[PATCH15/17] pefile: Handle pesign using the wrong OID
David Howells
dhowells at redhat.com
Wed Jul 9 08:17:02 PDT 2014
The pesign utility had a bug where it was using OID_msIndividualSPKeyPurpose
instead of OID_msPeImageDataObjId - so allow both OIDs.
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
Acked-by: Vivek Goyal <vgoyal at redhat.com>
---
crypto/asymmetric_keys/mscode_parser.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/crypto/asymmetric_keys/mscode_parser.c b/crypto/asymmetric_keys/mscode_parser.c
index 09336c3..214a992 100644
--- a/crypto/asymmetric_keys/mscode_parser.c
+++ b/crypto/asymmetric_keys/mscode_parser.c
@@ -58,7 +58,13 @@ int mscode_note_content_type(void *context, size_t hdrlen,
return -EBADMSG;
}
- if (oid != OID_msIndividualSPKeyPurpose) {
+ /*
+ * pesign utility had a bug where it was putting
+ * OID_msIndividualSPKeyPurpose instead of OID_msPeImageDataObjId
+ * So allow both OIDs.
+ */
+ if (oid != OID_msPeImageDataObjId &&
+ oid != OID_msIndividualSPKeyPurpose) {
pr_err("Unexpected content type OID %u\n", oid);
return -EBADMSG;
}
More information about the kexec
mailing list