Lines Matching refs:ess
52 static ELFsign_status_t elfsign_adjustoffsets(ELFsign_t ess,
55 static ELFsign_status_t elfsign_switch(ELFsign_t ess,
243 ELFsign_t ess;
271 if ((ess = malloc(sizeof (struct ELFsign_s))) == NULL) {
274 (void) memset((void *)ess, 0, sizeof (struct ELFsign_s));
276 if (!elfcertlib_init(ess)) {
281 ess->es_elf = NULL;
282 ess->es_action = action;
283 ess->es_version = FILESIG_UNKNOWN;
284 ess->es_pathname = NULL;
285 ess->es_certpath = NULL;
288 *essp = ess;
292 if ((ess->es_fd = open(filename, oflags)) == -1) {
293 elfsign_end(ess);
296 if ((fstat(ess->es_fd, &stb) == -1) || !S_ISREG(stb.st_mode)) {
297 elfsign_end(ess);
300 if ((ess->es_pathname = strdup(filename)) == NULL) {
301 elfsign_end(ess);
309 ess->es_flock.l_type = l_type;
310 ess->es_flock.l_whence = SEEK_CUR;
311 ess->es_flock.l_start = 0;
312 ess->es_flock.l_len = 0;
313 if (fcntl(ess->es_fd, F_SETLK, &ess->es_flock) == -1) {
315 ess->es_pathname, strerror(errno));
316 elfsign_end(ess);
321 elfsign_end(ess);
325 if ((ess->es_elf = elf_begin(ess->es_fd, elfcmd,
328 elfsign_end(ess);
332 if (gelf_getehdr(ess->es_elf, &elfehdr) == NULL) {
334 elfsign_end(ess);
337 ess->es_has_phdr = (elfehdr.e_phnum != 0);
340 ident = elf_getident(ess->es_elf, NULL);
343 elfsign_end(ess);
346 ess->es_same_endian = (ident[EI_DATA] == uorder.c[0]);
347 ess->es_ei_class = ident[EI_CLASS];
353 if (elf_getshstrndx(ess->es_elf, &ess->es_shstrndx) == 0) {
354 elfsign_end(ess);
362 (void) elf_flagelf(ess->es_elf, ELF_C_SET, ELF_F_LAYOUT);
364 *essp = ess;
372 * IN/OUT: ess
375 elfsign_end(ELFsign_t ess)
377 if (ess == NULL)
380 if (ess->es_elf != NULL && ES_ACTISUPDATE(ess->es_action)) {
381 if (elf_update(ess->es_elf, ELF_C_WRITE) == -1) {
388 if (ess->es_fd != -1) {
389 (void) close(ess->es_fd);
390 ess->es_fd = -1;
393 if (ess->es_pathname != NULL) {
394 free(ess->es_pathname);
395 ess->es_pathname = NULL;
397 if (ess->es_certpath != NULL) {
398 free(ess->es_certpath);
399 ess->es_certpath = NULL;
402 if (ess->es_elf != NULL) {
403 (void) elf_end(ess->es_elf);
404 ess->es_elf = NULL;
407 elfcertlib_fini(ess);
409 free(ess);
416 elfsign_setcertpath(ELFsign_t ess, const char *certpath)
426 if ((ess->es_certpath = strdup(certpath)) == NULL)
429 if (ES_ACTISUPDATE(ess->es_action)) {
434 if (elfcertlib_getcert(ess, ess->es_certpath, NULL,
435 &cert, ess->es_action)) {
438 ess->es_version = (ess->es_action ==
442 ess->es_version = (ess->es_action ==
446 elfcertlib_releasecert(ess, cert);
448 if (ess->es_version == FILESIG_UNKNOWN)
458 elfsign_setcallbackctx(ELFsign_t ess, void *ctx)
460 ess->es_callbackctx = ctx;
467 elfsign_setsigvercallback(ELFsign_t ess,
470 ess->es_sigvercallback = cb;
476 * IN: ess, fsspp, action
480 elfsign_signatures(ELFsign_t ess,
494 if ((ess == NULL) || (fsspp == NULL)) {
503 while ((scn = elf_nextscn(ess->es_elf, scn)) != NULL) {
514 sh_name = elf_strptr(ess->es_elf, ess->es_shstrndx,
542 if ((scn = elf_getscn(ess->es_elf, ess->es_shstrndx)) == 0) {
578 if ((sig_scn = elf_newscn(ess->es_elf)) == 0) {
612 if (elfsign_adjustoffsets(ess, scn,
651 (void) elfsign_switch(ess,
659 if (elfsign_adjustoffsets(ess, sig_scn, fssize) !=
670 if (elfsign_switch(ess, *fsspp, ES_GET) != ELFSIGN_SUCCESS) {
682 elfsign_adjustoffsets(ELFsign_t ess, Elf_Scn *scn, uint64_t new_size)
703 name = elf_strptr(ess->es_elf, ess->es_shstrndx,
705 if (shdr.sh_flags & SHF_ALLOC && ess->es_has_phdr) {
727 scnp = elf_getscn(ess->es_elf, 0); /* "seek" to start */
728 while ((scnp = elf_nextscn(ess->es_elf, scnp)) != NULL) {
733 name = elf_strptr(ess->es_elf, ess->es_shstrndx,
735 if (shdr.sh_flags & SHF_ALLOC && ess->es_has_phdr) {
789 name = elf_strptr(ess->es_elf, ess->es_shstrndx,
806 if (gelf_getehdr(ess->es_elf, &elfehdr) == NULL) {
811 if (ess->es_ei_class == ELFCLASS32)
814 else if (ess->es_ei_class == ELFCLASS64)
821 if (gelf_update_ehdr(ess->es_elf, &elfehdr) == 0) {
840 elfsign_insert_dso(ELFsign_t ess,
849 return (filesig_insert_dso(fssp, ess->es_version, dn, dn_len,
855 elfsign_extract_sig(ELFsign_t ess,
885 if (ess->es_version == FILESIG_UNKNOWN) {
886 ess->es_version = version;
893 elfsign_hash_common(ELFsign_t ess, uchar_t *hash, size_t *hash_len,
910 scn = elf_getscn(ess->es_elf, 0); /* "seek" to start */
912 while ((scn = elf_nextscn(ess->es_elf, scn)) != 0) {
921 name = elf_strptr(ess->es_elf, ess->es_shstrndx,
927 (ess->es_version == FILESIG_VERSION1 ||
928 ess->es_version == FILESIG_VERSION3)) {
987 * IN: ess, hash_len
991 elfsign_hash(ELFsign_t ess, uchar_t *hash, size_t *hash_len)
993 return (elfsign_hash_common(ess, hash, hash_len, B_FALSE));
1000 * IN: ess, hash_len
1004 elfsign_hash_mem_resident(ELFsign_t ess, uchar_t *hash, size_t *hash_len)
1006 return (elfsign_hash_common(ess, hash, hash_len, B_TRUE));
1013 * IN: ess
1019 elfsign_verify_signature(ELFsign_t ess, struct ELFsign_sig_info **esipp)
1042 if (elfsign_signatures(ess, &fssp, &fslen, ES_GET) != ELFSIGN_SUCCESS) {
1058 ess->es_version = filesig_extract(fsgp, &fsx);
1060 version_to_str(ess->es_version));
1061 switch (ess->es_version) {
1089 elfcertlib_releasecert(ess, cert);
1094 if (!elfcertlib_getcert(ess, ess->es_certpath,
1095 fsx.fsx_signer_DN, &cert, ess->es_action)) {
1098 fsx.fsx_signer_DN, ess->es_pathname);
1107 if ((ess->es_action == ES_GET_CRYPTO ||
1109 !elfcertlib_verifycert(ess, cert)) {
1112 if (ess->es_certpath == NULL)
1129 if (elfsign_hash(ess, hash, &hash_len) != ELFSIGN_SUCCESS) {
1148 if (elfcertlib_verifysig(ess, cert,
1150 if (ess->es_sigvercallback)
1151 (ess->es_sigvercallback)
1152 (ess->es_callbackctx, fssp, fslen, cert);
1166 elfcertlib_releasecert(ess, cert);
1194 elfsign_switch(ELFsign_t ess, struct filesignatures *fssp,
1201 if (ess->es_same_endian)
1257 elfsign_buffer_len(ELFsign_t ess, size_t *ip, uchar_t *cp,
1265 if (!ess->es_same_endian) {
1272 if (!ess->es_same_endian) {