KEYS: Store public key algo ID in public_key struct

Store public key algo ID in public_key struct for reference purposes. This allows it to be removed from the x509_certificate struct and used to find a default in public_key_verify_signature(). Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Josh Boyer <jwboyer@redhat.com>
author: David Howells <dhowells@redhat.com> 2013-08-30 11:15:24 -0400
committer: David Howells <dhowells@redhat.com> 2013-09-25 12:17:00 -0400
commit: 67f7d60b3a08a3e3ec51c29c25767a9d9d0bd2b1 (patch)
tree: fcd8b1dd651ed934878ef3cee7e9548bfba97540 /crypto
parent: 206ce59a109f3b4bb352845bcd04f3cf504ae592 (diff)
3 files changed, 5 insertions, 5 deletions
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index facbf26bc6bb..8cc253d2dc92 100644
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -343,8 +343,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
        if (ctx->last_oid != OID_rsaEncryption)
                return -ENOPKG;
-        /* There seems to be an extraneous 0 byte on the front of the data */
+        ctx->cert->pub->pkey_algo = PKEY_ALGO_RSA;
-        ctx->cert->pkey_algo = PKEY_ALGO_RSA;
+        /* Discard the BIT STRING metadata */
        ctx->key = value + 1;
        ctx->key_size = vlen - 1;
        return 0;
diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h
index f86dc5fcc4ad..e583ad09e5a1 100644
--- a/crypto/asymmetric_keys/x509_parser.h
+++ b/crypto/asymmetric_keys/x509_parser.h
@@ -20,7 +20,6 @@ struct x509_certificate {
        char            *authority;             /* Authority key fingerprint as hex */
        struct tm       valid_from;
        struct tm       valid_to;
-        enum pkey_algo  pkey_algo : 8;          /* Public key algorithm */
        enum pkey_algo  sig_pkey_algo : 8;      /* Signature public key algorithm */
        enum pkey_hash_algo sig_hash_algo : 8;  /* Signature hash algorithm */
        const void      *tbs;                   /* Signed data */
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index fe38628adae9..fac574c457b3 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -108,7 +108,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
        pr_devel("Cert Issuer: %s\n", cert->issuer);
        pr_devel("Cert Subject: %s\n", cert->subject);
-        pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pkey_algo]);
+        pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]);
        pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",
                 cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,
                 cert->valid_from.tm_mday, cert->valid_from.tm_hour,
@@ -165,7 +165,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
                goto error_free_cert;
        }
-        cert->pub->algo = pkey_algo[cert->pkey_algo];
+        cert->pub->algo = pkey_algo[cert->pub->pkey_algo];
        cert->pub->id_type = PKEY_ID_X509;
        /* Check the signature on the key */
author	David Howells <dhowells@redhat.com>	2013-08-30 11:15:24 -0400
committer	David Howells <dhowells@redhat.com>	2013-09-25 12:17:00 -0400
commit	67f7d60b3a08a3e3ec51c29c25767a9d9d0bd2b1 (patch)
tree	fcd8b1dd651ed934878ef3cee7e9548bfba97540 /crypto
parent	206ce59a109f3b4bb352845bcd04f3cf504ae592 (diff)

diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index facbf26bc6bb..8cc253d2dc92 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -343,8 +343,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
343	if (ctx->last_oid != OID_rsaEncryption)	343	if (ctx->last_oid != OID_rsaEncryption)
344	return -ENOPKG;	344	return -ENOPKG;
345		345
346	/* There seems to be an extraneous 0 byte on the front of the data */	346	ctx->cert->pub->pkey_algo = PKEY_ALGO_RSA;
347	ctx->cert->pkey_algo = PKEY_ALGO_RSA;	347
		348	/* Discard the BIT STRING metadata */
348	ctx->key = value + 1;	349	ctx->key = value + 1;
349	ctx->key_size = vlen - 1;	350	ctx->key_size = vlen - 1;
350	return 0;	351	return 0;


diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h index f86dc5fcc4ad..e583ad09e5a1 100644 --- a/crypto/asymmetric_keys/x509_parser.h +++ b/crypto/asymmetric_keys/x509_parser.h
@@ -20,7 +20,6 @@ struct x509_certificate {
20	char authority; / Authority key fingerprint as hex */	20	char authority; / Authority key fingerprint as hex */
21	struct tm valid_from;	21	struct tm valid_from;
22	struct tm valid_to;	22	struct tm valid_to;
23	enum pkey_algo pkey_algo : 8; /* Public key algorithm */
24	enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */	23	enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */
25	enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */	24	enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */
26	const void tbs; / Signed data */	25	const void tbs; / Signed data */


diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index fe38628adae9..fac574c457b3 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -108,7 +108,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
108		108
109	pr_devel("Cert Issuer: %s\n", cert->issuer);	109	pr_devel("Cert Issuer: %s\n", cert->issuer);
110	pr_devel("Cert Subject: %s\n", cert->subject);	110	pr_devel("Cert Subject: %s\n", cert->subject);
111	pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pkey_algo]);	111	pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]);
112	pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",	112	pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",
113	cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,	113	cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,
114	cert->valid_from.tm_mday, cert->valid_from.tm_hour,	114	cert->valid_from.tm_mday, cert->valid_from.tm_hour,
@@ -165,7 +165,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
165	goto error_free_cert;	165	goto error_free_cert;
166	}	166	}
167		167
168	cert->pub->algo = pkey_algo[cert->pkey_algo];	168	cert->pub->algo = pkey_algo[cert->pub->pkey_algo];
169	cert->pub->id_type = PKEY_ID_X509;	169	cert->pub->id_type = PKEY_ID_X509;
170		170
171	/* Check the signature on the key */	171	/* Check the signature on the key */