Searched hist:bef7d11d34fef262e0d3d4c71a2c1e7f92e83289 (Results 1 – 1 of 1) sorted by relevance
| /optee_os/core/crypto/ |
| H A D | signed_hdr.c | bef7d11d34fef262e0d3d4c71a2c1e7f92e83289 Wed Nov 09 14:28:18 UTC 2022 Jens Wiklander <jens.wiklander@linaro.org> core: shdr: check that hash algorithm is strong enough
Until now shdr_verify_signature() accepted any hash GP algorithm known
to OP-TEE. A few of those (MD5 and SHA-1) are known to be weak. So add
an extra check to only allow algorithms strong enough.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Suggested-by: Asaf Modelevsky <amodele@amazon.com>
Reported-by: Asaf Modelevsky <amodele@amazon.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|