RSASSA-PSS verify operation needs to compute digests for its Mask Generation Function (MGF1), and for digest comparison.
Add helpers to populate a crypto_shash and desc for use in both cases. Signed-off-by: Varad Gautam <varad.gau...@suse.com> --- v3: Add psspad_check_hash_algo to only allow valid hash algorithms in psspad_setup_shash. crypto/rsa-psspad.c | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/crypto/rsa-psspad.c b/crypto/rsa-psspad.c index 0e5422b05c081..40bb6d1dd2067 100644 --- a/crypto/rsa-psspad.c +++ b/crypto/rsa-psspad.c @@ -6,9 +6,52 @@ * Authors: Varad Gautam <varad.gau...@suse.com> */ +#include <crypto/hash.h> #include <crypto/internal/akcipher.h> #include <crypto/internal/rsa-common.h> +static bool psspad_check_hash_algo(const char *hash_algo) +{ + const char *hash_algos[] = { "sha1", "sha224", "sha256", "sha384", "sha512" }; + bool found = false; + int i = 0; + + for (i = 0; i < ARRAY_SIZE(hash_algos); i++) { + if (strcmp(hash_algo, hash_algos[i]) == 0) { + found = true; + break; + } + } + + return found; +} + +static int psspad_setup_shash(struct crypto_shash **hash_tfm, struct shash_desc **desc, + const char *hash_algo) +{ + if (!psspad_check_hash_algo(hash_algo)) + return -EINVAL; + + *hash_tfm = crypto_alloc_shash(hash_algo, 0, 0); + if (IS_ERR(*hash_tfm)) + return PTR_ERR(*hash_tfm); + + *desc = kzalloc(crypto_shash_descsize(*hash_tfm) + sizeof(**desc), + GFP_KERNEL); + if (!desc) + return -ENOMEM; + + (*desc)->tfm = *hash_tfm; + + return 0; +} + +static void psspad_free_shash(struct crypto_shash *hash_tfm, struct shash_desc *desc) +{ + kfree(desc); + crypto_free_shash(hash_tfm); +} + static int psspad_s_v_e_d(struct akcipher_request *req) { return -EOPNOTSUPP; -- 2.30.2