[PATCH] KEYS: revert requiring signature "encoding"
Mimi Zohar
zohar at linux.ibm.com
Fri Nov 9 05:59:26 UTC 2018
Attempting to verify IMA signatures fail causing the system to hang.
Fixes: commit 82f94f24475c ("KEYS: Provide software public key query
function [ver #2]")
Signed-off-by: Mimi Zohar <zohar at linux.ibm.com>
---
crypto/asymmetric_keys/public_key.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
index f5d85b47fcc6..f90360122090 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -239,9 +239,17 @@ int public_key_verify_signature(const struct public_key *pkey,
BUG_ON(!sig);
BUG_ON(!sig->s);
- ret = software_key_determine_akcipher(sig->encoding,
- sig->hash_algo,
- pkey, alg_name);
+ if (!sig->digest)
+ return -ENOPKG;
+
+ if (!(sig->encoding) && strcmp(pkey->pkey_algo, "rsa") == 0)
+ ret = software_key_determine_akcipher("pkcs1",
+ sig->hash_algo,
+ pkey, alg_name);
+ else
+ ret = software_key_determine_akcipher(sig->encoding,
+ sig->hash_algo,
+ pkey, alg_name);
if (ret < 0)
return ret;
--
2.7.5
More information about the Linux-security-module-archive
mailing list