Searched refs:cert (Results 1 - 25 of 25) sorted by relevance

/linux-4.1.27/crypto/asymmetric_keys/
H A Dx509_public_key.c128 int x509_get_sig_params(struct x509_certificate *cert) x509_get_sig_params() argument
138 if (cert->unsupported_crypto) x509_get_sig_params()
140 if (cert->sig.rsa.s) x509_get_sig_params()
143 cert->sig.rsa.s = mpi_read_raw_data(cert->raw_sig, cert->raw_sig_size); x509_get_sig_params()
144 if (!cert->sig.rsa.s) x509_get_sig_params()
146 cert->sig.nr_mpi = 1; x509_get_sig_params()
151 tfm = crypto_alloc_shash(hash_algo_name[cert->sig.pkey_hash_algo], 0, 0); x509_get_sig_params()
154 cert->unsupported_crypto = true; x509_get_sig_params()
171 cert->sig.digest = digest; x509_get_sig_params()
172 cert->sig.digest_size = digest_size; x509_get_sig_params()
182 ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, digest); x509_get_sig_params()
194 struct x509_certificate *cert) x509_check_signature()
200 ret = x509_get_sig_params(cert); x509_check_signature()
204 ret = public_key_verify_signature(pub, &cert->sig); x509_check_signature()
206 cert->unsupported_crypto = true; x509_check_signature()
221 static int x509_validate_trust(struct x509_certificate *cert, x509_validate_trust() argument
230 if (ca_keyid && !asymmetric_key_id_partial(cert->akid_skid, ca_keyid)) x509_validate_trust()
233 key = x509_request_asymmetric_key(trust_keyring, cert->akid_skid, x509_validate_trust()
238 ret = x509_check_signature(key->payload.data, cert); x509_validate_trust()
250 struct x509_certificate *cert; x509_key_preparse() local
256 cert = x509_cert_parse(prep->data, prep->datalen); x509_key_preparse()
257 if (IS_ERR(cert)) x509_key_preparse()
258 return PTR_ERR(cert); x509_key_preparse()
260 pr_devel("Cert Issuer: %s\n", cert->issuer); x509_key_preparse()
261 pr_devel("Cert Subject: %s\n", cert->subject); x509_key_preparse()
263 if (cert->pub->pkey_algo >= PKEY_ALGO__LAST || x509_key_preparse()
264 cert->sig.pkey_algo >= PKEY_ALGO__LAST || x509_key_preparse()
265 cert->sig.pkey_hash_algo >= PKEY_HASH__LAST || x509_key_preparse()
266 !pkey_algo[cert->pub->pkey_algo] || x509_key_preparse()
267 !pkey_algo[cert->sig.pkey_algo] || x509_key_preparse()
268 !hash_algo_name[cert->sig.pkey_hash_algo]) { x509_key_preparse()
273 pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]); x509_key_preparse()
274 pr_devel("Cert Valid period: %lld-%lld\n", cert->valid_from, cert->valid_to); x509_key_preparse()
276 pkey_algo_name[cert->sig.pkey_algo], x509_key_preparse()
277 hash_algo_name[cert->sig.pkey_hash_algo]); x509_key_preparse()
279 cert->pub->algo = pkey_algo[cert->pub->pkey_algo]; x509_key_preparse()
280 cert->pub->id_type = PKEY_ID_X509; x509_key_preparse()
283 if (!cert->akid_skid || x509_key_preparse()
284 asymmetric_key_id_same(cert->skid, cert->akid_skid)) { x509_key_preparse()
285 ret = x509_check_signature(cert->pub, cert); /* self-signed */ x509_key_preparse()
289 ret = x509_validate_trust(cert, get_system_trusted_keyring()); x509_key_preparse()
295 sulen = strlen(cert->subject); x509_key_preparse()
296 if (cert->raw_skid) { x509_key_preparse()
297 srlen = cert->raw_skid_size; x509_key_preparse()
298 q = cert->raw_skid; x509_key_preparse()
300 srlen = cert->raw_serial_size; x509_key_preparse()
301 q = cert->raw_serial; x509_key_preparse()
308 p = memcpy(desc, cert->subject, sulen); x509_key_preparse()
318 kids->id[0] = cert->id; x509_key_preparse()
319 kids->id[1] = cert->skid; x509_key_preparse()
325 prep->payload[0] = cert->pub; x509_key_preparse()
330 cert->pub = NULL; x509_key_preparse()
331 cert->id = NULL; x509_key_preparse()
332 cert->skid = NULL; x509_key_preparse()
339 x509_free_certificate(cert); x509_key_preparse()
193 x509_check_signature(const struct public_key *pub, struct x509_certificate *cert) x509_check_signature() argument
H A Dx509_cert_parser.c25 struct x509_certificate *cert; /* Certificate being constructed */ member in struct:x509_parse_context
