PKCS#7: Handle blacklisted certificates

PKCS#7: Handle certificates that are blacklisted when verifying the chain of trust on the signatures on a PKCS#7 message. Signed-off-by: David Howells <dhowells@redhat.com>
author: David Howells <dhowells@redhat.com> 2017-04-03 18:07:25 +0300
committer: David Howells <dhowells@redhat.com> 2017-04-03 18:07:25 +0300
commit: 03bb79315ddc8972b1af71539799450acbc1be4f (patch)
tree: 9f11c7810ac3c3e59e55e9dfde854ac68c625c51 /crypto/asymmetric_keys/pkcs7_parser.h
parent: 436529562df2748fd9918f578205b22cf8ced277 (diff)
download: linux-03bb79315ddc8972b1af71539799450acbc1be4f.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/pkcs7_parser.h b/crypto/asymmetric_keys/pkcs7_parser.h
index f4e81074f5e0..ac341e19e530 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.h
+++ b/crypto/asymmetric_keys/pkcs7_parser.h
@@ -23,6 +23,7 @@ struct pkcs7_signed_info {
 	struct x509_certificate *signer; /* Signing certificate (in msg->certs) */
 	unsigned	index;
 	bool		unsupported_crypto;	/* T if not usable due to missing crypto */
+	bool		blacklisted;
 
 	/* Message digest - the digest of the Content Data (or NULL) */
 	const void	*msgdigest;
author	David Howells <dhowells@redhat.com>	2017-04-03 18:07:25 +0300
committer	David Howells <dhowells@redhat.com>	2017-04-03 18:07:25 +0300
commit	03bb79315ddc8972b1af71539799450acbc1be4f (patch)
tree	9f11c7810ac3c3e59e55e9dfde854ac68c625c51 /crypto/asymmetric_keys/pkcs7_parser.h
parent	436529562df2748fd9918f578205b22cf8ced277 (diff)
download	linux-03bb79315ddc8972b1af71539799450acbc1be4f.tar.xz