diff options
| author | David Howells <dhowells@redhat.com> | 2016-04-06 16:14:25 +0100 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2016-04-11 22:41:56 +0100 |
| commit | 9eb029893ad5bf9303ed7f145860b312cbe5f889 (patch) | |
| tree | d68958292bb88d58bbd653bbbdd5b17debba78b0 /crypto/asymmetric_keys/pkcs7_trust.c | |
| parent | 983023f28bff62b4462fd3575a86a8947ac592d8 (diff) | |
| download | blackbird-obmc-linux-9eb029893ad5bf9303ed7f145860b312cbe5f889.tar.gz blackbird-obmc-linux-9eb029893ad5bf9303ed7f145860b312cbe5f889.zip | |
KEYS: Generalise x509_request_asymmetric_key()
Generalise x509_request_asymmetric_key(). It doesn't really have any
dependencies on X.509 features as it uses generalised IDs and the
public_key structs that contain data extracted from X.509.
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'crypto/asymmetric_keys/pkcs7_trust.c')
| -rw-r--r-- | crypto/asymmetric_keys/pkcs7_trust.c | 19 |
1 files changed, 8 insertions, 11 deletions
diff --git a/crypto/asymmetric_keys/pkcs7_trust.c b/crypto/asymmetric_keys/pkcs7_trust.c index 36e77cb07bd0..f6a009d88a33 100644 --- a/crypto/asymmetric_keys/pkcs7_trust.c +++ b/crypto/asymmetric_keys/pkcs7_trust.c @@ -51,9 +51,8 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, /* Look to see if this certificate is present in the trusted * keys. */ - key = x509_request_asymmetric_key(trust_keyring, - x509->id, x509->skid, - false); + key = find_asymmetric_key(trust_keyring, + x509->id, x509->skid, false); if (!IS_ERR(key)) { /* One of the X.509 certificates in the PKCS#7 message * is apparently the same as one we already trust. @@ -84,10 +83,10 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, * trusted keys. */ if (last && (last->sig->auth_ids[0] || last->sig->auth_ids[1])) { - key = x509_request_asymmetric_key(trust_keyring, - last->sig->auth_ids[0], - last->sig->auth_ids[1], - false); + key = find_asymmetric_key(trust_keyring, + last->sig->auth_ids[0], + last->sig->auth_ids[1], + false); if (!IS_ERR(key)) { x509 = last; pr_devel("sinfo %u: Root cert %u signer is key %x\n", @@ -101,10 +100,8 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, /* As a last resort, see if we have a trusted public key that matches * the signed info directly. */ - key = x509_request_asymmetric_key(trust_keyring, - sinfo->sig->auth_ids[0], - NULL, - false); + key = find_asymmetric_key(trust_keyring, + sinfo->sig->auth_ids[0], NULL, false); if (!IS_ERR(key)) { pr_devel("sinfo %u: Direct signer is key %x\n", sinfo->index, key_serial(key)); |
