From: David Howells <dhowells@xxxxxxxxxx> Provide a facility to autogenerate the name of PGP keys from the contents of the payload. If add_key() is given a blank description, a description is constructed from the last user ID packet in the payload data plus the last 8 hex digits of the key ID. For instance: keyctl padd asymmetric "" @s </tmp/key.pub might create a key with a constructed description that can be seen in /proc/keys: 2f674b96 I--Q--- 1 perm 39390000 0 0 crypto \ Sample kernel key 31f0ae93: PGP.RSA 31f0ae93 [] Signed-off-by: David Howells <dhowells@xxxxxxxxxx> Co-developed-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> --- crypto/asymmetric_keys/pgp_public_key.c | 47 ++++++++++++++++++++++++- 1 file changed, 46 insertions(+), 1 deletion(-) diff --git a/crypto/asymmetric_keys/pgp_public_key.c b/crypto/asymmetric_keys/pgp_public_key.c index 2763a53ea378..378ed5ff0a3a 100644 --- a/crypto/asymmetric_keys/pgp_public_key.c +++ b/crypto/asymmetric_keys/pgp_public_key.c @@ -59,6 +59,8 @@ struct pgp_key_data_parse_context { struct public_key *pub; u8 raw_fingerprint[HASH_MAX_DIGESTSIZE]; size_t raw_fingerprint_len; + const char *user_id; + size_t user_id_len; }; /* @@ -210,6 +212,15 @@ static int pgp_process_public_key(struct pgp_parse_context *context, kenter(",%u,%u,,%zu", type, headerlen, datalen); + if (type == PGP_PKT_USER_ID) { + if (!ctx->user_id_len) { + ctx->user_id = data; + ctx->user_id_len = datalen; + } + kleave(" = 0 [user ID]"); + return 0; + } + if (ctx->raw_fingerprint_len) { kleave(" = -ENOKEY [already]"); return -EBADMSG; @@ -315,13 +326,47 @@ static int pgp_key_parse(struct key_preparsed_payload *prep) kenter(""); memset(&ctx, 0, sizeof(ctx)); - ctx.pgp.types_of_interest = (1 << PGP_PKT_PUBLIC_KEY); + ctx.pgp.types_of_interest = (1 << PGP_PKT_PUBLIC_KEY) | + (1 << PGP_PKT_USER_ID); ctx.pgp.process_packet = pgp_process_public_key; ret = pgp_parse_packets(prep->data, prep->datalen, &ctx.pgp); if (ret < 0) goto error; + if (ctx.user_id && ctx.user_id_len > 0) { + /* + * Propose a description for the key (user ID without the + * comment). + */ + size_t ulen = ctx.user_id_len; + const char *p; + + p = memchr(ctx.user_id, '(', ulen); + if (p) { + /* Remove the comment */ + do { + p--; + } while (*p == ' ' && p > ctx.user_id); + if (*p != ' ') + p++; + ulen = p - ctx.user_id; + } + + if (ulen > 255 - 9) + ulen = 255 - 9; + prep->description = kmalloc(ulen + 1 + 8 + 1, GFP_KERNEL); + ret = -ENOMEM; + if (!prep->description) + goto error; + memcpy(prep->description, ctx.user_id, ulen); + prep->description[ulen] = ' '; + bin2hex(prep->description + ulen + 1, + ctx.raw_fingerprint + ctx.raw_fingerprint_len - 4, 4); + prep->description[ulen + 9] = 0; + pr_debug("desc '%s'\n", prep->description); + } + /* We're pinning the module by being linked against it */ __module_get(public_key_subtype.owner); prep->payload.data[asym_subtype] = &public_key_subtype; -- 2.32.0