On Fri, 28 Aug 2015 11:23:54 +0100, David Howells said: > Valdis Kletnieks <[email protected]> wrote: > > > [ 31.829322] PKCS7: Unknown OID: [32] 2.16.840.1.101.3.4.2.3 > > [ 31.829328] PKCS7: Unknown OID: [180] 2.16.840.1.101.3.4.2.3 > > OID_sha1, /* 1.3.14.3.2.26 */ > OID_sha256, /* 2.16.840.1.101.3.4.2.1 */ > > I suspect I'm missing something here in oid_registry.h. Looking online, I > see: > > id-sha256 OBJECT IDENTIFIER ::= { hashAlgs 1 } > id-sha384 OBJECT IDENTIFIER ::= { hashAlgs 2 } > id-sha512 OBJECT IDENTIFIER ::= { hashAlgs 3 } > id-sha224 OBJECT IDENTIFIER ::= { hashAlgs 4 } > id-sha512-224 OBJECT IDENTIFIER ::= { hashAlgs 5 } > id-sha512-256 OBJECT IDENTIFIER ::= { hashAlgs 6 } > > Are you perchance using sha512 hashes in your signatures?
% grep MODULE_SIG /usr/src/linux-next/.config CONFIG_MODULE_SIG=y # CONFIG_MODULE_SIG_FORCE is not set CONFIG_MODULE_SIG_ALL=y # CONFIG_MODULE_SIG_SHA1 is not set # CONFIG_MODULE_SIG_SHA224 is not set # CONFIG_MODULE_SIG_SHA256 is not set # CONFIG_MODULE_SIG_SHA384 is not set CONFIG_MODULE_SIG_SHA512=y CONFIG_MODULE_SIG_HASH="sha512" CONFIG_MODULE_SIG_KEY="signing_key.pem"
pgpwa1Vfmfmir.pgp
Description: PGP signature
