mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 05:48:40 +00:00
Code Issues Releases Wiki Activity
linux-stable/crypto/asymmetric_keys
History
David Howells ad3043fda3 X.509: Fix self-signed determination 
There's a bug in the code determining whether a certificate is self-signed
or not: if they have neither AKID nor SKID then we just assume that the
cert is self-signed, which may not be true.

Fix this by checking that the raw subject name matches the raw issuer name
and that the public key algorithm for the key and signature are both the
same in addition to requiring that the AKID bits match.

Signed-off-by: David Howells <dhowells@redhat.com>
2016-04-06 16:13:34 +01:00
..
.gitignore X.509: Add a crypto key parser for binary (DER) X.509 certificates 2012-10-08 13:50:22 +10:30
asymmetric_keys.h KEYS: Merge the type-specific data with the payload data 2015-10-21 15:18:36 +01:00
asymmetric_type.c KEYS: Allow authentication data to be stored in an asymmetric key 2016-04-06 16:13:33 +01:00
Kconfig akcipher: Move the RSA DER encoding check to the crypto layer 2016-03-03 21:49:27 +00:00
Makefile akcipher: Move the RSA DER encoding check to the crypto layer 2016-03-03 21:49:27 +00:00
mscode.asn1 pefile: Parse the "Microsoft individual code signing" data blob 2014-07-09 14:58:37 +01:00
mscode_parser.c X.509: Make algo identifiers text instead of enum 2016-03-03 21:49:27 +00:00
pkcs7.asn1 PKCS#7: Appropriately restrict authenticated attributes and content type 2015-08-12 17:01:01 +01:00
pkcs7_key_type.c PKCS#7: Add MODULE_LICENSE() to test module 2015-08-13 02:51:33 +01:00
pkcs7_parser.c PKCS#7: Make the signature a pointer rather than embedding it 2016-04-06 16:13:33 +01:00
pkcs7_parser.h PKCS#7: Make the signature a pointer rather than embedding it 2016-04-06 16:13:33 +01:00
pkcs7_trust.c PKCS#7: Make the signature a pointer rather than embedding it 2016-04-06 16:13:33 +01:00
pkcs7_verify.c X.509: Extract signature digest and make self-signed cert checks earlier 2016-04-06 16:13:34 +01:00
public_key.c KEYS: Allow authentication data to be stored in an asymmetric key 2016-04-06 16:13:33 +01:00
signature.c KEYS: Add identifier pointers to public_key_signature struct 2016-04-06 16:13:33 +01:00
verify_pefile.c X.509: Make algo identifiers text instead of enum 2016-03-03 21:49:27 +00:00
verify_pefile.h X.509: Make algo identifiers text instead of enum 2016-03-03 21:49:27 +00:00
x509.asn1 X.509: Add bits needed for PKCS#7 2014-07-01 16:40:19 +01:00
x509_akid.asn1 X.509: Extract both parts of the AuthorityKeyIdentifier 2015-08-07 16:26:13 +01:00
x509_cert_parser.c X.509: Extract signature digest and make self-signed cert checks earlier 2016-04-06 16:13:34 +01:00
x509_parser.h X.509: Extract signature digest and make self-signed cert checks earlier 2016-04-06 16:13:34 +01:00
x509_public_key.c X.509: Fix self-signed determination 2016-04-06 16:13:34 +01:00