static OtaPalMainStatus_t Openssl

static OtaPalMainStatus_t Openssl_DigestVerify()

in platform/posix/ota_pal/source/ota_pal_posix.c [82:177]
65 lines of code
9 McCabe index (conditional complexity)

static OtaPalMainStatus_t Openssl_DigestVerify( EVP_MD_CTX * pSigContext,
                                                EVP_PKEY * pPkey,
                                                FILE * pFile,
                                                Sig256_t * pSignature );

/**
 * @brief Verify the signature of the specified file using OpenSSL.
 */
static OtaPalStatus_t otaPal_CheckFileSignature( OtaFileContext_t * const C );

/**
 * @brief Get the absolute file path from the environment.
 *
 * @param realFilePath Buffer to store the file path + file name.
 * @param pFilePath File name to append to the end of current path.
 */
static OtaPalPathGenStatus_t getFilePathFromCWD( char * realFilePath,
                                                 const char * pFilePath );

/*-----------------------------------------------------------*/

static EVP_PKEY * Openssl_GetPkeyFromCertificate( uint8_t * pCertFilePath )
{
    BIO * pBio = NULL;
    X509 * pCert = NULL;
    EVP_PKEY * pPkey = NULL;
    int32_t rc = 0;

    /* Read the cert file */
    pBio = BIO_new( BIO_s_file() );

    if( pBio != NULL )
    {
        /* coverity[misra_c_2012_rule_10_1_violation] */
        rc = BIO_read_filename( pBio, pCertFilePath );

        if( rc != 1 )
        {
            LogDebug( ( " No cert file, reading signer cert from header file\n" ) );

            /* Get the signer cert from a predefined PEM string */
            BIO_free_all( pBio );
            pBio = BIO_new( BIO_s_mem() );

            if( pBio != NULL )
            {
                rc = BIO_puts( pBio, signingcredentialSIGNING_CERTIFICATE_PEM );

                if( rc <= 0 )
                {
                    LogError( ( "Failed to write a PEM string to BIO stream" ) );
                }
            }
            else
            {
                LogError( ( "Failed to read certificate from a PEM string." ) );
            }
        }
        else
        {
            LogDebug( ( "Opened certificate file." ) );
        }
    }

    if( ( pBio != NULL ) && ( rc > 0 ) )
    {
        pCert = PEM_read_bio_X509( pBio, NULL, NULL, NULL );

        if( pCert != NULL )
        {
            LogDebug( ( "Getting the pkey from the X509 cert." ) );

            /* Extract the public key */
            pPkey = X509_get_pubkey( pCert );

            if( pPkey == NULL )
            {
                LogError( ( "Failed to get pkey from the signer cert." ) );
            }
        }
        else
        {
            LogError( ( "Failed to load cert from either file or predefined string." ) );
        }
    }
    else
    {
        LogError( ( "Failed to read signer cert." ) );
    }

    BIO_free_all( pBio );
    X509_free( pCert );

    /* pPkey should be freed by the caller */
    return pPkey;
}