1. Patchew
  2. linux
  3. View series

[PATCH] sign-file, pkcs7: Honour the hash parameter to sign-file

David Howells posted 1 patch 5 days, 9 hours ago
[PATCH] sign-file, pkcs7: Honour the hash parameter to sign-file
Posted by David Howells 5 days, 9 hours ago 
Here's an alternative patch that will allow PKCS#7 with the hash specified on
the command line, removing the SHA1 restriction.

David
---
sign-file, pkcs7: Honour the hash parameter to sign-file

Currently, the sign-file program rejects anything other than "sha1" as the
hash parameter if it is going to produce a PKCS#7 message-based signature
rather than a CMS message-based signature (though it then ignores this
argument and uses whatever is selected as the default which might not be
SHA1 and may actually reflect whatever is used to sign the X.509
certificate).

Fix sign-file to actually use the specified hash when producing a PKCS#7
message rather than just accepting the default.

Fixes: 283e8ba2dfde ("MODSIGN: Change from CMS to PKCS#7 signing if the openssl is too old")
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Lukas Wunner <lukas@wunner.de>
cc: Ignat Korchagin <ignat@cloudflare.com>
cc: Jarkko Sakkinen <jarkko@kernel.org>
cc: Stephan Mueller <smueller@chronox.de>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: Eric Biggers <ebiggers@kernel.org>
cc: keyrings@vger.kernel.org
cc: linux-crypto@vger.kernel.org

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 547b97097230..f0b7e5616b9a 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -56,6 +56,7 @@
 	defined(OPENSSL_NO_CMS)
 #define USE_PKCS7
 #endif
+#define USE_PKCS7
 #ifndef USE_PKCS7
 #include <openssl/cms.h>
 #else
@@ -289,14 +290,6 @@ int main(int argc, char **argv)
 		replace_orig = true;
 	}
 
-#ifdef USE_PKCS7
-	if (strcmp(hash_algo, "sha1") != 0) {
-		fprintf(stderr, "sign-file: %s only supports SHA1 signing\n",
-			OPENSSL_VERSION_TEXT);
-		exit(3);
-	}
-#endif
-
 	/* Open the module file */
 	bm = BIO_new_file(module_name, "rb");
 	ERR(!bm, "%s", module_name);
@@ -348,10 +341,17 @@ int main(int argc, char **argv)
 		    "CMS_final");
 
 #else
-		pkcs7 = PKCS7_sign(x509, private_key, NULL, bm,
-				   PKCS7_NOCERTS | PKCS7_BINARY |
-				   PKCS7_DETACHED | use_signed_attrs);
+		unsigned int flags =
+			PKCS7_NOCERTS |
+			PKCS7_BINARY |
+			PKCS7_DETACHED |
+			use_signed_attrs;
+		pkcs7 = PKCS7_sign(NULL, NULL, NULL, bm, flags);
 		ERR(!pkcs7, "PKCS7_sign");
+
+		ERR(!PKCS7_sign_add_signer(pkcs7, x509, private_key, digest_algo, flags),
+		    "PKS7_sign_add_signer");
+		ERR(PKCS7_final(pkcs7, bm, flags) != 1, "PKCS7_final");
 #endif
 
 		if (save_sig) {
Re: [PATCH] sign-file, pkcs7: Honour the hash parameter to sign-file
Posted by Petr Pavlu 5 days, 8 hours ago 
On 2/2/26 12:24 PM, David Howells wrote:
> Here's an alternative patch that will allow PKCS#7 with the hash specified on
> the command line, removing the SHA1 restriction.
> 
> David
> ---
> sign-file, pkcs7: Honour the hash parameter to sign-file
> 
> Currently, the sign-file program rejects anything other than "sha1" as the
> hash parameter if it is going to produce a PKCS#7 message-based signature
> rather than a CMS message-based signature (though it then ignores this
> argument and uses whatever is selected as the default which might not be
> SHA1 and may actually reflect whatever is used to sign the X.509
> certificate).
> 
> Fix sign-file to actually use the specified hash when producing a PKCS#7
> message rather than just accepting the default.

Is it worth keeping this sign-file code that uses the OpenSSL PKCS7 API
instead of having only one variant that uses the newer CMS API?

-- 
Thanks,
Petr
Re: [PATCH] sign-file, pkcs7: Honour the hash parameter to sign-file
Posted by Sami Tolvanen 5 days, 3 hours ago 
On Mon, Feb 2, 2026 at 4:25 AM Petr Pavlu <petr.pavlu@suse.com> wrote:
>
> On 2/2/26 12:24 PM, David Howells wrote:
> > Here's an alternative patch that will allow PKCS#7 with the hash specified on
> > the command line, removing the SHA1 restriction.
> >
> > David
> > ---
> > sign-file, pkcs7: Honour the hash parameter to sign-file
> >
> > Currently, the sign-file program rejects anything other than "sha1" as the
> > hash parameter if it is going to produce a PKCS#7 message-based signature
> > rather than a CMS message-based signature (though it then ignores this
> > argument and uses whatever is selected as the default which might not be
> > SHA1 and may actually reflect whatever is used to sign the X.509
> > certificate).
> >
> > Fix sign-file to actually use the specified hash when producing a PKCS#7
> > message rather than just accepting the default.
>
> Is it worth keeping this sign-file code that uses the OpenSSL PKCS7 API
> instead of having only one variant that uses the newer CMS API?

I agree that keeping only the CMS variant makes more sense. However,
David, please let me know if you'd prefer that I drop the patch
removing PKCS7 support from sign-file for now. I assumed you had no
further objections since the discussion in the other sub-thread
tapered off, but perhaps I misread that.

Sami
Re: [PATCH] sign-file, pkcs7: Honour the hash parameter to sign-file
Posted by David Howells 5 days, 9 hours ago 
David Howells <dhowells@redhat.com> wrote:

> @@ -56,6 +56,7 @@
>  	defined(OPENSSL_NO_CMS)
>  #define USE_PKCS7
>  #endif
> +#define USE_PKCS7
>  #ifndef USE_PKCS7
>  #include <openssl/cms.h>
>  #else

Apologies, that line was so I could debug it and should've been removed.

David

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.