18 Apr, 2019

1 commit

• f1774cb89   X.509: parse public key parameters from x509 for akcipher ... Browse Code »

  Some public key algorithms (like EC-DSA) keep in parameters field
  important data such as digest and curve OIDs (possibly more for
  different EC-DSA variants). Thus, just setting a public key (as
  for RSA) is not enough.

  Append parameters into the key stream for akcipher_set_{pub,priv}_key.
  Appended data is: (u32) algo OID, (u32) parameters length, parameters
  data.

  This does not affect current akcipher API nor RSA ciphers (they could
  ignore it). Idea of appending parameters to the key stream is by Herbert
  Xu.

  Cc: David Howells
  Cc: Denis Kenzior
  Cc: keyrings@vger.kernel.org
  Signed-off-by: Vitaly Chikunov
  Reviewed-by: Denis Kenzior
  Signed-off-by: Herbert Xu

  Vitaly Chikunov

  2019-04-18 22:15:02 +0800  

01 Jul, 2014

1 commit

• 84aabd46b   X.509: Add bits needed for PKCS#7 ... Browse Code »

  PKCS#7 validation requires access to the serial number and the raw names in an
  X.509 certificate.

  Signed-off-by: David Howells
  Reviewed-by: Kees Cook
  Reviewed-by: Josh Boyer

  David Howells

  2014-07-01 23:40:19 +0800  

08 Oct, 2012

1 commit

• c26fd69fa   X.509: Add a crypto key parser for binary (DER) X.509 certificates ... Browse Code »

  Add a crypto key parser for binary (DER) encoded X.509 certificates. The
  certificate is parsed and, if possible, the signature is verified.

  An X.509 key can be added like this:

  # keyctl padd crypto bar @s
  Signed-off-by: Rusty Russell

  David Howells

  2012-10-08 11:20:22 +0800