kernel_5.10 no rt

hc

2023-12-11 6778948f9de86c3cfaf36725a7c87dcff9ba247f

 kernel/crypto/asymmetric_keys/pkcs7_verify.c
..
..
@@ -1,12 +1,8 @@
1
+// SPDX-License-Identifier: GPL-2.0-or-later
1
2
 /* Verify the signature on a PKCS#7 message.
2
3
  *
3
4
  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
4
5
  * Written by David Howells (dhowells@redhat.com)
5
- *
6
- * This program is free software; you can redistribute it and/or
7
- * modify it under the terms of the GNU General Public Licence
8
- * as published by the Free Software Foundation; either version
9
- * 2 of the Licence, or (at your option) any later version.
10
6
  */
11
7
 
12
8
 #define pr_fmt(fmt) "PKCS7: "fmt
..
..
@@ -16,6 +12,7 @@
16
12
 #include <linux/err.h>
17
13
 #include <linux/asn1.h>
18
14
 #include <crypto/hash.h>
15
+#include <crypto/hash_info.h>
19
16
 #include <crypto/public_key.h>
20
17
 #include "pkcs7_parser.h"
21
18
 
..
..
@@ -32,6 +29,10 @@
32
29
 	int ret;
33
30
 
34
31
 	kenter(",%u,%s", sinfo->index, sinfo->sig->hash_algo);
32
+
33
+	/* The digest was calculated already. */
34
+	if (sig->digest)
35
+		return 0;
35
36
 
36
37
 	if (!sinfo->sig->hash_algo)
37
38
 		return -ENOPKG;
..
..
@@ -56,7 +57,6 @@
56
57
 		goto error_no_desc;
57
58
 
58
59
 	desc->tfm   = tfm;
59
-	desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
60
60
 
61
61
 	/* Digest the message [RFC2315 9.3] */
62
62
 	ret = crypto_shash_digest(desc, pkcs7->data, pkcs7->data_len,
..
..
@@ -122,6 +122,34 @@
122
122
 	return ret;
123
123
 }
124
124
 
125
+int pkcs7_get_digest(struct pkcs7_message *pkcs7, const u8 **buf, u32 *len,
126
+		     enum hash_algo *hash_algo)
127
+{
128
+	struct pkcs7_signed_info *sinfo = pkcs7->signed_infos;
129
+	int i, ret;
130
+
131
+	/*
132
+	 * This function doesn't support messages with more than one signature.
133
+	 */
134
+	if (sinfo == NULL || sinfo->next != NULL)
135
+		return -EBADMSG;
136
+
137
+	ret = pkcs7_digest(pkcs7, sinfo);
138
+	if (ret)
139
+		return ret;
140
+
141
+	*buf = sinfo->sig->digest;
142
+	*len = sinfo->sig->digest_size;
143
+
144
+	for (i = 0; i < HASH_ALGO__LAST; i++)
145
+		if (!strcmp(hash_algo_name[i], sinfo->sig->hash_algo)) {
146
+			*hash_algo = i;
147
+			break;
148
+		}
149
+
150
+	return 0;
151
+}
152
+
125
153
 /*
126
154
  * Find the key (X.509 certificate) to use to verify a PKCS#7 message.  PKCS#7
127
155
  * uses the issuer's name and the issuing certificate serial number for