Commit d35f42ca authored by Elvira Khabirova's avatar Elvira Khabirova Committed by Jarkko Sakkinen
Browse files

pkcs7: support EC-RDSA/streebog in SignerInfo 



Allow using EC-RDSA/streebog in pkcs7 certificates in a similar way
to how it's done in the x509 parser.

This is needed e.g. for loading kernel modules signed with EC-RDSA.

Signed-off-by: default avatarElvira Khabirova <e.khabirova@omp.ru>
Reviewed-by: default avatarVitaly Chikunov <vt@altlinux.org>
Reviewed-by: default avatarTianjia Zhang <tianjia.zhang@linux.alibaba.com>
Reviewed-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
parent 3fb8e3f5

crypto/asymmetric_keys/pkcs7_parser.c

+11 −0
Original line number Diff line number Diff line
@@ -251,6 +251,12 @@ int pkcs7_sig_note_digest_algo(void *context, size_t hdrlen, 
	case OID_sm3:

		ctx->sinfo->sig->hash_algo = "sm3";

		break;

	case OID_gost2012Digest256:

		ctx->sinfo->sig->hash_algo = "streebog256";

		break;

	case OID_gost2012Digest512:

		ctx->sinfo->sig->hash_algo = "streebog512";

		break;

	default:

		printk("Unsupported digest algo: %u\n", ctx->last_oid);

		return -ENOPKG;
@@ -284,6 +290,11 @@ int pkcs7_sig_note_pkey_algo(void *context, size_t hdrlen, 
		ctx->sinfo->sig->pkey_algo = "sm2";

		ctx->sinfo->sig->encoding = "raw";

		break;

	case OID_gost2012PKey256:

	case OID_gost2012PKey512:

		ctx->sinfo->sig->pkey_algo = "ecrdsa";

		ctx->sinfo->sig->encoding = "raw";

		break;

	default:

		printk("Unsupported pkey algo: %u\n", ctx->last_oid);

		return -ENOPKG;