pefile: Handle pesign using the wrong OID
authorVivek Goyal <vgoyal@redhat.com>
Tue, 8 Jul 2014 17:10:46 +0000 (18:10 +0100)
committerDavid Howells <dhowells@redhat.com>
Wed, 9 Jul 2014 13:58:37 +0000 (14:58 +0100)
The pesign utility had a bug where it was using OID_msIndividualSPKeyPurpose
instead of OID_msPeImageDataObjId - so allow both OIDs.

Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Acked-by: Vivek Goyal <vgoyal@redhat.com>
crypto/asymmetric_keys/mscode_parser.c

index 09336c32b3d478cf291353e5014f9453a60ace8b..214a992123cdd54a7f73fd857a0ac5a5360fa949 100644 (file)
@@ -58,7 +58,13 @@ int mscode_note_content_type(void *context, size_t hdrlen,
                return -EBADMSG;
        }
 
-       if (oid != OID_msIndividualSPKeyPurpose) {
+       /*
+        * pesign utility had a bug where it was putting
+        * OID_msIndividualSPKeyPurpose instead of OID_msPeImageDataObjId
+        * So allow both OIDs.
+        */
+       if (oid != OID_msPeImageDataObjId &&
+           oid != OID_msIndividualSPKeyPurpose) {
                pr_err("Unexpected content type OID %u\n", oid);
                return -EBADMSG;
        }