diff options
Diffstat (limited to 'crypto/asymmetric_keys')
| -rw-r--r-- | crypto/asymmetric_keys/Kconfig | 1 | ||||
| -rw-r--r-- | crypto/asymmetric_keys/public_key.c | 12 | ||||
| -rw-r--r-- | crypto/asymmetric_keys/rsa.c | 14 | ||||
| -rw-r--r-- | crypto/asymmetric_keys/x509_cert_parser.c | 12 | ||||
| -rw-r--r-- | crypto/asymmetric_keys/x509_parser.h | 2 | ||||
| -rw-r--r-- | crypto/asymmetric_keys/x509_public_key.c | 9 |
6 files changed, 20 insertions, 30 deletions
diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig index 862b01fe6172..82e7d6b0c276 100644 --- a/crypto/asymmetric_keys/Kconfig +++ b/crypto/asymmetric_keys/Kconfig | |||
| @@ -13,6 +13,7 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE | |||
| 13 | tristate "Asymmetric public-key crypto algorithm subtype" | 13 | tristate "Asymmetric public-key crypto algorithm subtype" |
| 14 | select MPILIB | 14 | select MPILIB |
| 15 | select PUBLIC_KEY_ALGO_RSA | 15 | select PUBLIC_KEY_ALGO_RSA |
| 16 | select CRYPTO_HASH_INFO | ||
| 16 | help | 17 | help |
| 17 | This option provides support for asymmetric public key type handling. | 18 | This option provides support for asymmetric public key type handling. |
| 18 | If signature generation and/or verification are to be used, | 19 | If signature generation and/or verification are to be used, |
diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c index 49ac8d848ed1..97eb001960b9 100644 --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c | |||
| @@ -36,18 +36,6 @@ const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST] = { | |||
| 36 | }; | 36 | }; |
| 37 | EXPORT_SYMBOL_GPL(pkey_algo); | 37 | EXPORT_SYMBOL_GPL(pkey_algo); |
| 38 | 38 | ||
| 39 | const char *const pkey_hash_algo_name[PKEY_HASH__LAST] = { | ||
| 40 | [PKEY_HASH_MD4] = "md4", | ||
| 41 | [PKEY_HASH_MD5] = "md5", | ||
| 42 | [PKEY_HASH_SHA1] = "sha1", | ||
| 43 | [PKEY_HASH_RIPE_MD_160] = "rmd160", | ||
| 44 | [PKEY_HASH_SHA256] = "sha256", | ||
| 45 | [PKEY_HASH_SHA384] = "sha384", | ||
| 46 | [PKEY_HASH_SHA512] = "sha512", | ||
| 47 | [PKEY_HASH_SHA224] = "sha224", | ||
| 48 | }; | ||
| 49 | EXPORT_SYMBOL_GPL(pkey_hash_algo_name); | ||
| 50 | |||
| 51 | const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST] = { | 39 | const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST] = { |
| 52 | [PKEY_ID_PGP] = "PGP", | 40 | [PKEY_ID_PGP] = "PGP", |
| 53 | [PKEY_ID_X509] = "X509", | 41 | [PKEY_ID_X509] = "X509", |
diff --git a/crypto/asymmetric_keys/rsa.c b/crypto/asymmetric_keys/rsa.c index 4a6a0696f8a3..90a17f59ba28 100644 --- a/crypto/asymmetric_keys/rsa.c +++ b/crypto/asymmetric_keys/rsa.c | |||
| @@ -73,13 +73,13 @@ static const struct { | |||
| 73 | size_t size; | 73 | size_t size; |
| 74 | } RSA_ASN1_templates[PKEY_HASH__LAST] = { | 74 | } RSA_ASN1_templates[PKEY_HASH__LAST] = { |
| 75 | #define _(X) { RSA_digest_info_##X, sizeof(RSA_digest_info_##X) } | 75 | #define _(X) { RSA_digest_info_##X, sizeof(RSA_digest_info_##X) } |
| 76 | [PKEY_HASH_MD5] = _(MD5), | 76 | [HASH_ALGO_MD5] = _(MD5), |
| 77 | [PKEY_HASH_SHA1] = _(SHA1), | 77 | [HASH_ALGO_SHA1] = _(SHA1), |
| 78 | [PKEY_HASH_RIPE_MD_160] = _(RIPE_MD_160), | 78 | [HASH_ALGO_RIPE_MD_160] = _(RIPE_MD_160), |
