blob: 76ba5073d25aa9dea890baa4543bdaef71fa0b72 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
* Copyright (C) 2023, Ideas on Board Oy
*
* ipa_verify.cpp - Verify signature on an IPA module
*/
#include <iostream>
#include <libgen.h>
#include <libcamera/base/file.h>
#include <libcamera/base/span.h>
#include "libcamera/internal/ipa_manager.h"
#include "libcamera/internal/ipa_module.h"
using namespace libcamera;
namespace {
bool isSignatureValid(IPAModule *ipa)
{
File file{ ipa->path() };
if (!file.open(File::OpenModeFlag::ReadOnly))
return false;
Span<uint8_t> data = file.map();
if (data.empty())
return false;
return IPAManager::pubKey().verify(data, ipa->signature());
}
void usage(char *argv0)
{
std::cout << "Usage: " << basename(argv0) << " ipa_name.so" << std::endl;
std::cout << std::endl;
std::cout << "Verify the signature of an IPA module. The signature file ipa_name.so.sign is" << std::endl;
std::cout << "expected to be in the same directory as the IPA module." << std::endl;
}
} /* namespace */
int main(int argc, char **argv)
{
if (argc != 2) {
usage(argv[0]);
return EXIT_FAILURE;
}
IPAModule module{ argv[1] };
if (!module.isValid()) {
std::cout << "Invalid IPA module " << argv[1] << std::endl;
return EXIT_FAILURE;
}
if (!isSignatureValid(&module)) {
std::cout << "IPA module signature is invalid" << std::endl;
return EXIT_FAILURE;
}
std::cout << "IPA module signature is valid" << std::endl;
return 0;
}
|
