mirrors
/
anolis-cloud-kernel
mirror of https://gitee.com/anolis/cloud-kernel.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
anolis-cloud-kernel/include/keys
History
Stefan Berger 42ecca845f ima: Support EC keys for signature verification 
ANBZ: #9487

commit 947d705972 upstream.

Add support for IMA signature verification for EC keys. Since SHA type
of hashes can be used by RSA and ECDSA signature schemes we need to
look at the key and derive from the key which signature scheme to use.
Since this can be applied to all types of keys, we change the selection
of the encoding type to be driven by the key's signature scheme rather
than by the hash type.

Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Cc: linux-integrity@vger.kernel.org
Cc: David Howells <dhowells@redhat.com>
Cc: keyrings@vger.kernel.org
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
Reviewed-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Acked-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Xuchun Shang <xuchun.shang@linux.alibaba.com>
Reviewed-by: Artie Ding <artie.ding@linux.alibaba.com>
Link: https://gitee.com/anolis/cloud-kernel/pulls/3469
 		2024-07-09 07:59:38 +00:00
..
asymmetric-parser.h docs: crypto: convert asymmetric-keys.txt to ReST 2020-06-19 14:03:46 -06:00
asymmetric-subtype.h docs: crypto: convert asymmetric-keys.txt to ReST 2020-06-19 14:03:46 -06:00
asymmetric-type.h ima: Support EC keys for signature verification 2024-07-09 07:59:38 +00:00
big_key-type.h keys: Implement update for the big_key type 2020-06-02 17:22:31 +01:00
ceph-type.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dns_resolver-type.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
encrypted-type.h keys: encrypted-type: Replace zero-length array with flexible-array 2020-06-15 23:08:31 -05:00
keyring-type.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
request_key_auth-type.h request_key improvements 2019-07-08 19:19:37 -07:00
rxrpc-type.h RxRPC: Replace zero-length array with flexible-array 2020-06-15 23:08:32 -05:00
system_keyring.h certs: Add EFI_CERT_X509_GUID support for dbx entries 2021-06-30 08:47:30 -04:00
trusted-type.h security: keys: trusted: fix TPM2 authorizations 2021-05-14 09:50:20 +02:00
trusted_tpm.h KEYS: trusted: Move TPM2 trusted keys code 2019-11-12 21:45:37 +02:00
user-type.h KEYS: Replace zero-length array with flexible-array 2020-06-02 17:22:31 +01:00