linux/include/keys
Mimi Zohar 3be4beaf7c KEYS: verify a certificate is signed by a 'trusted' key
Only public keys, with certificates signed by an existing
'trusted' key on the system trusted keyring, should be added
to a trusted keyring.  This patch adds support for verifying
a certificate's signature.

This is derived from David Howells pkcs7_request_asymmetric_key() patch.

Changelog v6:
- on error free key - Dmitry
- validate trust only for not already trusted keys - Dmitry
- formatting cleanup

Changelog:
- define get_system_trusted_keyring() to fix kbuild issues

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
2014-07-17 09:35:15 -04:00
..
asymmetric-parser.h KEYS: Asymmetric key pluggable data parsers 2012-10-08 13:50:13 +10:30
asymmetric-subtype.h KEYS: Implement asymmetric key type 2012-10-08 13:50:12 +10:30
asymmetric-type.h KEYS: Implement asymmetric key type 2012-10-08 13:50:12 +10:30
big_key-type.h KEYS: Implement a big key type that can save to tmpfs 2013-09-24 10:35:18 +01:00
ceph-type.h libceph: Create a new key type "ceph". 2011-03-29 12:11:24 -07:00
dns_resolver-type.h DNS: Separate out CIFS DNS Resolver code 2010-08-05 17:17:51 +00:00
encrypted-type.h encrypted-keys: add key format support 2011-06-27 09:10:45 -04:00
keyring-type.h KEYS: Expand the capacity of a keyring 2013-09-24 10:35:18 +01:00
rxrpc-type.h RxRPC: Fix v1 keys 2011-03-02 22:18:53 -08:00
system_keyring.h KEYS: verify a certificate is signed by a 'trusted' key 2014-07-17 09:35:15 -04:00
trusted-type.h keys: add new trusted key-type 2010-11-29 08:55:25 +11:00
user-type.h KEYS: Add payload preparsing opportunity prior to key instantiate or update 2012-10-08 13:49:48 +10:30