[PATCH 09/18] crypto: Extend akcipher API to pass signature parameters
From: Varad Gautam
Date: Tue Mar 30 2021 - 16:30:38 EST
For certain signature encoding schemes (eg. RSASSA-PSS), the
verify/sign operation behavior depends on information contained in
the signature blob. Allow passing this down to the crypto_template by
introducing a crypto_akcipher_set_sig_params() call.
Signed-off-by: Varad Gautam <varad.gautam@xxxxxxxx>
---
crypto/rsa-common.c | 1 +
include/crypto/akcipher.h | 26 ++++++++++++++++++++++++++
2 files changed, 27 insertions(+)
diff --git a/crypto/rsa-common.c b/crypto/rsa-common.c
index 6ed258a78287..f80cdfcc1f9e 100644
--- a/crypto/rsa-common.c
+++ b/crypto/rsa-common.c
@@ -277,6 +277,7 @@ int rsapad_akcipher_create(struct crypto_template *tmpl, struct rtattr **tb,
inst->alg.set_pub_key = alg->set_pub_key;
inst->alg.set_priv_key = alg->set_priv_key;
inst->alg.max_size = alg->max_size;
+ inst->alg.set_sig_params = alg->set_sig_params;
inst->alg.reqsize = sizeof(struct rsapad_akciper_req_ctx) + rsa_alg->reqsize;
inst->free = rsapad_akcipher_free;
diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index 1d3aa252caba..a0e872029429 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -101,6 +101,8 @@ struct akcipher_alg {
unsigned int (*max_size)(struct crypto_akcipher *tfm);
int (*init)(struct crypto_akcipher *tfm);
void (*exit)(struct crypto_akcipher *tfm);
+ int (*set_sig_params)(struct crypto_akcipher *tfm, const void *sig,
+ unsigned int sig_len);
unsigned int reqsize;
struct crypto_alg base;
@@ -413,4 +415,28 @@ static inline int crypto_akcipher_set_priv_key(struct crypto_akcipher *tfm,
return alg->set_priv_key(tfm, key, keylen);
}
+
+/**
+ * crypto_akcipher_set_sig_params() - Invoke set sig params operation
+ *
+ * Use this if the verification/signing operation behavior depends on
+ * parameters contained in the signature.
+ *
+ * @tfm: tfm handle
+ * @sig: ptr to a struct public_key_signature to extract info from
+ * @siglen: Length of sig - should be unnecessary if you pass the struct.
+ *
+ * Return: zero on success; error code in case of error
+ */
+static inline int crypto_akcipher_set_sig_params(struct crypto_akcipher *tfm,
+ const void *sig,
+ unsigned int siglen)
+{
+ struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
+
+ if (alg->set_sig_params)
+ return alg->set_sig_params(tfm, sig, siglen);
+ else
+ return -EOPNOTSUPP;
+}
#endif
--
2.30.2