[PATCH RFC v2 2/2] crypto: RSA: KEYS: convert rsa and public key to new PKE API
Change the existing rsa and public key code to integrate it with the new Public Key Encryption API. Signed-off-by: Tadeusz Struk --- crypto/asymmetric_keys/Kconfig|1 crypto/asymmetric_keys/pkcs7_parser.c |2 - crypto/asymmetric_keys/pkcs7_trust.c |2 - crypto/asymmetric_keys/pkcs7_verify.c |3 + crypto/asymmetric_keys/public_key.c | 89 +++-- crypto/asymmetric_keys/public_key.h | 36 crypto/asymmetric_keys/rsa.c | 43 +++--- crypto/asymmetric_keys/x509_cert_parser.c |3 + crypto/asymmetric_keys/x509_public_key.c |6 +- include/crypto/public_key.h | 11 +--- 10 files changed, 104 insertions(+), 92 deletions(-) delete mode 100644 crypto/asymmetric_keys/public_key.h diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig index 4870f28..1b7d7d6 100644 --- a/crypto/asymmetric_keys/Kconfig +++ b/crypto/asymmetric_keys/Kconfig @@ -23,6 +23,7 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE config PUBLIC_KEY_ALGO_RSA tristate "RSA public-key algorithm" select MPILIB + select CRYPTO_PKEY help This option enables support for the RSA algorithm (PKCS#1, RFC3447). diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c index 3bd5a1e..054f110 100644 --- a/crypto/asymmetric_keys/pkcs7_parser.c +++ b/crypto/asymmetric_keys/pkcs7_parser.c @@ -15,7 +15,7 @@ #include #include #include -#include "public_key.h" +#include #include "pkcs7_parser.h" #include "pkcs7-asn1.h" diff --git a/crypto/asymmetric_keys/pkcs7_trust.c b/crypto/asymmetric_keys/pkcs7_trust.c index 1d29376..68ebae2 100644 --- a/crypto/asymmetric_keys/pkcs7_trust.c +++ b/crypto/asymmetric_keys/pkcs7_trust.c @@ -17,7 +17,7 @@ #include #include #include -#include "public_key.h" +#include #include "pkcs7_parser.h" /** diff --git a/crypto/asymmetric_keys/pkcs7_verify.c b/crypto/asymmetric_keys/pkcs7_verify.c index cd45545..9f1035c 100644 --- a/crypto/asymmetric_keys/pkcs7_verify.c +++ b/crypto/asymmetric_keys/pkcs7_verify.c @@ -16,7 +16,8 @@ #include #include #include -#include "public_key.h" +#include +#include #include "pkcs7_parser.h" /* diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c index 2f6e4fb..d147ee0 100644 --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -18,30 +18,28 @@ #include #include #include -#include "public_key.h" +#include +#include MODULE_LICENSE("GPL"); const char *const pkey_algo_name[PKEY_ALGO__LAST] = { - [PKEY_ALGO_DSA] = "DSA", - [PKEY_ALGO_RSA] = "RSA", + [PKEY_ALGO_DSA] = "dsa", + [PKEY_ALGO_RSA] = "rsa", }; EXPORT_SYMBOL_GPL(pkey_algo_name); -const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST] = { -#if defined(CONFIG_PUBLIC_KEY_ALGO_RSA) || \ - defined(CONFIG_PUBLIC_KEY_ALGO_RSA_MODULE) - [PKEY_ALGO_RSA] = _public_key_algorithm, -#endif -}; -EXPORT_SYMBOL_GPL(pkey_algo); - const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST] = { [PKEY_ID_PGP] = "PGP", [PKEY_ID_X509] = "X509", }; EXPORT_SYMBOL_GPL(pkey_id_type_name); +struct public_key_completion { + struct completion completion; + int err; +}; + /* * Provide a part of a description of the key for /proc/keys. */ @@ -52,7 +50,8 @@ static void public_key_describe(const struct key *asymmetric_key, if (key) seq_printf(m, "%s.%s", - pkey_id_type_name[key->id_type], key->algo->name); + pkey_id_type_name[key->id_type], + pkey_algo_name[key->pkey_algo]); } /* @@ -71,40 +70,68 @@ void public_key_destroy(void *payload) } EXPORT_SYMBOL_GPL(public_key_destroy); +static void public_key_verify_done(struct crypto_async_request *req, int err) +{ + struct public_key_completion *compl = req->data; + + if (err == -EINPROGRESS) + return; + + compl->err = err; + complete(>completion); +} + /* * Verify a signature using a public key. */ -int public_key_verify_signature(const struct public_key *pk, +int public_key_verify_signature(const struct public_key *pkey, const struct public_key_signature *sig) { - const struct public_key_algorithm *algo; - - BUG_ON(!pk); - BUG_ON(!pk->mpi[0]); - BUG_ON(!pk->mpi[1]); + struct crypto_pkey *tfm; + struct pkey_request *req; + struct public_key_completion compl; + int ret; + + BUG_ON(!pkey); + BUG_ON(!pkey->mpi[0]); + BUG_ON(!pkey->mpi[1]); BUG_ON(!sig); BUG_ON(!sig->digest); BUG_ON(!sig->mpi[0]); - algo = pk->algo; - if (!algo) { - if (pk->pkey_algo >=
[PATCH RFC v2 2/2] crypto: RSA: KEYS: convert rsa and public key to new PKE API
