wgtpkg-digsig: Add flag to accept/refuse a WGT without signature

This flag allows with a single function to check the signature and the case that a not signed widget is to be refused in the same way that the signature is wrong. The CMAKE boolean ALLOW_NO_SIGNATURE can be used to control the default behavior at compile time. By default its value is OFF meaning that install will refuse widgets without signature. Relates to Bug-AGL: SPEC-1590 Change-Id: I403109272759454696a1e5d9913879aaea7676e6 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
author: José Bollo <jose.bollo@iot.bzh> 2018-07-17 11:14:06 +0200
committer: José Bollo <jose.bollo@iot.bzh> 2018-07-17 14:49:18 +0200
commit: d8d819bcde18c8b4b5dfbdf610a6fc5e04fa54bf (patch)
tree: 214ee1ec95aafe4855a25899886d2b33915fcb46 /src/wgtpkg-digsig.c
parent: f97f8d24a1971117bbd4057ca0cd00776bcccb39 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/src/wgtpkg-digsig.c b/src/wgtpkg-digsig.c
index a1cb55f..36060ce 100644
--- a/src/wgtpkg-digsig.c
+++ b/src/wgtpkg-digsig.c
@@ -336,13 +336,17 @@ int verify_digsig(struct filedesc *fdesc)
 }
 
 /* check all the signature files */
-int check_all_signatures()
+int check_all_signatures(int allow_none)
 {
 	int rc, irc;
 	unsigned int i, n;
 	struct filedesc *fdesc;
 
 	n = signature_count();
+	if (n == 0 && !allow_none) {
+		ERROR("no signature found");
+		return -1;
+	}
 	rc = 0;
 	for (i = n ; i-- > 0 ; ) {
 		fdesc = signature_of_index(i);
author	José Bollo <jose.bollo@iot.bzh>	2018-07-17 11:14:06 +0200
committer	José Bollo <jose.bollo@iot.bzh>	2018-07-17 14:49:18 +0200
commit	d8d819bcde18c8b4b5dfbdf610a6fc5e04fa54bf (patch)
tree	214ee1ec95aafe4855a25899886d2b33915fcb46 /src/wgtpkg-digsig.c
parent	f97f8d24a1971117bbd4057ca0cd00776bcccb39 (diff)