From 08815b62d700e4fbeb72a01986ad051c3dd84a15 Mon Sep 17 00:00:00 2001 From: David Howells Date: Tue, 1 Jul 2014 16:40:20 +0100 Subject: PKCS#7: Find intersection between PKCS#7 message and known, trusted keys Find the intersection between the X.509 certificate chain contained in a PKCS#7 message and a set of keys that we already know and trust. Signed-off-by: David Howells Acked-by: Vivek Goyal Reviewed-by: Kees Cook --- include/crypto/pkcs7.h | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'include/crypto/pkcs7.h') diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h index 8ba0f38..691c791 100644 --- a/include/crypto/pkcs7.h +++ b/include/crypto/pkcs7.h @@ -9,6 +9,7 @@ * 2 of the Licence, or (at your option) any later version. */ +struct key; struct pkcs7_message; /* @@ -23,6 +24,13 @@ extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7, bool want_wrapper); /* + * pkcs7_trust.c + */ +extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7, + struct key *trust_keyring, + bool *_trusted); + +/* * pkcs7_verify.c */ extern int pkcs7_verify(struct pkcs7_message *pkcs7); -- cgit v1.1