| system_keyring.c (35bb28ece90dfb7f72b77ba529f25f79323d9581) | system_keyring.c (56c5812623f95313f6a46fbf0beee7fa17c68bbf) |
|---|---|
| 1// SPDX-License-Identifier: GPL-2.0-or-later 2/* System trusted keyring for trusted public keys 3 * 4 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8#include <linux/export.h> --- 228 unchanged lines hidden (view full) --- 237#else 238 trusted_keys = NULL; 239#endif 240 if (!trusted_keys) { 241 ret = -ENOKEY; 242 pr_devel("PKCS#7 platform keyring is not available\n"); 243 goto error; 244 } | 1// SPDX-License-Identifier: GPL-2.0-or-later 2/* System trusted keyring for trusted public keys 3 * 4 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8#include <linux/export.h> --- 228 unchanged lines hidden (view full) --- 237#else 238 trusted_keys = NULL; 239#endif 240 if (!trusted_keys) { 241 ret = -ENOKEY; 242 pr_devel("PKCS#7 platform keyring is not available\n"); 243 goto error; 244 } |
| 245 246 ret = is_key_on_revocation_list(pkcs7); 247 if (ret != -ENOKEY) { 248 pr_devel("PKCS#7 platform key is on revocation list\n"); 249 goto error; 250 } |
|
| 245 } 246 ret = pkcs7_validate_trust(pkcs7, trusted_keys); 247 if (ret < 0) { 248 if (ret == -ENOKEY) 249 pr_devel("PKCS#7 signature not signed with a trusted key\n"); 250 goto error; 251 } 252 --- 63 unchanged lines hidden --- | 251 } 252 ret = pkcs7_validate_trust(pkcs7, trusted_keys); 253 if (ret < 0) { 254 if (ret == -ENOKEY) 255 pr_devel("PKCS#7 signature not signed with a trusted key\n"); 256 goto error; 257 } 258 --- 63 unchanged lines hidden --- |