projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e2861fa) | patch
evm: Allow non-SHA1 digital signatures
authorMatthew Garrett <mjg59@google.com>
Fri, 8 Jun 2018 21:57:43 +0000 (14:57 -0700)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Wed, 18 Jul 2018 11:27:22 +0000 (07:27 -0400)
commit5feeb61183dde9d4f4026fd0d5801388c21d61a2
tree6998490db3d17d7dffbfcc4d69d521c44f0fe8actree | snapshot
parente2861fa71641c6414831d628a1f4f793b6562580commit | diff
evm: Allow non-SHA1 digital signatures

SHA1 is reasonable in HMAC constructs, but it's desirable to be able to
use stronger hashes in digital signatures. Modify the EVM crypto code so
the hash type is imported from the digital signature and passed down to
the hash calculation code, and return the digest size to higher layers
for validation.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
security/integrity/evm/Kconfig diff | blob | history
security/integrity/evm/evm.h diff | blob | history
security/integrity/evm/evm_crypto.c diff | blob | history
security/integrity/evm/evm_main.c diff | blob | history
Domain: System / Kernel;