Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3b764563 authored by David Howells's avatar David Howells
Browse files

KEYS: Allow authentication data to be stored in an asymmetric key 



Allow authentication data to be stored in an asymmetric key in the 4th
element of the key payload and provide a way for it to be destroyed.

For the public key subtype, this will be a public_key_signature struct.

Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
parent 864e7a81

crypto/asymmetric_keys/asymmetric_type.c

+5 −2
Original line number Diff line number Diff line
@@ -331,7 +331,8 @@ static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep) 
	pr_devel("==>%s()\n", __func__);



	if (subtype) {

		subtype->destroy(prep->payload.data[asym_crypto]);

		subtype->destroy(prep->payload.data[asym_crypto],

				 prep->payload.data[asym_auth]);

		module_put(subtype->owner);

	}

	asymmetric_key_free_kids(kids);
@@ -346,13 +347,15 @@ static void asymmetric_key_destroy(struct key *key) 
	struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);

	struct asymmetric_key_ids *kids = key->payload.data[asym_key_ids];

	void *data = key->payload.data[asym_crypto];

	void *auth = key->payload.data[asym_auth];



	key->payload.data[asym_crypto] = NULL;

	key->payload.data[asym_subtype] = NULL;

	key->payload.data[asym_key_ids] = NULL;

	key->payload.data[asym_auth] = NULL;



	if (subtype) {

		subtype->destroy(data);

		subtype->destroy(data, auth);

		module_put(subtype->owner);

	}

crypto/asymmetric_keys/public_key.c

+14 −6
Original line number Diff line number Diff line
@@ -39,15 +39,23 @@ static void public_key_describe(const struct key *asymmetric_key, 
/*

 * Destroy a public key algorithm key.

 */

void public_key_destroy(void *payload)

void public_key_free(struct public_key *key)

{

	struct public_key *key = payload;



	if (key)

	if (key) {

		kfree(key->key);

		kfree(key);

	}

EXPORT_SYMBOL_GPL(public_key_destroy);

}

EXPORT_SYMBOL_GPL(public_key_free);



/*

 * Destroy a public key algorithm key.

 */

static void public_key_destroy(void *payload0, void *payload3)

{

	public_key_free(payload0);

	public_key_signature_free(payload3);

}



struct public_key_completion {

	struct completion completion;

crypto/asymmetric_keys/signature.c

+14 −0
Original line number Diff line number Diff line
@@ -15,9 +15,23 @@ 
#include <keys/asymmetric-subtype.h>

#include <linux/export.h>

#include <linux/err.h>

#include <linux/slab.h>

#include <crypto/public_key.h>

#include "asymmetric_keys.h"



/*

 * Destroy a public key signature.

 */

void public_key_signature_free(struct public_key_signature *sig)

{

	if (sig) {

		kfree(sig->s);

		kfree(sig->digest);

		kfree(sig);

	}

}

EXPORT_SYMBOL_GPL(public_key_signature_free);



/**

 * verify_signature - Initiate the use of an asymmetric key to verify a signature

 * @key: The asymmetric key to verify against

crypto/asymmetric_keys/x509_cert_parser.c

+1 −1
Original line number Diff line number Diff line
@@ -47,7 +47,7 @@ struct x509_parse_context { 
void x509_free_certificate(struct x509_certificate *cert)

{

	if (cert) {

		public_key_destroy(cert->pub);

		public_key_free(cert->pub);

		kfree(cert->issuer);

		kfree(cert->subject);

		kfree(cert->id);

include/crypto/public_key.h

+4 −1
Original line number Diff line number Diff line
@@ -41,7 +41,7 @@ struct public_key { 
	const char *pkey_algo;

};



extern void public_key_destroy(void *payload);

extern void public_key_free(struct public_key *key);



/*

 * Public key cryptography signature data
@@ -55,7 +55,10 @@ struct public_key_signature { 
	const char *hash_algo;

};



extern void public_key_signature_free(struct public_key_signature *sig);



extern struct asymmetric_key_subtype public_key_subtype;



struct key;

extern int verify_signature(const struct key *key,

			    const struct public_key_signature *sig);