- 26 9月, 2013 2 次提交
-
-
由 David Howells 提交于
Store public key algorithm ID in public_key_signature struct for reference purposes. This allows a public_key_signature struct to be embedded in struct x509_certificate and other places more easily. Signed-off-by: NDavid Howells <dhowells@redhat.com> Reviewed-by: NKees Cook <keescook@chromium.org> Reviewed-by: NJosh Boyer <jwboyer@redhat.com>
-
由 David Howells 提交于
Store public key algo ID in public_key struct for reference purposes. This allows it to be removed from the x509_certificate struct and used to find a default in public_key_verify_signature(). Signed-off-by: NDavid Howells <dhowells@redhat.com> Reviewed-by: NKees Cook <keescook@chromium.org> Reviewed-by: NJosh Boyer <jwboyer@redhat.com>
-
- 25 9月, 2013 2 次提交
-
-
由 David Howells 提交于
Move the public-key algorithm pointer array from x509_public_key.c to public_key.c as it isn't X.509 specific. Note that to make this configure correctly, the public key part must be dependent on the RSA module rather than the other way round. This needs a further patch to make use of the crypto module loading stuff rather than using a fixed table. Signed-off-by: NDavid Howells <dhowells@redhat.com> Reviewed-by: NKees Cook <keescook@chromium.org> Reviewed-by: NJosh Boyer <jwboyer@redhat.com>
-
由 David Howells 提交于
Rename the arrays of public key parameters (public key algorithm names, hash algorithm names and ID type names) so that the array name ends in "_name". Signed-off-by: NDavid Howells <dhowells@redhat.com> Reviewed-by: NKees Cook <keescook@chromium.org> Reviewed-by: NJosh Boyer <jwboyer@redhat.com>
-
- 08 10月, 2012 2 次提交
-
-
由 David Howells 提交于
Provide signature verification using an asymmetric-type key to indicate the public key to be used. The API is a single function that can be found in crypto/public_key.h: int verify_signature(const struct key *key, const struct public_key_signature *sig) The first argument is the appropriate key to be used and the second argument is the parsed signature data: struct public_key_signature { u8 *digest; u16 digest_size; enum pkey_hash_algo pkey_hash_algo : 8; union { MPI mpi[2]; struct { MPI s; /* m^d mod n */ } rsa; struct { MPI r; MPI s; } dsa; }; }; This should be filled in prior to calling the function. The hash algorithm should already have been called and the hash finalised and the output should be in a buffer pointed to by the 'digest' member. Any extra data to be added to the hash by the hash format (eg. PGP) should have been added by the caller prior to finalising the hash. It is assumed that the signature is made up of a number of MPI values. If an algorithm becomes available for which this is not the case, the above structure will have to change. It is also assumed that it will have been checked that the signature algorithm matches the key algorithm. Signed-off-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NRusty Russell <rusty@rustcorp.com.au>
-
由 David Howells 提交于
Add a subtype for supporting asymmetric public-key encryption algorithms such as DSA (FIPS-186) and RSA (PKCS#1 / RFC1337). Signed-off-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NRusty Russell <rusty@rustcorp.com.au>
-