LOC_EXPORT int loc_database_new(struct loc_ctx* ctx, struct loc_database** database, FILE* f) {
struct loc_database* db = NULL;
- int r;
+ int r = 1;
// Fail on invalid file handle
if (!f) {
}
}
+ int sig1_valid = 0;
+ int sig2_valid = 0;
+
// Check first signature
- if (db->signature1.data) {
+ if (db->signature1.length) {
hexdump(db->ctx, db->signature1.data, db->signature1.length);
r = EVP_DigestVerifyFinal(mdctx,
if (r == 0) {
DEBUG(db->ctx, "The first signature is invalid\n");
- r = 1;
} else if (r == 1) {
DEBUG(db->ctx, "The first signature is valid\n");
- r = 0;
+ sig1_valid = 1;
} else {
ERROR(db->ctx, "Error verifying the first signature: %s\n",
ERR_error_string(ERR_get_error(), NULL));
r = -1;
+ goto CLEANUP;
}
}
// Check second signature only when the first one was invalid
- if (r && db->signature2.data) {
+ if (db->signature2.length) {
hexdump(db->ctx, db->signature2.data, db->signature2.length);
r = EVP_DigestVerifyFinal(mdctx,
if (r == 0) {
DEBUG(db->ctx, "The second signature is invalid\n");
- r = 1;
} else if (r == 1) {
DEBUG(db->ctx, "The second signature is valid\n");
- r = 0;
+ sig2_valid = 1;
} else {
ERROR(db->ctx, "Error verifying the second signature: %s\n",
ERR_error_string(ERR_get_error(), NULL));
r = -1;
+ goto CLEANUP;
}
}
INFO(db->ctx, "Signature checked in %.4fms\n",
(double)(end - start) / CLOCKS_PER_SEC * 1000);
+ // Check if at least one signature as okay
+ if (sig1_valid || sig2_valid)
+ r = 0;
+ else
+ r = 1;
+
CLEANUP:
// Cleanup
EVP_MD_CTX_free(mdctx);