linux-stable/crypto
Eric Snowberg 4cfb908054 KEYS: DigitalSignature link restriction
Add a new link restriction.  Restrict the addition of keys in a keyring
based on the key having digitalSignature usage set. Additionally, verify
the new certificate against the ones in the system keyrings.  Add two
additional functions to use the new restriction within either the builtin
or secondary keyrings.

[jarkko@kernel.org: Fix checkpatch.pl --strict issues]
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-and-tested-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2023-08-17 20:12:20 +00:00
..
asymmetric_keys KEYS: DigitalSignature link restriction 2023-08-17 20:12:20 +00:00
async_tx async_tx: fix kernel-doc notation warnings 2023-03-24 18:22:28 +08:00
842.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157 2019-05-30 11:26:37 -07:00
acompress.c crypto: api - Fix CRYPTO_USER checks for report function 2023-05-02 18:22:24 +08:00
adiantum.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
aead.c crypto: api - Fix CRYPTO_USER checks for report function 2023-05-02 18:22:24 +08:00
aegis128-core.c crypto: aegis128 - Move simd prototypes into aegis.h 2021-03-19 21:59:45 +11:00
aegis128-neon-inner.c crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aegis128-neon.c crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aegis-neon.h crypto: aegis128-neon - add header for internal prototypes 2023-05-24 18:12:33 +08:00
aegis.h crypto: aegis128 - Move simd prototypes into aegis.h 2021-03-19 21:59:45 +11:00
aes_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
aes_ti.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
af_alg.c crypto: af_alg - Fix merging of written data into spliced pages 2023-07-05 16:14:24 +08:00
ahash.c crypto: hash - Make crypto_ahash_alg helper available 2023-05-12 18:48:01 +08:00
akcipher.c crypto: akcipher - Do not copy dst if it is NULL 2023-06-27 17:59:52 +08:00
algapi.c crypto: engine - fix crypto_queue backlog handling 2023-04-28 17:50:43 +08:00
algboss.c crypto: algboss - compile out test-related code when tests disabled 2022-11-25 17:39:18 +08:00
algif_aead.c sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
algif_hash.c crypto: algif_hash - Fix race between MORE and non-MORE sends 2023-07-08 22:48:42 +10:00
algif_rng.c sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
algif_skcipher.c sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
ansi_cprng.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
anubis.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
api.c crypto: api - Add __crypto_alloc_tfmgfp 2023-06-23 16:15:36 +08:00
arc4.c crypto: arc4 - mark ecb(arc4) skcipher as obsolete 2020-09-11 14:39:16 +10:00
aria_generic.c crypto: x86/aria - do not use magic number offsets of aria_ctx 2023-01-06 17:15:47 +08:00
authenc.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
authencesn.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
blake2b_generic.c crypto: blake2b - update file comment 2021-01-03 08:41:39 +11:00
blowfish_common.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
blowfish_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
camellia_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
cast5_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
cast6_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
cast_common.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 44 2019-05-24 17:27:12 +02:00
cbc.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
ccm.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
cfb.c crypto: cleanup comments 2022-03-03 10:49:20 +12:00
chacha20poly1305.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
chacha_generic.c crypto: chacha_generic - remove unnecessary setkey() functions 2019-11-22 18:48:39 +08:00
cipher.c crypto: cipher - On clone do crypto_mod_get() 2023-06-23 16:15:36 +08:00
cmac.c crypto: cmac - Add support for cloning 2023-05-24 18:12:33 +08:00
compress.c crypto: compress - remove crt_u.compress (struct compress_tfm) 2019-12-11 16:37:01 +08:00
compress.h crypto: acomp - Count error stats differently 2023-03-14 17:06:42 +08:00
crc32_generic.c crypto: crc32-generic - Use SPDX-License-Identifier 2021-04-16 21:24:27 +10:00
crc32c_generic.c crypto: crc32c_generic - delete and fix duplicated words 2020-08-21 14:45:25 +10:00
