1 files changed, 19 insertions, 16 deletions
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index facbf26bc6bb..29893162497c 100644
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -47,6 +47,8 @@ void x509_free_certificate(struct x509_certificate *cert)
                kfree(cert->subject);
                kfree(cert->fingerprint);
                kfree(cert->authority);
+                kfree(cert->sig.digest);
+                mpi_free(cert->sig.rsa.s);
                kfree(cert);
        }
 }
@@ -152,33 +154,33 @@ int x509_note_pkey_algo(void *context, size_t hdrlen,
                return -ENOPKG; /* Unsupported combination */
        case OID_md4WithRSAEncryption:
-                ctx->cert->sig_hash_algo = PKEY_HASH_MD5;
+                ctx->cert->sig.pkey_hash_algo = HASH_ALGO_MD5;
-                ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;
+                ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
                break;
        case OID_sha1WithRSAEncryption:
-                ctx->cert->sig_hash_algo = PKEY_HASH_SHA1;
+                ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA1;
-                ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;
+                ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
                break;
        case OID_sha256WithRSAEncryption:
-                ctx->cert->sig_hash_algo = PKEY_HASH_SHA256;
+                ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA256;
-                ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;
+                ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
                break;
        case OID_sha384WithRSAEncryption:
-                ctx->cert->sig_hash_algo = PKEY_HASH_SHA384;
+                ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA384;
-                ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;
+                ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
                break;
        case OID_sha512WithRSAEncryption:
-                ctx->cert->sig_hash_algo = PKEY_HASH_SHA512;
+                ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA512;
-                ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;
+                ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
                break;
        case OID_sha224WithRSAEncryption:
-                ctx->cert->sig_hash_algo = PKEY_HASH_SHA224;
+                ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA224;
-                ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;
+                ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
                break;
        }
@@ -203,8 +205,8 @@ int x509_note_signature(void *context, size_t hdrlen,
                return -EINVAL;
        }
-        ctx->cert->sig = value;
+        ctx->cert->raw_sig = value;
-        ctx->cert->sig_size = vlen;
+        ctx->cert->raw_sig_size = vlen;
        return 0;
 }
@@ -343,8 +345,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
        if (ctx->last_oid != OID_rsaEncryption)
                return -ENOPKG;
-        /* There seems to be an extraneous 0 byte on the front of the data */
+        ctx->cert->pub->pkey_algo = PKEY_ALGO_RSA;
-        ctx->cert->pkey_algo = PKEY_ALGO_RSA;
+        /* Discard the BIT STRING metadata */
        ctx->key = value + 1;
        ctx->key_size = vlen - 1;
        return 0;

diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index facbf26bc6bb..29893162497c 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -47,6 +47,8 @@ void x509_free_certificate(struct x509_certificate *cert)
47	kfree(cert->subject);	47	kfree(cert->subject);
48	kfree(cert->fingerprint);	48	kfree(cert->fingerprint);
49	kfree(cert->authority);	49	kfree(cert->authority);
		50	kfree(cert->sig.digest);
		51	mpi_free(cert->sig.rsa.s);
50	kfree(cert);	52	kfree(cert);
51	}	53	}
52	}	54	}
@@ -152,33 +154,33 @@ int x509_note_pkey_algo(void *context, size_t hdrlen,
152	return -ENOPKG; /* Unsupported combination */	154	return -ENOPKG; /* Unsupported combination */
153		155
154	case OID_md4WithRSAEncryption:	156	case OID_md4WithRSAEncryption:
155	ctx->cert->sig_hash_algo = PKEY_HASH_MD5;	157	ctx->cert->sig.pkey_hash_algo = HASH_ALGO_MD5;
156	ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;	158	ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
157	break;	159	break;
158		160
159	case OID_sha1WithRSAEncryption:	161	case OID_sha1WithRSAEncryption:
160	ctx->cert->sig_hash_algo = PKEY_HASH_SHA1;	162	ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA1;
161	ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;	163	ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
162	break;	164	break;
163		165
164	case OID_sha256WithRSAEncryption:	166	case OID_sha256WithRSAEncryption:
165	ctx->cert->sig_hash_algo = PKEY_HASH_SHA256;	167	ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA256;
166	ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;	168	ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
167	break;	169	break;
168		170
169	case OID_sha384WithRSAEncryption:	171	case OID_sha384WithRSAEncryption:
170	ctx->cert->sig_hash_algo = PKEY_HASH_SHA384;	172	ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA384;
171	ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;	173	ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
172	break;	174	break;
173		175
174	case OID_sha512WithRSAEncryption:	176	case OID_sha512WithRSAEncryption:
175	ctx->cert->sig_hash_algo = PKEY_HASH_SHA512;	177	ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA512;
176	ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;	178	ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
177	break;	179	break;
178		180
179	case OID_sha224WithRSAEncryption:	181	case OID_sha224WithRSAEncryption:
180	ctx->cert->sig_hash_algo = PKEY_HASH_SHA224;	182	ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA224;
181	ctx->cert->sig_pkey_algo = PKEY_ALGO_RSA;	183	ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA;
182	break;	184	break;
183	}	185	}
184		186
@@ -203,8 +205,8 @@ int x509_note_signature(void *context, size_t hdrlen,
203	return -EINVAL;	205	return -EINVAL;
204	}	206	}
205		207
206	ctx->cert->sig = value;	208	ctx->cert->raw_sig = value;
207	ctx->cert->sig_size = vlen;	209	ctx->cert->raw_sig_size = vlen;
208	return 0;	210	return 0;
209	}	211	}
210		212
@@ -343,8 +345,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
343	if (ctx->last_oid != OID_rsaEncryption)	345	if (ctx->last_oid != OID_rsaEncryption)
344	return -ENOPKG;	346	return -ENOPKG;
345		347
346	/* There seems to be an extraneous 0 byte on the front of the data */	348	ctx->cert->pub->pkey_algo = PKEY_ALGO_RSA;
347	ctx->cert->pkey_algo = PKEY_ALGO_RSA;	349
		350	/* Discard the BIT STRING metadata */
348	ctx->key = value + 1;	351	ctx->key = value + 1;
349	ctx->key_size = vlen - 1;	352	ctx->key_size = vlen - 1;
350	return 0;	353	return 0;