sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-04-16 03:00:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

[x509] Make root of trust a reference-counted structure

Browse Source 
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2020-12-09 16:19:03 +00:00
parent e3eedb0be5
commit 3475f9162b
7 changed files with 81 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/include/ipxe/x509.h
+26 -1
View File
@@ -340,8 +340,10 @@ struct x509_access_method {
const struct asn1_cursor *raw );
};
/** An X.509 root certificate store */
/** An X.509 root certificate list */
struct x509_root {
/** Reference count */
struct refcnt refcnt;
/** Fingerprint digest algorithm */
struct digest_algorithm *digest;
/** Number of certificates */
@@ -350,6 +352,28 @@ struct x509_root {
const void *fingerprints;
};
/**
* Get reference to X.509 root certificate list
*
* @v root X.509 root certificate list
* @ret root X.509 root certificate list
*/
static inline __attribute__ (( always_inline )) struct x509_root *
x509_root_get ( struct x509_root *root ) {
ref_get ( &root->refcnt );
return root;
}
/**
* Drop reference to X.509 root certificate list
*
* @v root X.509 root certificate list
*/
static inline __attribute__ (( always_inline )) void
x509_root_put ( struct x509_root *root ) {
ref_put ( &root->refcnt );
}
extern const char * x509_name ( struct x509_certificate *cert );
extern int x509_parse ( struct x509_certificate *cert,
const struct asn1_cursor *raw );
@@ -391,6 +415,7 @@ extern int x509_check_time ( struct x509_certificate *cert, time_t time );
* @v cert X.509 certificate
*/
static inline void x509_invalidate ( struct x509_certificate *cert ) {
x509_root_put ( cert->root );
cert->root = NULL;
cert->path_remaining = 0;
}