Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / bda850cd214e90b1be0cc25bc48c4f6ac53eb543
commitbda850cd214e90b1be0cc25bc48c4f6ac53eb543[log] [tgz]
authorDavid Howells <dhowells@redhat.com>Wed Apr 06 16:14:24 2016 +0100
committerDavid Howells <dhowells@redhat.com>Wed Apr 06 16:14:24 2016 +0100
treeacb936239ac766592c557295aec265ec9a2d04fb
parente68503bd6836ba765dc8e0ee77ea675fedc07e41 [diff]
PKCS#7: Make trust determination dependent on contents of trust keyring

Make the determination of the trustworthiness of a key dependent on whether
a key that can verify it is present in the supplied ring of trusted keys
rather than whether or not the verifying key has KEY_FLAG_TRUSTED set.

verify_pkcs7_signature() will return -ENOKEY if the PKCS#7 message trust
chain cannot be verified.

Signed-off-by: David Howells <dhowells@redhat.com>
9 files changed
tree: acb936239ac766592c557295aec265ec9a2d04fb
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .get_maintainer.ignore
  24. .gitignore
  25. .mailmap
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS