[PATCH RFC 079/104] crypto: fips140: convert crypto/asymmetric_keys/pkcs7_parser.c to using crypto API wrappers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.

Generated using:

  ./fipsify.py --config CONFIG_PKCS7_MESSAGE_PARSER --source crypto/asymmetric_keys/pkcs7_parser.c --header include/crypto/pkcs7.h

Signed-off-by: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
---
 crypto/asymmetric_keys/pkcs7_parser.c | 12 ++++++------
 crypto/fips140-api.c                  | 13 +++++++++++++
 include/crypto/pkcs7.h                | 18 +++++++++++-------
 3 files changed, 30 insertions(+), 13 deletions(-)

diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index 423d13c47545..68e70ec19d4d 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -54,7 +54,7 @@ static void pkcs7_free_signed_info(struct pkcs7_signed_info *sinfo)
  * pkcs7_free_message - Free a PKCS#7 message
  * @pkcs7: The PKCS#7 message to free
  */
-void pkcs7_free_message(struct pkcs7_message *pkcs7)
+void CRYPTO_API(pkcs7_free_message)(struct pkcs7_message *pkcs7)
 {
 	struct x509_certificate *cert;
 	struct pkcs7_signed_info *sinfo;
@@ -78,7 +78,7 @@ void pkcs7_free_message(struct pkcs7_message *pkcs7)
 		kfree(pkcs7);
 	}
 }
-EXPORT_SYMBOL_GPL(pkcs7_free_message);
+DEFINE_CRYPTO_API(pkcs7_free_message);
 
 /*
  * Check authenticatedAttributes are provided or not provided consistently.
@@ -112,7 +112,7 @@ static int pkcs7_check_authattrs(struct pkcs7_message *msg)
  * @data: The raw binary ASN.1 encoded message to be parsed
  * @datalen: The size of the encoded message
  */
-struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
+struct pkcs7_message *CRYPTO_API(pkcs7_parse_message)(const void *data, size_t datalen)
 {
 	struct pkcs7_parse_context *ctx;
 	struct pkcs7_message *msg = ERR_PTR(-ENOMEM);
@@ -167,7 +167,7 @@ struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
 out_no_ctx:
 	return msg;
 }
-EXPORT_SYMBOL_GPL(pkcs7_parse_message);
+DEFINE_CRYPTO_API(pkcs7_parse_message);
 
 /**
  * pkcs7_get_content_data - Get access to the PKCS#7 content
@@ -182,7 +182,7 @@ EXPORT_SYMBOL_GPL(pkcs7_parse_message);
  *
  * Returns -ENODATA if the data object was missing from the message.
  */
-int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
+int CRYPTO_API(pkcs7_get_content_data)(const struct pkcs7_message *pkcs7,
 			   const void **_data, size_t *_data_len,
 			   size_t *_headerlen)
 {
@@ -195,7 +195,7 @@ int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
 		*_headerlen = pkcs7->data_hdrlen;
 	return 0;
 }
-EXPORT_SYMBOL_GPL(pkcs7_get_content_data);
+DEFINE_CRYPTO_API(pkcs7_get_content_data);
 
 /*
  * Note an OID when we find one for later processing when we know how
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 81d920836e1b..36d7cd3595a9 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -639,3 +639,16 @@ DEFINE_CRYPTO_API_STUB(find_asymmetric_key);
 
 #endif
 
+/*
+ * crypto/asymmetric_keys/pkcs7_parser.c
+ */
+#if !IS_BUILTIN(CONFIG_PKCS7_MESSAGE_PARSER)
+
+#include <crypto/pkcs7.h>
+
+DEFINE_CRYPTO_API_STUB(pkcs7_parse_message);
+DEFINE_CRYPTO_API_STUB(pkcs7_free_message);
+DEFINE_CRYPTO_API_STUB(pkcs7_get_content_data);
+
+#endif
+
diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h
index 38ec7f5f9041..fcb744d3f436 100644
--- a/include/crypto/pkcs7.h
+++ b/include/crypto/pkcs7.h
@@ -8,6 +8,7 @@
 #ifndef _CRYPTO_PKCS7_H
 #define _CRYPTO_PKCS7_H
 
+#include <crypto/api.h>
 #include <linux/verification.h>
 #include <linux/hash_info.h>
 #include <crypto/public_key.h>
@@ -18,13 +19,16 @@ struct pkcs7_message;
 /*
  * pkcs7_parser.c
  */
-extern struct pkcs7_message *pkcs7_parse_message(const void *data,
-						 size_t datalen);
-extern void pkcs7_free_message(struct pkcs7_message *pkcs7);
-
-extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
-				  const void **_data, size_t *_datalen,
-				  size_t *_headerlen);
+DECLARE_CRYPTO_API(pkcs7_parse_message, struct pkcs7_message *,
+	(const void *data, size_t datalen),
+	(data, datalen));
+DECLARE_CRYPTO_API(pkcs7_free_message, void,
+	(struct pkcs7_message *pkcs7),
+	(pkcs7));
+
+DECLARE_CRYPTO_API(pkcs7_get_content_data, int,
+	(const struct pkcs7_message *pkcs7, const void **_data, size_t *_datalen, size_t *_headerlen),
+	(pkcs7, _data, _datalen, _headerlen));
 
 /*
  * pkcs7_trust.c
-- 
2.39.3
[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux