From: Eric Biggers <[email protected]>
The X.509 parser always sets cert->sig->pkey_algo and
cert->sig->hash_algo on success, since x509_note_sig_algo() is a
mandatory action in the X.509 ASN.1 grammar, and it returns an error if
the signature's algorithm is unknown. Thus, remove the dead code which
handled these fields being NULL.
Signed-off-by: Eric Biggers <[email protected]>
---
crypto/asymmetric_keys/x509_public_key.c | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index b03d04d78eb9..8c77a297a82d 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -33,15 +33,6 @@ int x509_get_sig_params(struct x509_certificate *cert)
sig->data = cert->tbs;
sig->data_size = cert->tbs_size;
- if (!sig->pkey_algo)
- cert->unsupported_sig = true;
-
- /* We check the hash if we can - even if we can't then verify it */
- if (!sig->hash_algo) {
- cert->unsupported_sig = true;
- return 0;
- }
-
sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL);
if (!sig->s)
return -ENOMEM;
--
2.34.1
On Thu, Jan 13, 2022 at 04:29:20PM -0800, Eric Biggers wrote:
> From: Eric Biggers <[email protected]>
>
> The X.509 parser always sets cert->sig->pkey_algo and
> cert->sig->hash_algo on success, since x509_note_sig_algo() is a
> mandatory action in the X.509 ASN.1 grammar, and it returns an error if
> the signature's algorithm is unknown. Thus, remove the dead code which
> handled these fields being NULL.
>
> Signed-off-by: Eric Biggers <[email protected]>
Acked-by: Jarkko Sakkinen <[email protected]>
/Jarkko