Commit e8c01f29 authored by David Howells's avatar David Howells Committed by zgzxx
Browse files

KEYS: Provide PGP key description autogeneration 

euleros inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I91FSN


CVE: NA

-------------------------------------------------

Provide a facility to autogenerate the name of PGP keys from the contents
of the payload.  If add_key() is given a blank description, a description
is constructed from the last user ID packet in the payload data plus the
last 8 hex digits of the key ID.  For instance:

	keyctl padd asymmetric "" @s </tmp/key.pub

might create a key with a constructed description that can be seen in
/proc/keys:

2f674b96 I--Q---     1 perm 39390000     0     0 crypto    \
			Sample kernel key 31f0ae93: PGP.RSA 31f0ae93 []

Changelog

v0:
- fix style issues (Roberto Sassu)

Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Co-developed-by: default avatarRoberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: default avatarRoberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: default avatarTianxing Zhang <zhangtianxing3@huawei.com>
Reviewed-by: default avatarJason Yan <yanaijie@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
Signed-off-by: default avatarzhoushuiqing <zhoushuiqing2@huawei.com>
Signed-off-by: default avatarzhangguangzhi <zhangguangzhi3@huawei.com>
parent 4e59d757

crypto/asymmetric_keys/pgp_public_key.c

+50 −1
Original line number Diff line number Diff line
@@ -38,6 +38,9 @@ struct pgp_key_data_parse_context { 
	struct public_key *pub;

	unsigned char *raw_fingerprint;

	char *fingerprint;

	const char *user_id;

	size_t user_id_len;

	size_t fingerprint_len;

};



/*
@@ -160,6 +163,7 @@ static int pgp_generate_fingerprint(struct pgp_key_data_parse_context *ctx, 
	if (ret < 0)

		goto cleanup_raw_fingerprint;



	ctx->fingerprint_len = digest_size * 2;

	fingerprint = kmalloc(digest_size * 2 + 1, GFP_KERNEL);

	if (!fingerprint) {

		ret = -ENOMEM;
@@ -206,6 +210,13 @@ static int pgp_process_public_key(struct pgp_parse_context *context, 


	kenter(",%u,%u,,%zu", type, headerlen, datalen);



	if (type == PGP_PKT_USER_ID) {

		ctx->user_id = data;

		ctx->user_id_len = datalen;

		kleave(" = 0 [user ID]");

		return 0;

	}



	if (ctx->fingerprint) {

		kleave(" = -ENOKEY [already]");

		return -EBADMSG;
@@ -299,13 +310,51 @@ static int pgp_key_parse(struct key_preparsed_payload *prep) 
	kenter("");



	memset(&ctx, 0, sizeof(ctx));

	ctx.pgp.types_of_interest = (1 << PGP_PKT_PUBLIC_KEY);

	ctx.pgp.types_of_interest = (1 << PGP_PKT_PUBLIC_KEY) |

				    (1 << PGP_PKT_USER_ID);

	ctx.pgp.process_packet = pgp_process_public_key;



	ret = pgp_parse_packets(prep->data, prep->datalen, &ctx.pgp);

	if (ret < 0)

		goto error;



	if (!ctx.fingerprint) {

		ret = -EINVAL;

		goto error;

	}



	if (ctx.user_id && ctx.user_id_len > 0) {

		/* Propose a description for the key

		 * (user ID without the comment)

		 */

		size_t ulen = ctx.user_id_len, flen = ctx.fingerprint_len;

		const char *p;



		p = memchr(ctx.user_id, '(', ulen);

		if (p) {

			/* Remove the comment */

			do {

				p--;

			} while (*p == ' ' && p > ctx.user_id);

			if (*p != ' ')

				p++;

			ulen = p - ctx.user_id;

		}



		if (ulen > 255 - 9)

			ulen = 255 - 9;

		prep->description = kmalloc(ulen + 1 + 8 + 1, GFP_KERNEL);

		ret = -ENOMEM;

		if (!prep->description)

			goto error;

		memcpy(prep->description, ctx.user_id, ulen);

		prep->description[ulen] = ' ';

		memcpy(prep->description + ulen + 1,

		       ctx.fingerprint + flen - 8, 8);

		prep->description[ulen + 9] = 0;

		pr_debug("desc '%s'\n", prep->description);

	}



	/* We're pinning the module by being linked against it */

	__module_get(public_key_subtype.owner);

	prep->payload.data[asym_subtype] = &public_key_subtype;