| 79 | [PKEY_HASH_SHA256] = _(SHA256), | 79 | [HASH_ALGO_SHA256] = _(SHA256), |
| 80 | [PKEY_HASH_SHA384] = _(SHA384), | 80 | [HASH_ALGO_SHA384] = _(SHA384), |
| 81 | [PKEY_HASH_SHA512] = _(SHA512), | 81 | [HASH_ALGO_SHA512] = _(SHA512), |
| 82 | [PKEY_HASH_SHA224] = _(SHA224), | 82 | [HASH_ALGO_SHA224] = _(SHA224), |
| 83 | #undef _ | 83 | #undef _ |
| 84 | }; | 84 | }; |
| 85 | 85 | ||
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 144201ccba0c..29893162497c 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c | |||
| @@ -154,32 +154,32 @@ int x509_note_pkey_algo(void *context, size_t hdrlen, | |||
| 154 | return -ENOPKG; /* Unsupported combination */ | 154 | return -ENOPKG; /* Unsupported combination */ |
| 155 | 155 | ||
| 156 | case OID_md4WithRSAEncryption: | 156 | case OID_md4WithRSAEncryption: |
| 157 | ctx->cert->sig.pkey_hash_algo = PKEY_HASH_MD5; | 157 | ctx->cert->sig.pkey_hash_algo = HASH_ALGO_MD5; |
| 158 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; | 158 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; |
| 159 | break; | 159 | break; |
| 160 | 160 | ||
| 161 | case OID_sha1WithRSAEncryption: | 161 | case OID_sha1WithRSAEncryption: |
| 162 | ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA1; | 162 | ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA1; |
| 163 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; | 163 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; |
| 164 | break; | 164 | break; |
| 165 | 165 | ||
| 166 | case OID_sha256WithRSAEncryption: | 166 | case OID_sha256WithRSAEncryption: |
| 167 | ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA256; | 167 | ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA256; |
| 168 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; | 168 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; |
| 169 | break; | 169 | break; |
| 170 | 170 | ||
| 171 | case OID_sha384WithRSAEncryption: | 171 | case OID_sha384WithRSAEncryption: |
| 172 | ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA384; | 172 | ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA384; |
| 173 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; | 173 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; |
| 174 | break; | 174 | break; |
| 175 | 175 | ||
| 176 | case OID_sha512WithRSAEncryption: | 176 | case OID_sha512WithRSAEncryption: |
| 177 | ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA512; | 177 | ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA512; |
| 178 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; | 178 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; |
| 179 | break; | 179 | break; |
| 180 | 180 | ||
| 181 | case OID_sha224WithRSAEncryption: | 181 | case OID_sha224WithRSAEncryption: |
| 182 | ctx->cert->sig.pkey_hash_algo = PKEY_HASH_SHA224; | 182 | ctx->cert->sig.pkey_hash_algo = HASH_ALGO_SHA224; |
| 183 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; | 183 | ctx->cert->sig.pkey_algo = PKEY_ALGO_RSA; |
| 184 | break; | 184 | break; |
| 185 | } | 185 | } |
diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h index 87d9cc26f630..04c81bd0f3f2 100644 --- a/crypto/asymmetric_keys/x509_parser.h +++ b/crypto/asymmetric_keys/x509_parser.h | |||
