/* SPDX-License-Identifier: GPL-2.0-or-later */ /* * Copyright (C) 2023, Ideas on Board Oy * * Verify signature on an IPA module */ #include <iostream> #include <libgen.h> #include <libcamera/base/file.h> #include <libcamera/base/span.h> #include "libcamera/internal/ipa_manager.h" #include "libcamera/internal/ipa_module.h" using namespace libcamera; namespace { bool isSignatureValid(IPAModule *ipa) { File file{ ipa->path() }; if (!file.open(File::OpenModeFlag::ReadOnly)) return false; Span<uint8_t> data = file.map(); if (data.empty()) return false; return IPAManager::pubKey().verify(data, ipa->signature()); } void usage(char *argv0) { std::cout << "Usage: " << basename(argv0) << " ipa_name.so" << std::endl; std::cout << std::endl; std::cout << "Verify the signature of an IPA module. The signature file ipa_name.so.sign is" << std::endl; std::cout << "expected to be in the same directory as the IPA module." << std::endl; } } /* namespace */ int main(int argc, char **argv) { if (argc != 2) { usage(argv[0]); return EXIT_FAILURE; } IPAModule module{ argv[1] }; if (!module.isValid()) { std::cout << "Invalid IPA module " << argv[1] << std::endl; return EXIT_FAILURE; } if (!isSignatureValid(&module)) { std::cout << "IPA module signature is invalid" << std::endl; return EXIT_FAILURE; } std::cout << "IPA module signature is valid" << std::endl; return 0; }