Use CRYPTO_API() etc. from include/crypto/api.h in preparation for compilation as part of support for FIPS 140 standalone modules.
Generated using: ./fipsify.py --config CONFIG_X509_CERTIFICATE_PARSER --source crypto/asymmetric_keys/x509_cert_parser.c --header crypto/asymmetric_keys/x509_parser.h Signed-off-by: Vegard Nossum <[email protected]> --- crypto/asymmetric_keys/x509_cert_parser.c | 12 ++++++------ crypto/asymmetric_keys/x509_parser.h | 15 ++++++++++----- crypto/fips140-api.c | 13 +++++++++++++ 3 files changed, 29 insertions(+), 11 deletions(-) diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 2ffe4ae90bea..aae629557e8d 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -41,7 +41,7 @@ struct x509_parse_context { /* * Free an X.509 certificate */ -void x509_free_certificate(struct x509_certificate *cert) +void CRYPTO_API(x509_free_certificate)(struct x509_certificate *cert) { if (cert) { public_key_free(cert->pub); @@ -53,12 +53,12 @@ void x509_free_certificate(struct x509_certificate *cert) kfree(cert); } } -EXPORT_SYMBOL_GPL(x509_free_certificate); +DEFINE_CRYPTO_API(x509_free_certificate); /* * Parse an X.509 certificate */ -struct x509_certificate *x509_cert_parse(const void *data, size_t datalen) +struct x509_certificate *CRYPTO_API(x509_cert_parse)(const void *data, size_t datalen) { struct x509_certificate *cert __free(x509_free_certificate); struct x509_parse_context *ctx __free(kfree) = NULL; @@ -132,7 +132,7 @@ struct x509_certificate *x509_cert_parse(const void *data, size_t datalen) return_ptr(cert); } -EXPORT_SYMBOL_GPL(x509_cert_parse); +DEFINE_CRYPTO_API(x509_cert_parse); /* * Note an OID when we find one for later processing when we know how @@ -649,7 +649,7 @@ int x509_process_extension(void *context, size_t hdrlen, * applications MUST be able to process validity dates that are encoded in * either UTCTime or GeneralizedTime. */ -int x509_decode_time(time64_t *_t, size_t hdrlen, +int CRYPTO_API(x509_decode_time)(time64_t *_t, size_t hdrlen, unsigned char tag, const unsigned char *value, size_t vlen) { @@ -724,7 +724,7 @@ int x509_decode_time(time64_t *_t, size_t hdrlen, tag, (int)vlen, value); return -EBADMSG; } -EXPORT_SYMBOL_GPL(x509_decode_time); +DEFINE_CRYPTO_API(x509_decode_time); int x509_note_not_before(void *context, size_t hdrlen, unsigned char tag, diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h index 0688c222806b..79342e8e8bd9 100644 --- a/crypto/asymmetric_keys/x509_parser.h +++ b/crypto/asymmetric_keys/x509_parser.h @@ -5,6 +5,7 @@ * Written by David Howells ([email protected]) */ +#include <crypto/api.h> #include <linux/cleanup.h> #include <linux/time.h> #include <crypto/public_key.h> @@ -44,13 +45,17 @@ struct x509_certificate { /* * x509_cert_parser.c */ -extern void x509_free_certificate(struct x509_certificate *cert); +DECLARE_CRYPTO_API(x509_free_certificate, void, + (struct x509_certificate *cert), + (cert)); DEFINE_FREE(x509_free_certificate, struct x509_certificate *, if (!IS_ERR(_T)) x509_free_certificate(_T)) -extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); -extern int x509_decode_time(time64_t *_t, size_t hdrlen, - unsigned char tag, - const unsigned char *value, size_t vlen); +DECLARE_CRYPTO_API(x509_cert_parse, struct x509_certificate *, + (const void *data, size_t datalen), + (data, datalen)); +DECLARE_CRYPTO_API(x509_decode_time, int, + (time64_t *_t, size_t hdrlen, unsigned char tag, const unsigned char *value, size_t vlen), + (_t, hdrlen, tag, value, vlen)); /* * x509_public_key.c diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c index 5c245b1be2ba..db5b142e21df 100644 --- a/crypto/fips140-api.c +++ b/crypto/fips140-api.c @@ -700,3 +700,16 @@ DEFINE_CRYPTO_API_STUB(verify_signature); #endif +/* + * crypto/asymmetric_keys/x509_cert_parser.c + */ +#if !IS_BUILTIN(CONFIG_X509_CERTIFICATE_PARSER) + +#include <crypto/asymmetric_keys/x509_parser.h> + +DEFINE_CRYPTO_API_STUB(x509_free_certificate); +DEFINE_CRYPTO_API_STUB(x509_cert_parse); +DEFINE_CRYPTO_API_STUB(x509_decode_time); + +#endif + -- 2.39.3
