[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 09/22] crypto: move storage for grub_crypto_pk_* to crypto.c
From: |
Daniel Axtens |
Subject: |
[PATCH v2 09/22] crypto: move storage for grub_crypto_pk_* to crypto.c |
Date: |
Wed, 30 Jun 2021 18:40:18 +1000 |
The way gcry_rsa and friends (the asymmetric ciphers) are loaded for the
pgp module is a bit quirky.
include/grub/crypto.h contains:
extern struct gcry_pk_spec *grub_crypto_pk_rsa;
commands/pgp.c contains the actual storage:
struct gcry_pk_spec *grub_crypto_pk_rsa;
And the module itself saves to the storage in pgp.c:
GRUB_MOD_INIT(gcry_rsa)
{
grub_crypto_pk_rsa = &_gcry_pubkey_spec_rsa;
}
This is annoying: gcry_rsa now has a dependency on pgp!
We want to be able to bring in gcry_rsa without bringing in PGP,
so move the storage to crypto.c.
Previously, gcry_rsa depended on pgp and mpi. Now it depends on
crypto and mpi. As pgp depends on crypto, this doesn't add any new
module dependencies using the PGP verfier.
[FWIW, the story is different for the symmetric ciphers. cryptodisk
and friends (zfs encryption etc) use grub_crypto_lookup_cipher_by_name()
to get a cipher handle. That depends on grub_ciphers being populated
by people calling grub_cipher_register. import_gcry.py ensures that the
symmetric ciphers call it.]
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
grub-core/commands/pgp.c | 4 ----
grub-core/lib/crypto.c | 4 ++++
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c
index 2408db4994f6..355a43844acc 100644
--- a/grub-core/commands/pgp.c
+++ b/grub-core/commands/pgp.c
@@ -147,10 +147,6 @@ const char *hashes[] = {
[0x0b] = "sha224"
};
-struct gcry_pk_spec *grub_crypto_pk_dsa;
-struct gcry_pk_spec *grub_crypto_pk_ecdsa;
-struct gcry_pk_spec *grub_crypto_pk_rsa;
-
static int
dsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval,
const gcry_md_spec_t *hash, struct grub_public_subkey *sk);
diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
index ca334d5a40e0..c578128a59db 100644
--- a/grub-core/lib/crypto.c
+++ b/grub-core/lib/crypto.c
@@ -121,6 +121,10 @@ grub_md_unregister (gcry_md_spec_t *cipher)
}
}
+struct gcry_pk_spec *grub_crypto_pk_dsa;
+struct gcry_pk_spec *grub_crypto_pk_ecdsa;
+struct gcry_pk_spec *grub_crypto_pk_rsa;
+
void
grub_crypto_hash (const gcry_md_spec_t *hash, void *out, const void *in,
grub_size_t inlen)
--
2.30.2
- [PATCH v2 00/22] appended signature secure boot support, Daniel Axtens, 2021/06/30
- [PATCH v2 01/22] ieee1275: drop HEAP_MAX_ADDR, HEAP_MIN_SIZE, Daniel Axtens, 2021/06/30
- [PATCH v2 02/22] ieee1275: claim more memory, Daniel Axtens, 2021/06/30
- [PATCH v2 03/22] ieee1275: request memory with ibm, client-architecture-support, Daniel Axtens, 2021/06/30
- [PATCH v2 04/22] Add suport for signing grub with an appended signature, Daniel Axtens, 2021/06/30
- [PATCH v2 05/22] docs/grub: Document signing grub under UEFI, Daniel Axtens, 2021/06/30
- [PATCH v2 06/22] docs/grub: Document signing grub with an appended signature, Daniel Axtens, 2021/06/30
- [PATCH v2 07/22] dl: provide a fake grub_dl_set_persistent for the emu target, Daniel Axtens, 2021/06/30
- [PATCH v2 08/22] pgp: factor out rsa_pad, Daniel Axtens, 2021/06/30
- [PATCH v2 09/22] crypto: move storage for grub_crypto_pk_* to crypto.c,
Daniel Axtens <=
- [PATCH v2 10/22] posix_wrap: tweaks in preparation for libtasn1, Daniel Axtens, 2021/06/30
- [PATCH v2 11/22] libtasn1: import libtasn1-4.16.0, Daniel Axtens, 2021/06/30
- [PATCH v2 12/22] libtasn1: disable code not needed in grub, Daniel Axtens, 2021/06/30
- [PATCH v2 13/22] libtasn1: changes for grub compatibility, Daniel Axtens, 2021/06/30
- [PATCH v2 14/22] libtasn1: compile into asn1 module, Daniel Axtens, 2021/06/30
- [PATCH v2 16/22] grub-install: support embedding x509 certificates, Daniel Axtens, 2021/06/30
- [PATCH v2 15/22] test_asn1: test module for libtasn1, Daniel Axtens, 2021/06/30
- [PATCH v2 17/22] appended signatures: import GNUTLS's ASN.1 description files, Daniel Axtens, 2021/06/30
- [PATCH v2 19/22] appended signatures: support verifying appended signatures, Daniel Axtens, 2021/06/30
- [PATCH v2 18/22] appended signatures: parse PKCS#7 signedData and X.509 certificates, Daniel Axtens, 2021/06/30