modsign: Make sign-file determine the format of the X.509 cert - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	David Howells <dhowells@redhat.com>	2016-06-14 13:18:33 +0100
committer	David Howells <dhowells@redhat.com>	2016-06-14 13:18:33 +0100
commit	9552c7aebb8c36912612fddad5b55267c671a303 (patch)
tree	69b853c2003b114914a0db05137bd8cbeeeac7f1 /security
parent	965475acca2cbcc1d748a8b6a05f8c7cf57d075a (diff)
download	linux-9552c7aebb8c36912612fddad5b55267c671a303.tar.bz2

modsign: Make sign-file determine the format of the X.509 cert

Make sign-file determine the format of the X.509 certificate by reading the first two bytes and seeing if the first byte is 0x30 and the second 0x81-0x84. If this is the case, assume it's DER encoded, otherwise assume it to be PEM encoded. Without this, it gets awkward to deal with the error messages from d2i_X509_bio() when we want to call BIO_reset() and then PEM_read_bio() in case the certificate was PEM encoded rather than X.509 encoded. Reported-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Ben Hutchings <ben@decadent.org.uk> cc: David Woodhouse <dwmw2@infradead.org> cc: Juerg Haefliger <juerg.haefliger@hpe.com> cc: Ben Hutchings <ben@decadent.org.uk>

Diffstat (limited to 'security')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: