diff options
| author | Timo Teras <timo.teras@iki.fi> | 2009-07-17 14:29:02 +0300 |
|---|---|---|
| committer | Timo Teras <timo.teras@iki.fi> | 2009-07-17 14:29:02 +0300 |
| commit | 0942832325f8e81d9e3cc7019cf1b1016d226533 (patch) | |
| tree | 5074340668dcd9b184afa3f773e3b09de9139c49 /src/package.c | |
| parent | 65be7ade1d092a309d27056d6d55585bda54e8bd (diff) | |
| download | apk-tools-0942832325f8e81d9e3cc7019cf1b1016d226533.tar.gz apk-tools-0942832325f8e81d9e3cc7019cf1b1016d226533.tar.bz2 apk-tools-0942832325f8e81d9e3cc7019cf1b1016d226533.tar.xz apk-tools-0942832325f8e81d9e3cc7019cf1b1016d226533.zip | |
index: fix output file permissions, verify signed index (ref #46)
Diffstat (limited to 'src/package.c')
| -rw-r--r-- | src/package.c | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/src/package.c b/src/package.c index ea67c69..632e93e 100644 --- a/src/package.c +++ b/src/package.c @@ -391,13 +391,24 @@ int apk_sign_ctx_mpart_cb(void *ctx, EVP_MD_CTX *mdctx, int part) break; case APK_MPART_END: if (sctx->action == APK_SIGN_VERIFY) { - /* Check that data checksum matches */ - EVP_DigestFinal_ex(mdctx, calculated, NULL); - if (sctx->has_data_checksum && - EVP_MD_CTX_size(mdctx) != 0 && - memcmp(calculated, sctx->data_checksum, - EVP_MD_CTX_size(mdctx)) == 0) - sctx->data_verified = 1; + if (sctx->has_data_checksum) { + /* Check that data checksum matches */ + EVP_DigestFinal_ex(mdctx, calculated, NULL); + if (EVP_MD_CTX_size(mdctx) != 0 && + memcmp(calculated, sctx->data_checksum, + EVP_MD_CTX_size(mdctx)) == 0) + sctx->data_verified = 1; + } else if (sctx->signature.pkey != NULL) { + /* Assume that the data is fully signed */ + r = EVP_VerifyFinal(mdctx, + (unsigned char *) sctx->signature.data.ptr, + sctx->signature.data.len, + sctx->signature.pkey); + if (r == 1) { + sctx->control_verified = 1; + sctx->data_verified = 1; + } + } } else if (!sctx->has_data_checksum) { /* Package identity is checksum of all data */ sctx->identity.type = EVP_MD_CTX_size(mdctx); |