| /linux/crypto/asymmetric_keys/ |
| H A D | pkcs7_verify.c | 22 static int pkcs7_digest(struct pkcs7_message *pkcs7, in pkcs7_digest() argument
62 ret = crypto_shash_digest(desc, pkcs7->data, pkcs7->data_len, in pkcs7_digest()
125 int pkcs7_get_digest(struct pkcs7_message *pkcs7, const u8 **buf, u32 *len, in pkcs7_get_digest() argument
128 struct pkcs7_signed_info *sinfo = pkcs7->signed_infos; in pkcs7_get_digest()
137 ret = pkcs7_digest(pkcs7, sinfo); in pkcs7_get_digest()
158 static int pkcs7_find_key(struct pkcs7_message *pkcs7, in pkcs7_find_key() argument
166 for (x509 = pkcs7->certs; x509; x509 = x509->next, certix++) { in pkcs7_find_key()
193 static int pkcs7_verify_sig_chain(struct pkcs7_message *pkcs7, in pkcs7_verify_sig_chain() argument
203 for (p = pkcs7->certs; p; p = p->next) in pkcs7_verify_sig_chain()
251 for (p = pkcs7->certs; p; p = p->next) { in pkcs7_verify_sig_chain()
[all …]
|
| H A D | selftest.c | 40 struct pkcs7_message *pkcs7; in fips_signature_selftest() local
42 pkcs7 = pkcs7_parse_message(sig, sig_len); in fips_signature_selftest()
43 if (IS_ERR(pkcs7)) in fips_signature_selftest()
46 pkcs7_supply_detached_data(pkcs7, data, data_len); in fips_signature_selftest()
48 ret = pkcs7_verify(pkcs7, VERIFYING_MODULE_SIGNATURE); in fips_signature_selftest()
52 ret = pkcs7_validate_trust(pkcs7, keyring); in fips_signature_selftest()
56 pkcs7_free_message(pkcs7); in fips_signature_selftest()
|
| H A D | pkcs7_parser.c | 57 void pkcs7_free_message(struct pkcs7_message *pkcs7) in pkcs7_free_message() argument
62 if (pkcs7) { in pkcs7_free_message()
63 while (pkcs7->certs) { in pkcs7_free_message()
64 cert = pkcs7->certs; in pkcs7_free_message()
65 pkcs7->certs = cert->next; in pkcs7_free_message()
68 while (pkcs7->crl) { in pkcs7_free_message()
69 cert = pkcs7->crl; in pkcs7_free_message()
70 pkcs7->crl = cert->next; in pkcs7_free_message()
73 while (pkcs7->signed_infos) { in pkcs7_free_message()
74 sinfo = pkcs7->signed_infos; in pkcs7_free_message()
[all …]
|
| H A D | Makefile | 55 pkcs7.asn1.o \
60 $(obj)/pkcs7_parser.o: $(obj)/pkcs7.asn1.h
61 $(obj)/pkcs7.asn1.o: $(obj)/pkcs7.asn1.c $(obj)/pkcs7.asn1.h
|
| H A D | pkcs7_trust.c | 22 static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, in pkcs7_validate_trust_one() argument
158 int pkcs7_validate_trust(struct pkcs7_message *pkcs7, in pkcs7_validate_trust() argument
166 for (p = pkcs7->certs; p; p = p->next) in pkcs7_validate_trust()
169 for (sinfo = pkcs7->signed_infos; sinfo; sinfo = sinfo->next) { in pkcs7_validate_trust()
170 ret = pkcs7_validate_trust_one(pkcs7, sinfo, trust_keyring); in pkcs7_validate_trust()
|
| H A D | verify_pefile.c | 126 const u8 *pkcs7; in pefile_strip_sig_wrapper() local
172 pkcs7 = pebuf + ctx->sig_offset; in pefile_strip_sig_wrapper()
173 if (pkcs7[0] != (ASN1_CONS_BIT | ASN1_SEQ)) in pefile_strip_sig_wrapper()
176 switch (pkcs7[1]) { in pefile_strip_sig_wrapper()
178 len = pkcs7[1] + 2; in pefile_strip_sig_wrapper()
183 len = pkcs7[2] + 3; in pefile_strip_sig_wrapper()
186 len = ((pkcs7[2] << 8) | pkcs7[3]) + 4; in pefile_strip_sig_wrapper()
|
| /linux/include/crypto/ |
| H A D | pkcs7.h | 23 extern void pkcs7_free_message(struct pkcs7_message *pkcs7);
25 extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
32 extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
38 extern int pkcs7_verify(struct pkcs7_message *pkcs7,
41 extern int pkcs7_supply_detached_data(struct pkcs7_message *pkcs7,
44 extern int pkcs7_get_digest(struct pkcs7_message *pkcs7, const u8 **buf,
|
