RSASSA-PSS verify operation needs to compute digests for its
Mask Generation Function (MGF1), and for digest comparison.
Add helpers to populate a crypto_shash and desc for use in both cases.
Signed-off-by: Varad Gautam <varad.gau...@suse.com>
---
v3: Add psspad_check_hash_algo to only allow valid hash algorithms in
psspad_setup_shash.
crypto/rsa-psspad.c | 43 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 43 insertions(+)
diff --git a/crypto/rsa-psspad.c b/crypto/rsa-psspad.c
index 0e5422b05c081..40bb6d1dd2067 100644
--- a/crypto/rsa-psspad.c
+++ b/crypto/rsa-psspad.c
@@ -6,9 +6,52 @@
* Authors: Varad Gautam <varad.gau...@suse.com>
*/
+#include <crypto/hash.h>
#include <crypto/internal/akcipher.h>
#include <crypto/internal/rsa-common.h>
+static bool psspad_check_hash_algo(const char *hash_algo)
+{
+ const char *hash_algos[] = { "sha1", "sha224", "sha256", "sha384",
"sha512" };
+ bool found = false;
+ int i = 0;
+
+ for (i = 0; i < ARRAY_SIZE(hash_algos); i++) {
+ if (strcmp(hash_algo, hash_algos[i]) == 0) {
+ found = true;
+ break;
+ }
+ }
+
+ return found;
+}
+
+static int psspad_setup_shash(struct crypto_shash **hash_tfm, struct
shash_desc **desc,
+ const char *hash_algo)
+{
+ if (!psspad_check_hash_algo(hash_algo))
+ return -EINVAL;
+
+ *hash_tfm = crypto_alloc_shash(hash_algo, 0, 0);
+ if (IS_ERR(*hash_tfm))
+ return PTR_ERR(*hash_tfm);
+
+ *desc = kzalloc(crypto_shash_descsize(*hash_tfm) + sizeof(**desc),
+ GFP_KERNEL);
+ if (!desc)
+ return -ENOMEM;
+
+ (*desc)->tfm = *hash_tfm;
+
+ return 0;
+}
+
+static void psspad_free_shash(struct crypto_shash *hash_tfm, struct shash_desc
*desc)
+{
+ kfree(desc);
+ crypto_free_shash(hash_tfm);
+}
+
static int psspad_s_v_e_d(struct akcipher_request *req)
{
return -EOPNOTSUPP;
--
2.30.2
