mirror of
https://github.com/Cisco-Talos/clamav.git
synced 2026-01-21 21:28:32 -05:00
afb3d490e1
We were signing with the signing key + signing cert and verifying with the intermediate cert + root cert. However, we should have been signing with the signing key + signing cert + intermediate cert, and verifying with just the root cert. To fix this, I... 1. Provided new certs and test file .sign files to use the correct signing method. 2. Restructured the `unit_tests/input/signing` directory to highlight which files are for signing and which are for verification. There is a multi-arch build issue because I previously used i8 to represent a C character. I switched it to c_char, which should fix the clamav-debian multi-arch Docker image build. It turns out we weren't failing out when signing if one of the provided intermediate certificate paths is incorrect. Instead of using `filter_map()`, I switched to just iterate the list to populate the vector of intermediate certs.