diff options
| author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2026-05-07 12:13:55 -0700 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2026-05-13 14:36:30 -0400 |
| commit | 188cfb7ec81c8d9b19087984ac5e0fc42edf1087 (patch) | |
| tree | 23d3f424285466435d7858aec3d518156faa1687 /certs | |
| parent | f71ece9712b7712df98871eea9aeb60e49ca5239 (diff) | |
| download | linux-next-history-188cfb7ec81c8d9b19087984ac5e0fc42edf1087.tar.gz | |
crypto: pkcs7: add flag for validated trust on a signed info block
Allow consumers of struct pkcs7_message to tell if any of the sinfo
fields has passed a trust validation. Note that this does not happen
in parsing, pkcs7_validate_trust() must be explicitly called or called
via validate_pkcs7_trust(). Since the way to get this trusted pkcs7
object is via verify_pkcs7_message_sig, export that so modules can use
it.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: Blaise Boscaccy <bboscaccy@linux.microsoft.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'certs')
| -rw-r--r-- | certs/system_keyring.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/certs/system_keyring.c b/certs/system_keyring.c index e0761436ec7f4..9bda49295bd02 100644 --- a/certs/system_keyring.c +++ b/certs/system_keyring.c @@ -380,6 +380,7 @@ error: pr_devel("<==%s() = %d\n", __func__, ret); return ret; } +EXPORT_SYMBOL(verify_pkcs7_message_sig); /** * verify_pkcs7_signature - Verify a PKCS#7-based signature on system data. |