Skip to content
Commit bf21dc59 authored by Mickaël Salaün's avatar Mickaël Salaün Committed by Jarkko Sakkinen
Browse files

certs: Make blacklist_vet_description() more strict 



Before exposing this new key type to user space, make sure that only
meaningful blacklisted hashes are accepted.  This is also checked for
builtin blacklisted hashes, but a following commit make sure that the
user will notice (at built time) and will fix the configuration if it
already included errors.

Check that a blacklist key description starts with a valid prefix and
then a valid hexadecimal string.

Cc: David Howells <dhowells@redhat.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: default avatarMickaël Salaün <mic@linux.microsoft.com>
Reviewed-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
Link: https://lore.kernel.org/r/20210712170313.884724-4-mic@digikod.net
Signed-off-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
parent 141e5239
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment