PKCS#7: Handle blacklisted certificates

PKCS#7: Handle certificates that are blacklisted when verifying the chain of trust on the signatures on a PKCS#7 message. Signed-off-by: David Howells <dhowells@redhat.com>
author: David Howells <dhowells@redhat.com> 2017-04-03 16:07:25 +0100
committer: David Howells <dhowells@redhat.com> 2017-04-03 16:07:25 +0100
commit: f8e2a9fc05a28e5da43d19c4084c19a0d14679af (patch)
tree: 207a63bc6feaff1f8e3b2bd90a7faf15c34c6dcd /crypto/asymmetric_keys/pkcs7_parser.h
parent: b16a0209c34610f374d0714c8eeb6772e830f397 (diff)
download: linux-crypto-f8e2a9fc05a28e5da43d19c4084c19a0d14679af.tar.gz
linux-crypto-f8e2a9fc05a28e5da43d19c4084c19a0d14679af.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/pkcs7_parser.h b/crypto/asymmetric_keys/pkcs7_parser.h
index f4e81074..ac341e19 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.h
+++ b/crypto/asymmetric_keys/pkcs7_parser.h
@@ -23,6 +23,7 @@ struct pkcs7_signed_info {
 	struct x509_certificate *signer; /* Signing certificate (in msg->certs) */
 	unsigned	index;
 	bool		unsupported_crypto;	/* T if not usable due to missing crypto */
+	bool		blacklisted;
 
 	/* Message digest - the digest of the Content Data (or NULL) */
 	const void	*msgdigest;
author	David Howells <dhowells@redhat.com>	2017-04-03 16:07:25 +0100
committer	David Howells <dhowells@redhat.com>	2017-04-03 16:07:25 +0100
commit	f8e2a9fc05a28e5da43d19c4084c19a0d14679af (patch)
tree	207a63bc6feaff1f8e3b2bd90a7faf15c34c6dcd /crypto/asymmetric_keys/pkcs7_parser.h
parent	b16a0209c34610f374d0714c8eeb6772e830f397 (diff)
download	linux-crypto-f8e2a9fc05a28e5da43d19c4084c19a0d14679af.tar.gz linux-crypto-f8e2a9fc05a28e5da43d19c4084c19a0d14679af.zip