27 const void *cert_start; /* Start of cert content */
48 void x509_free_certificate(struct x509_certificate *cert) x509_free_certificate() argument
50 if (cert) { x509_free_certificate()
51 public_key_destroy(cert->pub); x509_free_certificate()
52 kfree(cert->issuer); x509_free_certificate()
53 kfree(cert->subject); x509_free_certificate()
54 kfree(cert->id); x509_free_certificate()
55 kfree(cert->skid); x509_free_certificate()
56 kfree(cert->akid_id); x509_free_certificate()
57 kfree(cert->akid_skid); x509_free_certificate()
58 kfree(cert->sig.digest); x509_free_certificate()
59 mpi_free(cert->sig.rsa.s); x509_free_certificate()
60 kfree(cert); x509_free_certificate()
70 struct x509_certificate *cert; x509_cert_parse() local
76 cert = kzalloc(sizeof(struct x509_certificate), GFP_KERNEL); x509_cert_parse()
77 if (!cert) x509_cert_parse()
79 cert->pub = kzalloc(sizeof(struct public_key), GFP_KERNEL); x509_cert_parse()
80 if (!cert->pub) x509_cert_parse()
86 ctx->cert = cert; x509_cert_parse()
112 /* Generate cert issuer + serial number key ID */ x509_cert_parse()
113 kid = asymmetric_key_generate_id(cert->raw_serial, x509_cert_parse()
114 cert->raw_serial_size, x509_cert_parse()
115 cert->raw_issuer, x509_cert_parse()
116 cert->raw_issuer_size); x509_cert_parse()
121 cert->id = kid; x509_cert_parse()
124 return cert; x509_cert_parse()
129 x509_free_certificate(cert); x509_cert_parse()
168 ctx->cert->tbs = value - hdrlen; x509_note_tbs_certificate()
169 ctx->cert->tbs_size = vlen + hdrlen; x509_note_tbs_certificate()
191 ctx->cert->sig.pkey_hash_algo = HASH_ALGO_MD5; x509_note_pkey_algo()
192 ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; x509_note_pkey_algo()
196 ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA1; x509_note_pkey_algo()
197 ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; x509_note_pkey_algo()
201 ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA256; x509_note_pkey_algo()
202 ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; x509_note_pkey_algo()
206 ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA384; x509_note_pkey_algo()
207 ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; x509_note_pkey_algo()
211 ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA512; x509_note_pkey_algo()
212 ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; x509_note_pkey_algo()
216 ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA224; x509_note_pkey_algo()
217 ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; x509_note_pkey_algo()
237 pr_warn("Got cert with pkey (%u) and sig (%u) algorithm OIDs\n", x509_note_signature()
242 ctx->cert->raw_sig = value; x509_note_signature()
243 ctx->cert->raw_sig_size = vlen; x509_note_signature()
255 ctx->cert->raw_serial = value; x509_note_serial()
256 ctx->cert->raw_serial_size = vlen; x509_note_serial()
372 ctx->cert->raw_issuer = value; x509_note_issuer()
373 ctx->cert->raw_issuer_size = vlen; x509_note_issuer()
374 return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->issuer, vlen); x509_note_issuer()
382 ctx->cert->raw_subject = value; x509_note_subject()
383 ctx->cert->raw_subject_size = vlen; x509_note_subject()
384 return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->subject, vlen); x509_note_subject()
399 ctx->cert->pub->pkey_algo = PKEY_ALGO_RSA; x509_extract_key_data()
417 if (ctx->nr_mpi >= ARRAY_SIZE(ctx->cert->pub->mpi)) { rsa_extract_mpi()
426 ctx->cert->pub->mpi[ctx->nr_mpi++] = mpi; rsa_extract_mpi()
448 if (ctx->cert->skid || vlen < 3) x509_process_extension()
455 ctx->cert->raw_skid_size = vlen; x509_process_extension()
456 ctx->cert->raw_skid = v; x509_process_extension()
457 kid = asymmetric_key_generate_id(ctx->cert->raw_subject, x509_process_extension()
458 ctx->cert->raw_subject_size, x509_process_extension()
462 ctx->cert->skid = kid; x509_process_extension()
