From a16e4f98cd35905a77a8b379df2cf8bfe899ea06 Mon Sep 17 00:00:00 2001 From: Huaxin Lu Date: Sun, 18 Dec 2022 15:09:29 +0800 Subject: [PATCH] openEuler inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I66LJ2 reference: https://lore.kernel.org/lkml/20120816013623.872.94338.stgit@warthog.procyon.org.uk/ CVE: NA -------------------------------- Add support for extracting PGP public key in Public-Subkey packet. But it should be noted that the subkey needs to be wrapped into a certificate contains a public subkey packet and a followed user ID packet. The reason why it is implemented in this way is that now the different keys are parsed in different contexts. And the key description is generated by the user ID packet. For PGP certificates, only the main key packet has a followed user ID packet. So the subkey will fail to be parsed because of the missing description. The original patch (reference above) was also support like this. But this is a transitional implementation. Because IMA Digest List feature need to support to verify signature with public subkey. A better implement will be committed in the feature. Signed-off-by: Huaxin Lu --- crypto/asymmetric_keys/pgp_preload.c | 3 ++- crypto/asymmetric_keys/pgp_public_key.c | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/asymmetric_keys/pgp_preload.c b/crypto/asymmetric_keys/pgp_preload.c index 418cd4785efb..14c19f7ea467 100644 --- a/crypto/asymmetric_keys/pgp_preload.c +++ b/crypto/asymmetric_keys/pgp_preload.c @@ -102,7 +102,8 @@ int __init preload_pgp_keys(const u8 *pgpdata, size_t pgpdatalen, struct preload_pgp_keys_context ctx; int ret; - ctx.pgp.types_of_interest = (1 << PGP_PKT_PUBLIC_KEY); + ctx.pgp.types_of_interest = (1 << PGP_PKT_PUBLIC_KEY) | + (1 << PGP_PKT_PUBLIC_SUBKEY); ctx.pgp.process_packet = found_pgp_key; ctx.keyring = make_key_ref(keyring, 1); ctx.found_key = false; diff --git a/crypto/asymmetric_keys/pgp_public_key.c b/crypto/asymmetric_keys/pgp_public_key.c index e49bb79736da..6bcb22fc5075 100644 --- a/crypto/asymmetric_keys/pgp_public_key.c +++ b/crypto/asymmetric_keys/pgp_public_key.c @@ -309,6 +309,7 @@ static int pgp_key_parse(struct key_preparsed_payload *prep) memset(&ctx, 0, sizeof(ctx)); ctx.pgp.types_of_interest = (1 << PGP_PKT_PUBLIC_KEY) | + (1 << PGP_PKT_PUBLIC_SUBKEY) | (1 << PGP_PKT_USER_ID); ctx.pgp.process_packet = pgp_process_public_key; -- Gitee