[PATCH RFC v2 2/2] crypto: RSA: KEYS: convert rsa and public key to new PKE API
Change the existing rsa and public key code to integrate it
with the new Public Key Encryption API.
Signed-off-by: Tadeusz Struk
---
crypto/asymmetric_keys/Kconfig|1
crypto/asymmetric_keys/pkcs7_parser.c |2 -
crypto/asymmetric_keys/pkcs7_trust.c |2 -
crypto/asymmetric_keys/pkcs7_verify.c |3 +
crypto/asymmetric_keys/public_key.c | 89 +++--
crypto/asymmetric_keys/public_key.h | 36
crypto/asymmetric_keys/rsa.c | 43 +++---
crypto/asymmetric_keys/x509_cert_parser.c |3 +
crypto/asymmetric_keys/x509_public_key.c |6 +-
include/crypto/public_key.h | 11 +---
10 files changed, 104 insertions(+), 92 deletions(-)
delete mode 100644 crypto/asymmetric_keys/public_key.h
diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig
index 4870f28..1b7d7d6 100644
--- a/crypto/asymmetric_keys/Kconfig
+++ b/crypto/asymmetric_keys/Kconfig
@@ -23,6 +23,7 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
config PUBLIC_KEY_ALGO_RSA
tristate "RSA public-key algorithm"
select MPILIB
+ select CRYPTO_PKEY
help
This option enables support for the RSA algorithm (PKCS#1, RFC3447).
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c
b/crypto/asymmetric_keys/pkcs7_parser.c
index 3bd5a1e..054f110 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -15,7 +15,7 @@
#include
#include
#include
-#include "public_key.h"
+#include
#include "pkcs7_parser.h"
#include "pkcs7-asn1.h"
diff --git a/crypto/asymmetric_keys/pkcs7_trust.c
b/crypto/asymmetric_keys/pkcs7_trust.c
index 1d29376..68ebae2 100644
--- a/crypto/asymmetric_keys/pkcs7_trust.c
+++ b/crypto/asymmetric_keys/pkcs7_trust.c
@@ -17,7 +17,7 @@
#include
#include
#include
-#include "public_key.h"
+#include
#include "pkcs7_parser.h"
/**
diff --git a/crypto/asymmetric_keys/pkcs7_verify.c
b/crypto/asymmetric_keys/pkcs7_verify.c
index cd45545..9f1035c 100644
--- a/crypto/asymmetric_keys/pkcs7_verify.c
+++ b/crypto/asymmetric_keys/pkcs7_verify.c
@@ -16,7 +16,8 @@
#include
#include
#include
-#include "public_key.h"
+#include
+#include
#include "pkcs7_parser.h"
/*
diff --git a/crypto/asymmetric_keys/public_key.c
b/crypto/asymmetric_keys/public_key.c
index 2f6e4fb..d147ee0 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -18,30 +18,28 @@
#include
#include
#include
-#include "public_key.h"
+#include
+#include
MODULE_LICENSE("GPL");
const char *const pkey_algo_name[PKEY_ALGO__LAST] = {
- [PKEY_ALGO_DSA] = "DSA",
- [PKEY_ALGO_RSA] = "RSA",
+ [PKEY_ALGO_DSA] = "dsa",
+ [PKEY_ALGO_RSA] = "rsa",
};
EXPORT_SYMBOL_GPL(pkey_algo_name);
-const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST] = {
-#if defined(CONFIG_PUBLIC_KEY_ALGO_RSA) || \
- defined(CONFIG_PUBLIC_KEY_ALGO_RSA_MODULE)
- [PKEY_ALGO_RSA] = _public_key_algorithm,
-#endif
-};
-EXPORT_SYMBOL_GPL(pkey_algo);
-
const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST] = {
[PKEY_ID_PGP] = "PGP",
[PKEY_ID_X509] = "X509",
};
EXPORT_SYMBOL_GPL(pkey_id_type_name);
+struct public_key_completion {
+ struct completion completion;
+ int err;
+};
+
/*
* Provide a part of a description of the key for /proc/keys.
*/
@@ -52,7 +50,8 @@ static void public_key_describe(const struct key
*asymmetric_key,
if (key)
seq_printf(m, "%s.%s",
- pkey_id_type_name[key->id_type], key->algo->name);
+ pkey_id_type_name[key->id_type],
+ pkey_algo_name[key->pkey_algo]);
}
/*
@@ -71,40 +70,68 @@ void public_key_destroy(void *payload)
}
EXPORT_SYMBOL_GPL(public_key_destroy);
+static void public_key_verify_done(struct crypto_async_request *req, int err)
+{
+ struct public_key_completion *compl = req->data;
+
+ if (err == -EINPROGRESS)
+ return;
+
+ compl->err = err;
+ complete(>completion);
+}
+
/*
* Verify a signature using a public key.
*/
-int public_key_verify_signature(const struct public_key *pk,
+int public_key_verify_signature(const struct public_key *pkey,
const struct public_key_signature *sig)
{
- const struct public_key_algorithm *algo;
-
- BUG_ON(!pk);
- BUG_ON(!pk->mpi[0]);
- BUG_ON(!pk->mpi[1]);
+ struct crypto_pkey *tfm;
+ struct pkey_request *req;
+ struct public_key_completion compl;
+ int ret;
+
+ BUG_ON(!pkey);
+ BUG_ON(!pkey->mpi[0]);
+ BUG_ON(!pkey->mpi[1]);
BUG_ON(!sig);
BUG_ON(!sig->digest);
BUG_ON(!sig->mpi[0]);
- algo = pk->algo;
- if (!algo) {
- if (pk->pkey_algo >=
[PATCH RFC v2 2/2] crypto: RSA: KEYS: convert rsa and public key to new PKE API
Change the existing rsa and public key code to integrate it
with the new Public Key Encryption API.
