this by returning false from PubKey::verify() if the key isn't
valid, and log a warning in the IPAManager constructor to report the
issue.

Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Tested-by: Eric Curtin <ecurtin@redhat.com>
Reviewed-by: Eric Curtin <ecurtin@redhat.com>
Reviewed-by: Kieran Bingham <kieran.bingham@ideasonboard.com>

2 files changed, 6 insertions, 0 deletions

diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp
index ec966045..2f96a207 100644
--- a/src/libcamera/ipa_manager.cpp
+++ b/src/libcamera/ipa_manager.cpp
@@ -109,6 +109,9 @@ IPAManager::IPAManager()
 		LOG(IPAManager, Fatal)
 			<< "Multiple IPAManager objects are not allowed";
 
+	if (!pubKey_.isValid())
+		LOG(IPAManager, Warning) << "Public key not valid";
+
 	unsigned int ipaCount = 0;
 
 	/* User-specified paths take precedence. */
diff --git a/src/libcamera/pub_key.cpp b/src/libcamera/pub_key.cpp
index 9bb08fda..b2045a10 100644
--- a/src/libcamera/pub_key.cpp
+++ b/src/libcamera/pub_key.cpp
@@ -76,6 +76,9 @@ PubKey::~PubKey()
 bool PubKey::verify([[maybe_unused]] Span<const uint8_t> data,
 		    [[maybe_unused]] Span<const uint8_t> sig) const
 {
+	if (!valid_)
+		return false;
+
 #if HAVE_GNUTLS
 	const gnutls_datum_t gnuTlsData{
 		const_cast<unsigned char *>(data.data()),