Change the existing rsa and public key code to integrate it with the new Public Key Encryption API. Signed-off-by: Tadeusz Struk tadeusz.st...@intel.com --- crypto/asymmetric_keys/Kconfig|1 crypto/asymmetric_keys/pkcs7_parser.c |2 - crypto/asymmetric_keys/pkcs7_trust.c |2 - crypto/asymmetric_keys/pkcs7_verify.c |3 + crypto/asymmetric_keys/public_key.c | 89 +++-- crypto/asymmetric_keys/public_key.h | 36 crypto/asymmetric_keys/rsa.c | 43 +++--- crypto/asymmetric_keys/x509_cert_parser.c |3 + crypto/asymmetric_keys/x509_public_key.c |6 +- include/crypto/public_key.h | 11 +--- 10 files changed, 104 insertions(+), 92 deletions(-) delete mode 100644 crypto/asymmetric_keys/public_key.h diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig index 4870f28..1b7d7d6 100644 --- a/crypto/asymmetric_keys/Kconfig +++ b/crypto/asymmetric_keys/Kconfig @@ -23,6 +23,7 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE config PUBLIC_KEY_ALGO_RSA tristate RSA public-key algorithm select MPILIB + select CRYPTO_PKEY help This option enables support for the RSA algorithm (PKCS#1, RFC3447). diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c index 3bd5a1e..054f110 100644 --- a/crypto/asymmetric_keys/pkcs7_parser.c +++ b/crypto/asymmetric_keys/pkcs7_parser.c @@ -15,7 +15,7 @@ #include linux/slab.h #include linux/err.h #include linux/oid_registry.h -#include public_key.h +#include crypto/public_key.h #include pkcs7_parser.h #include pkcs7-asn1.h diff --git a/crypto/asymmetric_keys/pkcs7_trust.c b/crypto/asymmetric_keys/pkcs7_trust.c index 1d29376..68ebae2 100644 --- a/crypto/asymmetric_keys/pkcs7_trust.c +++ b/crypto/asymmetric_keys/pkcs7_trust.c @@ -17,7 +17,7 @@ #include linux/asn1.h #include linux/key.h #include keys/asymmetric-type.h -#include public_key.h +#include crypto/public_key.h #include pkcs7_parser.h /** diff --git a/crypto/asymmetric_keys/pkcs7_verify.c b/crypto/asymmetric_keys/pkcs7_verify.c index cd45545..9f1035c 100644 --- a/crypto/asymmetric_keys/pkcs7_verify.c +++ b/crypto/asymmetric_keys/pkcs7_verify.c @@ -16,7 +16,8 @@ #include linux/err.h #include linux/asn1.h #include crypto/hash.h -#include public_key.h +#include crypto/public_key.h +#include crypto/pkey.h #include pkcs7_parser.h /* diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c index 2f6e4fb..d147ee0 100644 --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -18,30 +18,28 @@ #include linux/slab.h #include linux/seq_file.h #include keys/asymmetric-subtype.h -#include public_key.h +#include crypto/public_key.h +#include crypto/pkey.h MODULE_LICENSE(GPL); const char *const pkey_algo_name[PKEY_ALGO__LAST] = { - [PKEY_ALGO_DSA] = DSA, - [PKEY_ALGO_RSA] = RSA, + [PKEY_ALGO_DSA] = dsa, + [PKEY_ALGO_RSA] = rsa, }; EXPORT_SYMBOL_GPL(pkey_algo_name); -const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST] = { -#if defined(CONFIG_PUBLIC_KEY_ALGO_RSA) || \ - defined(CONFIG_PUBLIC_KEY_ALGO_RSA_MODULE) - [PKEY_ALGO_RSA] = RSA_public_key_algorithm, -#endif -}; -EXPORT_SYMBOL_GPL(pkey_algo); - const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST] = { [PKEY_ID_PGP] = PGP, [PKEY_ID_X509] = X509, }; EXPORT_SYMBOL_GPL(pkey_id_type_name); +struct public_key_completion { + struct completion completion; + int err; +}; + /* * Provide a part of a description of the key for /proc/keys. */ @@ -52,7 +50,8 @@ static void public_key_describe(const struct key *asymmetric_key, if (key) seq_printf(m, %s.%s, - pkey_id_type_name[key-id_type], key-algo-name); + pkey_id_type_name[key-id_type], + pkey_algo_name[key-pkey_algo]); } /* @@ -71,40 +70,68 @@ void public_key_destroy(void *payload) } EXPORT_SYMBOL_GPL(public_key_destroy); +static void public_key_verify_done(struct crypto_async_request *req, int err) +{ + struct public_key_completion *compl = req-data; + + if (err == -EINPROGRESS) + return; + + compl-err = err; + complete(compl-completion); +} + /* * Verify a signature using a public key. */ -int public_key_verify_signature(const struct public_key *pk, +int public_key_verify_signature(const struct public_key *pkey, const struct public_key_signature *sig) { - const struct public_key_algorithm *algo; - - BUG_ON(!pk); - BUG_ON(!pk-mpi[0]); - BUG_ON(!pk-mpi[1]); + struct crypto_pkey *tfm; + struct pkey_request *req; + struct public_key_completion compl; + int ret; +