diff options
| author | Michael Brown | 2016-08-25 16:41:57 +0200 |
|---|---|---|
| committer | Michael Brown | 2016-08-25 16:41:57 +0200 |
| commit | ff28b22568ebc2cb885beae5d0c95ddcf94dca8a (patch) | |
| tree | 56b4698a7e833c37b4ba2bf1feb1dbb9824bd8a0 /src/include | |
| parent | [crypto] Add image_x509() to extract X.509 certificates from image (diff) | |
| download | ipxe-ff28b22568ebc2cb885beae5d0c95ddcf94dca8a.tar.gz ipxe-ff28b22568ebc2cb885beae5d0c95ddcf94dca8a.tar.xz ipxe-ff28b22568ebc2cb885beae5d0c95ddcf94dca8a.zip | |
[crypto] Generalise X.509 "valid" field to a "flags" field
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/ipxe/x509.h | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/src/include/ipxe/x509.h b/src/include/ipxe/x509.h index 80c2e3c6..58f91c01 100644 --- a/src/include/ipxe/x509.h +++ b/src/include/ipxe/x509.h @@ -189,8 +189,8 @@ struct x509_certificate { /** Link in certificate store */ struct x509_link store; - /** Certificate has been validated */ - int valid; + /** Flags */ + unsigned int flags; /** Maximum number of subsequent certificates in chain */ unsigned int path_remaining; @@ -216,6 +216,12 @@ struct x509_certificate { struct x509_extensions extensions; }; +/** X.509 certificate flags */ +enum x509_flags { + /** Certificate has been validated */ + X509_FL_VALIDATED = 0x0001, +}; + /** * Get reference to X.509 certificate * @@ -374,12 +380,21 @@ extern int x509_check_root ( struct x509_certificate *cert, extern int x509_check_time ( struct x509_certificate *cert, time_t time ); /** + * Check if X.509 certificate is valid + * + * @v cert X.509 certificate + */ +static inline int x509_is_valid ( struct x509_certificate *cert ) { + return ( cert->flags & X509_FL_VALIDATED ); +} + +/** * Invalidate X.509 certificate * * @v cert X.509 certificate */ static inline void x509_invalidate ( struct x509_certificate *cert ) { - cert->valid = 0; + cert->flags &= ~X509_FL_VALIDATED; cert->path_remaining = 0; } |