summaryrefslogtreecommitdiff
path: root/crypto/asymmetric_keys/public_key.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2013-08-30 19:15:30 +0400
committerDavid Howells <dhowells@redhat.com>2013-09-25 20:17:00 +0400
commit3d167d68e3805ee45ed2e8412fc03ed919c54c24 (patch)
treebaa5b411cb71f72ee855883d5a3fefbaf142f23b /crypto/asymmetric_keys/public_key.c
parent67f7d60b3a08a3e3ec51c29c25767a9d9d0bd2b1 (diff)
downloadlinux-3d167d68e3805ee45ed2e8412fc03ed919c54c24.tar.xz
KEYS: Split public_key_verify_signature() and make available
Modify public_key_verify_signature() so that it now takes a public_key struct rather than a key struct and supply a wrapper that takes a key struct. The wrapper is then used by the asymmetric key subtype and the modified function is used by X.509 self-signature checking and can be used by other things also. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Josh Boyer <jwboyer@redhat.com>
Diffstat (limited to 'crypto/asymmetric_keys/public_key.c')
-rw-r--r--crypto/asymmetric_keys/public_key.c40
1 files changed, 32 insertions, 8 deletions
diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
index 796ce0802aa0..49ac8d848ed1 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -86,21 +86,45 @@ EXPORT_SYMBOL_GPL(public_key_destroy);
/*
* Verify a signature using a public key.
*/
-static int public_key_verify_signature(const struct key *key,
- const struct public_key_signature *sig)
+int public_key_verify_signature(const struct public_key *pk,
+ const struct public_key_signature *sig)
{
- const struct public_key *pk = key->payload.data;
+ const struct public_key_algorithm *algo;
+
+ BUG_ON(!pk);
+ BUG_ON(!pk->mpi[0]);
+ BUG_ON(!pk->mpi[1]);
+ BUG_ON(!sig);
+ BUG_ON(!sig->digest);
+ BUG_ON(!sig->mpi[0]);
+
+ algo = pk->algo;
+ if (!algo) {
+ if (pk->pkey_algo >= PKEY_ALGO__LAST)
+ return -ENOPKG;
+ algo = pkey_algo[pk->pkey_algo];
+ if (!algo)
+ return -ENOPKG;
+ }
- if (!pk->algo->verify_signature)
+ if (!algo->verify_signature)
return -ENOTSUPP;
- if (sig->nr_mpi != pk->algo->n_sig_mpi) {
+ if (sig->nr_mpi != algo->n_sig_mpi) {
pr_debug("Signature has %u MPI not %u\n",
- sig->nr_mpi, pk->algo->n_sig_mpi);
+ sig->nr_mpi, algo->n_sig_mpi);
return -EINVAL;
}
- return pk->algo->verify_signature(pk, sig);
+ return algo->verify_signature(pk, sig);
+}
+EXPORT_SYMBOL_GPL(public_key_verify_signature);
+
+static int public_key_verify_signature_2(const struct key *key,
+ const struct public_key_signature *sig)
+{
+ const struct public_key *pk = key->payload.data;
+ return public_key_verify_signature(pk, sig);
}
/*
@@ -111,6 +135,6 @@ struct asymmetric_key_subtype public_key_subtype = {
.name = "public_key",
.describe = public_key_describe,
.destroy = public_key_destroy,
- .verify_signature = public_key_verify_signature,
+ .verify_signature = public_key_verify_signature_2,
};
EXPORT_SYMBOL_GPL(public_key_subtype);