• Home
  • Raw
  • Download

Lines Matching +full:can +full:- +full:secondary

1 // SPDX-License-Identifier: GPL-2.0-or-later
15 #include <keys/asymmetric-type.h>
32  * restrict_link_to_builtin_trusted - Restrict keyring addition by built in CA
34  * Restrict the addition of keys into a keyring based on the key-to-be-added
48  * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring
49  *   addition by both builtin and secondary keyrings
51  * Restrict the addition of keys into a keyring based on the key-to-be-added
52  * being vouched for by a key in either the built-in or the secondary system
61 	/* If we have a secondary trusted keyring, then that contains a link  in restrict_link_by_builtin_and_secondary_trusted()
66 	    payload == &builtin_trusted_keys->payload)  in restrict_link_by_builtin_and_secondary_trusted()
67 		/* Allow the builtin keyring to be added to the secondary */  in restrict_link_by_builtin_and_secondary_trusted()
75  * Allocate a struct key_restriction for the "builtin and secondary trust"
85 		panic("Can't allocate secondary trusted keyring restriction\n");  in get_builtin_and_secondary_restriction()
87 	restriction->check = restrict_link_by_builtin_and_secondary_trusted;  in get_builtin_and_secondary_restriction()
108 		panic("Can't allocate builtin trusted keyring\n");  in system_trusted_keyring_init()
121 		panic("Can't allocate secondary trusted keyring\n");  in system_trusted_keyring_init()
124 		panic("Can't link trusted keyrings\n");  in system_trusted_keyring_init()
136  * Load the compiled-in list of X.509 certificates.
140 	pr_notice("Loading compiled-in X.509 certificates\n");  in load_system_certificate_list()
150  * verify_pkcs7_message_sig - Verify a PKCS#7-based signature on system data.
171 	/* The data should be detached - so we need to supply it. */  in verify_pkcs7_message_sig()
173 		pr_err("PKCS#7 signature with non-detached data\n");  in verify_pkcs7_message_sig()
174 		ret = -EBADMSG;  in verify_pkcs7_message_sig()
197 			ret = -ENOKEY;  in verify_pkcs7_message_sig()
203 		if (ret != -ENOKEY) {  in verify_pkcs7_message_sig()
210 		if (ret == -ENOKEY)  in verify_pkcs7_message_sig()
220 			if (ret == -ENODATA)  in verify_pkcs7_message_sig()
234  * verify_pkcs7_signature - Verify a PKCS#7-based signature on system data.