[crypto] Generalise X.509 "valid" field to a "flags" field

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/include/ipxe/x509.h

@@ -189,8 +189,8 @@ struct x509_certificate {
 	/** Link in certificate store */
 	struct x509_link store;
 
-	/** Certificate has been validated */
-	int valid;
+	/** Flags */
+	unsigned int flags;
 	/** Maximum number of subsequent certificates in chain */
 	unsigned int path_remaining;
 
@@ -216,6 +216,12 @@ struct x509_certificate {
 	struct x509_extensions extensions;
 };
 
+/** X.509 certificate flags */
+enum x509_flags {
+	/** Certificate has been validated */
+	X509_FL_VALIDATED = 0x0001,
+};
+
 /**
  * Get reference to X.509 certificate
  *
@@ -373,13 +379,22 @@ extern int x509_check_root ( struct x509_certificate *cert,
 			     struct x509_root *root );
 extern int x509_check_time ( struct x509_certificate *cert, time_t time );
 
+/**
+ * Check if X.509 certificate is valid
+ *
+ * @v cert		X.509 certificate
+ */
+static inline int x509_is_valid ( struct x509_certificate *cert ) {
+	return ( cert->flags & X509_FL_VALIDATED );
+}
+
 /**
  * Invalidate X.509 certificate
  *
  * @v cert		X.509 certificate
  */
 static inline void x509_invalidate ( struct x509_certificate *cert ) {
-	cert->valid = 0;
+	cert->flags &= ~X509_FL_VALIDATED;
 	cert->path_remaining = 0;
 }