To enable sigv3 signature verification for EVM portable signatures, allow signature verification on EVM_XATTR_PORTABLE_DIGSIG type of xattrs with sigv3.
Signed-off-by: Stefan Berger <[email protected]> --- src/evmctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/evmctl.c b/src/evmctl.c index 0a38aa7..de67178 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -995,7 +995,7 @@ static int verify_evm(struct public_key_entry *public_keys, const char *file) } if (sig[0] == EVM_XATTR_PORTABLE_DIGSIG) { - if (sig[1] != DIGSIG_VERSION_2) { + if (sig[1] != DIGSIG_VERSION_2 && sig[1] != DIGSIG_VERSION_3) { log_err("Portable sig: invalid type\n"); return -1; } -- 2.53.0
