Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_PKCS7_MESSAGE_PARSER --source
crypto/asymmetric_keys/pkcs7_verify.c --header include/crypto/pkcs7.h
Signed-off-by: Vegard Nossum <vegard.nos...@oracle.com>
---
crypto/asymmetric_keys/pkcs7_verify.c | 8 ++++----
crypto/fips140-api.c | 12 ++++++++++++
include/crypto/pkcs7.h | 10 ++++++----
3 files changed, 22 insertions(+), 8 deletions(-)
diff --git a/crypto/asymmetric_keys/pkcs7_verify.c
b/crypto/asymmetric_keys/pkcs7_verify.c
index f0d4ff3c20a8..ebb86a8ace9c 100644
--- a/crypto/asymmetric_keys/pkcs7_verify.c
+++ b/crypto/asymmetric_keys/pkcs7_verify.c
@@ -391,7 +391,7 @@ static int pkcs7_verify_one(struct pkcs7_message *pkcs7,
* (*) -ENOPKG if none of the signature chains are verifiable because suitable
* crypto modules couldn't be found.
*/
-int pkcs7_verify(struct pkcs7_message *pkcs7,
+int CRYPTO_API(pkcs7_verify)(struct pkcs7_message *pkcs7,
enum key_being_used_for usage)
{
struct pkcs7_signed_info *sinfo;
@@ -459,7 +459,7 @@ int pkcs7_verify(struct pkcs7_message *pkcs7,
kleave(" = %d", actual_ret);
return actual_ret;
}
-EXPORT_SYMBOL_GPL(pkcs7_verify);
+DEFINE_CRYPTO_API(pkcs7_verify);
/**
* pkcs7_supply_detached_data - Supply the data needed to verify a PKCS#7
message
@@ -474,7 +474,7 @@ EXPORT_SYMBOL_GPL(pkcs7_verify);
*
* Returns -EINVAL if data is already supplied in the message, 0 otherwise.
*/
-int pkcs7_supply_detached_data(struct pkcs7_message *pkcs7,
+int CRYPTO_API(pkcs7_supply_detached_data)(struct pkcs7_message *pkcs7,
const void *data, size_t datalen)
{
if (pkcs7->data) {
@@ -485,4 +485,4 @@ int pkcs7_supply_detached_data(struct pkcs7_message *pkcs7,
pkcs7->data_len = datalen;
return 0;
}
-EXPORT_SYMBOL_GPL(pkcs7_supply_detached_data);
+DEFINE_CRYPTO_API(pkcs7_supply_detached_data);
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index f65b2a950ccf..fb3dc947022a 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -663,3 +663,15 @@ DEFINE_CRYPTO_API_STUB(pkcs7_validate_trust);
#endif
+/*
+ * crypto/asymmetric_keys/pkcs7_verify.c
+ */
+#if !IS_BUILTIN(CONFIG_PKCS7_MESSAGE_PARSER)
+
+#include <crypto/pkcs7.h>
+
+DEFINE_CRYPTO_API_STUB(pkcs7_verify);
+DEFINE_CRYPTO_API_STUB(pkcs7_supply_detached_data);
+
+#endif
+
diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h
index bec3884eb242..f5e288073934 100644
--- a/include/crypto/pkcs7.h
+++ b/include/crypto/pkcs7.h
@@ -40,11 +40,13 @@ DECLARE_CRYPTO_API(pkcs7_validate_trust, int,
/*
* pkcs7_verify.c
*/
-extern int pkcs7_verify(struct pkcs7_message *pkcs7,
- enum key_being_used_for usage);
+DECLARE_CRYPTO_API(pkcs7_verify, int,
+ (struct pkcs7_message *pkcs7, enum key_being_used_for usage),
+ (pkcs7, usage));
-extern int pkcs7_supply_detached_data(struct pkcs7_message *pkcs7,
- const void *data, size_t datalen);
+DECLARE_CRYPTO_API(pkcs7_supply_detached_data, int,
+ (struct pkcs7_message *pkcs7, const void *data, size_t datalen),
+ (pkcs7, data, datalen));
extern int pkcs7_get_digest(struct pkcs7_message *pkcs7, const u8 **buf,
u32 *len, enum hash_algo *hash_algo);
--
2.39.3
