[openwrt/openwrt] px5g-wolfssl: Fix certificate signature
LEDE Commits
lede-commits at lists.infradead.org
Tue Jan 26 22:00:10 EST 2021
aparcar pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/ff2087d9a9db86c6c5a7fec258fec66bff8e4f9c
commit ff2087d9a9db86c6c5a7fec258fec66bff8e4f9c
Author: Jeffrey Elms <jeff at wolfssl.com>
AuthorDate: Tue Jan 26 18:28:14 2021 -0800
px5g-wolfssl: Fix certificate signature
Certificate signature algorithm was being set after call to
`wc_MakeCert`, resulting in a mismatch between specified signature in
certificate and the actual signature type.
Signed-off-by: Jeffrey Elms <jeff at wolfssl.com>
[fix commit subject, use COMMITCOUNT]
Signed-off-by: Paul Spooren <mail at aparcar.org>
---
package/utils/px5g-wolfssl/Makefile | 2 +-
package/utils/px5g-wolfssl/px5g-wolfssl.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/utils/px5g-wolfssl/Makefile b/package/utils/px5g-wolfssl/Makefile
index be36f9f33d..90296008d6 100644
--- a/package/utils/px5g-wolfssl/Makefile
+++ b/package/utils/px5g-wolfssl/Makefile
@@ -5,7 +5,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=px5g-wolfssl
-PKG_RELEASE:=1
+PKG_RELEASE:=$(COMMITCOUNT)
PKG_LICENSE:=GPL-2.0-or-later
PKG_USE_MIPS16:=0
diff --git a/package/utils/px5g-wolfssl/px5g-wolfssl.c b/package/utils/px5g-wolfssl/px5g-wolfssl.c
index b937d220ca..763d7b4b71 100644
--- a/package/utils/px5g-wolfssl/px5g-wolfssl.c
+++ b/package/utils/px5g-wolfssl/px5g-wolfssl.c
@@ -232,8 +232,10 @@ int selfsigned(WC_RNG *rng, char **arg) {
subject, fstr, tstr);
if (type == EC_KEY_TYPE) {
+ newCert.sigType = CTC_SHA256wECDSA;
ret = wc_MakeCert(&newCert, derBuf, sizeof(derBuf), NULL, &ecKey, rng);
} else {
+ newCert.sigType = CTC_SHA256wRSA;
ret = wc_MakeCert(&newCert, derBuf, sizeof(derBuf), &rsaKey, NULL, rng);
}
if (ret <= 0) {
@@ -242,11 +244,9 @@ int selfsigned(WC_RNG *rng, char **arg) {
}
if (type == EC_KEY_TYPE) {
- newCert.sigType = CTC_SHA256wECDSA;
ret = wc_SignCert(newCert.bodySz, newCert.sigType, derBuf, sizeof(derBuf),
NULL, &ecKey, rng);
} else {
- newCert.sigType = CTC_SHA256wRSA;
ret = wc_SignCert(newCert.bodySz, newCert.sigType, derBuf, sizeof(derBuf),
&rsaKey, NULL, rng);
}
More information about the lede-commits
mailing list