integrity: convert digsig to akcipher api

Convert asymmetric_verify to akcipher api.

Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David Howells <dhowells@redhat.com>

diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 7543398b79e3f920ad5fcfeb3c3daed6040ab038..979be65d22c4260aad2f7c2a9b3fc0b4247656a2 100644 (file)
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -36,6 +36,7 @@ config INTEGRITY_ASYMMETRIC_KEYS
         select ASYMMETRIC_KEY_TYPE
         select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
         select PUBLIC_KEY_ALGO_RSA
+        select CRYPTO_RSA
         select X509_CERTIFICATE_PARSER
        help
          This option enables digital signature verification using

diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c
index 5ade2a7517a6341305ba4aafbb18469cd1ed8db8..2fa3bc681a1ba000e371bf85f3fcceafe1c84a3e 100644 (file)
--- a/security/integrity/digsig_asymmetric.c
+++ b/security/integrity/digsig_asymmetric.c
@@ -106,13 +106,9 @@ int asymmetric_verify(struct key *keyring, const char *sig,
        pks.pkey_hash_algo = hdr->hash_algo;
        pks.digest = (u8 *)data;
        pks.digest_size = datalen;
-       pks.nr_mpi = 1;
-       pks.rsa.s = mpi_read_raw_data(hdr->sig, siglen);
-
-       if (pks.rsa.s)
-               ret = verify_signature(key, &pks);
-
-       mpi_free(pks.rsa.s);
+       pks.s = hdr->sig;
+       pks.s_size = siglen;
+       ret = verify_signature(key, &pks);
        key_put(key);
        pr_debug("%s() = %d\n", __func__, ret);
        return ret;