| @@ -21,6 +21,8 @@ struct x509_certificate { | |||
| 21 | char *authority; /* Authority key fingerprint as hex */ | 21 | char *authority; /* Authority key fingerprint as hex */ |
| 22 | struct tm valid_from; | 22 | struct tm valid_from; |
| 23 | struct tm valid_to; | 23 | struct tm valid_to; |
| 24 | enum pkey_algo pkey_algo : 8; /* Public key algorithm */ | ||
| 25 | enum hash_algo sig_hash_algo : 8; /* Signature hash algorithm */ | ||
| 24 | const void *tbs; /* Signed data */ | 26 | const void *tbs; /* Signed data */ |
| 25 | unsigned tbs_size; /* Size of signed data */ | 27 | unsigned tbs_size; /* Size of signed data */ |
| 26 | unsigned raw_sig_size; /* Size of sigature */ | 28 | unsigned raw_sig_size; /* Size of sigature */ |
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 6abc27f2e8a5..0a6bfad54916 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c | |||
| @@ -96,7 +96,7 @@ int x509_get_sig_params(struct x509_certificate *cert) | |||
| 96 | /* Allocate the hashing algorithm we're going to need and find out how | 96 | /* Allocate the hashing algorithm we're going to need and find out how |
| 97 | * big the hash operational data will be. | 97 | * big the hash operational data will be. |
| 98 | */ | 98 | */ |
| 99 | tfm = crypto_alloc_shash(pkey_hash_algo_name[cert->sig.pkey_hash_algo], 0, 0); | 99 | tfm = crypto_alloc_shash(hash_algo_name[cert->sig.pkey_hash_algo], 0, 0); |
| 100 | if (IS_ERR(tfm)) | 100 | if (IS_ERR(tfm)) |
| 101 | return (PTR_ERR(tfm) == -ENOENT) ? -ENOPKG : PTR_ERR(tfm); | 101 | return (PTR_ERR(tfm) == -ENOENT) ? -ENOPKG : PTR_ERR(tfm); |
| 102 | 102 | ||
| @@ -199,7 +199,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) | |||
| 199 | cert->sig.pkey_hash_algo >= PKEY_HASH__LAST || | 199 | cert->sig.pkey_hash_algo >= PKEY_HASH__LAST || |
| 200 | !pkey_algo[cert->pub->pkey_algo] || | 200 | !pkey_algo[cert->pub->pkey_algo] || |
| 201 | !pkey_algo[cert->sig.pkey_algo] || | 201 | !pkey_algo[cert->sig.pkey_algo] || |
| 202 | !pkey_hash_algo_name[cert->sig.pkey_hash_algo]) { | 202 | !hash_algo_name[cert->sig.pkey_hash_algo]) { |
| 203 | ret = -ENOPKG; | 203 | ret = -ENOPKG; |
| 204 | goto error_free_cert; | 204 | goto error_free_cert; |
| 205 | } | 205 | } |
| @@ -213,9 +213,8 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) | |||
| 213 | cert->valid_to.tm_year + 1900, cert->valid_to.tm_mon + 1, | 213 | cert->valid_to.tm_year + 1900, cert->valid_to.tm_mon + 1, |
| 214 | cert->valid_to.tm_mday, cert->valid_to.tm_hour, | 214 | cert->valid_to.tm_mday, cert->valid_to.tm_hour, |
| 215 | cert->valid_to.tm_min, cert->valid_to.tm_sec); | 215 | cert->valid_to.tm_min, cert->valid_to.tm_sec); |
| 216 | pr_devel("Cert Signature: %s + %s\n", | 216 | pr_devel("Cert Signature: %s\n", |
| 217 | pkey_algo_name[cert->sig.pkey_algo], | 217 | hash_algo_name[cert->sig.pkey_hash_algo]); |
| 218 | pkey_hash_algo_name[cert->sig.pkey_hash_algo]); | ||
| 219 | 218 | ||
| 220 | if (!cert->fingerprint) { | 219 | if (!cert->fingerprint) { |
| 221 | pr_warn("Cert for '%s' must have a SubjKeyId extension\n", | 220 | pr_warn("Cert for '%s' must have a SubjKeyId extension\n", |