sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2025-12-20 12:00:19 +03:00
Code Issues Packages Projects Releases Wiki Activity

[crypto] Allow cms_decrypt() to be called on unregistered images

Browse Source 
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2024-08-29 23:31:10 +01:00
parent 72316b820d
commit 5e69cf08d7
1 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/crypto/cms.c
View File

@@ -1101,13 +1101,15 @@ int cms_decrypt ( struct cms_message *cms, struct image *image,
/* Duplicate cipher context for potential reencryption on error */ /* Duplicate cipher context for potential reencryption on error */
memcpy ( ctxdup, ctx, cipher->ctxsize ); memcpy ( ctxdup, ctx, cipher->ctxsize );
/* Temporarily unregister image */
image_get ( image );
unregister_image ( image );
/* Clear trusted flag before modifying image */ /* Clear trusted flag before modifying image */
image_untrust ( image ); image_untrust ( image );
/* Temporarily unregister image, if applicable */
if ( original_flags & IMAGE_REGISTERED ) {
image_get ( image );
unregister_image ( image );
}
/* Decrypt one block at a time */ /* Decrypt one block at a time */
offset = 0; offset = 0;
remaining = image->len; remaining = image->len;
@@ -1167,10 +1169,12 @@ int cms_decrypt ( struct cms_message *cms, struct image *image,
copy_to_user ( image->data, ( offset - frag_len ), tmp, frag_len ); copy_to_user ( image->data, ( offset - frag_len ), tmp, frag_len );
image->len -= pad_len; image->len -= pad_len;
/* Clear image type and re-register image */ /* Clear image type and re-register image, if applicable */
image->type = NULL; image->type = NULL;
if ( original_flags & IMAGE_REGISTERED ) {
register_image ( image ); register_image ( image );
image_put ( image ); image_put ( image );
}
/* Free temporary working space */ /* Free temporary working space */
free ( tmp ); free ( tmp );
@@ -1191,9 +1195,11 @@ int cms_decrypt ( struct cms_message *cms, struct image *image,
cipher_encrypt ( cipher, ctxdup, tmp, tmp, CMS_DECRYPT_BLKSZ ); cipher_encrypt ( cipher, ctxdup, tmp, tmp, CMS_DECRYPT_BLKSZ );
copy_to_user ( image->data, offset, tmp, CMS_DECRYPT_BLKSZ ); copy_to_user ( image->data, offset, tmp, CMS_DECRYPT_BLKSZ );
} }
image->flags = original_flags; if ( original_flags & IMAGE_REGISTERED ) {
register_image ( image ); /* Cannot fail on re-registration */ register_image ( image ); /* Cannot fail on re-registration */
image_put ( image ); image_put ( image );
}
image->flags = original_flags;
err_cipher: err_cipher:
free ( tmp ); free ( tmp );
err_alloc: err_alloc: