Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_PKCS7_MESSAGE_PARSER --source crypto/asymmetric_keys/pkcs7_parser.c --header include/crypto/pkcs7.h
Signed-off-by: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
---
crypto/asymmetric_keys/pkcs7_parser.c | 12 ++++++------
crypto/fips140-api.c | 13 +++++++++++++
include/crypto/pkcs7.h | 18 +++++++++++-------
3 files changed, 30 insertions(+), 13 deletions(-)
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index 423d13c47545..68e70ec19d4d 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -54,7 +54,7 @@ static void pkcs7_free_signed_info(struct pkcs7_signed_info *sinfo)
* pkcs7_free_message - Free a PKCS#7 message
* @pkcs7: The PKCS#7 message to free
*/
-void pkcs7_free_message(struct pkcs7_message *pkcs7)
+void CRYPTO_API(pkcs7_free_message)(struct pkcs7_message *pkcs7)
{
struct x509_certificate *cert;
struct pkcs7_signed_info *sinfo;
@@ -78,7 +78,7 @@ void pkcs7_free_message(struct pkcs7_message *pkcs7)
kfree(pkcs7);
}
}
-EXPORT_SYMBOL_GPL(pkcs7_free_message);
+DEFINE_CRYPTO_API(pkcs7_free_message);
/*
* Check authenticatedAttributes are provided or not provided consistently.
@@ -112,7 +112,7 @@ static int pkcs7_check_authattrs(struct pkcs7_message *msg)
* @data: The raw binary ASN.1 encoded message to be parsed
* @datalen: The size of the encoded message
*/
-struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
+struct pkcs7_message *CRYPTO_API(pkcs7_parse_message)(const void *data, size_t datalen)
{
struct pkcs7_parse_context *ctx;
struct pkcs7_message *msg = ERR_PTR(-ENOMEM);
@@ -167,7 +167,7 @@ struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
out_no_ctx:
return msg;
}
-EXPORT_SYMBOL_GPL(pkcs7_parse_message);
+DEFINE_CRYPTO_API(pkcs7_parse_message);
/**
* pkcs7_get_content_data - Get access to the PKCS#7 content
@@ -182,7 +182,7 @@ EXPORT_SYMBOL_GPL(pkcs7_parse_message);
*
* Returns -ENODATA if the data object was missing from the message.
*/
-int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
+int CRYPTO_API(pkcs7_get_content_data)(const struct pkcs7_message *pkcs7,
const void **_data, size_t *_data_len,
size_t *_headerlen)
{
@@ -195,7 +195,7 @@ int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
*_headerlen = pkcs7->data_hdrlen;
return 0;
}
-EXPORT_SYMBOL_GPL(pkcs7_get_content_data);
+DEFINE_CRYPTO_API(pkcs7_get_content_data);
/*
* Note an OID when we find one for later processing when we know how
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 81d920836e1b..36d7cd3595a9 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -639,3 +639,16 @@ DEFINE_CRYPTO_API_STUB(find_asymmetric_key);
#endif
+/*
+ * crypto/asymmetric_keys/pkcs7_parser.c
+ */
+#if !IS_BUILTIN(CONFIG_PKCS7_MESSAGE_PARSER)
+
+#include <crypto/pkcs7.h>
+
+DEFINE_CRYPTO_API_STUB(pkcs7_parse_message);
+DEFINE_CRYPTO_API_STUB(pkcs7_free_message);
+DEFINE_CRYPTO_API_STUB(pkcs7_get_content_data);
+
+#endif
+
diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h
index 38ec7f5f9041..fcb744d3f436 100644
--- a/include/crypto/pkcs7.h
+++ b/include/crypto/pkcs7.h
@@ -8,6 +8,7 @@
#ifndef _CRYPTO_PKCS7_H
#define _CRYPTO_PKCS7_H
+#include <crypto/api.h>
#include <linux/verification.h>
#include <linux/hash_info.h>
#include <crypto/public_key.h>
@@ -18,13 +19,16 @@ struct pkcs7_message;
/*
* pkcs7_parser.c
*/
-extern struct pkcs7_message *pkcs7_parse_message(const void *data,
- size_t datalen);
-extern void pkcs7_free_message(struct pkcs7_message *pkcs7);
-
-extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
- const void **_data, size_t *_datalen,
- size_t *_headerlen);
+DECLARE_CRYPTO_API(pkcs7_parse_message, struct pkcs7_message *,
+ (const void *data, size_t datalen),
+ (data, datalen));
+DECLARE_CRYPTO_API(pkcs7_free_message, void,
+ (struct pkcs7_message *pkcs7),
+ (pkcs7));
+
+DECLARE_CRYPTO_API(pkcs7_get_content_data, int,
+ (const struct pkcs7_message *pkcs7, const void **_data, size_t *_datalen, size_t *_headerlen),
+ (pkcs7, _data, _datalen, _headerlen));
/*
* pkcs7_trust.c
--
2.39.3
