Hi Vitaly, On Thu, 2021-07-01 at 04:13 +0300, Vitaly Chikunov wrote: > > +/** > + * read_keyid_from_key() - Read 32-bit keyid from the key file > + * @keyid_be: Pointer to 32-bit value in network order (BE, unaligned). > + * @keyfile: PEM file with private key with optionally appended x509 cert. > + * Return: 0 on success and keyid_be is written; > + * -1 on error, logged error message, and keyid_be isn't written. > + */ > +static int read_keyid_from_key(uint32_t *keyid_be, const char *keyfile) (With the new option "--keyid-from-cert" is this patch really still needed?) The function name is a bit off. Both imaevm_read_keyid() and this function are getting the keyid from a cert. There's also quite a bit of code duplication between them. Refactoring the code might help. For example, perhaps imaevm_read_keyid() could be a wrapper for read_keyid_from_cert(). Otherwise renaming this function to read_keyid_from_keyfile(), read_appended_keyid() or read_appended_keyid_from_cert(), which is really wordy, would be better. thanks, Mimi
