| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ffcb4a42c29f98fada076958f069c094164cad79.camel@HansenPartnership.com> Date: Sat, 13 Dec 2025 14:50:13 +0900 From: James Bottomley <James.Bottomley@...senPartnership.com> To: David Howells <dhowells@...hat.com>, Blaise Boscaccy <bboscaccy@...ux.microsoft.com> Cc: Jonathan Corbet <corbet@....net>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, Mickaël Salaün <mic@...ikod.net>, Günther Noack <gnoack@...gle.com>, "Dr. David Alan Gilbert" <linux@...blig.org>, Andrew Morton <akpm@...ux-foundation.org>, linux-security-module@...r.kernel.org, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org, bpf@...r.kernel.org Subject: Re: [RFC 04/11] crypto: pkcs7: add flag for validated trust on a signed info block On Fri, 2025-12-12 at 09:45 +0000, David Howells wrote: > Note that there are two other potentially conflicting sets of changes > to the PKCS#7 code that will need to be coordinated: ML-DSA support > and RSASSA-PSS support. The former wants to do the hashing itself, > the latter requires signature parameters. I don't think there'll be a conflict. The only changes this makes is to add an API that exposes the attributes. It shouldn't have any effect on the way signatures are currently verified. >From the use case patches it looks like we could simply get the struct pkcs7 verified by calling verify_pkcs7_message_sig() as long as the symbol is exported; Initially I didn't think they'd have access to the content to reverify, so I added the extra patches to break out the validate_pkcs7_trust() calls, but I don't think they're necessary now. Regards, James
Powered by blists - more mailing lists