diff options
author | David Howells <dhowells@redhat.com> | 2022-05-19 00:48:09 +0200 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2022-06-21 17:05:06 +0200 |
commit | 60050ffe3d770dd1df5b641aa48f49d07a54bd84 (patch) | |
tree | 649187b0c81d53ea6420147e041cd614521ac9c9 /certs/blacklist.c | |
parent | Linux 5.19-rc2 (diff) | |
download | linux-60050ffe3d770dd1df5b641aa48f49d07a54bd84.tar.xz linux-60050ffe3d770dd1df5b641aa48f49d07a54bd84.zip |
certs: Move load_certificate_list() to be with the asymmetric keys code
Move load_certificate_list(), which loads a series of binary X.509
certificates from a blob and inserts them as keys into a keyring, to be
with the asymmetric keys code that it drives.
This makes it easier to add FIPS selftest code in which we need to load up
a private keyring for the tests to use.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Herbert Xu <herbert@gondor.apana.org.au>
cc: keyrings@vger.kernel.org
cc: linux-crypto@vger.kernel.org
Link: https://lore.kernel.org/r/165515742145.1554877.13488098107542537203.stgit@warthog.procyon.org.uk/
Diffstat (limited to 'certs/blacklist.c')
-rw-r--r-- | certs/blacklist.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/certs/blacklist.c b/certs/blacklist.c index 25094ea73600..41f10601cc72 100644 --- a/certs/blacklist.c +++ b/certs/blacklist.c @@ -15,10 +15,9 @@ #include <linux/err.h> #include <linux/seq_file.h> #include <linux/uidgid.h> -#include <linux/verification.h> +#include <keys/asymmetric-type.h> #include <keys/system_keyring.h> #include "blacklist.h" -#include "common.h" /* * According to crypto/asymmetric_keys/x509_cert_parser.c:x509_note_pkey_algo(), @@ -365,8 +364,9 @@ static __init int load_revocation_certificate_list(void) if (revocation_certificate_list_size) pr_notice("Loading compiled-in revocation X.509 certificates\n"); - return load_certificate_list(revocation_certificate_list, revocation_certificate_list_size, - blacklist_keyring); + return x509_load_certificate_list(revocation_certificate_list, + revocation_certificate_list_size, + blacklist_keyring); } late_initcall(load_revocation_certificate_list); #endif |