PawletOS/external_libcamera
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2748265edc2ce17a428511c4c69ab78ca25ee8cd
external_libcamera/src/libcamera/pub_key.cpp
Laurent Pinchart 93e72b695e libcamera: Move internal headers to include/libcamera/internal/ 
The libcamera internal headers are located in src/libcamera/include/.
The directory is added to the compiler headers search path with a meson
include_directories() directive, and internal headers are included with
(e.g. for the internal semaphore.h header)

  #include "semaphore.h"

All was well, until libcxx decided to implement the C++20
synchronization library. The __threading_support header gained a

  #include <semaphore.h>

to include the pthread's semaphore support. As include_directories()
adds src/libcamera/include/ to the compiler search path with -I, the
internal semaphore.h is included instead of the pthread version.
Needless to say, the compiler isn't happy.

Three options have been considered to fix this issue:

- Use -iquote instead of -I. The -iquote option instructs gcc to only
  consider the header search path for headers included with the ""
  version. Meson unfortunately doesn't support this option.

- Rename the internal semaphore.h header. This was deemed to be the
  beginning of a long whack-a-mole game, where namespace clashes with
  system libraries would appear over time (possibly dependent on
  particular system configurations) and would need to be constantly
  fixed.

- Move the internal headers to another directory to create a unique
  namespace through path components. This causes lots of churn in all
  the existing source files through the all project.

The first option would be best, but isn't available to us due to missing
support in meson. Even if -iquote support was added, we would need to
fix the problem before a new version of meson containing the required
support would be released.

The third option is thus the only practical solution available. Bite the
bullet, and do it, moving headers to include/libcamera/internal/.

Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Acked-by: Jacopo Mondi <jacopo@jmondi.org>
2020-05-16 03:38:11 +03:00

98 lines
2.1 KiB
C++
Raw Blame History

/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Copyright (C) 2020, Google Inc.
*
* pub_key.cpp - Public key signature verification
*/
#include "libcamera/internal/pub_key.h"
#if HAVE_GNUTLS
#include <gnutls/abstract.h>
#endif
/**
* \file pub_key.h
* \brief Public key signature verification
*/
namespace libcamera {
/**
* \class PubKey
* \brief Public key wrapper for signature verification
*
* The PubKey class wraps a public key and implements signature verification. It
* only supports RSA keys and the RSA-SHA256 signature algorithm.
*/
/**
* \brief Construct a PubKey from key data
* \param[in] key Key data encoded in DER format
*/
PubKey::PubKey(Span<const uint8_t> key)
: valid_(false)
{
#if HAVE_GNUTLS
int ret = gnutls_pubkey_init(&pubkey_);
if (ret < 0)
return;
const gnutls_datum_t gnuTlsKey{
const_cast<unsigned char *>(key.data()),
static_cast<unsigned int>(key.size())
};
ret = gnutls_pubkey_import(pubkey_, &gnuTlsKey, GNUTLS_X509_FMT_DER);
if (ret < 0)
return;
valid_ = true;
#endif
}
PubKey::~PubKey()
{
#if HAVE_GNUTLS
gnutls_pubkey_deinit(pubkey_);
#endif
}
/**
* \fn bool PubKey::isValid() const
* \brief Check is the public key is valid
* \return True if the public key is valid, false otherwise
*/
/**
* \brief Verify signature on data
* \param[in] data The signed data
* \param[in] sig The signature
*
* Verify that the signature \a sig matches the signed \a data for the public
* key. The signture algorithm is hardcoded to RSA-SHA256.
*
* \return True if the signature is valid, false otherwise
*/
bool PubKey::verify(Span<const uint8_t> data, Span<const uint8_t> sig) const
{
#if HAVE_GNUTLS
const gnutls_datum_t gnuTlsData{
const_cast<unsigned char *>(data.data()),
static_cast<unsigned int>(data.size())
};
const gnutls_datum_t gnuTlsSig{
const_cast<unsigned char *>(sig.data()),
static_cast<unsigned int>(sig.size())
};
int ret = gnutls_pubkey_verify_data2(pubkey_, GNUTLS_SIGN_RSA_SHA256, 0,
&gnuTlsData, &gnuTlsSig);
return ret >= 0;
#else
return false;
#endif
}
} /* namespace libcamera */
Reference in New Issue View Git Blame Copy Permalink