summaryrefslogtreecommitdiffstats
path: root/crypto/rsa-pkcs1pad.c
diff options
context:
space:
mode:
authorVitaly Chikunov <vt@altlinux.org>2019-04-11 18:51:14 +0300
committerHerbert Xu <herbert@gondor.apana.org.au>2019-04-18 22:15:02 +0800
commit3ecc97259934489e7e03cbeb1d70f6a23cccb3ae (patch)
tree8456773371fd5ec9fb048f91a42bc02fd7887ed5 /crypto/rsa-pkcs1pad.c
parent78a0324f4a5328088fea9426cfe1d1851276c475 (diff)
downloadlinux-stable-3ecc97259934489e7e03cbeb1d70f6a23cccb3ae.tar.gz
linux-stable-3ecc97259934489e7e03cbeb1d70f6a23cccb3ae.tar.bz2
linux-stable-3ecc97259934489e7e03cbeb1d70f6a23cccb3ae.zip
crypto: rsa - unimplement sign/verify for raw RSA backends
In preparation for new akcipher verify call remove sign/verify callbacks from RSA backends and make PKCS1 driver call encrypt/decrypt instead. This also complies with the well-known idea that raw RSA should never be used for sign/verify. It only should be used with proper padding scheme such as PKCS1 driver provides. Cc: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Cc: qat-linux@intel.com Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gary Hook <gary.hook@amd.com> Cc: Horia Geantă <horia.geanta@nxp.com> Cc: Aymen Sghaier <aymen.sghaier@nxp.com> Signed-off-by: Vitaly Chikunov <vt@altlinux.org> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Acked-by: Gary R Hook <gary.hook@amd.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/rsa-pkcs1pad.c')
-rw-r--r--crypto/rsa-pkcs1pad.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/rsa-pkcs1pad.c b/crypto/rsa-pkcs1pad.c
index 0a6680ca8cb6..94382fa2c6ac 100644
--- a/crypto/rsa-pkcs1pad.c
+++ b/crypto/rsa-pkcs1pad.c
@@ -429,7 +429,7 @@ static int pkcs1pad_sign(struct akcipher_request *req)
akcipher_request_set_crypt(&req_ctx->child_req, req_ctx->in_sg,
req->dst, ctx->key_size - 1, req->dst_len);
- err = crypto_akcipher_sign(&req_ctx->child_req);
+ err = crypto_akcipher_decrypt(&req_ctx->child_req);
if (err != -EINPROGRESS && err != -EBUSY)
return pkcs1pad_encrypt_sign_complete(req, err);
@@ -551,7 +551,7 @@ static int pkcs1pad_verify(struct akcipher_request *req)
req_ctx->out_sg, req->src_len,
ctx->key_size);
- err = crypto_akcipher_verify(&req_ctx->child_req);
+ err = crypto_akcipher_encrypt(&req_ctx->child_req);
if (err != -EINPROGRESS && err != -EBUSY)
return pkcs1pad_verify_complete(req, err);