Re: [PATCH] X.509: if signature is unsupported skip validation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Aug 15, 2023 at 02:29:42PM +0300, Thore Sommer wrote:
> When the hash algorithm for the signature is not available the digest size
> is 0 and the signature in the certificate is marked as unsupported.
> 
> When validating a self-signed certificate, this needs to be checked,
> because otherwise trying to validate the signature will fail with an
> warning:
> 
> Loading compiled-in X.509 certificates
> WARNING: CPU: 0 PID: 1 at crypto/rsa-pkcs1pad.c:537 \
> pkcs1pad_verify+0x46/0x12c
> ...
> Problem loading in-kernel X.509 certificate (-22)
> 
> Signed-off-by: Thore Sommer <public@xxxxxxxx>
> ---
>  crypto/asymmetric_keys/x509_public_key.c | 5 +++++
>  1 file changed, 5 insertions(+)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux