diff options
author | David Howells <dhowells@redhat.com> | 2016-04-06 18:13:33 +0300 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2016-04-06 18:13:33 +0300 |
commit | 77d0910d153a7946df17cc15d3f423e534345f65 (patch) | |
tree | 2b32d94de42a5a2003b5bd5966e3e73f78d04934 /crypto/asymmetric_keys/pkcs7_trust.c | |
parent | a022ec02691cf68e1fe237d5f79d54aa95446cc6 (diff) | |
download | linux-77d0910d153a7946df17cc15d3f423e534345f65.tar.xz |
X.509: Retain the key verification data
Retain the key verification data (ie. the struct public_key_signature)
including the digest and the key identifiers.
Note that this means that we need to take a separate copy of the digest in
x509_get_sig_params() rather than lumping it in with the crypto layer data.
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'crypto/asymmetric_keys/pkcs7_trust.c')
-rw-r--r-- | crypto/asymmetric_keys/pkcs7_trust.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/crypto/asymmetric_keys/pkcs7_trust.c b/crypto/asymmetric_keys/pkcs7_trust.c index 7d7a39b47c62..ed8128230dce 100644 --- a/crypto/asymmetric_keys/pkcs7_trust.c +++ b/crypto/asymmetric_keys/pkcs7_trust.c @@ -80,16 +80,16 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, might_sleep(); last = x509; - sig = &last->sig; + sig = last->sig; } /* No match - see if the root certificate has a signer amongst the * trusted keys. */ - if (last && (last->akid_id || last->akid_skid)) { + if (last && (last->sig->auth_ids[0] || last->sig->auth_ids[1])) { key = x509_request_asymmetric_key(trust_keyring, - last->akid_id, - last->akid_skid, + last->sig->auth_ids[0], + last->sig->auth_ids[1], false); if (!IS_ERR(key)) { x509 = last; |