[PATCH v2 09/18] crypto: Extend akcipher API to pass signature parameters

Thu, 08 Apr 2021 07:17:03 -0700 

For certain signature encoding schemes (eg. RSASSA-PSS), the
verify/sign operation behavior depends on information contained in
the signature blob. Allow passing this down to the crypto_template by
introducing a crypto_akcipher_set_sig_params() call.

Signed-off-by: Varad Gautam <varad.gau...@suse.com>
---
 crypto/rsa-common.c       |  1 +
 include/crypto/akcipher.h | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/crypto/rsa-common.c b/crypto/rsa-common.c
index 6ed258a782875..f80cdfcc1f9ee 100644
--- a/crypto/rsa-common.c
+++ b/crypto/rsa-common.c
@@ -277,6 +277,7 @@ int rsapad_akcipher_create(struct crypto_template *tmpl, 
struct rtattr **tb,
        inst->alg.set_pub_key = alg->set_pub_key;
        inst->alg.set_priv_key = alg->set_priv_key;
        inst->alg.max_size = alg->max_size;
+       inst->alg.set_sig_params = alg->set_sig_params;
        inst->alg.reqsize = sizeof(struct rsapad_akciper_req_ctx) + 
rsa_alg->reqsize;
 
        inst->free = rsapad_akcipher_free;
diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index 1d3aa252cabaf..a0e8720294293 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -101,6 +101,8 @@ struct akcipher_alg {
        unsigned int (*max_size)(struct crypto_akcipher *tfm);
        int (*init)(struct crypto_akcipher *tfm);
        void (*exit)(struct crypto_akcipher *tfm);
+       int (*set_sig_params)(struct crypto_akcipher *tfm, const void *sig,
+                             unsigned int sig_len);
 
        unsigned int reqsize;
        struct crypto_alg base;
@@ -413,4 +415,28 @@ static inline int crypto_akcipher_set_priv_key(struct 
crypto_akcipher *tfm,
 
        return alg->set_priv_key(tfm, key, keylen);
 }
+
+/**
+ * crypto_akcipher_set_sig_params() - Invoke set sig params operation
+ *
+ * Use this if the verification/signing operation behavior depends on
+ * parameters contained in the signature.
+ *
+ * @tfm:       tfm handle
+ * @sig:       ptr to a struct public_key_signature to extract info from
+ * @siglen:    Length of sig - should be unnecessary if you pass the struct.
+ *
+ * Return: zero on success; error code in case of error
+ */
+static inline int crypto_akcipher_set_sig_params(struct crypto_akcipher *tfm,
+                                                const void *sig,
+                                                unsigned int siglen)
+{
+       struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
+
+       if (alg->set_sig_params)
+               return alg->set_sig_params(tfm, sig, siglen);
+       else
+               return -EOPNOTSUPP;
+}
 #endif
-- 
2.30.2

Reply via email to