PKCS#7: Allow detached data to be supplied for signature checking purposes - linux-dev - Linux kernel development work

diff options

author	David Howells <dhowells@redhat.com>	2015-07-20 21:16:26 +0100
committer	David Howells <dhowells@redhat.com>	2015-08-07 16:26:13 +0100
commit	4ebdb76f7da662346267384440492bb9d87c2aa3 (patch)
tree	53b863a630359237fc6dfdfc051a2aebbac5f7d1 /scripts/sign-file.c
parent	X.509: Support X.509 lookup by Issuer+Serial form AuthorityKeyIdentifier (diff)
download	linux-dev-4ebdb76f7da662346267384440492bb9d87c2aa3.tar.xz linux-dev-4ebdb76f7da662346267384440492bb9d87c2aa3.zip

PKCS#7: Allow detached data to be supplied for signature checking purposes

It is possible for a PKCS#7 message to have detached data. However, to verify the signatures on a PKCS#7 message, we have to be able to digest the data. Provide a function to supply that data. An error is given if the PKCS#7 message included embedded data. This is used in a subsequent patch to supply the data to module signing where the signature is in the form of a PKCS#7 message with detached data, whereby the detached data is the module content that is signed. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Vivek Goyal <vgoyal@redhat.com>

Diffstat (limited to 'scripts/sign-file.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: