aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to 'verifier.cpp')
-rw-r--r--verifier.cpp14
1 files changed, 7 insertions, 7 deletions
diff --git a/verifier.cpp b/verifier.cpp
index 55d58ee2..eeff95a5 100644
--- a/verifier.cpp
+++ b/verifier.cpp
@@ -140,7 +140,7 @@ int verify_file(unsigned char* addr, size_t length,
140 140
141 size_t comment_size = footer[4] + (footer[5] << 8); 141 size_t comment_size = footer[4] + (footer[5] << 8);
142 size_t signature_start = footer[0] + (footer[1] << 8); 142 size_t signature_start = footer[0] + (footer[1] << 8);
143 LOGI("comment is %d bytes; signature %d bytes from end\n", 143 LOGI("comment is %zu bytes; signature %zu bytes from end\n",
144 comment_size, signature_start); 144 comment_size, signature_start);
145 145
146 if (signature_start <= FOOTER_SIZE) { 146 if (signature_start <= FOOTER_SIZE) {
@@ -252,24 +252,24 @@ int verify_file(unsigned char* addr, size_t length,
252 if (pKeys[i].key_type == Certificate::RSA) { 252 if (pKeys[i].key_type == Certificate::RSA) {
253 if (sig_der_length < RSANUMBYTES) { 253 if (sig_der_length < RSANUMBYTES) {
254 // "signature" block isn't big enough to contain an RSA block. 254 // "signature" block isn't big enough to contain an RSA block.
255 LOGI("signature is too short for RSA key %d\n", i); 255 LOGI("signature is too short for RSA key %zu\n", i);
256 continue; 256 continue;
257 } 257 }
258 258
259 if (!RSA_verify(pKeys[i].rsa, sig_der, RSANUMBYTES, 259 if (!RSA_verify(pKeys[i].rsa, sig_der, RSANUMBYTES,
260 hash, pKeys[i].hash_len)) { 260 hash, pKeys[i].hash_len)) {
261 LOGI("failed to verify against RSA key %d\n", i); 261 LOGI("failed to verify against RSA key %zu\n", i);
262 continue; 262 continue;
263 } 263 }
264 264
265 LOGI("whole-file signature verified against RSA key %d\n", i); 265 LOGI("whole-file signature verified against RSA key %zu\n", i);
266 free(sig_der); 266 free(sig_der);
267 return VERIFY_SUCCESS; 267 return VERIFY_SUCCESS;
268 } else if (pKeys[i].key_type == Certificate::EC 268 } else if (pKeys[i].key_type == Certificate::EC
269 && pKeys[i].hash_len == SHA256_DIGEST_SIZE) { 269 && pKeys[i].hash_len == SHA256_DIGEST_SIZE) {
270 p256_int r, s; 270 p256_int r, s;
271 if (!dsa_sig_unpack(sig_der, sig_der_length, &r, &s)) { 271 if (!dsa_sig_unpack(sig_der, sig_der_length, &r, &s)) {
272 LOGI("Not a DSA signature block for EC key %d\n", i); 272 LOGI("Not a DSA signature block for EC key %zu\n", i);
273 continue; 273 continue;
274 } 274 }
275 275
@@ -277,11 +277,11 @@ int verify_file(unsigned char* addr, size_t length,
277 p256_from_bin(hash, &p256_hash); 277 p256_from_bin(hash, &p256_hash);
278 if (!p256_ecdsa_verify(&(pKeys[i].ec->x), &(pKeys[i].ec->y), 278 if (!p256_ecdsa_verify(&(pKeys[i].ec->x), &(pKeys[i].ec->y),
279 &p256_hash, &r, &s)) { 279 &p256_hash, &r, &s)) {
280 LOGI("failed to verify against EC key %d\n", i); 280 LOGI("failed to verify against EC key %zu\n", i);
281 continue; 281 continue;
282 } 282 }
283 283
284 LOGI("whole-file signature verified against EC key %d\n", i); 284 LOGI("whole-file signature verified against EC key %zu\n", i);
285 free(sig_der); 285 free(sig_der);
286 return VERIFY_SUCCESS; 286 return VERIFY_SUCCESS;
287 } else { 287 } else {