mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity

X.509: Use verify_signature() if we have a struct key * to use 

We should call verify_signature() rather than directly calling
public_key_verify_signature() if we have a struct key to use as we
shouldn't be poking around in the private data of the key struct as that's
subtype dependent.

Signed-off-by: David Howells <dhowells@redhat.com>
This commit is contained in:
David Howells 2016-04-06 16:14:25 +01:00
parent 9eb029893a
commit 5f7f5c81e5
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/asymmetric_keys/x509_public_key.c
View File

@ -220,8 +220,7 @@ static int x509_validate_trust(struct x509_certificate *cert,
if (!use_builtin_keys ||
test_bit(KEY_FLAG_BUILTIN, &key->flags)) {
ret = public_key_verify_signature(
key->payload.data[asym_crypto], cert->sig);
ret = verify_signature(key, cert->sig);
if (ret == -ENOPKG)
cert->unsupported_sig = true;
}