[PATCH] Fix string comparison from commit 99cf026834
4 views
Skip to first unread message
Stefano Babic
Jan 16, 2026, 3:39:40 AMJan 16
to swup...@googlegroups.com, Stefano Babic, Bastian Germann
commit 99cf026834 introduces a string compariso that is logically
correct, but rather C language is not friendly with C handling and
comparison must be done via libc functions.
Signed-off-by: Stefano Babic <stefan...@swupdate.org>
CC: Bastian Germann <ba...@debian.org>
---
crypto/swupdate_rsa_verify_mbedtls.c | 2 +-
crypto/swupdate_rsa_verify_openssl.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/swupdate_rsa_verify_mbedtls.c b/crypto/swupdate_rsa_verify_mbedtls.c
index 6b2f055d..3dad1198 100644
--- a/crypto/swupdate_rsa_verify_mbedtls.c
+++ b/crypto/swupdate_rsa_verify_mbedtls.c
@@ -59,7 +59,7 @@ static int mbedtls_rsa_verify_file(void *ctx, const char *sigfile,
mbedtls_pk_type_t pk_type = MBEDTLS_PK_RSA;
uint8_t signature[256];
void *pss_options = NULL;
- if (get_dgstlib() == MODNAME_PSS) {
+ if (get_dgstlib() && !strcmp(get_dgstlib(), MODNAME_PSS)) {
pk_type = MBEDTLS_PK_RSASSA_PSS;
mbedtls_pk_rsassa_pss_options options = {
.mgf1_hash_id = MBEDTLS_MD_SHA256,
diff --git a/crypto/swupdate_rsa_verify_openssl.c b/crypto/swupdate_rsa_verify_openssl.c
index 8ac52d0d..c43efdb1 100644
--- a/crypto/swupdate_rsa_verify_openssl.c
+++ b/crypto/swupdate_rsa_verify_openssl.c
@@ -64,7 +64,7 @@ static int dgst_verify_init(struct openssl_digest *dgst)
return -EFAULT; /* failed */
}
- if (get_dgstlib() == MODNAME_PSS) {
+ if (get_dgstlib() && !strcmp(get_dgstlib(), MODNAME_PSS)) {
rc = EVP_PKEY_CTX_set_rsa_padding(dgst->ckey, RSA_PKCS1_PSS_PADDING);
if (rc <= 0) {
ERROR("EVP_PKEY_CTX_set_rsa_padding failed, error 0x%lx", ERR_get_error());
--
2.43.0
correct, but rather C language is not friendly with C handling and
comparison must be done via libc functions.
Signed-off-by: Stefano Babic <stefan...@swupdate.org>
CC: Bastian Germann <ba...@debian.org>
---
crypto/swupdate_rsa_verify_mbedtls.c | 2 +-
crypto/swupdate_rsa_verify_openssl.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/swupdate_rsa_verify_mbedtls.c b/crypto/swupdate_rsa_verify_mbedtls.c
index 6b2f055d..3dad1198 100644
--- a/crypto/swupdate_rsa_verify_mbedtls.c
+++ b/crypto/swupdate_rsa_verify_mbedtls.c
@@ -59,7 +59,7 @@ static int mbedtls_rsa_verify_file(void *ctx, const char *sigfile,
mbedtls_pk_type_t pk_type = MBEDTLS_PK_RSA;
uint8_t signature[256];
void *pss_options = NULL;
- if (get_dgstlib() == MODNAME_PSS) {
+ if (get_dgstlib() && !strcmp(get_dgstlib(), MODNAME_PSS)) {
pk_type = MBEDTLS_PK_RSASSA_PSS;
mbedtls_pk_rsassa_pss_options options = {
.mgf1_hash_id = MBEDTLS_MD_SHA256,
diff --git a/crypto/swupdate_rsa_verify_openssl.c b/crypto/swupdate_rsa_verify_openssl.c
index 8ac52d0d..c43efdb1 100644
--- a/crypto/swupdate_rsa_verify_openssl.c
+++ b/crypto/swupdate_rsa_verify_openssl.c
@@ -64,7 +64,7 @@ static int dgst_verify_init(struct openssl_digest *dgst)
return -EFAULT; /* failed */
}
- if (get_dgstlib() == MODNAME_PSS) {
+ if (get_dgstlib() && !strcmp(get_dgstlib(), MODNAME_PSS)) {
rc = EVP_PKEY_CTX_set_rsa_padding(dgst->ckey, RSA_PKCS1_PSS_PADDING);
if (rc <= 0) {
ERROR("EVP_PKEY_CTX_set_rsa_padding failed, error 0x%lx", ERR_get_error());
--
2.43.0
Reply all
Reply to author
Forward
0 new messages