crc64_rocksoft_generic.c crypto: add rocksoft 64b crc guard tag framework 2022-03-07 12:48:35 -07:00
crct10dif_common.c crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
crct10dif_generic.c crypto: crct10dif_generic - fix duplicated words 2020-08-21 14:45:25 +10:00
cryptd.c crypto: cryptd - Add support for cloning hashes 2023-04-20 18:20:04 +08:00
crypto_engine.c crypto: engine - fix crypto_queue backlog handling 2023-04-28 17:50:43 +08:00
crypto_null.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
crypto_user_base.c crypto: algapi - make unregistration functions return void 2019-12-20 14:58:35 +08:00
crypto_user_stat.c crypto: rng - Count error stats differently 2023-03-14 17:06:42 +08:00
ctr.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
cts.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
curve25519-generic.c crypto: add __init/__exit annotations to init/exit funcs 2022-09-24 16:14:43 +08:00
deflate.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
des_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
dh_helper.c crypto: dh - split out deserialization code from crypto_dh_decode() 2022-03-03 10:47:50 +12:00
dh.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
drbg.c crypto: drbg - Only fail when jent is unavailable in FIPS mode 2023-04-06 16:18:53 +08:00
ecb.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
ecc_curve_defs.h Merge branch 'ecc' 2021-03-26 19:55:55 +11:00
ecc.c crypto: ecc - Silence sparse warning 2023-02-14 13:39:33 +08:00
ecdh_helper.c crypto: ecdh - move curve_id of ECDH from the key to algorithm name 2021-03-13 00:04:03 +11:00
ecdh.c crypto: add __init/__exit annotations to init/exit funcs 2022-09-24 16:14:43 +08:00
ecdsa.c crypto: add __init/__exit annotations to init/exit funcs 2022-09-24 16:14:43 +08:00
ecdsasignature.asn1 crypto: ecdsa - Add support for ECDSA signature verification 2021-03-26 19:41:58 +11:00
echainiv.c crypto: geniv - remove unneeded arguments from aead_geniv_alloc() 2020-07-16 21:49:07 +10:00
ecrdsa_defs.h crypto: ecc - Move ecc.h to include/crypto/internal 2021-10-29 21:04:03 +08:00
ecrdsa_params.asn1 crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecrdsa_pub_key.asn1 crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecrdsa.c crypto: ecrdsa - Fix incorrect use of vli_cmp 2022-04-29 13:44:58 +08:00
essiv.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
fcrypt.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
fips.c crypto: fips - simplify one-level sysctl registration for crypto_sysctl_table 2023-03-17 11:16:44 +08:00
gcm.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
geniv.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
ghash-generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
hash_info.c crypto: rename sm3-256 to sm3 in hash_algo_name 2020-02-18 07:35:49 -05:00
hash.h crypto: hash - Add crypto_clone_ahash/shash 2023-04-20 18:20:04 +08:00
hctr2.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
hmac.c crypto: hmac - Add missing blank line 2023-06-16 20:30:35 +08:00
internal.h crypto: sig - Fix verify call 2023-06-27 15:40:24 +08:00
jitterentropy-kcapi.c crypto: jitter - add interface for gathering of raw entropy 2023-05-12 18:48:01 +08:00
jitterentropy-testing.c crypto: jitter - add interface for gathering of raw entropy 2023-05-12 18:48:01 +08:00
jitterentropy.c crypto: jitter - correct health test during initialization 2023-06-02 18:21:32 +08:00
jitterentropy.h crypto: jitter - add interface for gathering of raw entropy 2023-05-12 18:48:01 +08:00
Kconfig crypto: sig - Add interface for sign/verify 2023-06-23 16:15:36 +08:00
kdf_sp800108.c crypto: kdf - silence noisy self-test 2022-11-25 17:39:18 +08:00
keywrap.c crypto: keywrap - Remove else after break statement 2021-04-02 18:28:13 +11:00
khazad.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
kpp.c crypto: api - Fix CRYPTO_USER checks for report function 2023-05-02 18:22:24 +08:00
lrw.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
lz4.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lz4hc.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lzo-rle.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lzo.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
Makefile crypto: sig - Add interface for sign/verify 2023-06-23 16:15:36 +08:00
