lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Mon, 3 Sep 2018 16:31:56 +0800
From:   Xiongwei Song <>
Subject: Question about pe file verification


Some code logic I don't understand about the function pefile_digest_pe_contents
 in the file crypto/asymmetric_keys/verify_pefile.c.
At the end of pefile_digest_pe_contents, please see the comment [sxw] below:

static int pefile_digest_pe_contents(const void *pebuf, unsigned int pelen,
                     struct pefile_context *ctx,
                     struct shash_desc *desc)
    unsigned *canon, tmp, loop, i, hashed_bytes;
    int ret;

 [sxw] I assume the image has signed by sbsign tool, there is a certificate
             at the end of image file.
    if (pelen > hashed_bytes) {
        tmp = hashed_bytes + ctx->certs_size;
        [sxw] The tmp value is the end of certificate.

        ret = crypto_shash_update(desc,
                      pebuf + hashed_bytes,
                      [sxw] The data address is the beginning of the
                               Why do we need to hash the
certification data block?

                      pelen - tmp);
                      [sxw] However, the data length doesn't include
the certificate,
                               sometimes it's zero.

        if (ret < 0)
            return ret;

    return 0;

Is that for a special consider or something else?


Powered by blists - more mailing lists