isa/citadel-tools
1
0
Fork 0
forked from brl/citadel-tools
Code Pull Requests Activity

Separate errors for no public key and signature verify failure

Browse Source
This commit is contained in:
Bruce Leidl 2019-01-17 09:04:35 -05:00
parent ad29d58413
commit 72b7af4f2d
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
libcitadel/src/resource.rs
View File

@ -196,8 +196,14 @@ impl ResourceImage {
pub fn setup_verity_device(&self) -> Result<PathBuf> { pub fn setup_verity_device(&self) -> Result<PathBuf> {
if !CommandLine::nosignatures() { if !CommandLine::nosignatures() {
self.header.verify_signature()?; match self.header.public_key()? {
info!("Image signature is valid for channel {}", self.metainfo.channel()); Some(pubkey) => {
if !self.header.verify_signature(pubkey) {
bail!("Header signature verification failed");
}
}
None => bail!("Cannot verify header signature because no public key for channel {} is available", self.metainfo.channel())
}
} }
info!("Setting up dm-verity device for image"); info!("Setting up dm-verity device for image");
if !self.has_verity_hashtree() { if !self.has_verity_hashtree() {