diff options
| author | David Howells <dhowells@redhat.com> | 2016-04-06 16:13:33 +0100 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2016-04-06 16:13:33 +0100 |
| commit | a811d91209ff06000ba0d39a80d9d0e1efc6e88e (patch) | |
| tree | e36f283e896045546167d0155ac8a16e9cd75987 /crypto/asymmetric_keys/pkcs7_trust.c | |
| parent | eb4c866ec4450cf652162de8274563c87bf4e154 (diff) | |
| download | linux-crypto-a811d91209ff06000ba0d39a80d9d0e1efc6e88e.tar.gz linux-crypto-a811d91209ff06000ba0d39a80d9d0e1efc6e88e.zip | |
X.509: Retain the key verification data
Retain the key verification data (ie. the struct public_key_signature)
including the digest and the key identifiers.
Note that this means that we need to take a separate copy of the digest in
x509_get_sig_params() rather than lumping it in with the crypto layer data.
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'crypto/asymmetric_keys/pkcs7_trust.c')
| -rw-r--r-- | crypto/asymmetric_keys/pkcs7_trust.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/crypto/asymmetric_keys/pkcs7_trust.c b/crypto/asymmetric_keys/pkcs7_trust.c index 7d7a39b4..ed812823 100644 --- a/crypto/asymmetric_keys/pkcs7_trust.c +++ b/crypto/asymmetric_keys/pkcs7_trust.c @@ -80,16 +80,16 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, might_sleep(); last = x509; - sig = &last->sig; + sig = last->sig; } /* No match - see if the root certificate has a signer amongst the * trusted keys. */ - if (last && (last->akid_id || last->akid_skid)) { + if (last && (last->sig->auth_ids[0] || last->sig->auth_ids[1])) { key = x509_request_asymmetric_key(trust_keyring, - last->akid_id, - last->akid_skid, + last->sig->auth_ids[0], + last->sig->auth_ids[1], false); if (!IS_ERR(key)) { x509 = last; |