X.509: Add bits needed for PKCS#7 PKCS#7 validation requires access to the serial number and the raw names in an X.509 certificate. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Josh Boyer <jwboyer@redhat.com>

commit: 84aabd46bf8791d0c6fc8db4dc65d45093f70aab [log] [tgz]
author: David Howells <dhowells@redhat.com> Tue Jul 01 16:40:19 2014 +0100
committer: David Howells <dhowells@redhat.com> Tue Jul 01 16:40:19 2014 +0100
tree: 70e6a4b4ba4c6a215d4e86f8f11d3c1301b0727d
parent: 16874b2cb867d3eb63ed838f2847143e11556708 [diff] [blame]
diff --git a/crypto/asymmetric_keys/x509.asn1 b/crypto/asymmetric_keys/x509.asn1
index bf32b3d..aae0cde 100644
--- a/crypto/asymmetric_keys/x509.asn1
+++ b/crypto/asymmetric_keys/x509.asn1

@@ -6,7 +6,7 @@
 
 TBSCertificate ::= SEQUENCE {
 	version           [ 0 ]	Version DEFAULT,
-	serialNumber		CertificateSerialNumber,
+	serialNumber		CertificateSerialNumber ({ x509_note_serial }),
 	signature		AlgorithmIdentifier ({ x509_note_pkey_algo }),
 	issuer			Name ({ x509_note_issuer }),
 	validity		Validity,
commit	84aabd46bf8791d0c6fc8db4dc65d45093f70aab	[log] [tgz]
author	David Howells <dhowells@redhat.com>	Tue Jul 01 16:40:19 2014 +0100
committer	David Howells <dhowells@redhat.com>	Tue Jul 01 16:40:19 2014 +0100
tree	70e6a4b4ba4c6a215d4e86f8f11d3c1301b0727d
parent	16874b2cb867d3eb63ed838f2847143e11556708 [diff] [blame]