summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorThiago Jung Bauermann <bauerman@linux.ibm.com>2019-06-27 23:19:26 -0300
committerMimi Zohar <zohar@linux.ibm.com>2019-08-05 18:40:19 -0400
commite201af16d1ec76ccd19b90484d767984ff451f18 (patch)
treef2e532988d868a67e3ca59c96e93a5a3e50f013f /security
parent2a7bf671186eb5d1a47ef192aefbdf788f5b38fe (diff)
downloadlinux-e201af16d1ec76ccd19b90484d767984ff451f18.tar.gz
linux-e201af16d1ec76ccd19b90484d767984ff451f18.tar.bz2
linux-e201af16d1ec76ccd19b90484d767984ff451f18.zip
PKCS#7: Introduce pkcs7_get_digest()
IMA will need to access the digest of the PKCS7 message (as calculated by the kernel) before the signature is verified, so introduce pkcs7_get_digest() for that purpose. Also, modify pkcs7_digest() to detect when the digest was already calculated so that it doesn't have to do redundant work. Verifying that sinfo->sig->digest isn't NULL is sufficient because both places which allocate sinfo->sig (pkcs7_parse_message() and pkcs7_note_signed_info()) use kzalloc() so sig->digest is always initialized to zero. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Cc: David Howells <dhowells@redhat.com> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions