Lines Matching refs:ess
52 static ELFsign_status_t elfsign_adjustoffsets(ELFsign_t ess,
55 static ELFsign_status_t elfsign_switch(ELFsign_t ess,
243 ELFsign_t ess;
272 if ((ess = malloc(sizeof (struct ELFsign_s))) == NULL) {
275 (void) memset((void *)ess, 0, sizeof (struct ELFsign_s));
277 if (!elfcertlib_init(ess)) {
282 ess->es_elf = NULL;
283 ess->es_action = action;
284 ess->es_version = FILESIG_UNKNOWN;
285 ess->es_pathname = NULL;
286 ess->es_certpath = NULL;
289 *essp = ess;
293 if ((ess->es_fd = open(filename, oflags)) == -1) {
294 elfsign_end(ess);
297 if ((fstat(ess->es_fd, &stb) == -1) || !S_ISREG(stb.st_mode)) {
298 elfsign_end(ess);
301 if ((ess->es_pathname = strdup(filename)) == NULL) {
302 elfsign_end(ess);
310 ess->es_flock.l_type = l_type;
311 ess->es_flock.l_whence = SEEK_CUR;
312 ess->es_flock.l_start = 0;
313 ess->es_flock.l_len = 0;
314 if (fcntl(ess->es_fd, F_SETLK, &ess->es_flock) == -1) {
316 ess->es_pathname, strerror(errno));
317 elfsign_end(ess);
322 elfsign_end(ess);
326 if ((ess->es_elf = elf_begin(ess->es_fd, elfcmd,
329 elfsign_end(ess);
333 if (gelf_getehdr(ess->es_elf, &elfehdr) == NULL) {
335 elfsign_end(ess);
338 ess->es_has_phdr = (elfehdr.e_phnum != 0);
341 ident = elf_getident(ess->es_elf, NULL);
344 elfsign_end(ess);
347 ess->es_same_endian = (ident[EI_DATA] == uorder.c[0]);
348 ess->es_ei_class = ident[EI_CLASS];
354 if (elf_getshstrndx(ess->es_elf, &ess->es_shstrndx) == 0) {
355 elfsign_end(ess);
363 (void) elf_flagelf(ess->es_elf, ELF_C_SET, ELF_F_LAYOUT);
365 *essp = ess;
373 * IN/OUT: ess
376 elfsign_end(ELFsign_t ess)
378 if (ess == NULL)
381 if (ess->es_elf != NULL && ES_ACTISUPDATE(ess->es_action)) {
382 if (elf_update(ess->es_elf, ELF_C_WRITE) == -1) {
389 if (ess->es_fd != -1) {
390 (void) close(ess->es_fd);
391 ess->es_fd = -1;
394 if (ess->es_pathname != NULL) {
395 free(ess->es_pathname);
396 ess->es_pathname = NULL;
398 if (ess->es_certpath != NULL) {
399 free(ess->es_certpath);
400 ess->es_certpath = NULL;
403 if (ess->es_elf != NULL) {
404 (void) elf_end(ess->es_elf);
405 ess->es_elf = NULL;
408 elfcertlib_fini(ess);
410 free(ess);
417 elfsign_setcertpath(ELFsign_t ess, const char *certpath)
427 if ((ess->es_certpath = strdup(certpath)) == NULL)
430 if (ES_ACTISUPDATE(ess->es_action)) {
435 if (elfcertlib_getcert(ess, ess->es_certpath, NULL,
436 &cert, ess->es_action)) {
439 ess->es_version = (ess->es_action ==
443 ess->es_version = (ess->es_action ==
447 elfcertlib_releasecert(ess, cert);
449 if (ess->es_version == FILESIG_UNKNOWN)
459 elfsign_setcallbackctx(ELFsign_t ess, void *ctx)
461 ess->es_callbackctx = ctx;
468 elfsign_setsigvercallback(ELFsign_t ess,
471 ess->es_sigvercallback = cb;
477 * IN: ess, fsspp, action
481 elfsign_signatures(ELFsign_t ess,
495 if ((ess == NULL) || (fsspp == NULL)) {
504 while ((scn = elf_nextscn(ess->es_elf, scn)) != NULL) {
515 sh_name = elf_strptr(ess->es_elf, ess->es_shstrndx,
