On Tue, Mar 19, 2024 at 07:20:54PM +0200, Jarkko Sakkinen wrote:
> > diff --git a/crypto/asymmetric_keys/mscode_parser.c b/crypto/asymmetric_keys/mscode_parser.c
> > index 05402ef8964e..8aecbe4637f3 100644
> > --- a/crypto/asymmetric_keys/mscode_parser.c
> > +++ b/crypto/asymmetric_keys/mscode_parser.c
> > @@ -73,10 +73,13 @@ int mscode_note_digest_algo(void *context, size_t hdrlen,
> > char buffer[50];
> > enum OID oid;
> >
> > oid = look_up_OID(value, vlen);
> > switch (oid) {
> > + case OID_sha1:
> > + ctx->digest_algo = "sha1";
> > + break;
>
> I fully agree with the change BUT...
>
> IMHO it would make sense to e.g either add inline comment about iwd
> dependency or link to the bug report here.
>
> I'd like to think that there is common will to eventually get rid of
> all of SHA-1, and thus in cases where it is not yet possible it would
> make sense to guide what to needs to be done to make it happen, right?
>
> BR, Jarkko
This is supposed to just be a revert, so it's best not to mess around with
adding additional stuff that wasn't in the original commit. The sha1 signatures
are also not unique; iwd is also forcing the kernel to keep supporting MD4, RC4,
KEYCTL_DH_COMPUTE, KEYCTL_PKEY_{QUERY,ENCRYPT,DECRYPT,SIGN,VERIFY}, etc.
Probably more than I don't know about. I guess all of this should be documented
in the code in appropriate places. Probably the iwd folks should step in to do
this, as they know best what they're using and they got a lot of this added to
the kernel in the first place.
- Eric
