[RFC 06/11] crypto: pkcs7: add ability to extract signed attributes by OID
Randy Dunlap
rdunlap at infradead.org
Thu Dec 11 16:44:12 UTC 2025
On 12/10/25 6:12 PM, Blaise Boscaccy wrote:
> From: James Bottomley <James.Bottomley at HansenPartnership.com>
>
> Signers may add any information they like in signed attributes and
> sometimes this information turns out to be relevant to specific
> signing cases, so add an api pkcs7_get_authattr() to extract the value
> of an authenticated attribute by specific OID. The current
> implementation is designed for the single signer use case and simply
> terminates the search when it finds the relevant OID.
>
> Signed-off-by: James Bottomley <James.Bottomley at HansenPartnership.com>
> ---
> crypto/asymmetric_keys/Makefile | 4 +-
> crypto/asymmetric_keys/pkcs7_aa.asn1 | 18 ++++++
> crypto/asymmetric_keys/pkcs7_parser.c | 87 +++++++++++++++++++++++++++
> include/crypto/pkcs7.h | 4 ++
> 4 files changed, 112 insertions(+), 1 deletion(-)
> create mode 100644 crypto/asymmetric_keys/pkcs7_aa.asn1
Hi,
Your patches from James, Paul, etc., are missing your
Signed-off-by: line.
--
~Randy
More information about the Linux-security-module-archive
mailing list