[PATCH v3 03/10] KEYS: X.509: Parse Basic Constraints for CA
Jarkko Sakkinen
jarkko at kernel.org
Wed Jan 4 12:29:02 UTC 2023
On Thu, Dec 15, 2022 at 06:10:04AM -0500, Mimi Zohar wrote:
> > diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h
> > index a299c9c56f40..7c5c0ad1c22e 100644
> > --- a/crypto/asymmetric_keys/x509_parser.h
> > +++ b/crypto/asymmetric_keys/x509_parser.h
> > @@ -38,6 +38,7 @@ struct x509_certificate {
> > bool self_signed; /* T if self-signed (check unsupported_sig too) */
> > bool unsupported_sig; /* T if signature uses unsupported crypto */
> > bool blacklisted;
> > + bool root_ca; /* T if basic constraints CA is set */
> > };
>
> The variable "root_ca" should probably be renamed to just "ca", right?
Perhaps is_ca?
BR, Jarkko
More information about the Linux-security-module-archive
mailing list