proxmox-mirrors/fwupd
1
0
Fork 0
mirror of https://git.proxmox.com/git/fwupd synced 2026-03-28 14:58:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Never allow using SHA-1 for checksum validation

Browse Source
This commit is contained in:
Richard Hughes 2022-12-28 09:49:11 +00:00
parent 513bad1e93
commit de5b2adaab
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libfwupdplugin/fu-cabinet.c
View File

@ -72,6 +72,12 @@ fu_cabinet_init(FuCabinet *self)
self->builder = xb_builder_new();
self->jcat_file = jcat_file_new();
self->jcat_context = jcat_context_new();
#if LIBJCAT_CHECK_VERSION(0, 1, 13)
jcat_context_blob_kind_allow(self->jcat_context, JCAT_BLOB_KIND_SHA256);
jcat_context_blob_kind_allow(self->jcat_context, JCAT_BLOB_KIND_SHA512);
jcat_context_blob_kind_allow(self->jcat_context, JCAT_BLOB_KIND_PKCS7);
jcat_context_blob_kind_allow(self->jcat_context, JCAT_BLOB_KIND_GPG);
#endif
}
/**

6
src/fu-engine.c
View File

@ -8398,6 +8398,12 @@ fu_engine_init(FuEngine *self)
/* setup Jcat context */
self->jcat_context = jcat_context_new();
#if LIBJCAT_CHECK_VERSION(0, 1, 13)
jcat_context_blob_kind_allow(self->jcat_context, JCAT_BLOB_KIND_SHA256);
jcat_context_blob_kind_allow(self->jcat_context, JCAT_BLOB_KIND_SHA512);
jcat_context_blob_kind_allow(self->jcat_context, JCAT_BLOB_KIND_PKCS7);
jcat_context_blob_kind_allow(self->jcat_context, JCAT_BLOB_KIND_GPG);
#endif
keyring_path = fu_path_from_kind(FU_PATH_KIND_LOCALSTATEDIR_PKG);
jcat_context_set_keyring_path(self->jcat_context, keyring_path);
sysconfdir = fu_path_from_kind(FU_PATH_KIND_SYSCONFDIR);