diff mbox series

[09/18] crypto: Extend akcipher API to pass signature parameters

Message ID 20210330202829.4825-10-varad.gautam@suse.com
State Superseded
Headers show
Series Implement RSASSA-PSS signature verification | expand

Commit Message

Varad Gautam March 30, 2021, 8:28 p.m. UTC
For certain signature encoding schemes (eg. RSASSA-PSS), the
verify/sign operation behavior depends on information contained in
the signature blob. Allow passing this down to the crypto_template by
introducing a crypto_akcipher_set_sig_params() call.

Signed-off-by: Varad Gautam <varad.gautam@suse.com>
---
 crypto/rsa-common.c       |  1 +
 include/crypto/akcipher.h | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+)
diff mbox series

Patch

diff --git a/crypto/rsa-common.c b/crypto/rsa-common.c
index 6ed258a78287..f80cdfcc1f9e 100644
--- a/crypto/rsa-common.c
+++ b/crypto/rsa-common.c
@@ -277,6 +277,7 @@  int rsapad_akcipher_create(struct crypto_template *tmpl, struct rtattr **tb,
 	inst->alg.set_pub_key = alg->set_pub_key;
 	inst->alg.set_priv_key = alg->set_priv_key;
 	inst->alg.max_size = alg->max_size;
+	inst->alg.set_sig_params = alg->set_sig_params;
 	inst->alg.reqsize = sizeof(struct rsapad_akciper_req_ctx) + rsa_alg->reqsize;
 
 	inst->free = rsapad_akcipher_free;
diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index 1d3aa252caba..a0e872029429 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -101,6 +101,8 @@  struct akcipher_alg {
 	unsigned int (*max_size)(struct crypto_akcipher *tfm);
 	int (*init)(struct crypto_akcipher *tfm);
 	void (*exit)(struct crypto_akcipher *tfm);
+	int (*set_sig_params)(struct crypto_akcipher *tfm, const void *sig,
+			      unsigned int sig_len);
 
 	unsigned int reqsize;
 	struct crypto_alg base;
@@ -413,4 +415,28 @@  static inline int crypto_akcipher_set_priv_key(struct crypto_akcipher *tfm,
 
 	return alg->set_priv_key(tfm, key, keylen);
 }
+
+/**
+ * crypto_akcipher_set_sig_params() - Invoke set sig params operation
+ *
+ * Use this if the verification/signing operation behavior depends on
+ * parameters contained in the signature.
+ *
+ * @tfm:	tfm handle
+ * @sig:	ptr to a struct public_key_signature to extract info from
+ * @siglen:	Length of sig - should be unnecessary if you pass the struct.
+ *
+ * Return: zero on success; error code in case of error
+ */
+static inline int crypto_akcipher_set_sig_params(struct crypto_akcipher *tfm,
+						 const void *sig,
+						 unsigned int siglen)
+{
+	struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
+
+	if (alg->set_sig_params)
+		return alg->set_sig_params(tfm, sig, siglen);
+	else
+		return -EOPNOTSUPP;
+}
 #endif