[crypto] Pass image as parameter to CMS functions

The cms_signature() and cms_verify() functions currently accept raw
data pointers.  This will not be possible for cms_decrypt(), which
will need the ability to extract fragments of ASN.1 data from a
potentially large image.

Change cms_signature() and cms_verify() to accept an image as an input
parameter, and move the responsibility for setting the image trust
flag within cms_verify() since that now becomes a more natural fit.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/include/ipxe/cms.h

@@ -16,6 +16,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <ipxe/refcnt.h>
 #include <ipxe/uaccess.h>
 
+struct image;
+
 /** CMS signer information */
 struct cms_signer_info {
 	/** List of signer information blocks */
@@ -67,9 +69,9 @@ cms_put ( struct cms_signature *sig ) {
 	ref_put ( &sig->refcnt );
 }
 
-extern int cms_signature ( const void *data, size_t len,
+extern int cms_signature ( struct image *image,
 			   struct cms_signature **sig );
-extern int cms_verify ( struct cms_signature *sig, userptr_t data, size_t len,
+extern int cms_verify ( struct cms_signature *sig, struct image *image,
 			const char *name, time_t time, struct x509_chain *store,
 			struct x509_root *root );