linux-next/asymmetric_keys at bda850cd214e90b1be0cc25bc48c4f6ac53eb543 - linux-next - MyRedstone

Kernel/linux-next

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-16 05:26:07 +00:00

History

David Howells bda850cd21 PKCS#7: Make trust determination dependent on contents of trust keyring

Make the determination of the trustworthiness of a key dependent on whether
a key that can verify it is present in the supplied ring of trusted keys
rather than whether or not the verifying key has KEY_FLAG_TRUSTED set.

verify_pkcs7_signature() will return -ENOKEY if the PKCS#7 message trust
chain cannot be verified.

Signed-off-by: David Howells <dhowells@redhat.com>

2016-04-06 16:14:24 +01:00

..

.gitignore

X.509: Add a crypto key parser for binary (DER) X.509 certificates

2012-10-08 13:50:22 +10:30

asymmetric_keys.h

KEYS: Merge the type-specific data with the payload data

2015-10-21 15:18:36 +01:00

asymmetric_type.c

KEYS: Allow authentication data to be stored in an asymmetric key

2016-04-06 16:13:33 +01:00

Kconfig

KEYS: Generalise system_verify_data() to provide access to internal content

2016-04-06 16:14:24 +01:00

Makefile

akcipher: Move the RSA DER encoding check to the crypto layer

2016-03-03 21:49:27 +00:00

mscode_parser.c

KEYS: Generalise system_verify_data() to provide access to internal content

2016-04-06 16:14:24 +01:00

mscode.asn1

pefile: Parse the "Microsoft individual code signing" data blob

2014-07-09 14:58:37 +01:00

pkcs7_key_type.c

PKCS#7: Make trust determination dependent on contents of trust keyring

2016-04-06 16:14:24 +01:00

pkcs7_parser.c

KEYS: Generalise system_verify_data() to provide access to internal content

2016-04-06 16:14:24 +01:00

pkcs7_parser.h

PKCS#7: Make trust determination dependent on contents of trust keyring

2016-04-06 16:14:24 +01:00

pkcs7_trust.c

PKCS#7: Make trust determination dependent on contents of trust keyring

2016-04-06 16:14:24 +01:00

pkcs7_verify.c

X.509: Extract signature digest and make self-signed cert checks earlier

2016-04-06 16:13:34 +01:00

pkcs7.asn1

PKCS#7: Appropriately restrict authenticated attributes and content type

2015-08-12 17:01:01 +01:00

public_key.c

KEYS: Allow authentication data to be stored in an asymmetric key

2016-04-06 16:13:33 +01:00

signature.c

KEYS: Add identifier pointers to public_key_signature struct

2016-04-06 16:13:33 +01:00

verify_pefile.c

PKCS#7: Make trust determination dependent on contents of trust keyring

2016-04-06 16:14:24 +01:00

verify_pefile.h

KEYS: Generalise system_verify_data() to provide access to internal content

2016-04-06 16:14:24 +01:00

x509_akid.asn1

X.509: Extract both parts of the AuthorityKeyIdentifier

2015-08-07 16:26:13 +01:00

x509_cert_parser.c

X.509: Extract signature digest and make self-signed cert checks earlier

2016-04-06 16:13:34 +01:00

x509_parser.h

PKCS#7: Make trust determination dependent on contents of trust keyring

2016-04-06 16:14:24 +01:00

x509_public_key.c

X.509: Fix self-signed determination

2016-04-06 16:13:34 +01:00

x509.asn1

X.509: Add bits needed for PKCS#7

2014-07-01 16:40:19 +01:00