1 // SPDX-License-Identifier: GPL-2.0-or-later 1
2 /* Self-testing for signature checking.
3 *
4 * Copyright (C) 2022 Red Hat, Inc. All Rights
5 * Written by David Howells (dhowells@redhat.c
6 */
7
8 #include <crypto/pkcs7.h>
9 #include <linux/cred.h>
10 #include <linux/kernel.h>
11 #include <linux/key.h>
12 #include <linux/module.h>
13 #include "selftest.h"
14 #include "x509_parser.h"
15
16 void fips_signature_selftest(const char *name,
17 const u8 *keys, s
18 const u8 *data, s
19 const u8 *sig, si
20 {
21 struct key *keyring;
22 int ret;
23
24 pr_notice("Running certificate verific
25
26 keyring = keyring_alloc(".certs_selfte
27 GLOBAL_ROOT_UI
28 (KEY_POS_ALL &
29 KEY_USR_VIEW |
30 KEY_USR_SEARCH
31 KEY_ALLOC_NOT_
32 NULL, NULL);
33 if (IS_ERR(keyring))
34 panic("Can't allocate certs %s
35
36 ret = x509_load_certificate_list(keys,
37 if (ret < 0)
38 panic("Can't allocate certs %s
39
40 struct pkcs7_message *pkcs7;
41
42 pkcs7 = pkcs7_parse_message(sig, sig_l
43 if (IS_ERR(pkcs7))
44 panic("Certs %s selftest: pkcs
45
46 pkcs7_supply_detached_data(pkcs7, data
47
48 ret = pkcs7_verify(pkcs7, VERIFYING_MO
49 if (ret < 0)
50 panic("Certs %s selftest: pkcs
51
52 ret = pkcs7_validate_trust(pkcs7, keyr
53 if (ret < 0)
54 panic("Certs %s selftest: pkcs
55
56 pkcs7_free_message(pkcs7);
57
58 key_put(keyring);
59 }
60
61 static int __init fips_signature_selftest_init
62 {
63 fips_signature_selftest_rsa();
64 fips_signature_selftest_ecdsa();
65 return 0;
66 }
67
68 late_initcall(fips_signature_selftest_init);
69
70 MODULE_DESCRIPTION("X.509 self tests");
71 MODULE_AUTHOR("Red Hat, Inc.");
72 MODULE_LICENSE("GPL");
73
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.