Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

pefile: Validate PKCS#7 trust chain

Validate the PKCS#7 trust chain against the contents of the system keyring.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Vivek Goyal <vgoyal@redhat.com>
David Howells 11 years ago
parent
af316fc442
commit
98801c002f
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      crypto/asymmetric_keys/verify_pefile.c

+ 1 - 1
crypto/asymmetric_keys/verify_pefile.c
View File 

@@ -449,7 +449,7 @@ int verify_pefile_signature(const void *pebuf, unsigned pelen,
 
 	if (ret < 0)
 
 		goto error;
 
 
-	ret = -ENOANO; // Not yet complete
 
+	ret = pkcs7_validate_trust(pkcs7, trusted_keyring, _trusted);
 
 
 error:
 
 	pkcs7_free_message(ctx.pkcs7);