3be4beaf7c
Only public keys, with certificates signed by an existing 'trusted' key on the system trusted keyring, should be added to a trusted keyring. This patch adds support for verifying a certificate's signature. This is derived from David Howells pkcs7_request_asymmetric_key() patch. Changelog v6: - on error free key - Dmitry - validate trust only for not already trusted keys - Dmitry - formatting cleanup Changelog: - define get_system_trusted_keyring() to fix kbuild issues Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> |
||
---|---|---|
.. | ||
asymmetric-parser.h | ||
asymmetric-subtype.h | ||
asymmetric-type.h | ||
big_key-type.h | ||
ceph-type.h | ||
dns_resolver-type.h | ||
encrypted-type.h | ||
keyring-type.h | ||
rxrpc-type.h | ||
system_keyring.h | ||
trusted-type.h | ||
user-type.h |