Get hash algorithm info from the signature
If one signs a file using hash algo -sha256 then one needs to specify
signature during verification also. Otherwise evmctl using default sha1
for calculating hash and signature verification fails. One needs to
specify -a sha256 on command line even during signature verification
phase to make sure file is signed right.
I think that's completely unnecessary. A user is not always supposed
to know what algorithm was used to generate signature. User is only
concered with whether this signature is valid or not.
So retrieve hash algorithm info from signature and use that.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
projects / platform / upstream / ima-evm-utils.git / commit