[x509] Record root of trust used when validating a certificate

Record the root of trust used at the point that a certificate is
validated, redefine validation as checking a certificate against a
specific root of trust, and pass an explicit root of trust when
creating a TLS connection.

This allows a custom TLS connection to be used with a custom root of
trust, without causing any validated certificates to be treated as
valid for normal purposes.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

2 files changed, 3 insertions, 2 deletions

diff --git a/src/usr/certmgmt.c b/src/usr/certmgmt.c
index 2f233fe4f..e6bf51fd8 100644
--- a/src/usr/certmgmt.c
+++ b/src/usr/certmgmt.c
@@ -57,7 +57,7 @@ void certstat ( struct x509_certificate *cert ) {
 		printf ( " [PERMANENT]" );
 	if ( cert->flags & X509_FL_EXPLICIT )
 		printf ( " [EXPLICIT]" );
-	if ( x509_is_valid ( cert ) )
+	if ( x509_is_valid ( cert, NULL ) )
 		printf ( " [VALIDATED]" );
 	printf ( "\n" );
 }
diff --git a/src/usr/imgtrust.c b/src/usr/imgtrust.c
index 595ea6b25..e7c2067a0 100644
--- a/src/usr/imgtrust.c
+++ b/src/usr/imgtrust.c
@@ -77,7 +77,8 @@ int imgverify ( struct image *image, struct image *signature,
 
 	/* Complete all certificate chains */
 	list_for_each_entry ( info, &sig->info, list ) {
-		if ( ( rc = create_validator ( &monojob, info->chain ) ) != 0 )
+		if ( ( rc = create_validator ( &monojob, info->chain,
+					       NULL ) ) != 0 )
 			goto err_create_validator;
 		if ( ( rc = monojob_wait ( NULL, 0 ) ) != 0 )
 			goto err_validator_wait;