Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp13159391rwl; Wed, 4 Jan 2023 04:29:52 -0800 (PST) X-Google-Smtp-Source: AMrXdXviedlnv60o544w828cmd0CLIeT7j2Tr6jIcivxTn1lfH3HeCdkpwz5MLjTDXYHhw1m/pey X-Received: by 2002:a17:906:57c4:b0:844:436f:8f01 with SMTP id u4-20020a17090657c400b00844436f8f01mr35174445ejr.17.1672835391845; Wed, 04 Jan 2023 04:29:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672835391; cv=none; d=google.com; s=arc-20160816; b=ZSZAh0VfHyYn5A2g+jp3v6fxbyU/lzv8nHJ2MuN3MAd6PlDTKsopnVez3hnurkRlQu 6c9uOE9kQdpRhsdFkb8+fo2jZoWgGI0ZvGSiQoGTkGJK1ZY5rrVaSBnXoHyD6aTTDPXW RydbOtTjWjH/j6YcTXWdT6LHEgxjDUI4IGeMd3s6wuIJU566G6X9EiBIhNv8kVw+XYEZ 4Up73KvFmp9/0SUQ9L+EEAPIPzYSltqGSOXXCoBVXwG80b+MaDcRH9pTD6WbOPwR+mqk ruoGUcYHB1rZIvKiq7lgRsW6EefKxh9GVXarB2srkWJgp+QUE8U7O6PQnZOnJDUNxSXV pp6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=4p9kZAv8hFqMQ25/c6uNAr6QydSxRx2GuNsiQNuR/dk=; b=pEhfB8aPS54Viqd5inc6A2uxW1zVGXWw3hqdPy98qffsY3axzeyjWByD2lfOrgBqh3 VjYqtxRMHJDDaewa9Yp2bUpq02oZ1Q65oR+1dR0ISAqEyEZH6/XB0md1Et8Bbd3VG8aU uqY9nM1KoUs+n6BpbUAuhLFWOG+4Ansn5UqjgHJ/7Vz4VgyXoBG2TolWWZp0S9/C834X MnC4ZgTvnWiTEpxNvnWaqcL9fEO3BbQPhqYLJzYSoSim6kxVSbnVLgPdZfREtCA9HIoT 7sUpS9iAqcteRY8i1XJZ4gDSXzKKzskTLar78GSJ0cEj7JbOMG0WKBh7FgXmTcM4g0Tt 1Miw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=nvP6ASrZ; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gn15-20020a1709070d0f00b007bebf105450si29834581ejc.235.2023.01.04.04.29.25; Wed, 04 Jan 2023 04:29:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=nvP6ASrZ; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234719AbjADM3J (ORCPT + 99 others); Wed, 4 Jan 2023 07:29:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52094 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234206AbjADM3I (ORCPT ); Wed, 4 Jan 2023 07:29:08 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DE7AB1A224; Wed, 4 Jan 2023 04:29:07 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 90D78B81628; Wed, 4 Jan 2023 12:29:06 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E1AB6C433EF; Wed, 4 Jan 2023 12:29:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1672835345; bh=VpZBnDQgpO+oMahbk71quy/7eaPxvqN/v3XHlU5yAs8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=nvP6ASrZMvHhcAuGAOT+jzapK5d4RDlHuP7MNzgblqPmZshleLtD6q8jIngbDODgC mS0B6DhdIeJcf+JIBlOej9FcVxj9GaXcQXO/O4XGk6/jskWiCAXqWHGpA95RZRSaMn MedCrXfgpzFU2Gbj7mUD3MoP9XeW/jmuCNuGopv1K4JtY+347xB69jAcXQabIjzt59 5p24LKC132KD3ukQLYlqpnYjfR4WeJRrZTi1LIG1PMBenCr59P7LI1K22FG29+qAgh GpFKfoL3w1AM37xqSxzvMQKhWP0QtmuqrLFOkhB7MkEE6PktRyg5dqLG3SedrMrgAT Unx2kERSX0QAw== Date: Wed, 4 Jan 2023 12:29:02 +0000 From: Jarkko Sakkinen To: Mimi Zohar Cc: Eric Snowberg , dhowells@redhat.com, dwmw2@infradead.org, herbert@gondor.apana.org.au, davem@davemloft.net, dmitry.kasatkin@gmail.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, pvorel@suse.cz, noodles@fb.com, tiwai@suse.de, kanth.ghatraju@oracle.com, konrad.wilk@oracle.com, erpalmer@linux.vnet.ibm.com, coxu@redhat.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Subject: Re: [PATCH v3 03/10] KEYS: X.509: Parse Basic Constraints for CA Message-ID: References: <20221214003401.4086781-1-eric.snowberg@oracle.com> <20221214003401.4086781-4-eric.snowberg@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Dec 15, 2022 at 06:10:04AM -0500, Mimi Zohar wrote: > > diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h > > index a299c9c56f40..7c5c0ad1c22e 100644 > > --- a/crypto/asymmetric_keys/x509_parser.h > > +++ b/crypto/asymmetric_keys/x509_parser.h > > @@ -38,6 +38,7 @@ struct x509_certificate { > > bool self_signed; /* T if self-signed (check unsupported_sig too) */ > > bool unsupported_sig; /* T if signature uses unsupported crypto */ > > bool blacklisted; > > + bool root_ca; /* T if basic constraints CA is set */ > > }; > > The variable "root_ca" should probably be renamed to just "ca", right? Perhaps is_ca? BR, Jarkko