2 files changed, 9 insertions, 9 deletions
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index 393706f33fa5..a668d90302d3 100644
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -437,9 +437,9 @@ int x509_process_extension(void *context, size_t hdrlen,
                ctx->cert->raw_skid_size = vlen;
                ctx->cert->raw_skid = v;
-                kid = asymmetric_key_generate_id(v, vlen,
+                kid = asymmetric_key_generate_id(ctx->cert->raw_subject,
-                                                 ctx->cert->raw_subject,
+                                                 ctx->cert->raw_subject_size,
-                                                 ctx->cert->raw_subject_size);
+                                                 v, vlen);
                if (IS_ERR(kid))
                        return PTR_ERR(kid);
                ctx->cert->skid = kid;
@@ -493,9 +493,9 @@ int x509_process_extension(void *context, size_t hdrlen,
                        v += (sub + 2);
                }
-                kid = asymmetric_key_generate_id(v, vlen,
+                kid = asymmetric_key_generate_id(ctx->cert->raw_issuer,
-                                                 ctx->cert->raw_issuer,
+                                                 ctx->cert->raw_issuer_size,
-                                                 ctx->cert->raw_issuer_size);
+                                                 v, vlen);
                if (IS_ERR(kid))
                        return PTR_ERR(kid);
                pr_debug("authkeyid %*phN\n", kid->len, kid->data);
diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h
index 3f0f0f081621..3dfe6b5d6f0b 100644
--- a/crypto/asymmetric_keys/x509_parser.h
+++ b/crypto/asymmetric_keys/x509_parser.h
@@ -19,9 +19,9 @@ struct x509_certificate {
        struct public_key_signature sig;        /* Signature parameters */
        char            *issuer;                /* Name of certificate issuer */
        char            *subject;               /* Name of certificate subject */
-        struct asymmetric_key_id *id;           /* Issuer + serial number */
+        struct asymmetric_key_id *id;           /* Serial number + issuer */
-        struct asymmetric_key_id *skid;         /* Subject key identifier */
+        struct asymmetric_key_id *skid;         /* Subject + subjectKeyId (optional) */
-        struct asymmetric_key_id *authority;    /* Authority key identifier */
+        struct asymmetric_key_id *authority;    /* Authority key identifier (optional) */
        struct tm       valid_from;
        struct tm       valid_to;
        const void      *tbs;                   /* Signed data */

diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 393706f33fa5..a668d90302d3 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -437,9 +437,9 @@ int x509_process_extension(void *context, size_t hdrlen,
437		437
438	ctx->cert->raw_skid_size = vlen;	438	ctx->cert->raw_skid_size = vlen;
439	ctx->cert->raw_skid = v;	439	ctx->cert->raw_skid = v;
440	kid = asymmetric_key_generate_id(v, vlen,	440	kid = asymmetric_key_generate_id(ctx->cert->raw_subject,
441	ctx->cert->raw_subject,	441	ctx->cert->raw_subject_size,
442	ctx->cert->raw_subject_size);	442	v, vlen);
443	if (IS_ERR(kid))	443	if (IS_ERR(kid))
444	return PTR_ERR(kid);	444	return PTR_ERR(kid);
445	ctx->cert->skid = kid;	445	ctx->cert->skid = kid;
@@ -493,9 +493,9 @@ int x509_process_extension(void *context, size_t hdrlen,
493	v += (sub + 2);	493	v += (sub + 2);
494	}	494	}
495		495
496	kid = asymmetric_key_generate_id(v, vlen,	496	kid = asymmetric_key_generate_id(ctx->cert->raw_issuer,
497	ctx->cert->raw_issuer,	497	ctx->cert->raw_issuer_size,
498	ctx->cert->raw_issuer_size);	498	v, vlen);
499	if (IS_ERR(kid))	499	if (IS_ERR(kid))
500	return PTR_ERR(kid);	500	return PTR_ERR(kid);
501	pr_debug("authkeyid %*phN\n", kid->len, kid->data);	501	pr_debug("authkeyid %*phN\n", kid->len, kid->data);


diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h index 3f0f0f081621..3dfe6b5d6f0b 100644 --- a/crypto/asymmetric_keys/x509_parser.h +++ b/crypto/asymmetric_keys/x509_parser.h
@@ -19,9 +19,9 @@ struct x509_certificate {
19	struct public_key_signature sig; /* Signature parameters */	19	struct public_key_signature sig; /* Signature parameters */
20	char issuer; / Name of certificate issuer */	20	char issuer; / Name of certificate issuer */
21	char subject; / Name of certificate subject */	21	char subject; / Name of certificate subject */
22	struct asymmetric_key_id id; / Issuer + serial number */	22	struct asymmetric_key_id id; / Serial number + issuer */
23	struct asymmetric_key_id skid; / Subject key identifier */	23	struct asymmetric_key_id skid; / Subject + subjectKeyId (optional) */
24	struct asymmetric_key_id authority; / Authority key identifier */	24	struct asymmetric_key_id authority; / Authority key identifier (optional) */
25	struct tm valid_from;	25	struct tm valid_from;
26	struct tm valid_to;	26	struct tm valid_to;
27	const void tbs; / Signed data */	27	const void tbs; / Signed data */