projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 99d27b1) | patch
PKCS#7: Check content type and versions
authorDavid Howells <dhowells@redhat.com>
Mon, 20 Jul 2015 20:16:31 +0000 (21:16 +0100)
committerDavid Howells <dhowells@redhat.com>
Wed, 12 Aug 2015 16:01:00 +0000 (17:01 +0100)
commit2c7fd3675ef1867d0d0c39e9f0bb5ddb67bfc7a7
treef76418aad41317e825944e4ca96657f489b13cb2tree | snapshot
parent99d27b1b52bd5cdf9bd9f7661ca8641e9a1b55e6commit | diff
PKCS#7: Check content type and versions

We only support PKCS#7 signed-data [RFC2315 sec 9] content at the top level,
so reject anything else.  Further, check that the version numbers in
SignedData and SignerInfo are 1 in both cases.

Note that we don't restrict the inner content type.  In the PKCS#7 code we
don't parse the data attached there, but merely verify the signature over
it.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-By: David Woodhouse <David.Woodhouse@intel.com>
crypto/asymmetric_keys/pkcs7.asn1 diff | blob | blame | history
crypto/asymmetric_keys/pkcs7_parser.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)