integrity: Asymmetric digsig supports SM2-with-SM3 algorithm

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Asymmetric digsig supports SM2-with-SM3 algorithm combination,
so that IMA can also verify SM2's signature data.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Tested-by: Xufeng Zhang <yunbo.xufeng@linux.alibaba.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Tianjia Zhang and committed by

Herbert Xu 5 years ago 0b7e44d3 21552563

+11 -3

1 changed file

expand all

security

integrity

digsig_asymmetric.c

+11 -3

security/integrity/digsig_asymmetric.c

··· 99 99 memset(&pks, 0, sizeof(pks)); 100 100 101 101 pks.hash_algo = hash_algo_name[hdr->hash_algo]; 102 - if (hdr->hash_algo == HASH_ALGO_STREEBOG_256 || 103 - hdr->hash_algo == HASH_ALGO_STREEBOG_512) { 102 + switch (hdr->hash_algo) { 103 + case HASH_ALGO_STREEBOG_256: 104 + case HASH_ALGO_STREEBOG_512: 104 105 /* EC-RDSA and Streebog should go together. */ 105 106 pks.pkey_algo = "ecrdsa"; 106 107 pks.encoding = "raw"; 107 - } else { 108 + break; 109 + case HASH_ALGO_SM3_256: 110 + /* SM2 and SM3 should go together. */ 111 + pks.pkey_algo = "sm2"; 112 + pks.encoding = "raw"; 113 + break; 114 + default: 108 115 pks.pkey_algo = "rsa"; 109 116 pks.encoding = "pkcs1"; 117 + break; 110 118 } 111 119 pks.digest = (u8 *)data; 112 120 pks.digest_size = datalen;