Fix verification when key specifies hash algorithm#168
Fix verification when key specifies hash algorithm#168abeverley wants to merge 7 commits intotrusteddomainproject:developfrom
Conversation
flowerysong
left a comment
flowerysong
left a comment
There was a problem hiding this comment.
Looks generally reasonable, but it does have some potential crashes that the previous structure avoided.
|
Thanks @flowerysong I really appreciate the quick feedback. I've added a couple of additional commits - would you mind taking a look now please? |
|
LGTM. I've integrated this and the other outstanding PRs that looked reasonable into the I'm on vacation for the rest of the week so I don't have time to test this branch right now, but I hope to have a chance next week to set up some rudimentary CI. |
Brilliant. Just to mention (for people's general interest) that I personally have been using the openarc package in Debian Experimental. It already includes a few existing PRs, and then I've added in #168 and #167. Seems to work well. |
…_parse Fix verification when key specifies hash algorithm If an ARC key specifies the hash type as SHA256 (i.e. h=sha256) then OpenARC will fail to verify the signature. Whilst the presence of a particular hash type is detected, the type is not set and it defaults to sha1. trusteddomainproject#168
2 participants
If an ARC key specifies the hash type as SHA256 (i.e.
h=sha256) then OpenARC will fail to verify the signature. Whilst the presence of a particular hash type is detected, the type is not set and it defaults to sha1.