[4/4] KEYS: x509: remove dead code that set ->unsupported_sig

Commit Message

Eric Biggers Jan. 14, 2022, 12:29 a.m. UTC

From: Eric Biggers <ebiggers@google.com>

The X.509 parser always sets cert->sig->pkey_algo and
cert->sig->hash_algo on success, since x509_note_sig_algo() is a
mandatory action in the X.509 ASN.1 grammar, and it returns an error if
the signature's algorithm is unknown.  Thus, remove the dead code which
handled these fields being NULL.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/asymmetric_keys/x509_public_key.c | 9 ---------
 1 file changed, 9 deletions(-)

Comments

Jarkko Sakkinen Jan. 15, 2022, 7:07 p.m. UTC | #1

On Thu, Jan 13, 2022 at 04:29:20PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> The X.509 parser always sets cert->sig->pkey_algo and
> cert->sig->hash_algo on success, since x509_note_sig_algo() is a
> mandatory action in the X.509 ASN.1 grammar, and it returns an error if
> the signature's algorithm is unknown.  Thus, remove the dead code which
> handled these fields being NULL.
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>
 
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>

/Jarkko

Patch

diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index b03d04d78eb9..8c77a297a82d 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -33,15 +33,6 @@  int x509_get_sig_params(struct x509_certificate *cert)
 	sig->data = cert->tbs;
 	sig->data_size = cert->tbs_size;
 
-	if (!sig->pkey_algo)
-		cert->unsupported_sig = true;
-
-	/* We check the hash if we can - even if we can't then verify it */
-	if (!sig->hash_algo) {
-		cert->unsupported_sig = true;
-		return 0;
-	}
-
 	sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL);
 	if (!sig->s)
 		return -ENOMEM;