On Thu Mar 21, 2024 at 6:10 AM EET, Eric Biggers wrote:
> On Tue, Mar 19, 2024 at 07:20:54PM +0200, Jarkko Sakkinen wrote:
> > > diff --git a/crypto/asymmetric_keys/mscode_parser.c b/crypto/asymmetric_keys/mscode_parser.c
> > > index 05402ef8964e..8aecbe4637f3 100644
> > > --- a/crypto/asymmetric_keys/mscode_parser.c
> > > +++ b/crypto/asymmetric_keys/mscode_parser.c
> > > @@ -73,10 +73,13 @@ int mscode_note_digest_algo(void *context, size_t hdrlen,
> > > char buffer[50];
> > > enum OID oid;
> > >
> > > oid = look_up_OID(value, vlen);
> > > switch (oid) {
> > > + case OID_sha1:
> > > + ctx->digest_algo = "sha1";
> > > + break;
> >
> > I fully agree with the change BUT...
> >
> > IMHO it would make sense to e.g either add inline comment about iwd
> > dependency or link to the bug report here.
> >
> > I'd like to think that there is common will to eventually get rid of
> > all of SHA-1, and thus in cases where it is not yet possible it would
> > make sense to guide what to needs to be done to make it happen, right?
> >
> > BR, Jarkko
>
> This is supposed to just be a revert, so it's best not to mess around with
> adding additional stuff that wasn't in the original commit. The sha1 signatures
> are also not unique; iwd is also forcing the kernel to keep supporting MD4, RC4,
> KEYCTL_DH_COMPUTE, KEYCTL_PKEY_{QUERY,ENCRYPT,DECRYPT,SIGN,VERIFY}, etc.
> Probably more than I don't know about. I guess all of this should be documented
> in the code in appropriate places. Probably the iwd folks should step in to do
> this, as they know best what they're using and they got a lot of this added to
> the kernel in the first place.
>
> - Eric
OK, fair point.
BR, Jarkko
