@@ -13,50 +13,24 @@
#include "commands.h"
#include "fsverity_uapi.h"
-#include "hash_algs.h"
/* Display the measurement of the given verity file(s). */
-int fsverity_cmd_measure(const struct fsverity_command *cmd,
- int argc, char *argv[])
+int fsverity_cmd_measure(char *filename, struct fsverity_digest *d)
{
- struct fsverity_digest *d = NULL;
struct filedes file;
- char digest_hex[FS_VERITY_MAX_DIGEST_SIZE * 2 + 1];
- const struct fsverity_hash_alg *hash_alg;
- char _hash_alg_name[32];
- const char *hash_alg_name;
int status;
- int i;
- if (argc < 2)
- goto out_usage;
+ if (!open_file(&file, filename, O_RDONLY, 0))
+ goto out_err;
- d = xzalloc(sizeof(*d) + FS_VERITY_MAX_DIGEST_SIZE);
-
- for (i = 1; i < argc; i++) {
- d->digest_size = FS_VERITY_MAX_DIGEST_SIZE;
-
- if (!open_file(&file, argv[i], O_RDONLY, 0))
- goto out_err;
- if (ioctl(file.fd, FS_IOC_MEASURE_VERITY, d) != 0) {
- error_msg_errno("FS_IOC_MEASURE_VERITY failed on '%s'",
- file.name);
- filedes_close(&file);
- goto out_err;
- }
+ if (ioctl(file.fd, FS_IOC_MEASURE_VERITY, d) != 0) {
+ error_msg_errno("FS_IOC_MEASURE_VERITY failed on '%s'",
+ file.name);
filedes_close(&file);
-
- ASSERT(d->digest_size <= FS_VERITY_MAX_DIGEST_SIZE);
- bin2hex(d->digest, d->digest_size, digest_hex);
- hash_alg = find_hash_alg_by_num(d->digest_algorithm);
- if (hash_alg) {
- hash_alg_name = hash_alg->name;
- } else {
- sprintf(_hash_alg_name, "ALG_%u", d->digest_algorithm);
- hash_alg_name = _hash_alg_name;
- }
- printf("%s:%s %s\n", hash_alg_name, digest_hex, argv[i]);
+ goto out_err;
}
+ filedes_close(&file);
+
status = 0;
out:
free(d);
@@ -65,9 +39,4 @@ out:
out_err:
status = 1;
goto out;
-
-out_usage:
- usage(cmd, stderr);
- status = 2;
- goto out;
}
@@ -28,8 +28,7 @@ void usage(const struct fsverity_command *cmd, FILE *fp);
int fsverity_cmd_enable(const struct fsverity_command *cmd,
int argc, char *argv[]);
-int fsverity_cmd_measure(const struct fsverity_command *cmd,
- int argc, char *argv[]);
+int fsverity_cmd_measure(char *filename, struct fsverity_digest *d);
int fsverity_cmd_sign(char *filename, const struct fsverity_hash_alg *hash_alg,
u32 block_size, u8 *salt, u32 salt_size,
const char *keyfile, const char *certfile,
@@ -142,6 +142,54 @@ int wrap_cmd_sign(const struct fsverity_command *cmd, int argc, char *argv[])
goto out;
}
+int wrap_cmd_measure(const struct fsverity_command *cmd,
+ int argc, char *argv[])
+{
+ struct fsverity_digest *d = NULL;
+ char digest_hex[FS_VERITY_MAX_DIGEST_SIZE * 2 + 1];
+ const struct fsverity_hash_alg *hash_alg;
+ char _hash_alg_name[32];
+ const char *hash_alg_name;
+ int status;
+ int i;
+
+ if (argc < 2)
+ goto out_usage;
+
+ d = xzalloc(sizeof(*d) + FS_VERITY_MAX_DIGEST_SIZE);
+
+ for (i = 1; i < argc; i++) {
+ d->digest_size = FS_VERITY_MAX_DIGEST_SIZE;
+
+ status = fsverity_cmd_measure(argv[i], d);
+ if (status)
+ goto out_err;
+
+ ASSERT(d->digest_size <= FS_VERITY_MAX_DIGEST_SIZE);
+ bin2hex(d->digest, d->digest_size, digest_hex);
+ hash_alg = find_hash_alg_by_num(d->digest_algorithm);
+ if (hash_alg) {
+ hash_alg_name = hash_alg->name;
+ } else {
+ sprintf(_hash_alg_name, "ALG_%u", d->digest_algorithm);
+ hash_alg_name = _hash_alg_name;
+ }
+ printf("%s:%s %s\n", hash_alg_name, digest_hex, argv[i]);
+ }
+out:
+ free(d);
+ return status;
+
+out_err:
+ status = 1;
+ goto out;
+
+out_usage:
+ usage(cmd, stderr);
+ status = 2;
+ goto out;
+}
+
static const struct fsverity_command {
const char *name;
int (*func)(const struct fsverity_command *cmd, int argc, char *argv[]);
@@ -158,7 +206,7 @@ static const struct fsverity_command {
" [--signature=SIGFILE]\n"
}, {
.name = "measure",
- .func = fsverity_cmd_measure,
+ .func = wrap_cmd_measure,
.short_desc =
"Display the measurement of the given verity file(s)",
.usage_str =