158 int x509_get_sig_params(struct x509_certificate *cert)  in x509_get_sig_params()  argument
168 	if (cert->unsupported_crypto)  in x509_get_sig_params()
170 	if (cert->sig.rsa.s)  in x509_get_sig_params()
173 	cert->sig.rsa.s = mpi_read_raw_data(cert->raw_sig, cert->raw_sig_size);  in x509_get_sig_params()
174 	if (!cert->sig.rsa.s)  in x509_get_sig_params()
176 	cert->sig.nr_mpi = 1;  in x509_get_sig_params()
181 	tfm = crypto_alloc_shash(hash_algo_name[cert->sig.pkey_hash_algo], 0, 0);  in x509_get_sig_params()
184 			cert->unsupported_crypto = true;  in x509_get_sig_params()
202 	cert->sig.digest = digest;  in x509_get_sig_params()
203 	cert->sig.digest_size = digest_size;  in x509_get_sig_params()
213 	ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, digest);  in x509_get_sig_params()
225 			 struct x509_certificate *cert)  in x509_check_signature()  argument
231 	ret = x509_get_sig_params(cert);  in x509_check_signature()
235 	ret = public_key_verify_signature(pub, &cert->sig);  in x509_check_signature()
237 		cert->unsupported_crypto = true;  in x509_check_signature()
252 static int x509_validate_trust(struct x509_certificate *cert,  in x509_validate_trust()  argument
261 	if (ca_keyid && !asymmetric_key_id_partial(cert->akid_skid, ca_keyid))  in x509_validate_trust()
265 					  cert->akid_id, cert->akid_skid,  in x509_validate_trust()
271 						   cert);  in x509_validate_trust()
283 	struct x509_certificate *cert;  in x509_key_preparse()  local
289 	cert = x509_cert_parse(prep->data, prep->datalen);  in x509_key_preparse()
290 	if (IS_ERR(cert))  in x509_key_preparse()
291 		return PTR_ERR(cert);  in x509_key_preparse()
293 	pr_devel("Cert Issuer: %s\n", cert->issuer);  in x509_key_preparse()
294 	pr_devel("Cert Subject: %s\n", cert->subject);  in x509_key_preparse()
296 	if (cert->pub->pkey_algo >= PKEY_ALGO__LAST ||  in x509_key_preparse()
297 	    cert->sig.pkey_algo >= PKEY_ALGO__LAST ||  in x509_key_preparse()
298 	    cert->sig.pkey_hash_algo >= PKEY_HASH__LAST ||  in x509_key_preparse()
299 	    !pkey_algo[cert->pub->pkey_algo] ||  in x509_key_preparse()
300 	    !pkey_algo[cert->sig.pkey_algo] ||  in x509_key_preparse()
301 	    !hash_algo_name[cert->sig.pkey_hash_algo]) {  in x509_key_preparse()
306 	pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]);  in x509_key_preparse()
307 	pr_devel("Cert Valid period: %lld-%lld\n", cert->valid_from, cert->valid_to);  in x509_key_preparse()
309 		 pkey_algo_name[cert->sig.pkey_algo],  in x509_key_preparse()
310 		 hash_algo_name[cert->sig.pkey_hash_algo]);  in x509_key_preparse()
312 	cert->pub->algo = pkey_algo[cert->pub->pkey_algo];  in x509_key_preparse()
313 	cert->pub->id_type = PKEY_ID_X509;  in x509_key_preparse()
316 	if ((!cert->akid_skid && !cert->akid_id) ||  in x509_key_preparse()
317 	    asymmetric_key_id_same(cert->skid, cert->akid_skid) ||  in x509_key_preparse()
318 	    asymmetric_key_id_same(cert->id, cert->akid_id)) {  in x509_key_preparse()
319 		ret = x509_check_signature(cert->pub, cert); /* self-signed */  in x509_key_preparse()
323 		ret = x509_validate_trust(cert, get_system_trusted_keyring());  in x509_key_preparse()
329 	sulen = strlen(cert->subject);  in x509_key_preparse()
330 	if (cert->raw_skid) {  in x509_key_preparse()
331 		srlen = cert->raw_skid_size;  in x509_key_preparse()
332 		q = cert->raw_skid;  in x509_key_preparse()
334 		srlen = cert->raw_serial_size;  in x509_key_preparse()
335 		q = cert->raw_serial;  in x509_key_preparse()
342 	p = memcpy(desc, cert->subject, sulen);  in x509_key_preparse()
352 	kids->id[0] = cert->id;  in x509_key_preparse()
353 	kids->id[1] = cert->skid;  in x509_key_preparse()
359 	prep->payload.data[asym_crypto] = cert->pub;  in x509_key_preparse()
364 	cert->pub = NULL;  in x509_key_preparse()
365 	cert->id = NULL;  in x509_key_preparse()
366 	cert->skid = NULL;  in x509_key_preparse()
373 	x509_free_certificate(cert);  in x509_key_preparse()