Linux/crypto/asymmetric_keys/selftest.c

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

1 // SPDX-License-Identifier: GPL-2.0-or-later 1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* Self-testing for signature checking. 2 /* Self-testing for signature checking. 3 * 3 * 4 * Copyright (C) 2022 Red Hat, Inc. All Rights 4 * Copyright (C) 2022 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.c 5 * Written by David Howells (dhowells@redhat.com) 6 */ 6 */ 7 7 8 #include <crypto/pkcs7.h> 8 #include <crypto/pkcs7.h> 9 #include <linux/cred.h> 9 #include <linux/cred.h> 10 #include <linux/kernel.h> 10 #include <linux/kernel.h> 11 #include <linux/key.h> 11 #include <linux/key.h> 12 #include <linux/module.h> 12 #include <linux/module.h> 13 #include "selftest.h" 13 #include "selftest.h" 14 #include "x509_parser.h" 14 #include "x509_parser.h" 15 15 16 void fips_signature_selftest(const char *name, 16 void fips_signature_selftest(const char *name, 17 const u8 *keys, s 17 const u8 *keys, size_t keys_len, 18 const u8 *data, s 18 const u8 *data, size_t data_len, 19 const u8 *sig, si 19 const u8 *sig, size_t sig_len) 20 { 20 { 21 struct key *keyring; 21 struct key *keyring; 22 int ret; 22 int ret; 23 23 24 pr_notice("Running certificate verific 24 pr_notice("Running certificate verification %s selftest\n", name); 25 25 26 keyring = keyring_alloc(".certs_selfte 26 keyring = keyring_alloc(".certs_selftest", 27 GLOBAL_ROOT_UI 27 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, current_cred(), 28 (KEY_POS_ALL & 28 (KEY_POS_ALL & ~KEY_POS_SETATTR) | 29 KEY_USR_VIEW | 29 KEY_USR_VIEW | KEY_USR_READ | 30 KEY_USR_SEARCH 30 KEY_USR_SEARCH, 31 KEY_ALLOC_NOT_ 31 KEY_ALLOC_NOT_IN_QUOTA, 32 NULL, NULL); 32 NULL, NULL); 33 if (IS_ERR(keyring)) 33 if (IS_ERR(keyring)) 34 panic("Can't allocate certs %s 34 panic("Can't allocate certs %s selftest keyring: %ld\n", name, PTR_ERR(keyring)); 35 35 36 ret = x509_load_certificate_list(keys, 36 ret = x509_load_certificate_list(keys, keys_len, keyring); 37 if (ret < 0) 37 if (ret < 0) 38 panic("Can't allocate certs %s 38 panic("Can't allocate certs %s selftest keyring: %d\n", name, ret); 39 39 40 struct pkcs7_message *pkcs7; 40 struct pkcs7_message *pkcs7; 41 41 42 pkcs7 = pkcs7_parse_message(sig, sig_l 42 pkcs7 = pkcs7_parse_message(sig, sig_len); 43 if (IS_ERR(pkcs7)) 43 if (IS_ERR(pkcs7)) 44 panic("Certs %s selftest: pkcs 44 panic("Certs %s selftest: pkcs7_parse_message() = %d\n", name, ret); 45 45 46 pkcs7_supply_detached_data(pkcs7, data 46 pkcs7_supply_detached_data(pkcs7, data, data_len); 47 47 48 ret = pkcs7_verify(pkcs7, VERIFYING_MO 48 ret = pkcs7_verify(pkcs7, VERIFYING_MODULE_SIGNATURE); 49 if (ret < 0) 49 if (ret < 0) 50 panic("Certs %s selftest: pkcs 50 panic("Certs %s selftest: pkcs7_verify() = %d\n", name, ret); 51 51 52 ret = pkcs7_validate_trust(pkcs7, keyr 52 ret = pkcs7_validate_trust(pkcs7, keyring); 53 if (ret < 0) 53 if (ret < 0) 54 panic("Certs %s selftest: pkcs 54 panic("Certs %s selftest: pkcs7_validate_trust() = %d\n", name, ret); 55 55 56 pkcs7_free_message(pkcs7); 56 pkcs7_free_message(pkcs7); 57 57 58 key_put(keyring); 58 key_put(keyring); 59 } 59 } 60 60 61 static int __init fips_signature_selftest_init 61 static int __init fips_signature_selftest_init(void) 62 { 62 { 63 fips_signature_selftest_rsa(); 63 fips_signature_selftest_rsa(); 64 fips_signature_selftest_ecdsa(); 64 fips_signature_selftest_ecdsa(); 65 return 0; 65 return 0; 66 } 66 } 67 67 68 late_initcall(fips_signature_selftest_init); 68 late_initcall(fips_signature_selftest_init); 69 69 70 MODULE_DESCRIPTION("X.509 self tests"); 70 MODULE_DESCRIPTION("X.509 self tests"); 71 MODULE_AUTHOR("Red Hat, Inc."); 71 MODULE_AUTHOR("Red Hat, Inc."); 72 MODULE_LICENSE("GPL"); 72 MODULE_LICENSE("GPL"); 73 73

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference
Linux/crypto/asymmetric_keys/selftest.c

Diff markup

Differences between /crypto/asymmetric_keys/selftest.c (Architecture ppc) and /crypto/asymmetric_keys/selftest.c (Architecture i386)

TOMOYO Linux Cross Reference Linux/crypto/asymmetric_keys/selftest.c

Diff markup

Differences between /crypto/asymmetric_keys/selftest.c (Architecture ppc) and /crypto/asymmetric_keys/selftest.c (Architecture i386)

TOMOYO Linux Cross Reference
Linux/crypto/asymmetric_keys/selftest.c