diff options
author | David Howells <dhowells@redhat.com> | 2016-04-06 16:14:25 +0100 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2016-04-11 22:42:27 +0100 |
commit | 5f7f5c81e59be5ce262c5b7d0ede9565a2558d80 (patch) | |
tree | 3ee2a1d54b10aeae4d272cb17e143130fe105b0a | |
parent | 9eb029893ad5bf9303ed7f145860b312cbe5f889 (diff) | |
download | linux-5f7f5c81e59be5ce262c5b7d0ede9565a2558d80.tar.bz2 |
X.509: Use verify_signature() if we have a struct key * to use
We should call verify_signature() rather than directly calling
public_key_verify_signature() if we have a struct key to use as we
shouldn't be poking around in the private data of the key struct as that's
subtype dependent.
Signed-off-by: David Howells <dhowells@redhat.com>
-rw-r--r-- | crypto/asymmetric_keys/x509_public_key.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 9c8483ef1cfe..117a6ee71a4d 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -220,8 +220,7 @@ static int x509_validate_trust(struct x509_certificate *cert, if (!use_builtin_keys || test_bit(KEY_FLAG_BUILTIN, &key->flags)) { - ret = public_key_verify_signature( - key->payload.data[asym_crypto], cert->sig); + ret = verify_signature(key, cert->sig); if (ret == -ENOPKG) cert->unsupported_sig = true; } |