aboutsummaryrefslogtreecommitdiff
path: root/certs
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2016-04-06 16:13:34 +0100
committerDavid Howells <dhowells@redhat.com>2016-04-06 16:13:34 +0100
commit6c2dc5ae4ab719a61d19e8cef082226410b04ff8 (patch)
tree63f4974e873a7a3977a7411712875f6169763bed /certs
parent566a117a8b24e1ae2dfa817cf0c9eec092c783b5 (diff)
download96b-common-6c2dc5ae4ab719a61d19e8cef082226410b04ff8.tar.gz
X.509: Extract signature digest and make self-signed cert checks earlier
Extract the signature digest for an X.509 certificate earlier, at the end of x509_cert_parse() rather than leaving it to the callers thereof since it has to be called anyway. Further, immediately after that, check the signature on self-signed certificates, also rather in the callers of x509_cert_parse(). We note in the x509_certificate struct the following bits of information: (1) Whether the signature is self-signed (even if we can't check the signature due to missing crypto). (2) Whether the key held in the certificate needs unsupported crypto to be used. We may get a PKCS#7 message with X.509 certs that we can't make use of - we just ignore them and give ENOPKG at the end it we couldn't verify anything if at least one of these unusable certs are in the chain of trust. (3) Whether the signature held in the certificate needs unsupported crypto to be checked. We can still use the key held in this certificate, even if we can't check the signature on it - if it is held in the system trusted keyring, for instance. We just can't add it to a ring of trusted keys or follow it further up the chain of trust. Making these checks earlier allows x509_check_signature() to be removed and replaced with direct calls to public_key_verify_signature(). Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'certs')
0 files changed, 0 insertions, 0 deletions