When using sign_hash, the resulting signature is incorrect if any hash algorithm other than sha1 is used. This is because while the sign_hash function has a hashalgo argument, the sign_hash_v2 function does not actually use this argument for anything except setting the hash_algo value in the header. This patch makes sure it uses the algo variable consistently. Changes since v1: - Using sys/xattr.h - Removed copyright line for sign_ima Patrick Uiterwijk (2): Fix sign_hash not observing the hashalgo argument Add test for using sign_hash API src/evmctl.c | 23 ---------------- src/libimaevm.c | 4 +-- src/utils.c | 20 ++++++++++++++ src/utils.h | 1 + tests/.gitignore | 2 ++ tests/Makefile.am | 5 ++++ tests/sign_verify.apitest.c | 55 +++++++++++++++++++++++++++++++++++++ tests/sign_verify.test | 30 ++++++++++++++++---- 8 files changed, 109 insertions(+), 31 deletions(-) create mode 100644 tests/sign_verify.apitest.c -- 2.31.1
