PKCS#7: Refactor verify_pkcs7_signature()

#ifdef CONFIG_SYSTEM_DATA_VERIFICATION

/**

 * verify_pkcs7_signature - Verify a PKCS#7-based signature on system data.

 * verify_pkcs7_message_sig - Verify a PKCS#7-based signature on system data.

 * @data: The data to be verified (NULL if expecting internal data).

 * @len: Size of @data.

 * @raw_pkcs7: The PKCS#7 message that is the signature.

 * @pkcs7_len: The size of @raw_pkcs7.

 * @pkcs7: The PKCS#7 message that is the signature.

 * @trusted_keys: Trusted keys to use (NULL for builtin trusted keys only,

 *					(void *)1UL for all trusted keys).

 * @usage: The use to which the key is being put.

 * @view_content: Callback to gain access to content.

 * @ctx: Context for callback.

 */

int verify_pkcs7_signature(const void *data, size_t len,

			   const void *raw_pkcs7, size_t pkcs7_len,

int verify_pkcs7_message_sig(const void *data, size_t len,

			     struct pkcs7_message *pkcs7,

			     struct key *trusted_keys,

			     enum key_being_used_for usage,

			     int (*view_content)(void *ctx,

						 size_t asn1hdrlen),

			     void *ctx)

{

	struct pkcs7_message *pkcs7;

	int ret;

	pkcs7 = pkcs7_parse_message(raw_pkcs7, pkcs7_len);

	if (IS_ERR(pkcs7))

		return PTR_ERR(pkcs7);

	/* The data should be detached - so we need to supply it. */

	if (data && pkcs7_supply_detached_data(pkcs7, data, len) < 0) {

		pr_err("PKCS#7 signature with non-detached data\n");

	}

error:

	pr_devel("<==%s() = %d\n", __func__, ret);

	return ret;

}

/**

 * verify_pkcs7_signature - Verify a PKCS#7-based signature on system data.

 * @data: The data to be verified (NULL if expecting internal data).

 * @len: Size of @data.

 * @raw_pkcs7: The PKCS#7 message that is the signature.

 * @pkcs7_len: The size of @raw_pkcs7.

 * @trusted_keys: Trusted keys to use (NULL for builtin trusted keys only,

 *					(void *)1UL for all trusted keys).

 * @usage: The use to which the key is being put.

 * @view_content: Callback to gain access to content.

 * @ctx: Context for callback.

 */

int verify_pkcs7_signature(const void *data, size_t len,

			   const void *raw_pkcs7, size_t pkcs7_len,

			   struct key *trusted_keys,

			   enum key_being_used_for usage,

			   int (*view_content)(void *ctx,

					       const void *data, size_t len,

					       size_t asn1hdrlen),

			   void *ctx)

{

	struct pkcs7_message *pkcs7;

	int ret;

	pkcs7 = pkcs7_parse_message(raw_pkcs7, pkcs7_len);

	if (IS_ERR(pkcs7))

		return PTR_ERR(pkcs7);

	ret = verify_pkcs7_message_sig(data, len, pkcs7, trusted_keys, usage,

				       view_content, ctx);

	pkcs7_free_message(pkcs7);

	pr_devel("<==%s() = %d\n", __func__, ret);

	return ret;

#ifdef CONFIG_SYSTEM_DATA_VERIFICATION

struct key;

struct pkcs7_message;

extern int verify_pkcs7_signature(const void *data, size_t len,

				  const void *raw_pkcs7, size_t pkcs7_len,

						      const void *data, size_t len,

						      size_t asn1hdrlen),

				  void *ctx);

extern int verify_pkcs7_message_sig(const void *data, size_t len,

				    struct pkcs7_message *pkcs7,

				    struct key *trusted_keys,

				    enum key_being_used_for usage,

				    int (*view_content)(void *ctx,

							const void *data,

							size_t len,

							size_t asn1hdrlen),

				    void *ctx);

#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION

extern int verify_pefile_signature(const void *pebuf, unsigned pelen,