mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-29 22:02:02 +00:00
KEYS: Store public key algo ID in public_key struct
Store public key algo ID in public_key struct for reference purposes. This allows it to be removed from the x509_certificate struct and used to find a default in public_key_verify_signature(). Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Josh Boyer <jwboyer@redhat.com>
This commit is contained in:
parent
206ce59a10
commit
67f7d60b3a
4 changed files with 6 additions and 5 deletions
|
@ -343,8 +343,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
|
||||||
if (ctx->last_oid != OID_rsaEncryption)
|
if (ctx->last_oid != OID_rsaEncryption)
|
||||||
return -ENOPKG;
|
return -ENOPKG;
|
||||||
|
|
||||||
/* There seems to be an extraneous 0 byte on the front of the data */
|
ctx->cert->pub->pkey_algo = PKEY_ALGO_RSA;
|
||||||
ctx->cert->pkey_algo = PKEY_ALGO_RSA;
|
|
||||||
|
/* Discard the BIT STRING metadata */
|
||||||
ctx->key = value + 1;
|
ctx->key = value + 1;
|
||||||
ctx->key_size = vlen - 1;
|
ctx->key_size = vlen - 1;
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
@ -20,7 +20,6 @@ struct x509_certificate {
|
||||||
char *authority; /* Authority key fingerprint as hex */
|
char *authority; /* Authority key fingerprint as hex */
|
||||||
struct tm valid_from;
|
struct tm valid_from;
|
||||||
struct tm valid_to;
|
struct tm valid_to;
|
||||||
enum pkey_algo pkey_algo : 8; /* Public key algorithm */
|
|
||||||
enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */
|
enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */
|
||||||
enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */
|
enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */
|
||||||
const void *tbs; /* Signed data */
|
const void *tbs; /* Signed data */
|
||||||
|
|
|
@ -108,7 +108,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
|
||||||
|
|
||||||
pr_devel("Cert Issuer: %s\n", cert->issuer);
|
pr_devel("Cert Issuer: %s\n", cert->issuer);
|
||||||
pr_devel("Cert Subject: %s\n", cert->subject);
|
pr_devel("Cert Subject: %s\n", cert->subject);
|
||||||
pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pkey_algo]);
|
pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]);
|
||||||
pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",
|
pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",
|
||||||
cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,
|
cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,
|
||||||
cert->valid_from.tm_mday, cert->valid_from.tm_hour,
|
cert->valid_from.tm_mday, cert->valid_from.tm_hour,
|
||||||
|
@ -165,7 +165,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
|
||||||
goto error_free_cert;
|
goto error_free_cert;
|
||||||
}
|
}
|
||||||
|
|
||||||
cert->pub->algo = pkey_algo[cert->pkey_algo];
|
cert->pub->algo = pkey_algo[cert->pub->pkey_algo];
|
||||||
cert->pub->id_type = PKEY_ID_X509;
|
cert->pub->id_type = PKEY_ID_X509;
|
||||||
|
|
||||||
/* Check the signature on the key */
|
/* Check the signature on the key */
|
||||||
|
|
|
@ -60,6 +60,7 @@ struct public_key {
|
||||||
#define PKEY_CAN_DECRYPT 0x02
|
#define PKEY_CAN_DECRYPT 0x02
|
||||||
#define PKEY_CAN_SIGN 0x04
|
#define PKEY_CAN_SIGN 0x04
|
||||||
#define PKEY_CAN_VERIFY 0x08
|
#define PKEY_CAN_VERIFY 0x08
|
||||||
|
enum pkey_algo pkey_algo : 8;
|
||||||
enum pkey_id_type id_type : 8;
|
enum pkey_id_type id_type : 8;
|
||||||
union {
|
union {
|
||||||
MPI mpi[5];
|
MPI mpi[5];
|
||||||
|
|
Loading…
Reference in a new issue