* wireless-regdb: Fix regulatory.bin signing with new M2Crypto
@ 2026-02-16 19:58 Ben Hutchings
0 siblings, 0 replies; only message in thread
From: Ben Hutchings @ 2026-02-16 19:58 UTC (permalink / raw)
To: linux-wireless; +Cc: wireless-regdb
[-- Attachment #1: Type: text/plain, Size: 1079 bytes --]
In M2Crypto version 0.45.1, the default hash algorithm for
M2Crypto.RSA.sign() changed from SHA-1 to SHA-256. Since the
signature on regulatory.bin uses a SHA-1 hash, db2bin.py generates
invalid signatures for regulatory.bin if a recent version of M2Crypto
is installed.
I reported this incompatible change as
<https://todo.sr.ht/~mcepl/m2crypto/389>.
There is an obvious workaround, which is to add an explicit
algo='sha1' parameter. This works with old and new versions of
M2Crypto.
Signed-off-by: Ben Hutchings <benh@debian.org>
---
--- a/db2bin.py
+++ b/db2bin.py
@@ -131,13 +131,13 @@ if len(sys.argv) > 3:
key = RSA.load_key(sys.argv[3])
hash = hashlib.sha1()
hash.update(output.getvalue())
- sig = key.sign(hash.digest())
+ sig = key.sign(hash.digest(), algo='sha1')
# write it to file
siglen.set(len(sig))
# sign again
hash = hashlib.sha1()
hash.update(output.getvalue())
- sig = key.sign(hash.digest())
+ sig = key.sign(hash.digest(), algo='sha1')
output.write(sig)
else:
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-02-16 19:58 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-16 19:58 wireless-regdb: Fix regulatory.bin signing with new M2Crypto Ben Hutchings
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.