summaryrefslogtreecommitdiffstats
path: root/crypto/asymmetric_keys/x509_parser.h
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2016-04-06 17:13:33 +0200
committerDavid Howells <dhowells@redhat.com>2016-04-06 17:13:33 +0200
commit77d0910d153a7946df17cc15d3f423e534345f65 (patch)
tree2b32d94de42a5a2003b5bd5966e3e73f78d04934 /crypto/asymmetric_keys/x509_parser.h
parentKEYS: Add identifier pointers to public_key_signature struct (diff)
downloadlinux-77d0910d153a7946df17cc15d3f423e534345f65.tar.xz
linux-77d0910d153a7946df17cc15d3f423e534345f65.zip
X.509: Retain the key verification data
Retain the key verification data (ie. the struct public_key_signature) including the digest and the key identifiers. Note that this means that we need to take a separate copy of the digest in x509_get_sig_params() rather than lumping it in with the crypto layer data. Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'crypto/asymmetric_keys/x509_parser.h')
-rw-r--r--crypto/asymmetric_keys/x509_parser.h4
1 files changed, 1 insertions, 3 deletions
diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h
index dbeed6018e63..26a4d83e4e6d 100644
--- a/crypto/asymmetric_keys/x509_parser.h
+++ b/crypto/asymmetric_keys/x509_parser.h
@@ -17,13 +17,11 @@ struct x509_certificate {
struct x509_certificate *next;
struct x509_certificate *signer; /* Certificate that signed this one */
struct public_key *pub; /* Public key details */
- struct public_key_signature sig; /* Signature parameters */
+ struct public_key_signature *sig; /* Signature parameters */
char *issuer; /* Name of certificate issuer */
char *subject; /* Name of certificate subject */
struct asymmetric_key_id *id; /* Issuer + Serial number */
struct asymmetric_key_id *skid; /* Subject + subjectKeyId (optional) */
- struct asymmetric_key_id *akid_id; /* CA AuthKeyId matching ->id (optional) */
- struct asymmetric_key_id *akid_skid; /* CA AuthKeyId matching ->skid (optional) */
time64_t valid_from;
time64_t valid_to;
const void *tbs; /* Signed data */