Eric Biggers <ebigge...@gmail.com> wrote: > The X.509 parser mishandles the case where the certificate's signature's > hash algorithm is not available in the crypto API. In this case, > x509_get_sig_params() doesn't allocate the cert->sig->digest buffer; this > part seems to be intentional.
Well, yes, that would be intentional: we can't digest the digestibles without access to a hash algorithm to do so and we can't allocate a digest buffer without knowing how big it should be. > Fix this by making public_key_verify_signature() return -ENOPKG if the > hash buffer has not been allocated. Hmmm... I'm not sure that this is the right place to do this, since it obscures a potential invalid argument within the kernel. I'm more inclined that the users of X.509 certs should check x509->unsupported_sig (pkcs7_verify_sig_chain() does this already partially). David
