Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_X509_CERTIFICATE_PARSER --source crypto/asymmetric_keys/x509_cert_parser.c --header crypto/asymmetric_keys/x509_parser.h
Signed-off-by: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
---
crypto/asymmetric_keys/x509_cert_parser.c | 12 ++++++------
crypto/asymmetric_keys/x509_parser.h | 15 ++++++++++-----
crypto/fips140-api.c | 13 +++++++++++++
3 files changed, 29 insertions(+), 11 deletions(-)
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index 2ffe4ae90bea..aae629557e8d 100644
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -41,7 +41,7 @@ struct x509_parse_context {
/*
* Free an X.509 certificate
*/
-void x509_free_certificate(struct x509_certificate *cert)
+void CRYPTO_API(x509_free_certificate)(struct x509_certificate *cert)
{
if (cert) {
public_key_free(cert->pub);
@@ -53,12 +53,12 @@ void x509_free_certificate(struct x509_certificate *cert)
kfree(cert);
}
}
-EXPORT_SYMBOL_GPL(x509_free_certificate);
+DEFINE_CRYPTO_API(x509_free_certificate);
/*
* Parse an X.509 certificate
*/
-struct x509_certificate *x509_cert_parse(const void *data, size_t datalen)
+struct x509_certificate *CRYPTO_API(x509_cert_parse)(const void *data, size_t datalen)
{
struct x509_certificate *cert __free(x509_free_certificate);
struct x509_parse_context *ctx __free(kfree) = NULL;
@@ -132,7 +132,7 @@ struct x509_certificate *x509_cert_parse(const void *data, size_t datalen)
return_ptr(cert);
}
-EXPORT_SYMBOL_GPL(x509_cert_parse);
+DEFINE_CRYPTO_API(x509_cert_parse);
/*
* Note an OID when we find one for later processing when we know how
@@ -649,7 +649,7 @@ int x509_process_extension(void *context, size_t hdrlen,
* applications MUST be able to process validity dates that are encoded in
* either UTCTime or GeneralizedTime.
*/
-int x509_decode_time(time64_t *_t, size_t hdrlen,
+int CRYPTO_API(x509_decode_time)(time64_t *_t, size_t hdrlen,
unsigned char tag,
const unsigned char *value, size_t vlen)
{
@@ -724,7 +724,7 @@ int x509_decode_time(time64_t *_t, size_t hdrlen,
tag, (int)vlen, value);
return -EBADMSG;
}
-EXPORT_SYMBOL_GPL(x509_decode_time);
+DEFINE_CRYPTO_API(x509_decode_time);
int x509_note_not_before(void *context, size_t hdrlen,
unsigned char tag,
diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h
index 0688c222806b..79342e8e8bd9 100644
--- a/crypto/asymmetric_keys/x509_parser.h
+++ b/crypto/asymmetric_keys/x509_parser.h
@@ -5,6 +5,7 @@
* Written by David Howells (dhowells@xxxxxxxxxx)
*/
+#include <crypto/api.h>
#include <linux/cleanup.h>
#include <linux/time.h>
#include <crypto/public_key.h>
@@ -44,13 +45,17 @@ struct x509_certificate {
/*
* x509_cert_parser.c
*/
-extern void x509_free_certificate(struct x509_certificate *cert);
+DECLARE_CRYPTO_API(x509_free_certificate, void,
+ (struct x509_certificate *cert),
+ (cert));
DEFINE_FREE(x509_free_certificate, struct x509_certificate *,
if (!IS_ERR(_T)) x509_free_certificate(_T))
-extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen);
-extern int x509_decode_time(time64_t *_t, size_t hdrlen,
- unsigned char tag,
- const unsigned char *value, size_t vlen);
+DECLARE_CRYPTO_API(x509_cert_parse, struct x509_certificate *,
+ (const void *data, size_t datalen),
+ (data, datalen));
+DECLARE_CRYPTO_API(x509_decode_time, int,
+ (time64_t *_t, size_t hdrlen, unsigned char tag, const unsigned char *value, size_t vlen),
+ (_t, hdrlen, tag, value, vlen));
/*
* x509_public_key.c
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 5c245b1be2ba..db5b142e21df 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -700,3 +700,16 @@ DEFINE_CRYPTO_API_STUB(verify_signature);
#endif
+/*
+ * crypto/asymmetric_keys/x509_cert_parser.c
+ */
+#if !IS_BUILTIN(CONFIG_X509_CERTIFICATE_PARSER)
+
+#include <crypto/asymmetric_keys/x509_parser.h>
+
+DEFINE_CRYPTO_API_STUB(x509_free_certificate);
+DEFINE_CRYPTO_API_STUB(x509_cert_parse);
+DEFINE_CRYPTO_API_STUB(x509_decode_time);
+
+#endif
+
--
2.39.3
