Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

KEYS: make partial key id matching as a dedicated function

To avoid code duplication this patch refactors asymmetric_key_match(),
making partial ID string match a separate function.

This patch also implicitly fixes a bug in the code.  asymmetric_key_match()
allows to match the key by its subtype. But subtype matching could be
undone if asymmetric_key_id(key) would return NULL. This patch first
checks for matching spec and then for its value.

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Dmitry Kasatkin 11 years ago
parent
3be4beaf7c
commit
b3426827c8
2 changed files with 33 additions and 19 deletions
Split View Show Diff Stats
  1. 2 0
      crypto/asymmetric_keys/asymmetric_keys.h
  2. 31 19
      crypto/asymmetric_keys/asymmetric_type.c

+ 2 - 0
crypto/asymmetric_keys/asymmetric_keys.h
View File 

@@ -9,6 +9,8 @@
 
  * 2 of the Licence, or (at your option) any later version.
 
  */
 
 
+int asymmetric_keyid_match(const char *kid, const char *id);
 
+
 
 static inline const char *asymmetric_key_id(const struct key *key)
 
 {
 
 	return key->type_data.p[1];

+ 31 - 19
crypto/asymmetric_keys/asymmetric_type.c
View File 

@@ -22,6 +22,34 @@ MODULE_LICENSE("GPL");
 
 static LIST_HEAD(asymmetric_key_parsers);
 
 static DECLARE_RWSEM(asymmetric_key_parsers_sem);
 
 
+/*
 
+ * Match asymmetric key id with partial match
 
+ * @id:		key id to match in a form "id:<id>"
 
+ */
 
+int asymmetric_keyid_match(const char *kid, const char *id)
 
+{
 
+	size_t idlen, kidlen;
 
+
 
+	if (!kid || !id)
 
+		return 0;
 
+
 
+	/* make it possible to use id as in the request: "id:<id>" */
 
+	if (strncmp(id, "id:", 3) == 0)
 
+		id += 3;
 
+
 
+	/* Anything after here requires a partial match on the ID string */
 
+	idlen = strlen(id);
 
+	kidlen = strlen(kid);
 
+	if (idlen > kidlen)
 
+		return 0;
 
+
 
+	kid += kidlen - idlen;
 
+	if (strcasecmp(id, kid) != 0)
 
+		return 0;
 
+
 
+	return 1;
 
+}
 
+
 
 /*
 
  * Match asymmetric keys on (part of) their name
 
  * We have some shorthand methods for matching keys.  We allow:
 
@@ -34,9 +62,8 @@ static int asymmetric_key_match(const struct key *key, const void *description)
 
 {
 
 	const struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
 
 	const char *spec = description;
 
-	const char *id, *kid;
 
+	const char *id;
 
 	ptrdiff_t speclen;
 
-	size_t idlen, kidlen;
 
 
 	if (!subtype || !spec || !*spec)
 
 		return 0;
 
@@ -55,23 +82,8 @@ static int asymmetric_key_match(const struct key *key, const void *description)
 
 	speclen = id - spec;
 
 	id++;
 
 
-	/* Anything after here requires a partial match on the ID string */
 
-	kid = asymmetric_key_id(key);
 
-	if (!kid)
 
-		return 0;
 
-
 
-	idlen = strlen(id);
 
-	kidlen = strlen(kid);
 
-	if (idlen > kidlen)
 
-		return 0;
 
-
 
-	kid += kidlen - idlen;
 
-	if (strcasecmp(id, kid) != 0)
 
-		return 0;
 
-
 
-	if (speclen == 2 &&
 
-	    memcmp(spec, "id", 2) == 0)
 
-		return 1;
 
+	if (speclen == 2 && memcmp(spec, "id", 2) == 0)
 
+		return asymmetric_keyid_match(asymmetric_key_id(key), id);
 
 
 	if (speclen == subtype->name_len &&
 
 	    memcmp(spec, subtype->name, speclen) == 0)