diff options
Diffstat (limited to 'verifier.cpp')
-rw-r--r-- | verifier.cpp | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/verifier.cpp b/verifier.cpp index 55d58ee2..eeff95a5 100644 --- a/verifier.cpp +++ b/verifier.cpp | |||
@@ -140,7 +140,7 @@ int verify_file(unsigned char* addr, size_t length, | |||
140 | 140 | ||
141 | size_t comment_size = footer[4] + (footer[5] << 8); | 141 | size_t comment_size = footer[4] + (footer[5] << 8); |
142 | size_t signature_start = footer[0] + (footer[1] << 8); | 142 | size_t signature_start = footer[0] + (footer[1] << 8); |
143 | LOGI("comment is %d bytes; signature %d bytes from end\n", | 143 | LOGI("comment is %zu bytes; signature %zu bytes from end\n", |
144 | comment_size, signature_start); | 144 | comment_size, signature_start); |
145 | 145 | ||
146 | if (signature_start <= FOOTER_SIZE) { | 146 | if (signature_start <= FOOTER_SIZE) { |
@@ -252,24 +252,24 @@ int verify_file(unsigned char* addr, size_t length, | |||
252 | if (pKeys[i].key_type == Certificate::RSA) { | 252 | if (pKeys[i].key_type == Certificate::RSA) { |
253 | if (sig_der_length < RSANUMBYTES) { | 253 | if (sig_der_length < RSANUMBYTES) { |
254 | // "signature" block isn't big enough to contain an RSA block. | 254 | // "signature" block isn't big enough to contain an RSA block. |
255 | LOGI("signature is too short for RSA key %d\n", i); | 255 | LOGI("signature is too short for RSA key %zu\n", i); |
256 | continue; | 256 | continue; |
257 | } | 257 | } |
258 | 258 | ||
259 | if (!RSA_verify(pKeys[i].rsa, sig_der, RSANUMBYTES, | 259 | if (!RSA_verify(pKeys[i].rsa, sig_der, RSANUMBYTES, |
260 | hash, pKeys[i].hash_len)) { | 260 | hash, pKeys[i].hash_len)) { |
261 | LOGI("failed to verify against RSA key %d\n", i); | 261 | LOGI("failed to verify against RSA key %zu\n", i); |
262 | continue; | 262 | continue; |
263 | } | 263 | } |
264 | 264 | ||
265 | LOGI("whole-file signature verified against RSA key %d\n", i); | 265 | LOGI("whole-file signature verified against RSA key %zu\n", i); |
266 | free(sig_der); | 266 | free(sig_der); |
267 | return VERIFY_SUCCESS; | 267 | return VERIFY_SUCCESS; |
268 | } else if (pKeys[i].key_type == Certificate::EC | 268 | } else if (pKeys[i].key_type == Certificate::EC |
269 | && pKeys[i].hash_len == SHA256_DIGEST_SIZE) { | 269 | && pKeys[i].hash_len == SHA256_DIGEST_SIZE) { |
270 | p256_int r, s; | 270 | p256_int r, s; |
271 | if (!dsa_sig_unpack(sig_der, sig_der_length, &r, &s)) { | 271 | if (!dsa_sig_unpack(sig_der, sig_der_length, &r, &s)) { |
272 | LOGI("Not a DSA signature block for EC key %d\n", i); | 272 | LOGI("Not a DSA signature block for EC key %zu\n", i); |
273 | continue; | 273 | continue; |
274 | } | 274 | } |
275 | 275 | ||
@@ -277,11 +277,11 @@ int verify_file(unsigned char* addr, size_t length, | |||
277 | p256_from_bin(hash, &p256_hash); | 277 | p256_from_bin(hash, &p256_hash); |
278 | if (!p256_ecdsa_verify(&(pKeys[i].ec->x), &(pKeys[i].ec->y), | 278 | if (!p256_ecdsa_verify(&(pKeys[i].ec->x), &(pKeys[i].ec->y), |
279 | &p256_hash, &r, &s)) { | 279 | &p256_hash, &r, &s)) { |
280 | LOGI("failed to verify against EC key %d\n", i); | 280 | LOGI("failed to verify against EC key %zu\n", i); |
281 | continue; | 281 | continue; |
282 | } | 282 | } |
283 | 283 | ||
284 | LOGI("whole-file signature verified against EC key %d\n", i); | 284 | LOGI("whole-file signature verified against EC key %zu\n", i); |
285 | free(sig_der); | 285 | free(sig_der); |
286 | return VERIFY_SUCCESS; | 286 | return VERIFY_SUCCESS; |
287 | } else { | 287 | } else { |