[RFC PATCH 06/12] X.509: Use verify_signature() if we have a struct key * to use [ver #4]

David Howells Thu, 07 Apr 2016 01:59:59 -0700

We should call verify_signature() rather than directly calling
public_key_verify_signature() if we have a struct key to use as we
shouldn't be poking around in the private data of the key struct as that's
subtype dependent.


Signed-off-by: David Howells <dhowe...@redhat.com>
---

 crypto/asymmetric_keys/x509_public_key.c |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/crypto/asymmetric_keys/x509_public_key.c 
b/crypto/asymmetric_keys/x509_public_key.c
index 9c8483ef1cfe..117a6ee71a4d 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -220,8 +220,7 @@ static int x509_validate_trust(struct x509_certificate 
*cert,
 
        if (!use_builtin_keys ||
            test_bit(KEY_FLAG_BUILTIN, &key->flags)) {
-               ret = public_key_verify_signature(
-                       key->payload.data[asym_crypto], cert->sig);
+               ret = verify_signature(key, cert->sig);
                if (ret == -ENOPKG)
                        cert->unsupported_sig = true;
        }

[RFC PATCH 06/12] X.509: Use verify_signature() if we have a struct key * to use [ver #4]

Reply via email to