X.509: Use verify_signature() if we have a struct key * to use

We should call verify_signature() rather than directly calling public_key_verify_signature() if we have a struct key to use as we shouldn't be poking around in the private data of the key struct as that's subtype dependent. Signed-off-by: David Howells <dhowells@redhat.com>
author: David Howells <dhowells@redhat.com> 2016-04-06 16:14:25 +0100
committer: David Howells <dhowells@redhat.com> 2016-04-11 22:42:27 +0100
commit: 5f7f5c81e59be5ce262c5b7d0ede9565a2558d80 (patch)
tree: 3ee2a1d54b10aeae4d272cb17e143130fe105b0a /crypto
parent: 9eb029893ad5bf9303ed7f145860b312cbe5f889 (diff)
download: linux-0-day-5f7f5c81e59be5ce262c5b7d0ede9565a2558d80.tar.gz
linux-0-day-5f7f5c81e59be5ce262c5b7d0ede9565a2558d80.tar.xz
1 files changed, 1 insertions, 2 deletions
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index 9c8483ef1cfeb..117a6ee71a4d8 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -220,8 +220,7 @@ static int x509_validate_trust(struct x509_certificate *cert,
 
 	if (!use_builtin_keys ||
 	    test_bit(KEY_FLAG_BUILTIN, &key->flags)) {
-		ret = public_key_verify_signature(
-			key->payload.data[asym_crypto], cert->sig);
+		ret = verify_signature(key, cert->sig);
 		if (ret == -ENOPKG)
 			cert->unsupported_sig = true;
 	}
author	David Howells <dhowells@redhat.com>	2016-04-06 16:14:25 +0100
committer	David Howells <dhowells@redhat.com>	2016-04-11 22:42:27 +0100
commit	5f7f5c81e59be5ce262c5b7d0ede9565a2558d80 (patch)
tree	3ee2a1d54b10aeae4d272cb17e143130fe105b0a /crypto
parent	9eb029893ad5bf9303ed7f145860b312cbe5f889 (diff)
download	linux-0-day-5f7f5c81e59be5ce262c5b7d0ede9565a2558d80.tar.gz linux-0-day-5f7f5c81e59be5ce262c5b7d0ede9565a2558d80.tar.xz