Merge tag 'keys-pefile-20140709' into keys-next - linux

diff options

author	David Howells <dhowells@redhat.com>	2014-07-22 22:54:05 +0200
committer	David Howells <dhowells@redhat.com>	2014-07-22 22:54:05 +0200
commit	6204e0025566ad3992ce649d4f44b7e8cdde2293 (patch)
tree	bf851c8197aa6546c12c97cb205f9c75a7cae729 /security/keys
parent	Merge tag 'keys-pkcs7-20140708' into keys-next (diff)
parent	pefile: Validate PKCS#7 trust chain (diff)
download	linux-6204e0025566ad3992ce649d4f44b7e8cdde2293.tar.xz linux-6204e0025566ad3992ce649d4f44b7e8cdde2293.zip

Merge tag 'keys-pefile-20140709' into keys-next

Here's a set of changes that implement a PE file signature checker. This provides the following facility: (1) Extract the signature from the PE file. This is a PKCS#7 message containing, as its data, a hash of the signed parts of the file. (2) Digest the signed parts of the file. (3) Compare the digest with the one from the PKCS#7 message. (4) Validate the signatures on the PKCS#7 message and indicate whether it was matched by a trusted key. Signed-off-by: David Howells <dhowells@redhat.com>

Diffstat (limited to 'security/keys')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: