1 files changed, 64 insertions, 0 deletions

diff --git a/crypto/userspace/ncr-pk.c b/crypto/userspace/ncr-pk.c
index 3dc589a6a05..c858c2aeb18 100644
--- a/crypto/userspace/ncr-pk.c
+++ b/crypto/userspace/ncr-pk.c
@@ -22,6 +22,7 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  */
 
+#include <linux/audit.h>
 #include <linux/ioctl.h>
 #include <linux/mm.h>
 #include <linux/ncr.h>
@@ -338,6 +339,69 @@ fail:
 	return 0;
 }
 
+#ifdef CONFIG_AUDIT
+static int
+set_crypto_value(struct audit_crypto_value *dst, char name, mp_int *src)
+{
+	int cret;
+
+	dst->name = name;
+	dst->value_size = mp_unsigned_bin_size(src);
+	dst->value = kmalloc(dst->value_size, GFP_KERNEL);
+	cret = mp_to_unsigned_bin(src, dst->value);
+	if (cret != CRYPT_OK) {
+		kfree(dst->value);
+		return _ncr_tomerr(cret);
+	}
+	return 0;
+}
+
+void ncr_pk_audit_values(struct key_item_st *key)
+{
+	struct audit_crypto_value v[4];
+	size_t i;
+
+	i = 0;
+	switch (key->algorithm->algo) {
+#define VALUE(NAME, MPI)						\
+		do {							\
+			if (set_crypto_value(v + i, (NAME), (MPI)) != 0) \
+				goto free_it;				\
+			i++;						\
+		} while (0)
+
+	case NCR_ALG_RSA:
+		VALUE('n', &key->key.pk.rsa.N);
+		VALUE('e', &key->key.pk.rsa.e);
+		break;
+
+	case NCR_ALG_DSA:
+		VALUE('p', &key->key.pk.dsa.p);
+		VALUE('q', &key->key.pk.dsa.q);
+		VALUE('g', &key->key.pk.dsa.g);
+		VALUE('y', &key->key.pk.dsa.y);
+		break;
+
+	case NCR_ALG_DH:
+		VALUE('y', &key->key.pk.dh.y);
+		break;
+
+	default:
+		return;
+#undef VALUE
+	}
+	audit_log_crypto_values(v, i);
+	return;
+
+free_it:
+	while (i != 0) {
+		i--;
+		kfree(v[i].value);
+	}
+}
+#endif
+
+
 /* Encryption/Decryption
  */