linux-integrity.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH ima-evm-utils v2 1/2] ima-evm-utils: beautify the code to make it more readable
@ 2020-07-09  3:34 Tianjia Zhang
  2020-07-09  3:34 ` [PATCH ima-evm-utils v2 2/2] ima-evm-utils: add SM3 to pkey_hash_algo algorithm list Tianjia Zhang
  0 siblings, 1 reply; 3+ messages in thread
From: Tianjia Zhang @ 2020-07-09  3:34 UTC (permalink / raw)
  To: zohar, vt, linux-integrity; +Cc: tianjia.zhang

Use enum type instead of hard-coded numbers to improve code readability.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
 src/libimaevm.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/libimaevm.c b/src/libimaevm.c
index 240334d..b485171 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -579,7 +579,7 @@ int imaevm_hash_algo_from_sig(unsigned char *sig)
 {
 	uint8_t hashalgo;
 
-	if (sig[0] == 1) {
+	if (sig[0] == DIGSIG_VERSION_1) {
 		hashalgo = ((struct signature_hdr *)sig)->hash;
 
 		if (hashalgo >= DIGEST_ALGO_MAX)
@@ -593,7 +593,7 @@ int imaevm_hash_algo_from_sig(unsigned char *sig)
 		default:
 			return -1;
 		}
-	} else if (sig[0] == 2) {
+	} else if (sig[0] == DIGSIG_VERSION_2) {
 		hashalgo = ((struct signature_v2_hdr *)sig)->hash_algo;
 		if (hashalgo >= PKEY_HASH__LAST)
 			return -1;
@@ -627,7 +627,7 @@ int ima_verify_signature(const char *file, unsigned char *sig, int siglen,
 	unsigned char hash[MAX_DIGEST_SIZE];
 	int hashlen, sig_hash_algo;
 
-	if (sig[0] != 0x03) {
+	if (sig[0] != EVM_IMA_XATTR_DIGSIG) {
 		log_err("%s: xattr ima has no signature\n", file);
 		return -1;
 	}
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [PATCH ima-evm-utils v2 2/2] ima-evm-utils: add SM3 to pkey_hash_algo algorithm list
  2020-07-09  3:34 [PATCH ima-evm-utils v2 1/2] ima-evm-utils: beautify the code to make it more readable Tianjia Zhang
@ 2020-07-09  3:34 ` Tianjia Zhang
  2020-07-10 17:54   ` Mimi Zohar
  0 siblings, 1 reply; 3+ messages in thread
From: Tianjia Zhang @ 2020-07-09  3:34 UTC (permalink / raw)
  To: zohar, vt, linux-integrity; +Cc: tianjia.zhang

SM3 was published by State Encryption Management Bureau, China.
It has been well supported in the kernel and openssl.
This patch allows SM3 to be used smoothly by specifying the
parameter `-a sm3` or `--hashalgo sm3`.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
 src/libimaevm.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libimaevm.c b/src/libimaevm.c
index b485171..b8d5769 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -71,6 +71,7 @@ static const char *const pkey_hash_algo[PKEY_HASH__LAST] = {
 	[PKEY_HASH_SHA384]	= "sha384",
 	[PKEY_HASH_SHA512]	= "sha512",
 	[PKEY_HASH_SHA224]	= "sha224",
+	[PKEY_HASH_SM3_256]	= "sm3",
 	[PKEY_HASH_STREEBOG_256] = "md_gost12_256",
 	[PKEY_HASH_STREEBOG_512] = "md_gost12_512",
 };
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH ima-evm-utils v2 2/2] ima-evm-utils: add SM3 to pkey_hash_algo algorithm list
  2020-07-09  3:34 ` [PATCH ima-evm-utils v2 2/2] ima-evm-utils: add SM3 to pkey_hash_algo algorithm list Tianjia Zhang
@ 2020-07-10 17:54   ` Mimi Zohar
  0 siblings, 0 replies; 3+ messages in thread
From: Mimi Zohar @ 2020-07-10 17:54 UTC (permalink / raw)
  To: Tianjia Zhang, vt, linux-integrity

On Thu, 2020-07-09 at 11:34 +0800, Tianjia Zhang wrote:
> SM3 was published by State Encryption Management Bureau, China.
> It has been well supported in the kernel and openssl.
> This patch allows SM3 to be used smoothly by specifying the
> parameter `-a sm3` or `--hashalgo sm3`.
> 
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> ---
>  src/libimaevm.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/src/libimaevm.c b/src/libimaevm.c
> index b485171..b8d5769 100644
> --- a/src/libimaevm.c
> +++ b/src/libimaevm.c
> @@ -71,6 +71,7 @@ static const char *const pkey_hash_algo[PKEY_HASH__LAST] = {
>  	[PKEY_HASH_SHA384]	= "sha384",
>  	[PKEY_HASH_SHA512]	= "sha512",
>  	[PKEY_HASH_SHA224]	= "sha224",
> +	[PKEY_HASH_SM3_256]	= "sm3",
>  	[PKEY_HASH_STREEBOG_256] = "md_gost12_256",
>  	[PKEY_HASH_STREEBOG_512] = "md_gost12_512",
>  };

Sorry, I had forgotten the name in hash_info.c was recently changed
from "sm3-256" to just "sm3".

This patch set patch is now in the "next" branch.

thanks,

Mimi 

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-07-10 17:54 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-09  3:34 [PATCH ima-evm-utils v2 1/2] ima-evm-utils: beautify the code to make it more readable Tianjia Zhang
2020-07-09  3:34 ` [PATCH ima-evm-utils v2 2/2] ima-evm-utils: add SM3 to pkey_hash_algo algorithm list Tianjia Zhang
2020-07-10 17:54   ` Mimi Zohar

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).