| /linux/security/ipe/ |
| H A D | policy.c | 58 if (!p->pkcs7) in ipe_free_policy()
60 kfree(p->pkcs7); in ipe_free_policy()
91 const char *pkcs7, size_t pkcs7len) in ipe_update_policy() argument
100 new = ipe_new_policy(text, textlen, pkcs7, pkcs7len); in ipe_update_policy()
155 const char *pkcs7, size_t pkcs7len) in ipe_new_policy() argument
166 new->pkcs7 = kmemdup(pkcs7, pkcs7len, GFP_KERNEL); in ipe_new_policy()
167 if (!new->pkcs7) { in ipe_new_policy()
172 rc = verify_pkcs7_signature(NULL, 0, new->pkcs7, pkcs7len, in ipe_new_policy()
182 rc = verify_pkcs7_signature(NULL, 0, new->pkcs7, pkcs7len, in ipe_new_policy()
|
| H A D | policy.h | 79 const char *pkcs7; member
91 const char *pkcs7, size_t pkcs7len);
94 const char *pkcs7, size_t pkcs7len);
|
| H A D | policy_tests.c | 262 KUNIT_EXPECT_PTR_EQ(test, NULL, pol->pkcs7); in ipe_parser_unsigned_test()
|
| H A D | policy_fs.c | 58 if (!p->pkcs7) { in read_pkcs7()
63 rc = simple_read_from_buffer(data, len, offset, p->pkcs7, p->pkcs7len); in read_pkcs7()
|
| H A D | audit.c | 200 if (crypto_shash_update(desc, p->pkcs7, p->pkcs7len)) in audit_policy()
|
| /linux/certs/ |
| H A D | system_keyring.c | 312 struct pkcs7_message *pkcs7, in verify_pkcs7_message_sig() argument
323 if (data && pkcs7_supply_detached_data(pkcs7, data, len) < 0) { in verify_pkcs7_message_sig()
329 ret = pkcs7_verify(pkcs7, usage); in verify_pkcs7_message_sig()
333 ret = is_key_on_revocation_list(pkcs7); in verify_pkcs7_message_sig()
359 ret = pkcs7_validate_trust(pkcs7, trusted_keys); in verify_pkcs7_message_sig()
369 ret = pkcs7_get_content_data(pkcs7, &data, &len, &asn1hdrlen); in verify_pkcs7_message_sig()
405 struct pkcs7_message *pkcs7; in verify_pkcs7_signature() local
408 pkcs7 = pkcs7_parse_message(raw_pkcs7, pkcs7_len); in verify_pkcs7_signature()
409 if (IS_ERR(pkcs7)) in verify_pkcs7_signature()
410 return PTR_ERR(pkcs7); in verify_pkcs7_signature()
[all …]
|
| H A D | blacklist.c | 288 int is_key_on_revocation_list(struct pkcs7_message *pkcs7) in is_key_on_revocation_list() argument
292 ret = pkcs7_validate_trust(pkcs7, blacklist_keyring); in is_key_on_revocation_list()
|
| /linux/include/keys/ |
| H A D | system_keyring.h | 76 extern struct pkcs7_message *pkcs7;
98 extern int is_key_on_revocation_list(struct pkcs7_message *pkcs7);
104 static inline int is_key_on_revocation_list(struct pkcs7_message *pkcs7) in is_key_on_revocation_list() argument
|
| /linux/scripts/ |
| H A D | sign-file.c | 238 PKCS7 *pkcs7 = NULL; in main() local
333 pkcs7 = PKCS7_sign(x509, private_key, NULL, bm, in main()
336 ERR(!pkcs7, "PKCS7_sign"); in main()
351 ERR(i2d_PKCS7_bio(b, pkcs7) != 1, in main()
383 ERR(i2d_PKCS7_bio(bd, pkcs7) != 1, "%s", dest_name); in main()
|
| /linux/include/linux/ |
| H A D | verification.h | 57 struct pkcs7_message *pkcs7,
|
| /linux/Documentation/admin-guide/device-mapper/ |
| H A D | verity.rst | 134 the pkcs7 signature of the roothash. The pkcs7 signature is used to validate
|
| /linux/Documentation/admin-guide/LSM/ |
| H A D | ipe.rst | 251 Within this directory, there will be seven files: ``pkcs7``, ``policy``,
254 The ``pkcs7`` file is read-only. Reading it returns the raw PKCS#7 data
|
| /linux/Documentation/security/ |
| H A D | ipe.rst | 408 |- pkcs7
|
| /linux/Documentation/admin-guide/ |
| H A D | quickly-build-trimmed-linux.rst | 441 sudo dnf install binutils /usr/include/{libelf.h,openssl/pkcs7.h} \
|
| H A D | verify-bugs-and-bisect-regressions.rst | 1250 /usr/include/{libelf.h,openssl/pkcs7.h,zlib.h,ncurses.h,qt6/QtGui/QAction}
|