ucert -A generates something that ucert cannot read back.
This happens because ucert -A appears to be appending several libubox "blobs" together, but cert_load() uses libubox' blob_parse_untrusted() which expects to get a buffer with a single blob inside, and no padding.
Thus a valid ucert file with certificate and signature will be bigger than the first blob inside it, and blob_parse_untrusted() in libubox won't even try to process it.
Since this renders ucert useless, severity is set to high.
This is related to FS#2762 and FS#2763
The text was updated successfully, but these errors were encountered:
hmh:
ucert -A generates something that ucert cannot read back.
This happens because ucert -A appears to be appending several libubox "blobs" together, but cert_load() uses libubox' blob_parse_untrusted() which expects to get a buffer with a single blob inside, and no padding.
Thus a valid ucert file with certificate and signature will be bigger than the first blob inside it, and blob_parse_untrusted() in libubox won't even try to process it.
Since this renders ucert useless, severity is set to high.
This is related to FS#2762 and FS#2763
The text was updated successfully, but these errors were encountered: