Skip to content

Instantly share code, notes, and snippets.

@chickendrop89

chickendrop89/do_sigver_init:invalid digest.md

Last active May 6, 2025 18:07
Show Gist options
  • Save chickendrop89/32bc780ee8d2b39c73aa9e5d0f4f62b9 to your computer and use it in GitHub Desktop.
Save chickendrop89/32bc780ee8d2b39c73aa9e5d0f4f62b9 to your computer and use it in GitHub Desktop.
Download ZIP
error:03000098:digital envelope routines:do_sigver_init:invalid digest
Raw
do_sigver_init:invalid digest.md 
error:03000098:digital envelope routines:do_sigver_init:invalid digest:crypto/evp/m_sigver.c:342:
make[1]: *** [/home/xxx/kernel/common/certs/Makefile:94: certs/signing_key.pem] Error 1
make[1]: *** Deleting file 'certs/signing_key.pem'
make: *** [/home/xxx/kernel/common/Makefile:1998: certs] Error 2
make: *** Waiting for unfinished jobs....

This error might occur durring kernel build. It is happening because newer versions of OpenSSL disallow using SHA-1.

https://fedoraproject.org/wiki/SHA1SignaturesGuidance#My_package's_tests_fail_because_they_use_SHA-1_signatures

TL;DR: exporting OPENSSL_ENABLE_SHA1_SIGNATURES=1 environment variable migitates this issue temporarily, however this might be removed in the future alongside SHA-1 support alltogether

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment