Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932508AbbLNNZt (ORCPT <rfc822;w@1wt.eu>);
	Mon, 14 Dec 2015 08:25:49 -0500
Received: from e23smtp08.au.ibm.com ([202.81.31.141]:38409 "EHLO
	e23smtp08.au.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S932478AbbLNNZr (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 14 Dec 2015 08:25:47 -0500
X-IBM-Helo: d23dlp03.au.ibm.com
X-IBM-MailFrom: zohar@linux.vnet.ibm.com
X-IBM-RcptTo: linux-crypto@vger.kernel.org;linux-kernel@vger.kernel.org;linux-security-module@vger.kernel.org
Message-ID: <1450099487.2702.32.camel@linux.vnet.ibm.com>
Subject: Re: [PATCH v2 2/2] integrity: convert digsig to akcipher api
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Tadeusz Struk <tadeusz.struk@intel.com>
Cc: herbert@gondor.apana.org.au, linux-kernel@vger.kernel.org,
        dhowells@redhat.com, linux-security-module@vger.kernel.org,
        linux-crypto@vger.kernel.org
Date: Mon, 14 Dec 2015 08:24:47 -0500
In-Reply-To: <20151213022624.12730.35862.stgit@tstruk-mobl1>
References: <20151213022614.12730.76645.stgit@tstruk-mobl1>
	 <20151213022624.12730.35862.stgit@tstruk-mobl1>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.12.11 (3.12.11-1.fc21) 
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-TM-AS-MML: disable
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 15121413-0029-0000-0000-0000029C6473
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1871
Lines: 53

On Sat, 2015-12-12 at 18:26 -0800, Tadeusz Struk wrote:
> Convert asymmetric_verify to akcipher api.
> 
> Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
> ---
>  security/integrity/Kconfig             |    1 +
>  security/integrity/digsig_asymmetric.c |   10 +++-------
>  2 files changed, 4 insertions(+), 7 deletions(-)
> 
> diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
> index 73c457b..f0b2463 100644
> --- a/security/integrity/Kconfig
> +++ b/security/integrity/Kconfig
> @@ -36,6 +36,7 @@ config INTEGRITY_ASYMMETRIC_KEYS
>          select ASYMMETRIC_KEY_TYPE
>          select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
>          select PUBLIC_KEY_ALGO_RSA
> +        select CRYPTO_RSA
>          select X509_CERTIFICATE_PARSER
>  	help
>  	  This option enables digital signature verification using
> diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c
> index 4fec181..5629372 100644
> --- a/security/integrity/digsig_asymmetric.c
> +++ b/security/integrity/digsig_asymmetric.c
> @@ -92,13 +92,9 @@ int asymmetric_verify(struct key *keyring, const char *sig,
>  	pks.pkey_hash_algo = hdr->hash_algo;
>  	pks.digest = (u8 *)data;
>  	pks.digest_size = datalen;
> -	pks.nr_mpi = 1;
> -	pks.rsa.s = mpi_read_raw_data(hdr->sig, siglen);
> -
> -	if (pks.rsa.s)
> -		ret = verify_signature(key, &pks);
> -
> -	mpi_free(pks.rsa.s);
> +	pks.s = hdr->sig;

Thanks!  With this change, my system is now able to boot.

Mimi 

> +	pks.s_size = siglen;
> +	ret = verify_signature(key, &pks);
>  	key_put(key);
>  	pr_debug("%s() = %d\n", __func__, ret);
>  	return ret;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/