Merge remote-tracking branch 'integrity/next-with-keys' into keys-next

[linux-beck.git] / crypto / asymmetric_keys / asymmetric_type.c

diff --git a/crypto/asymmetric_keys/asymmetric_type.c b/crypto/asymmetric_keys/asymmetric_type.c
index 21960a4e74e8c193e8a69e07e0611c7139aaa82f..eb8cd46961a5aa5a6a7470c6d17008d1745bbdf6 100644 (file)
--- a/crypto/asymmetric_keys/asymmetric_type.c
+++ b/crypto/asymmetric_keys/asymmetric_type.c
@@ -22,6 +22,35 @@ MODULE_LICENSE("GPL");
 static LIST_HEAD(asymmetric_key_parsers);
 static DECLARE_RWSEM(asymmetric_key_parsers_sem);
 
+/*
+ * Match asymmetric key id with partial match
+ * @id:                key id to match in a form "id:<id>"
+ */
+int asymmetric_keyid_match(const char *kid, const char *id)
+{
+       size_t idlen, kidlen;
+
+       if (!kid || !id)
+               return 0;
+
+       /* make it possible to use id as in the request: "id:<id>" */
+       if (strncmp(id, "id:", 3) == 0)
+               id += 3;
+
+       /* Anything after here requires a partial match on the ID string */
+       idlen = strlen(id);
+       kidlen = strlen(kid);
+       if (idlen > kidlen)
+               return 0;
+
+       kid += kidlen - idlen;
+       if (strcasecmp(id, kid) != 0)
+               return 0;
+
+       return 1;
+}
+EXPORT_SYMBOL_GPL(asymmetric_keyid_match);
+
 /*
  * Match asymmetric keys on (part of) their name
  * We have some shorthand methods for matching keys.  We allow:
@@ -34,9 +63,8 @@ static int asymmetric_key_match(const struct key *key, const void *description)
 {
        const struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
        const char *spec = description;
-       const char *id, *kid;
+       const char *id;
        ptrdiff_t speclen;
-       size_t idlen, kidlen;
 
        if (!subtype || !spec || !*spec)
                return 0;
@@ -55,23 +83,8 @@ static int asymmetric_key_match(const struct key *key, const void *description)
        speclen = id - spec;
        id++;
 
-       /* Anything after here requires a partial match on the ID string */
-       kid = asymmetric_key_id(key);
-       if (!kid)
-               return 0;
-
-       idlen = strlen(id);
-       kidlen = strlen(kid);
-       if (idlen > kidlen)
-               return 0;
-
-       kid += kidlen - idlen;
-       if (strcasecmp(id, kid) != 0)
-               return 0;
-
-       if (speclen == 2 &&
-           memcmp(spec, "id", 2) == 0)
-               return 1;
+       if (speclen == 2 && memcmp(spec, "id", 2) == 0)
+               return asymmetric_keyid_match(asymmetric_key_id(key), id);
 
        if (speclen == subtype->name_len &&
            memcmp(spec, subtype->name, speclen) == 0)