@pmatilai commented on this pull request.

> +    digest_hex = pgpHexStr(digest->digest, digest->digest_size);
+    rpmlog(RPMLOG_DEBUG, _("file(size %li): %s: digest(%i): %s, idx %i\n"),
+          file_size, rpmfiFN(fi), digest->digest_size, digest_hex,
+          rpmfiFX(fi));
+    free(digest_hex);
+    memset(&sig_params, 0, sizeof(struct libfsverity_signature_params));
+    sig_params.keyfile = key;
+    sig_params.certfile = cert;
+    if (libfsverity_sign_digest(digest, &sig_params, &sig, sig_size)) {
+       rpmlog(RPMLOG_DEBUG, _("failed to sign digest\n"));
+       goto out;
+    }
+    sig_hex = pgpHexStr(sig, *sig_size);

Here too, IMA file signatures set a bad example. Use base64 encoded strings 
instead of hex, it's much more space efficient (and IMA should be changed to 
that as well)

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Rpm-maint mailing list

Reply via email to