leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2c7fd3675e
linux/crypto/asymmetric_keys
History
David Howells 2c7fd3675e PKCS#7: Check content type and versions 
We only support PKCS#7 signed-data [RFC2315 sec 9] content at the top level,
so reject anything else.  Further, check that the version numbers in
SignedData and SignerInfo are 1 in both cases.

Note that we don't restrict the inner content type.  In the PKCS#7 code we
don't parse the data attached there, but merely verify the signature over
it.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-By: David Woodhouse <David.Woodhouse@intel.com>
2015-08-12 17:01:00 +01:00
..
.gitignore X.509: Add a crypto key parser for binary (DER) X.509 certificates 2012-10-08 13:50:22 +10:30
asymmetric_keys.h KEYS: fix "ca_keys=" partial key matching 2015-05-21 13:58:59 -04:00
asymmetric_type.c KEYS: fix "ca_keys=" partial key matching 2015-05-21 13:58:59 -04:00
Kconfig Merge branch 'keys-fixes' into keys-next 2014-07-22 21:55:45 +01:00
Makefile X.509: Extract both parts of the AuthorityKeyIdentifier 2015-08-07 16:26:13 +01:00
mscode_parser.c pefile: Handle pesign using the wrong OID 2014-07-09 14:58:37 +01:00
mscode.asn1 pefile: Parse the "Microsoft individual code signing" data blob 2014-07-09 14:58:37 +01:00
pkcs7_key_type.c crypto/asymmetric_keys: pkcs7_key_type needs module.h 2015-06-16 14:12:26 -04:00
pkcs7_parser.c PKCS#7: Check content type and versions 2015-08-12 17:01:00 +01:00
pkcs7_parser.h PKCS#7: Better handling of unsupported crypto 2014-09-16 17:36:15 +01:00
pkcs7_trust.c X.509: Support X.509 lookup by Issuer+Serial form AuthorityKeyIdentifier 2015-08-07 16:26:13 +01:00
pkcs7_verify.c PKCS#7: Allow detached data to be supplied for signature checking purposes 2015-08-07 16:26:13 +01:00
pkcs7.asn1 PKCS#7: Check content type and versions 2015-08-12 17:01:00 +01:00
public_key.c KEYS: Fix public_key asymmetric key subtype name 2014-09-03 10:27:28 +10:00
public_key.h KEYS: Split public_key_verify_signature() and make available 2013-09-25 17:17:00 +01:00
rsa.c crypto: asymmetric_keys/rsa - Use non-conflicting variable name 2015-06-25 23:18:33 +08:00
signature.c KEYS: Set pr_fmt() in asymmetric key signature handling 2014-09-03 11:08:45 +10:00
verify_pefile.c PEFILE: Relax the check on the length of the PKCS#7 cert 2014-09-03 10:30:24 +10:00
verify_pefile.h pefile: Parse the "Microsoft individual code signing" data blob 2014-07-09 14:58:37 +01:00
x509_akid.asn1 X.509: Extract both parts of the AuthorityKeyIdentifier 2015-08-07 16:26:13 +01:00
x509_cert_parser.c X.509: Extract both parts of the AuthorityKeyIdentifier 2015-08-07 16:26:13 +01:00
x509_parser.h X.509: Extract both parts of the AuthorityKeyIdentifier 2015-08-07 16:26:13 +01:00
x509_public_key.c X.509: Support X.509 lookup by Issuer+Serial form AuthorityKeyIdentifier 2015-08-07 16:26:13 +01:00
x509_rsakey.asn1 X.509: Add a crypto key parser for binary (DER) X.509 certificates 2012-10-08 13:50:22 +10:30
x509.asn1 X.509: Add bits needed for PKCS#7 2014-07-01 16:40:19 +01:00