From: Hongbo Li <herberth...@tencent.com>

This patch is borrowed from Stefan Berger's ecdsa patch series,
will be removed when ecdsa is merged into kernel.

Signed-off-by: Hongbo Li <herberth...@tencent.com>
---
 include/keys/asymmetric-type.h         |  6 ++++++
 security/integrity/digsig_asymmetric.c | 29 ++++++++++++++---------------
 2 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/include/keys/asymmetric-type.h b/include/keys/asymmetric-type.h
index a29d3ff..c432fdb8 100644
--- a/include/keys/asymmetric-type.h
+++ b/include/keys/asymmetric-type.h
@@ -72,6 +72,12 @@ const struct asymmetric_key_ids *asymmetric_key_ids(const 
struct key *key)
        return key->payload.data[asym_key_ids];
 }
 
+static inline
+const struct public_key *asymmetric_key_public_key(const struct key *key)
+{
+       return key->payload.data[asym_crypto];
+}
+
 extern struct key *find_asymmetric_key(struct key *keyring,
                                       const struct asymmetric_key_id *id_0,
                                       const struct asymmetric_key_id *id_1,
diff --git a/security/integrity/digsig_asymmetric.c 
b/security/integrity/digsig_asymmetric.c
index a662024..183f452 100644
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -84,6 +84,7 @@ int asymmetric_verify(struct key *keyring, const char *sig,
 {
        struct public_key_signature pks;
        struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
+       const struct public_key *pk;
        struct key *key;
        int ret;
 
@@ -105,23 +106,21 @@ int asymmetric_verify(struct key *keyring, const char 
*sig,
        memset(&pks, 0, sizeof(pks));
 
        pks.hash_algo = hash_algo_name[hdr->hash_algo];
-       switch (hdr->hash_algo) {
-       case HASH_ALGO_STREEBOG_256:
-       case HASH_ALGO_STREEBOG_512:
-               /* EC-RDSA and Streebog should go together. */
-               pks.pkey_algo = "ecrdsa";
-               pks.encoding = "raw";
-               break;
-       case HASH_ALGO_SM3_256:
-               /* SM2 and SM3 should go together. */
-               pks.pkey_algo = "sm2";
-               pks.encoding = "raw";
-               break;
-       default:
-               pks.pkey_algo = "rsa";
+
+       pk = asymmetric_key_public_key(key);
+       pks.pkey_algo = pk->pkey_algo;
+       if (!strcmp(pk->pkey_algo, "rsa")) {
                pks.encoding = "pkcs1";
-               break;
+       } else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) {
+               /* edcsa-nist-p192 etc. */
+               pks.encoding = "x962";
+       } else if (!strcmp(pk->pkey_algo, "ecrdsa") ||
+                  !strcmp(pk->pkey_algo, "sm2")) {
+               pks.encoding = "raw";
+       } else {
+               return -ENOPKG;
        }
+
        pks.digest = (u8 *)data;
        pks.digest_size = datalen;
        pks.s = hdr->sig;
-- 
1.8.3.1

Reply via email to