diff options
author | David Howells <dhowells@redhat.com> | 2014-09-16 18:36:11 +0200 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2014-09-16 18:36:11 +0200 |
commit | 7901c1a8effbe5f89673bfc09d6e37b8f334f1a7 (patch) | |
tree | d11b8945fe52a9973fa56d9d7aa99a5496a9115f /crypto/asymmetric_keys/asymmetric_keys.h | |
parent | KEYS: Update the keyrings documentation for match changes (diff) | |
download | linux-7901c1a8effbe5f89673bfc09d6e37b8f334f1a7.tar.xz linux-7901c1a8effbe5f89673bfc09d6e37b8f334f1a7.zip |
KEYS: Implement binary asymmetric key ID handling
Implement the first step in using binary key IDs for asymmetric keys rather
than hex string keys.
The previously added match data preparsing will be able to convert hex
criterion strings into binary which can then be compared more rapidly.
Further, we actually want more then one ID string per public key. The problem
is that X.509 certs refer to other X.509 certs by matching Issuer + AuthKeyId
to Subject + SubjKeyId, but PKCS#7 messages match against X.509 Issuer +
SerialNumber.
This patch just provides facilities for a later patch to make use of.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Vivek Goyal <vgoyal@redhat.com>
Diffstat (limited to 'crypto/asymmetric_keys/asymmetric_keys.h')
-rw-r--r-- | crypto/asymmetric_keys/asymmetric_keys.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/asymmetric_keys.h b/crypto/asymmetric_keys/asymmetric_keys.h index a63c551c6557..917be6b985e7 100644 --- a/crypto/asymmetric_keys/asymmetric_keys.h +++ b/crypto/asymmetric_keys/asymmetric_keys.h @@ -10,6 +10,10 @@ */ int asymmetric_keyid_match(const char *kid, const char *id); +extern bool asymmetric_match_key_ids(const struct asymmetric_key_ids *kids, + const struct asymmetric_key_id *match_id); + +extern struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id); static inline const char *asymmetric_key_id(const struct key *key) { |