Re: [PATCH06/17] PKCS#7: Verify internal certificate chain

From: David Howells
Date: Thu Jul 10 2014 - 16:38:16 EST

Valdis.Kletnieks@xxxxxx wrote:

> > Verify certificate chain in the X.509 certificates contained within the
> > PKCS#7 message as far as possible. If any signature that we should be
> > able to verify fails, we reject the whole lot.
> What happens if we see a signature that we shouldn't be able to verify? Or
> should that changelog entry be reduced to "If any signature fails", period?


When I say "any signature that we should be able to verify" I mean that a
signature for which we have an appropriate public key.

If we don't have a public key for a signature, we prune the trust chain at
that point.

What I mean is that the PKCS#7 message can have several signatures applied to
it. We can form a chain from each signature going back through the X.509
certificates included in the PKCS#7 message:

PKCS#7 ---> X.509 ---> X.509 ---> X.509 ---> X.509

where the PKCS#7 message and each X.509 cert has a signature that the next
X.509 cert in the chain can be used to verify with the public key contained

Any of the signatures in any of the chains can form an intersection point with
the keyring of public keys provided. If there's a verified match on one or
more of them, we permit the message.

If any "Y ---> X.509" verification is rejected, we reject the whole message
because there's something wrong. If an intersection point verification is
rejected, again we reject the whole message.

If there are no intersection points, we also reject the message, but with

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at