543 if ((scn = elf_getscn(ess->es_elf, ess->es_shstrndx)) == 0) {
579 if ((sig_scn = elf_newscn(ess->es_elf)) == 0) {
613 if (elfsign_adjustoffsets(ess, scn,
652 (void) elfsign_switch(ess,
660 if (elfsign_adjustoffsets(ess, sig_scn, fssize) !=
671 if (elfsign_switch(ess, *fsspp, ES_GET) != ELFSIGN_SUCCESS) {
683 elfsign_adjustoffsets(ELFsign_t ess, Elf_Scn *scn, uint64_t new_size)
704 name = elf_strptr(ess->es_elf, ess->es_shstrndx,
706 if (shdr.sh_flags & SHF_ALLOC && ess->es_has_phdr) {
728 scnp = elf_getscn(ess->es_elf, 0); /* "seek" to start */
729 while ((scnp = elf_nextscn(ess->es_elf, scnp)) != NULL) {
734 name = elf_strptr(ess->es_elf, ess->es_shstrndx,
736 if (shdr.sh_flags & SHF_ALLOC && ess->es_has_phdr) {
790 name = elf_strptr(ess->es_elf, ess->es_shstrndx,
807 if (gelf_getehdr(ess->es_elf, &elfehdr) == NULL) {
812 if (ess->es_ei_class == ELFCLASS32)
815 else if (ess->es_ei_class == ELFCLASS64)
822 if (gelf_update_ehdr(ess->es_elf, &elfehdr) == 0) {
841 elfsign_insert_dso(ELFsign_t ess,
850 return (filesig_insert_dso(fssp, ess->es_version, dn, dn_len,
856 elfsign_extract_sig(ELFsign_t ess,
886 if (ess->es_version == FILESIG_UNKNOWN) {
887 ess->es_version = version;
894 elfsign_hash_common(ELFsign_t ess, uchar_t *hash, size_t *hash_len,
911 scn = elf_getscn(ess->es_elf, 0); /* "seek" to start */
913 while ((scn = elf_nextscn(ess->es_elf, scn)) != 0) {
922 name = elf_strptr(ess->es_elf, ess->es_shstrndx,
928 (ess->es_version == FILESIG_VERSION1 ||
929 ess->es_version == FILESIG_VERSION3)) {
988 * IN: ess, hash_len
992 elfsign_hash(ELFsign_t ess, uchar_t *hash, size_t *hash_len)
994 return (elfsign_hash_common(ess, hash, hash_len, B_FALSE));
1001 * IN: ess, hash_len
1005 elfsign_hash_mem_resident(ELFsign_t ess, uchar_t *hash, size_t *hash_len)
1007 return (elfsign_hash_common(ess, hash, hash_len, B_TRUE));
1014 * IN: ess
1020 elfsign_verify_signature(ELFsign_t ess, struct ELFsign_sig_info **esipp)
1043 if (elfsign_signatures(ess, &fssp, &fslen, ES_GET) != ELFSIGN_SUCCESS) {
1059 ess->es_version = filesig_extract(fsgp, &fsx);
1061 version_to_str(ess->es_version));
1062 switch (ess->es_version) {
1090 elfcertlib_releasecert(ess, cert);
1095 if (!elfcertlib_getcert(ess, ess->es_certpath,
1096 fsx.fsx_signer_DN, &cert, ess->es_action)) {
1099 fsx.fsx_signer_DN, ess->es_pathname);
1108 if ((ess->es_action == ES_GET_CRYPTO ||
1109 ess->es_action == ES_GET_FIPS140 ||
1111 !elfcertlib_verifycert(ess, cert)) {
1130 if (elfsign_hash(ess, hash, &hash_len) != ELFSIGN_SUCCESS) {
1149 if (elfcertlib_verifysig(ess, cert,
1151 if (ess->es_sigvercallback)
1152 (ess->es_sigvercallback)
1153 (ess->es_callbackctx, fssp, fslen, cert);
1165 elfcertlib_releasecert(ess, cert);
1193 elfsign_switch(ELFsign_t ess, struct filesignatures *fssp,
1200 if (ess->es_same_endian)
1256 elfsign_buffer_len(ELFsign_t ess, size_t *ip, uchar_t *cp,
1264 if (!ess->es_same_endian) {
1271 if (!ess->es_same_endian) {