luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Switch to a forked copy of pkcs7 to fix aws pkcs7 verification error (#4024) 

Fixes #4014
This commit is contained in:
Jeff Mitchell 2018-02-22 08:49:11 -05:00 committed by GitHub
parent 4bff53c771
commit 67e614bac4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
builtin/credential/aws/path_login.go
View File

@ -20,13 +20,13 @@ import (
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ec2" "github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/iam" "github.com/aws/aws-sdk-go/service/iam"
"github.com/fullsailor/pkcs7"
"github.com/hashicorp/go-cleanhttp" "github.com/hashicorp/go-cleanhttp"
"github.com/hashicorp/go-uuid" "github.com/hashicorp/go-uuid"
"github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/helper/jsonutil"
"github.com/hashicorp/vault/helper/strutil" "github.com/hashicorp/vault/helper/strutil"
"github.com/hashicorp/vault/logical" "github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/logical/framework" "github.com/hashicorp/vault/logical/framework"
"github.com/jefferai/pkcs7"
) )
const ( const (

0
vendor/github.com/fullsailor/pkcs7/LICENSE → vendor/github.com/jefferai/pkcs7/LICENSE generated vendored
View File

0
vendor/github.com/fullsailor/pkcs7/README.md → vendor/github.com/jefferai/pkcs7/README.md generated vendored
View File

0
vendor/github.com/fullsailor/pkcs7/ber.go → vendor/github.com/jefferai/pkcs7/ber.go generated vendored
View File

3
vendor/github.com/fullsailor/pkcs7/pkcs7.go → vendor/github.com/jefferai/pkcs7/pkcs7.go generated vendored
View File

@ -254,8 +254,7 @@ func verifySignature(p7 *PKCS7, signer signerInfo) error {
return errors.New("pkcs7: No certificate for signer") return errors.New("pkcs7: No certificate for signer")
} }
algo := x509.SHA1WithRSA return cert.CheckSignature(cert.SignatureAlgorithm, signedData, signer.EncryptedDigest)
return cert.CheckSignature(algo, signedData, signer.EncryptedDigest)
} }
func marshalAttributes(attrs []attribute) ([]byte, error) { func marshalAttributes(attrs []attribute) ([]byte, error) {

12
vendor/vendor.json vendored
View File

@ -834,12 +834,6 @@
"revision": "a2e072cb4fe7c4b5962e74e38e3c256c053f6132", "revision": "a2e072cb4fe7c4b5962e74e38e3c256c053f6132",
"revisionTime": "2018-02-02T13:34:58Z" "revisionTime": "2018-02-02T13:34:58Z"
}, },
{
"checksumSHA1": "BjjcPf2i7KfBnVazHZCAe9xn6jY=",
"path": "github.com/fullsailor/pkcs7",
"revision": "a009d8d7de53d9503c797cb8ec66fa3b21eed209",
"revisionTime": "2017-06-13T20:12:21Z"
},
{ {
"checksumSHA1": "ImX1uv6O09ggFeBPUJJ2nu7MPSA=", "checksumSHA1": "ImX1uv6O09ggFeBPUJJ2nu7MPSA=",
"path": "github.com/ghodss/yaml", "path": "github.com/ghodss/yaml",
@ -1260,6 +1254,12 @@
"revision": "9cc31c3135eef39b8e72585f37efa92b6ca314d0", "revision": "9cc31c3135eef39b8e72585f37efa92b6ca314d0",
"revisionTime": "2016-07-21T23:51:17Z" "revisionTime": "2016-07-21T23:51:17Z"
}, },
{
"checksumSHA1": "U2xx6g0Cu/vKhHRK8rcQWAOzg34=",
"path": "github.com/jefferai/pkcs7",
"revision": "6c523e5a7967df6e893c2803ba65225c7f394da6",
"revisionTime": "2018-02-22T13:45:58Z"
},
{ {
"checksumSHA1": "blwbl9vPvRLtL5QlZgfpLvsFiZ4=", "checksumSHA1": "blwbl9vPvRLtL5QlZgfpLvsFiZ4=",
"path": "github.com/jmespath/go-jmespath", "path": "github.com/jmespath/go-jmespath",