kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-hardened/crypto/asymmetric_keys
History
David Howells 6204e00255 Signed PE file verifier 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAU71KqhOxKuMESys7AQKIwRAAgOXB0hjYkWKCHL2B1/8bNUtRKQKHsCms
 4HgNuLQ4v+RjpXDd4u0HvjkuD2ADDZlBPNSylsLsrnSXS7gH/b36vetAi8zYR/6B
 Tuvorh6BfnOkN61Xg0mwlnXkp9jisTwaZofMTDlpQ4gPAAy098Lb73ONIIlJFIH9
 WrUH/LLcPqtexdOOFtXPTBH0uz+qu8tcQHAotkP7Uwr4lDliVu1u4F2HkxRPvLjc
 IKSgb1mRa0AU0mKXbdqFREBhpVIOPS7r5mIisKnUh2d8LysSiA++zlD8/t2pfsVM
 enR7fo9pBEtJwhCrkff2p39DijR4M7s+SYF9soa9+9HQADt9D4bEtliqejGEkuQP
 CBl4LZ4eHlh1bjQbay+PixDmFxEbN14IKkvNaXBvoax8f0DdXV2URGxmhU0tM08U
 SFt2FaHhlBOsn4mhSoKJQnfHla5MP06ukrz4T+Qn2xd+lAX9e/sEBUQqT26o5Mgt
 3yTaBrg4PREYjPVhguKT04tWrMdtvxY0nKRuUUeEcT7EQNVB5v/efGaWCxLI5k3O
 wbkq5JvzSdq+VJOrby8m37fnEN7pxmF7mwOPXYfe3WPwJeX7xiYRc2ZGFntKdNzn
 zSNKC4/OYiNwn+2ANL89kcJ3pJyoJ57SsMPiXpCCekPIcLtvGddoCvZae6f171HA
 ZzlbxkjIxg0=
 =e1NL
 -----END PGP SIGNATURE-----

Merge tag 'keys-pefile-20140709' into keys-next

Here's a set of changes that implement a PE file signature checker.

This provides the following facility:

 (1) Extract the signature from the PE file.  This is a PKCS#7 message
     containing, as its data, a hash of the signed parts of the file.

 (2) Digest the signed parts of the file.

 (3) Compare the digest with the one from the PKCS#7 message.

 (4) Validate the signatures on the PKCS#7 message and indicate
     whether it was matched by a trusted key.

Signed-off-by: David Howells <dhowells@redhat.com>
2014-07-22 21:54:05 +01:00
..
.gitignore X.509: Add a crypto key parser for binary (DER) X.509 certificates 2012-10-08 13:50:22 +10:30
asymmetric_keys.h KEYS: Implement asymmetric key type 2012-10-08 13:50:12 +10:30
asymmetric_type.c KEYS: struct key_preparsed_payload should have two payload pointers 2014-07-22 21:46:02 +01:00
Kconfig pefile: Parse a PE binary to find a key and a signature contained therein 2014-07-09 14:58:37 +01:00
Makefile pefile: Parse the "Microsoft individual code signing" data blob 2014-07-09 14:58:37 +01:00
mscode.asn1 pefile: Parse the "Microsoft individual code signing" data blob 2014-07-09 14:58:37 +01:00
mscode_parser.c pefile: Handle pesign using the wrong OID 2014-07-09 14:58:37 +01:00
pkcs7.asn1 PKCS#7: Implement a parser [RFC 2315] 2014-07-08 13:49:56 +01:00
pkcs7_key_type.c PKCS#7 message parser 2014-07-22 21:53:21 +01:00
pkcs7_parser.c PKCS#7: Implement a parser [RFC 2315] 2014-07-08 13:49:56 +01:00
pkcs7_parser.h PKCS#7: Implement a parser [RFC 2315] 2014-07-08 13:49:56 +01:00
pkcs7_trust.c PKCS#7: Find intersection between PKCS#7 message and known, trusted keys 2014-07-08 13:50:15 +01:00
pkcs7_verify.c PKCS#7: Verify internal certificate chain 2014-07-08 13:50:11 +01:00
public_key.c keys: change asymmetric keys to use common hash definitions 2013-10-25 17:15:18 -04:00
public_key.h KEYS: Split public_key_verify_signature() and make available 2013-09-25 17:17:00 +01:00
rsa.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2013-11-23 16:18:25 -08:00
signature.c KEYS: Provide signature verification with an asymmetric key 2012-10-08 13:50:15 +10:30
verify_pefile.c pefile: Validate PKCS#7 trust chain 2014-07-09 14:58:47 +01:00
verify_pefile.h pefile: Parse the "Microsoft individual code signing" data blob 2014-07-09 14:58:37 +01:00
x509.asn1 X.509: Add bits needed for PKCS#7 2014-07-01 16:40:19 +01:00
x509_cert_parser.c X.509: Export certificate parse and free functions 2014-07-02 22:07:50 +01:00
x509_parser.h X.509: Add bits needed for PKCS#7 2014-07-01 16:40:19 +01:00
x509_public_key.c KEYS: struct key_preparsed_payload should have two payload pointers 2014-07-22 21:46:02 +01:00
x509_rsakey.asn1 X.509: Add a crypto key parser for binary (DER) X.509 certificates 2012-10-08 13:50:22 +10:30