tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

pkcs7, x509: Rename ->digest to ->m

Rename ->digest and ->digest_len to ->m and ->m_size to represent the input
to the signature verification algorithm, reflecting that ->digest may no
longer actually *be* a digest.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
cc: Lukas Wunner <lukas@wunner.de>
cc: Ignat Korchagin <ignat@cloudflare.com>
cc: Stephan Mueller <smueller@chronox.de>
cc: Eric Biggers <ebiggers@kernel.org>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: keyrings@vger.kernel.org
cc: linux-crypto@vger.kernel.org

David Howells f728074f 2c62068a

+26 -29
+2 -2
crypto/asymmetric_keys/asymmetric_type.c
··· 593 593 { 594 594 struct public_key_signature sig = { 595 595 .s_size = params->in2_len, 596 - .digest_size = params->in_len, 596 + .m_size = params->in_len, 597 597 .encoding = params->encoding, 598 598 .hash_algo = params->hash_algo, 599 - .digest = (void *)in, 599 + .m = (void *)in, 600 600 .s = (void *)in2, 601 601 }; 602 602
+14 -14
crypto/asymmetric_keys/pkcs7_verify.c
··· 31 31 kenter(",%u,%s", sinfo->index, sinfo->sig->hash_algo); 32 32 33 33 /* The digest was calculated already. */ 34 - if (sig->digest) 34 + if (sig->m) 35 35 return 0; 36 36 37 37 if (!sinfo->sig->hash_algo) ··· 45 45 return (PTR_ERR(tfm) == -ENOENT) ? -ENOPKG : PTR_ERR(tfm); 46 46 47 47 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); 48 - sig->digest_size = crypto_shash_digestsize(tfm); 48 + sig->m_size = crypto_shash_digestsize(tfm); 49 49 50 50 ret = -ENOMEM; 51 - sig->digest = kmalloc(sig->digest_size, GFP_KERNEL); 52 - if (!sig->digest) 51 + sig->m = kmalloc(sig->m_size, GFP_KERNEL); 52 + if (!sig->m) 53 53 goto error_no_desc; 54 54 55 55 desc = kzalloc(desc_size, GFP_KERNEL); ··· 59 59 desc->tfm = tfm; 60 60 61 61 /* Digest the message [RFC2315 9.3] */ 62 - ret = crypto_shash_digest(desc, pkcs7->data, pkcs7->data_len, 63 - sig->digest); 62 + ret = crypto_shash_digest(desc, pkcs7->data, pkcs7->data_len, sig->m); 64 63 if (ret < 0) 65 64 goto error; 66 - pr_devel("MsgDigest = [%*ph]\n", 8, sig->digest); 65 + pr_devel("MsgDigest = [%*ph]\n", 8, sig->m); 67 66 68 67 /* However, if there are authenticated attributes, there must be a 69 68 * message digest attribute amongst them which corresponds to the ··· 77 78 goto error; 78 79 } 79 80 80 - if (sinfo->msgdigest_len != sig->digest_size) { 81 + if (sinfo->msgdigest_len != sig->m_size) { 81 82 pr_warn("Sig %u: Invalid digest size (%u)\n", 82 83 sinfo->index, sinfo->msgdigest_len); 83 84 ret = -EBADMSG; 84 85 goto error; 85 86 } 86 87 87 - if (memcmp(sig->digest, sinfo->msgdigest, 88 + if (memcmp(sig->m, sinfo->msgdigest, 88 89 sinfo->msgdigest_len) != 0) { 89 90 pr_warn("Sig %u: Message digest doesn't match\n", 90 91 sinfo->index); ··· 97 98 * convert the attributes from a CONT.0 into a SET before we 98 99 * hash it. 99 100 */ 100 - memset(sig->digest, 0, sig->digest_size); 101 + memset(sig->m, 0, sig->m_size); 102 + 101 103 102 104 ret = crypto_shash_init(desc); 103 105 if (ret < 0) ··· 108 108 if (ret < 0) 109 109 goto error; 110 110 ret = crypto_shash_finup(desc, sinfo->authattrs, 111 - sinfo->authattrs_len, sig->digest); 111 + sinfo->authattrs_len, sig->m); 112 112 if (ret < 0) 113 113 goto error; 114 - pr_devel("AADigest = [%*ph]\n", 8, sig->digest); 114 + pr_devel("AADigest = [%*ph]\n", 8, sig->m); 115 115 } 116 116 117 117 error: ··· 138 138 if (ret) 139 139 return ret; 140 140 141 - *buf = sinfo->sig->digest; 142 - *len = sinfo->sig->digest_size; 141 + *buf = sinfo->sig->m; 142 + *len = sinfo->sig->m_size; 143 143 144 144 i = match_string(hash_algo_name, HASH_ALGO__LAST, 145 145 sinfo->sig->hash_algo);
+1 -2
crypto/asymmetric_keys/public_key.c
··· 425 425 if (ret) 426 426 goto error_free_key; 427 427 428 - ret = crypto_sig_verify(tfm, sig->s, sig->s_size, 429 - sig->digest, sig->digest_size); 428 + ret = crypto_sig_verify(tfm, sig->s, sig->s_size, sig->m, sig->m_size); 430 429 431 430 error_free_key: 432 431 kfree_sensitive(key);
+1 -1
crypto/asymmetric_keys/signature.c
··· 28 28 for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++) 29 29 kfree(sig->auth_ids[i]); 30 30 kfree(sig->s); 31 - kfree(sig->digest); 31 + kfree(sig->m); 32 32 kfree(sig); 33 33 } 34 34 }
+4 -6
crypto/asymmetric_keys/x509_public_key.c
··· 63 63 } 64 64 65 65 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); 66 - sig->digest_size = crypto_shash_digestsize(tfm); 66 + sig->m_size = crypto_shash_digestsize(tfm); 67 67 68 68 ret = -ENOMEM; 69 - sig->digest = kmalloc(sig->digest_size, GFP_KERNEL); 70 - if (!sig->digest) 69 + sig->m = kmalloc(sig->m_size, GFP_KERNEL); 70 + if (!sig->m) 71 71 goto error; 72 72 73 73 desc = kzalloc(desc_size, GFP_KERNEL); ··· 76 76 77 77 desc->tfm = tfm; 78 78 79 - ret = crypto_shash_digest(desc, cert->tbs, cert->tbs_size, 80 - sig->digest); 81 - 79 + ret = crypto_shash_digest(desc, cert->tbs, cert->tbs_size, sig->m); 82 80 if (ret < 0) 83 81 goto error_2; 84 82
+2 -2
include/crypto/public_key.h
··· 43 43 struct public_key_signature { 44 44 struct asymmetric_key_id *auth_ids[3]; 45 45 u8 *s; /* Signature */ 46 - u8 *digest; 46 + u8 *m; /* Message data to pass to verifier */ 47 47 u32 s_size; /* Number of bytes in signature */ 48 - u32 digest_size; /* Number of bytes in digest */ 48 + u32 m_size; /* Number of bytes in ->m */ 49 49 const char *pkey_algo; 50 50 const char *hash_algo; 51 51 const char *encoding;
+2 -2
security/integrity/digsig_asymmetric.c
··· 121 121 goto out; 122 122 } 123 123 124 - pks.digest = (u8 *)data; 125 - pks.digest_size = datalen; 124 + pks.m = (u8 *)data; 125 + pks.m_size = datalen; 126 126 pks.s = hdr->sig; 127 127 pks.s_size = siglen; 128 128 ret = verify_signature(key, &pks);