OpenWrt/LEDE Project

  • Status Unconfirmed
  • Percent Complete
  • Task Type Bug Report
  • Category Base system
  • Assigned To No-one
  • Operating System All
  • Severity High
  • Priority Very Low
  • Reported Version Trunk
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by Henrique de Moraes Holschuh - 22.01.2020

FS#2764 - ucert: ucert -A output is invalid

ucert -A generates something that ucert cannot read back.

This happens because ucert -A appears to be appending several libubox “blobs” together, but cert_load() uses libubox’ blob_parse_untrusted() which expects to get a buffer with a single blob inside, and no padding.

Thus a valid ucert file with certificate and signature will be *bigger* than the first blob inside it, and blob_parse_untrusted() in libubox won’t even try to process it.

Since this renders ucert useless, severity is set to high.

This is related to  FS#2762  and FS#2763


Available keyboard shortcuts


Task Details

Task Editing