You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
23 lines
721 B
23 lines
721 B
2 years ago
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||
|
From: David Michael <david.michael@coreos.com>
|
||
|
Date: Thu, 16 Feb 2017 15:08:30 -0800
|
||
|
Subject: [PATCH] pesigcheck: Verify with the cert as an object signer
|
||
|
|
||
|
---
|
||
|
src/certdb.c | 2 +-
|
||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||
|
|
||
|
diff --git a/src/certdb.c b/src/certdb.c
|
||
|
index 2a08042..b7c99bb 100644
|
||
|
--- a/src/certdb.c
|
||
|
+++ b/src/certdb.c
|
||
|
@@ -339,7 +339,7 @@ check_cert(pesigcheck_context *ctx, SECItem *sig, efi_guid_t *sigtype,
|
||
|
}
|
||
|
/* Verify the signature */
|
||
|
result = SEC_PKCS7VerifyDetachedSignatureAtTime(cinfo,
|
||
|
- certUsageSSLServer,
|
||
|
+ certUsageObjectSigner,
|
||
|
digest, HASH_AlgSHA256,
|
||
|
PR_FALSE, atTime);
|
||
|
if (!result) {
|