md4.c crypto: make all generic algorithms set cra_driver_name 2019-06-13 14:31:39 +08:00
md5.c crypto: md5 - remove unused macros 2020-02-28 08:43:21 +08:00
michael_mic.c crypto: michael_mic - fix broken misalignment handling 2021-02-10 17:55:55 +11:00
nhpoly1305.c crypto: poly1305 - add new 32 and 64-bit generic versions 2020-01-16 15:18:12 +08:00
ofb.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
pcbc.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
pcrypt.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
poly1305_generic.c crypto: poly1305 - add new 32 and 64-bit generic versions 2020-01-16 15:18:12 +08:00
polyval-generic.c crypto: x86/polyval - Add PCLMULQDQ accelerated implementation of POLYVAL 2022-06-10 16:40:17 +08:00
proc.c crypto: proc - Print fips status 2023-02-14 13:39:33 +08:00
ripemd.h crypto: rmd320 - remove RIPE-MD 320 hash algorithm 2021-01-29 16:07:04 +11:00
rmd160.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
rng.c crypto: api - Fix CRYPTO_USER checks for report function 2023-05-02 18:22:24 +08:00
rsa_helper.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
rsa-pkcs1pad.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
rsa.c crypto: rsa - allow only odd e and restrict value in FIPS mode 2023-06-23 16:15:36 +08:00
rsaprivkey.asn1 crypto: rsa - Store rest of the private key components 2016-07-05 23:05:26 +08:00
rsapubkey.asn1 crypto: akcipher - Changes to asymmetric key API 2015-10-14 22:23:16 +08:00
scatterwalk.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
scompress.c crypto: api - Fix CRYPTO_USER checks for report function 2023-05-02 18:22:24 +08:00
seed.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
seqiv.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
serpent_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
sha1_generic.c crypto: sha - split sha.h into sha1.h and sha2.h 2020-11-20 14:45:33 +11:00
sha3_generic.c crypto: Replace HTTP links with HTTPS ones 2020-07-23 17:34:20 +10:00
sha256_generic.c crypto: sha256 - remove duplicate generic hash init function 2021-12-31 18:10:54 +11:00
sha512_generic.c crypto: sha512 - remove imaginary and mystifying clearing of variables 2021-08-27 16:30:19 +08:00
shash.c crypto: shash - Allow cloning on algorithms with no init_tfm 2023-05-24 18:12:33 +08:00
sig.c crypto: sig - Fix verify call 2023-06-27 15:40:24 +08:00
simd.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
skcipher.c crypto: api - Fix CRYPTO_USER checks for report function 2023-05-02 18:22:24 +08:00
sm2.c KEYS: asymmetric: Move sm2 code into x509_public_key 2023-06-23 16:15:37 +08:00
sm2signature.asn1 crypto: sm2 - introduce OSCCA SM2 asymmetric cipher algorithm 2020-09-25 17:48:54 +10:00
sm3_generic.c crypto: sm3 - make dependent on sm3 library 2022-01-28 16:51:11 +11:00
sm3.c crypto: sm3,sm4 - move into crypto directory 2022-04-08 16:11:48 +08:00
sm4_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
sm4.c crypto: sm4 - export sm4 constant arrays 2022-04-08 16:12:46 +08:00
streebog_generic.c crypto: streebog - remove two unused variables 2019-08-15 21:52:14 +10:00
tcrypt.c crypto: api - Move low-level functions into algapi.h 2023-04-14 18:59:34 +08:00
tcrypt.h crypto: tcrypt - include larger key sizes in RFC4106 benchmark 2023-01-20 18:29:31 +08:00
tea.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
testmgr.c crypto: testmgr - Add some test vectors for cmac(camellia) 2023-04-20 18:20:04 +08:00
testmgr.h crypto: testmgr - Add some test vectors for cmac(camellia) 2023-04-20 18:20:04 +08:00
twofish_common.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
twofish_generic.c crypto: Prepare to move crypto_tfm_ctx 2022-12-02 18:12:40 +08:00
vmac.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
wp512.c crypto: wp512 - disable kmsan checks in wp512_process_buffer() 2022-12-30 22:56:27 +08:00
xcbc.c crypto: remove cipher routines from public crypto API 2021-01-03 08:41:35 +11:00
xctr.c crypto: xctr - Add XCTR support 2022-06-10 16:40:16 +08:00
xor.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2021-02-21 17:23:56 -08:00
xts.c crypto: api - Use data directly in completion function 2023-02-13 18:35:14 +08:00
xxhash_generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
zstd.c lib: zstd: Add kernel-specific API 2021-11-08 16:55:21 -08:00