575 return x509_decode_time(&ctx->cert->valid_from, hdrlen, tag, value, vlen); x509_note_not_before()
583 return x509_decode_time(&ctx->cert->valid_to, hdrlen, tag, value, vlen); x509_note_not_after()
598 if (ctx->cert->akid_skid) x509_akid_note_kid()
601 kid = asymmetric_key_generate_id(ctx->cert->raw_issuer, x509_akid_note_kid()
602 ctx->cert->raw_issuer_size, x509_akid_note_kid()
607 ctx->cert->akid_skid = kid; x509_akid_note_kid()
639 if (!ctx->akid_raw_issuer || ctx->cert->akid_id) x509_akid_note_serial()
650 ctx->cert->akid_id = kid; x509_akid_note_serial()
H A Dpkcs7_parser.c57 struct x509_certificate *cert; pkcs7_free_message() local
62 cert = pkcs7->certs; pkcs7_free_message()
63 pkcs7->certs = cert->next; pkcs7_free_message()
64 x509_free_certificate(cert); pkcs7_free_message()
67 cert = pkcs7->crl; pkcs7_free_message()
68 pkcs7->crl = cert->next; pkcs7_free_message()
69 x509_free_certificate(cert); pkcs7_free_message()
118 struct x509_certificate *cert = ctx->certs; pkcs7_parse_message() local
119 ctx->certs = cert->next; pkcs7_parse_message()
120 x509_free_certificate(cert); pkcs7_parse_message()
260 pr_debug("Got cert %u for %s\n", x509->index, x509->subject); pkcs7_extract_cert()
277 pr_devel("Got cert list (%02x)\n", tag); pkcs7_note_certificate_list()
401 /* Generate cert issuer + serial number key ID */ pkcs7_note_signed_info()
H A Dx509_parser.h50 extern void x509_free_certificate(struct x509_certificate *cert);
59 extern int x509_get_sig_params(struct x509_certificate *cert);
61 struct x509_certificate *cert);
H A Dpkcs7_verify.c138 * encode the fields from the X.509 cert in the same way in the pkcs7_find_key()
144 pr_devel("Sig %u: Found cert serial match X.509[%u]\n", pkcs7_find_key()
157 /* The relevant X.509 cert isn't found here, but it might be found in pkcs7_find_key()
160 pr_debug("Sig %u: Issuing X.509 cert not found (#%*phN)\n", pkcs7_find_key()
198 * of the chain. Likewise if the cert is its own pkcs7_verify_sig_chain()
256 * validatable against an X.509 cert lower in the chain that we have a pkcs7_verify_sig_chain()
309 * of the X.509 certificates it carries that matches another X.509 cert in the
H A Dpkcs7_parser.h36 /* Issuing cert serial number and issuer's name */
H A Dpkcs7_trust.c93 pr_devel("sinfo %u: Root cert %u signer is key %x\n", pkcs7_validate_trust_one()
H A Dverify_pefile.c110 pr_debug("cert = %x @%x [%*ph]\n", pefile_parse_binary()
171 /* What's left should be a PKCS#7 cert */ pefile_strip_sig_wrapper()
/linux-4.1.27/kernel/
H A Dsystem_keyring.c66 /* Each cert begins with an ASN.1 SEQUENCE tag and must be more load_system_certificate_list()
93 pr_notice("Loaded X.509 cert '%s'\n", load_system_certificate_list()
H A DMakefile148 cmd_x509certs = cat $(X509_CERTIFICATES) /dev/null >$@ $(foreach X509,$(X509_CERTIFICATES),; $(kecho) " - Including cert $(X509)")
/linux-4.1.27/security/integrity/
H A Ddigsig.c114 pr_notice("Loaded X.509 cert '%s': %s\n", integrity_load_x509()
/linux-4.1.27/scripts/
H A Dsign-file197 my $cert = asn1_extract($cursor, $UNIV | $CONS | $SEQUENCE);
198 my $tbs = asn1_extract($cert->[1], $UNIV | $CONS | $SEQUENCE);
/linux-4.1.27/drivers/isdn/hisax/
H A Disdnl3.c11 * Documentation/isdn/HiSax.cert
H A Dtei.c11 * Documentation/isdn/HiSax.cert
H A Disac.c12 * Documentation/isdn/HiSax.cert
H A Disdnl1.c13 * Documentation/isdn/HiSax.cert
H A Dl3_1tr6.c12 * Documentation/isdn/HiSax.cert
H A Ddiva.c12 * Documentation/isdn/HiSax.cert
H A Dcallc.c10 * Documentation/isdn/HiSax.cert
H A Dconfig.c11 * Documentation/isdn/HiSax.cert
H A Delsa.c12 * Documentation/isdn/HiSax.cert
H A Disdnl2.c11 * Documentation/isdn/HiSax.cert
H A Dhfc_pci.c14 * Documentation/isdn/HiSax.cert
H A Dl3dss1.c15 * Documentation/isdn/HiSax.cert
/linux-4.1.27/drivers/isdn/mISDN/
H A Ddsp_core.c8 * ../../../Documentation/isdn/mISDN.cert

Completed in 487 milliseconds