KEYS: make partial key id matching as a dedicated function
To avoid code duplication this patch refactors asymmetric_key_match(), making partial ID string match a separate function. This patch also implicitly fixes a bug in the code. asymmetric_key_match() allows to match the key by its subtype. But subtype matching could be undone if asymmetric_key_id(key) would return NULL. This patch first checks for matching spec and then for its value. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
This commit is contained in:
Dmitry Kasatkin
Mimi Zohar
parent
3be4beaf7c
commit
b3426827c8
2 changed files with 33 additions and 19 deletions
|
|
@ -9,6 +9,8 @@
|
|||
* 2 of the Licence, or (at your option) any later version.
|
||||
*/
|
||||
|
||||
int asymmetric_keyid_match(const char *kid, const char *id);
|
||||
|
||||
static inline const char *asymmetric_key_id(const struct key *key)
|
||||
{
|
||||
return key->type_data.p[1];
|
||||
|
|
|
|||
|
|
@ -22,6 +22,34 @@ MODULE_LICENSE("GPL");
|
|||
static LIST_HEAD(asymmetric_key_parsers);
|
||||
static DECLARE_RWSEM(asymmetric_key_parsers_sem);
|
||||
|
||||
/*
|
||||
* Match asymmetric key id with partial match
|
||||
* @id: key id to match in a form "id:<id>"
|
||||
*/
|
||||
int asymmetric_keyid_match(const char *kid, const char *id)
|
||||
{
|
||||
size_t idlen, kidlen;
|
||||
|
||||
if (!kid || !id)
|
||||
return 0;
|
||||
|
||||
/* make it possible to use id as in the request: "id:<id>" */
|
||||
if (strncmp(id, "id:", 3) == 0)
|
||||
id += 3;
|
||||
|
||||
/* Anything after here requires a partial match on the ID string */
|
||||
idlen = strlen(id);
|
||||
kidlen = strlen(kid);
|
||||
if (idlen > kidlen)
|
||||
return 0;
|
||||
|
||||
kid += kidlen - idlen;
|
||||
if (strcasecmp(id, kid) != 0)
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* Match asymmetric keys on (part of) their name
|
||||
* We have some shorthand methods for matching keys. We allow:
|
||||
|
|
@ -34,9 +62,8 @@ static int asymmetric_key_match(const struct key *key, const void *description)
|
|||
{
|
||||
const struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
|
||||
const char *spec = description;
|
||||
const char *id, *kid;
|
||||
const char *id;
|
||||
ptrdiff_t speclen;
|
||||
size_t idlen, kidlen;
|
||||
|
||||
if (!subtype || !spec || !*spec)
|
||||
return 0;
|
||||
|
|
@ -55,23 +82,8 @@ static int asymmetric_key_match(const struct key *key, const void *description)
|
|||
speclen = id - spec;
|
||||
id++;
|
||||
|
||||
/* Anything after here requires a partial match on the ID string */
|
||||
kid = asymmetric_key_id(key);
|
||||
if (!kid)
|
||||
return 0;
|
||||
|
||||
idlen = strlen(id);
|
||||
kidlen = strlen(kid);
|
||||
if (idlen > kidlen)
|
||||
return 0;
|
||||
|
||||
kid += kidlen - idlen;
|
||||
if (strcasecmp(id, kid) != 0)
|
||||
return 0;
|
||||
|
||||
if (speclen == 2 &&
|
||||
memcmp(spec, "id", 2) == 0)
|
||||
return 1;
|
||||
if (speclen == 2 && memcmp(spec, "id", 2) == 0)
|
||||
return asymmetric_keyid_match(asymmetric_key_id(key), id);
|
||||
|
||||
if (speclen == subtype->name_len &&
|
||||
memcmp(spec, subtype->name, speclen) == 0)
|
||||
|
|
|
|||
Loading…
Reference in a new issue