diff options
Diffstat (limited to 'crypto/userspace/ncr-pk.c')
-rw-r--r-- | crypto/userspace/ncr-pk.c | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/crypto/userspace/ncr-pk.c b/crypto/userspace/ncr-pk.c index 3dc589a6a05..c858c2aeb18 100644 --- a/crypto/userspace/ncr-pk.c +++ b/crypto/userspace/ncr-pk.c @@ -22,6 +22,7 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ +#include <linux/audit.h> #include <linux/ioctl.h> #include <linux/mm.h> #include <linux/ncr.h> @@ -338,6 +339,69 @@ fail: return 0; } +#ifdef CONFIG_AUDIT +static int +set_crypto_value(struct audit_crypto_value *dst, char name, mp_int *src) +{ + int cret; + + dst->name = name; + dst->value_size = mp_unsigned_bin_size(src); + dst->value = kmalloc(dst->value_size, GFP_KERNEL); + cret = mp_to_unsigned_bin(src, dst->value); + if (cret != CRYPT_OK) { + kfree(dst->value); + return _ncr_tomerr(cret); + } + return 0; +} + +void ncr_pk_audit_values(struct key_item_st *key) +{ + struct audit_crypto_value v[4]; + size_t i; + + i = 0; + switch (key->algorithm->algo) { +#define VALUE(NAME, MPI) \ + do { \ + if (set_crypto_value(v + i, (NAME), (MPI)) != 0) \ + goto free_it; \ + i++; \ + } while (0) + + case NCR_ALG_RSA: + VALUE('n', &key->key.pk.rsa.N); + VALUE('e', &key->key.pk.rsa.e); + break; + + case NCR_ALG_DSA: + VALUE('p', &key->key.pk.dsa.p); + VALUE('q', &key->key.pk.dsa.q); + VALUE('g', &key->key.pk.dsa.g); + VALUE('y', &key->key.pk.dsa.y); + break; + + case NCR_ALG_DH: + VALUE('y', &key->key.pk.dh.y); + break; + + default: + return; +#undef VALUE + } + audit_log_crypto_values(v, i); + return; + +free_it: + while (i != 0) { + i--; + kfree(v[i].value); + } +} +#endif + + /* Encryption/Decryption */ |