Google Git
Sign in
linux / linux / kernel / git / dhowells / linux-fs / refs/tags/keys-misc-20160708
tagd35f82b042462a659f19bed7c6337abd4fa24043
taggerDavid Howells <dhowells@redhat.com>Fri Jul 08 14:44:28 2016 +0100
object9552c7aebb8c36912612fddad5b55267c671a303 
Keyrings miscellany
commit9552c7aebb8c36912612fddad5b55267c671a303[log] [tgz]
authorDavid Howells <dhowells@redhat.com>Tue Jun 14 13:18:33 2016 +0100
committerDavid Howells <dhowells@redhat.com>Tue Jun 14 13:18:33 2016 +0100
tree69b853c2003b114914a0db05137bd8cbeeeac7f1
parent965475acca2cbcc1d748a8b6a05f8c7cf57d075a [diff]
modsign: Make sign-file determine the format of the X.509 cert

Make sign-file determine the format of the X.509 certificate by reading the
first two bytes and seeing if the first byte is 0x30 and the second
0x81-0x84.  If this is the case, assume it's DER encoded, otherwise assume
it to be PEM encoded.

Without this, it gets awkward to deal with the error messages from
d2i_X509_bio() when we want to call BIO_reset() and then PEM_read_bio() in
case the certificate was PEM encoded rather than X.509 encoded.

Reported-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Ben Hutchings <ben@decadent.org.uk>
cc: David Woodhouse <dwmw2@infradead.org>
cc: Juerg Haefliger <juerg.haefliger@hpe.com>
cc: Ben Hutchings <ben@decadent.org.uk>
1 file changed
tree: 69b853c2003b114914a0db05137bd8cbeeeac7f1
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .get_maintainer.ignore
  24. .gitignore
  25. .mailmap
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS