mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-09-18 22:14:16 +00:00
567671281a
Parse the X.509 Key Usage. The key usage extension defines the purpose of
the key contained in the certificate.
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
KeyUsage ::= BIT STRING {
digitalSignature (0),
contentCommitment (1),
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
If the keyCertSign or digitalSignature is set, store it in the
public_key structure. Having the purpose of the key being stored
during parsing, allows enforcement on the usage field in the future.
This will be used in a follow on patch that requires knowing the
certificate key usage type.
Link: https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.3
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
|
||
|---|---|---|
| .. | ||
| asymmetric_keys.h | ||
| asymmetric_type.c | ||
| Kconfig | ||
| Makefile | ||
| mscode.asn1 | ||
| mscode_parser.c | ||
| pkcs7.asn1 | ||
| pkcs7_key_type.c | ||
| pkcs7_parser.c | ||
| pkcs7_parser.h | ||
| pkcs7_trust.c | ||
| pkcs7_verify.c | ||
| pkcs8.asn1 | ||
| pkcs8_parser.c | ||
| public_key.c | ||
| restrict.c | ||
| selftest.c | ||
| signature.c | ||
| verify_pefile.c | ||
| verify_pefile.h | ||
| x509.asn1 | ||
| x509_akid.asn1 | ||
| x509_cert_parser.c | ||
| x509_loader.c | ||
| x509_parser.h | ||
| x509_public_key.c | ||