| Message ID | 20220119005436.119072-5-ebiggers@kernel.org (mailing list archive) |
|---|---|
| State | Not Applicable |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | KEYS: x509: various cleanups | expand |
On Tue, Jan 18, 2022 at 04:54:36PM -0800, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > The X.509 parser always sets cert->sig->pkey_algo and > cert->sig->hash_algo on success, since x509_note_sig_algo() is a > mandatory action in the X.509 ASN.1 grammar, and it returns an error if > the signature's algorithm is unknown. Thus, remove the dead code which > handled these fields being NULL. > > Acked-by: Jarkko Sakkinen <jarkko@kernel.org> > Signed-off-by: Eric Biggers <ebiggers@google.com> > --- > crypto/asymmetric_keys/x509_public_key.c | 9 --------- > 1 file changed, 9 deletions(-) > > diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c > index b03d04d78eb9d..8c77a297a82d4 100644 > --- a/crypto/asymmetric_keys/x509_public_key.c > +++ b/crypto/asymmetric_keys/x509_public_key.c > @@ -33,15 +33,6 @@ int x509_get_sig_params(struct x509_certificate *cert) > sig->data = cert->tbs; > sig->data_size = cert->tbs_size; > > - if (!sig->pkey_algo) > - cert->unsupported_sig = true; > - > - /* We check the hash if we can - even if we can't then verify it */ > - if (!sig->hash_algo) { > - cert->unsupported_sig = true; > - return 0; > - } > - > sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL); > if (!sig->s) > return -ENOMEM; > -- > 2.34.1 > Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> /Jarkko
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index b03d04d78eb9d..8c77a297a82d4 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -33,15 +33,6 @@ int x509_get_sig_params(struct x509_certificate *cert) sig->data = cert->tbs; sig->data_size = cert->tbs_size; - if (!sig->pkey_algo) - cert->unsupported_sig = true; - - /* We check the hash if we can - even if we can't then verify it */ - if (!sig->hash_algo) { - cert->unsupported_sig = true; - return 0; - } - sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL); if (!sig->s) return -ENOMEM;