PKCS#7: Handle blacklisted certificates

PKCS#7: Handle certificates that are blacklisted when verifying the chain of trust on the signatures on a PKCS#7 message. Signed-off-by: David Howells <dhowells@redhat.com>
author: David Howells 2017-04-03 17:07:25 +0200
committer: David Howells 2017-04-03 17:07:25 +0200
commit: 03bb79315ddc8972b1af71539799450acbc1be4f (patch)
tree: 9f11c7810ac3c3e59e55e9dfde854ac68c625c51 /crypto/asymmetric_keys/pkcs7_parser.h
parent: X.509: Allow X.509 certs to be blacklisted (diff)
download: kernel-qcow2-linux-03bb79315ddc8972b1af71539799450acbc1be4f.tar.gz
kernel-qcow2-linux-03bb79315ddc8972b1af71539799450acbc1be4f.tar.xz
kernel-qcow2-linux-03bb79315ddc8972b1af71539799450acbc1be4f.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/pkcs7_parser.h b/crypto/asymmetric_keys/pkcs7_parser.h
index f4e81074f5e0..ac341e19e530 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.h
+++ b/crypto/asymmetric_keys/pkcs7_parser.h
@@ -23,6 +23,7 @@ struct pkcs7_signed_info {
 	struct x509_certificate *signer; /* Signing certificate (in msg->certs) */
 	unsigned	index;
 	bool		unsupported_crypto;	/* T if not usable due to missing crypto */
+	bool		blacklisted;
 
 	/* Message digest - the digest of the Content Data (or NULL) */
 	const void	*msgdigest;
author	David Howells	2017-04-03 17:07:25 +0200
committer	David Howells	2017-04-03 17:07:25 +0200
commit	03bb79315ddc8972b1af71539799450acbc1be4f (patch)
tree	9f11c7810ac3c3e59e55e9dfde854ac68c625c51 /crypto/asymmetric_keys/pkcs7_parser.h
parent	X.509: Allow X.509 certs to be blacklisted (diff)
download	kernel-qcow2-linux-03bb79315ddc8972b1af71539799450acbc1be4f.tar.gz kernel-qcow2-linux-03bb79315ddc8972b1af71539799450acbc1be4f.tar.xz kernel-qcow2-linux-03bb79315ddc8972b1af71539799450acbc1be4f.zip