[PATCH15/17] pefile: Handle pesign using the wrong OID

David Howells dhowells at redhat.com
Wed Jul 9 08:17:02 PDT 2014


The pesign utility had a bug where it was using OID_msIndividualSPKeyPurpose
instead of OID_msPeImageDataObjId - so allow both OIDs.

Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
Acked-by: Vivek Goyal <vgoyal at redhat.com>
---

 crypto/asymmetric_keys/mscode_parser.c |    8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)


diff --git a/crypto/asymmetric_keys/mscode_parser.c b/crypto/asymmetric_keys/mscode_parser.c
index 09336c3..214a992 100644
--- a/crypto/asymmetric_keys/mscode_parser.c
+++ b/crypto/asymmetric_keys/mscode_parser.c
@@ -58,7 +58,13 @@ int mscode_note_content_type(void *context, size_t hdrlen,
 		return -EBADMSG;
 	}
 
-	if (oid != OID_msIndividualSPKeyPurpose) {
+	/*
+	 * pesign utility had a bug where it was putting
+	 * OID_msIndividualSPKeyPurpose instead of OID_msPeImageDataObjId
+	 * So allow both OIDs.
+	 */
+	if (oid != OID_msPeImageDataObjId &&
+	    oid != OID_msIndividualSPKeyPurpose) {
 		pr_err("Unexpected content type OID %u\n", oid);
 		return -EBADMSG;
 	}




More information about the kexec mailing list