Skip to content

Commit

Permalink
efikeygen: Account for the signature size in bundle_signature()
Browse files Browse the repository at this point in the history
In ea7a2c4, when bundling the signature, the bitstring type field
is being set manually with a hacky offset.  That offset is only valid
with specific signature types, and so with any signature of a different
size, this is just corrupting data either in the signature or after it.

This change from Egor fixes the egregious hack to manually set the type
so that it computes the location based on the signature length, rather
than hard-coding a value.

Signed-off-by: Peter Jones <pjones@redhat.com>
  • Loading branch information
Blarse authored and vathpela committed Mar 7, 2024
1 parent 1793a67 commit 7aa22f8
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/efikeygen.c
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,8 @@ bundle_signature(cms_context *cms, SECItem *sigder, SECItem *data,
errx(1, "could not encode certificate: %s",
PORT_ErrorToString(PORT_GetError()));

sigder->data[sigder->len - 261] = DER_BIT_STRING;
//Note: offset is signature size + 5 bytes for DER encoding
sigder->data[sigder->len - (signature->len + 5)] = DER_BIT_STRING;

return 0;
}
Expand Down

0 comments on commit 7aa22f8

Please sign in to comment.