Signed-off-by: Tadeusz Struk tadeusz.st...@intel.com
---
crypto/asymmetric_keys/Kconfig|1
crypto/asymmetric_keys/pkcs7_parser.c |2 -
crypto/asymmetric_keys/pkcs7_trust.c |2 -
crypto/asymmetric_keys/pkcs7_verify.c |3 +
crypto/asymmetric_keys/public_key.c | 89 +++--
crypto/asymmetric_keys/public_key.h | 36
crypto/asymmetric_keys/rsa.c | 43 +++---
crypto/asymmetric_keys/x509_cert_parser.c |3 +
crypto/asymmetric_keys/x509_public_key.c |6 +-
include/crypto/public_key.h | 11 +---
10 files changed, 104 insertions(+), 92 deletions(-)
delete mode 100644 crypto/asymmetric_keys/public_key.h
diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig
index 4870f28..1b7d7d6 100644
--- a/crypto/asymmetric_keys/Kconfig
+++ b/crypto/asymmetric_keys/Kconfig
@@ -23,6 +23,7 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
config PUBLIC_KEY_ALGO_RSA
tristate RSA public-key algorithm
select MPILIB
+ select CRYPTO_PKEY
help
This option enables support for the RSA algorithm (PKCS#1, RFC3447).
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c
b/crypto/asymmetric_keys/pkcs7_parser.c
index 3bd5a1e..054f110 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -15,7 +15,7 @@
#include linux/slab.h
#include linux/err.h
#include linux/oid_registry.h
-#include public_key.h
+#include crypto/public_key.h
#include pkcs7_parser.h
#include pkcs7-asn1.h
diff --git a/crypto/asymmetric_keys/pkcs7_trust.c
b/crypto/asymmetric_keys/pkcs7_trust.c
index 1d29376..68ebae2 100644
--- a/crypto/asymmetric_keys/pkcs7_trust.c
+++ b/crypto/asymmetric_keys/pkcs7_trust.c
@@ -17,7 +17,7 @@
#include linux/asn1.h
#include linux/key.h
#include keys/asymmetric-type.h
-#include public_key.h
+#include crypto/public_key.h
#include pkcs7_parser.h
/**
diff --git a/crypto/asymmetric_keys/pkcs7_verify.c
b/crypto/asymmetric_keys/pkcs7_verify.c
index cd45545..9f1035c 100644
--- a/crypto/asymmetric_keys/pkcs7_verify.c
+++ b/crypto/asymmetric_keys/pkcs7_verify.c
@@ -16,7 +16,8 @@
#include linux/err.h
#include linux/asn1.h
#include crypto/hash.h
-#include public_key.h
+#include crypto/public_key.h
+#include crypto/pkey.h
#include pkcs7_parser.h
/*
diff --git a/crypto/asymmetric_keys/public_key.c
b/crypto/asymmetric_keys/public_key.c
index 2f6e4fb..d147ee0 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -18,30 +18,28 @@
#include linux/slab.h
#include linux/seq_file.h
#include keys/asymmetric-subtype.h
-#include public_key.h
+#include crypto/public_key.h
+#include crypto/pkey.h
MODULE_LICENSE(GPL);
const char *const pkey_algo_name[PKEY_ALGO__LAST] = {
- [PKEY_ALGO_DSA] = DSA,
- [PKEY_ALGO_RSA] = RSA,
+ [PKEY_ALGO_DSA] = dsa,
+ [PKEY_ALGO_RSA] = rsa,
};
EXPORT_SYMBOL_GPL(pkey_algo_name);
-const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST] = {
-#if defined(CONFIG_PUBLIC_KEY_ALGO_RSA) || \
- defined(CONFIG_PUBLIC_KEY_ALGO_RSA_MODULE)
- [PKEY_ALGO_RSA] = RSA_public_key_algorithm,
-#endif
-};
-EXPORT_SYMBOL_GPL(pkey_algo);
-
const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST] = {
[PKEY_ID_PGP] = PGP,
[PKEY_ID_X509] = X509,
};
EXPORT_SYMBOL_GPL(pkey_id_type_name);
+struct public_key_completion {
+ struct completion completion;
+ int err;
+};
+
/*
* Provide a part of a description of the key for /proc/keys.
*/
@@ -52,7 +50,8 @@ static void public_key_describe(const struct key
*asymmetric_key,
if (key)
seq_printf(m, %s.%s,
- pkey_id_type_name[key-id_type], key-algo-name);
+ pkey_id_type_name[key-id_type],
+ pkey_algo_name[key-pkey_algo]);
}
/*
@@ -71,40 +70,68 @@ void public_key_destroy(void *payload)
}
EXPORT_SYMBOL_GPL(public_key_destroy);
+static void public_key_verify_done(struct crypto_async_request *req, int err)
+{
+ struct public_key_completion *compl = req-data;
+
+ if (err == -EINPROGRESS)
+ return;
+
+ compl-err = err;
+ complete(compl-completion);
+}
+
/*
* Verify a signature using a public key.
*/
-int public_key_verify_signature(const struct public_key *pk,
+int public_key_verify_signature(const struct public_key *pkey,
const struct public_key_signature *sig)
{
- const struct public_key_algorithm *algo;
-
- BUG_ON(!pk);
- BUG_ON(!pk-mpi[0]);
- BUG_ON(!pk-mpi[1]);
+ struct crypto_pkey *tfm;
+ struct pkey_request *req;
+ struct public_key_completion compl;
+ int ret;
+
