[Devel] [PATCH RHEL7 COMMIT] Revert "crypto: DSA algorithm"

Konstantin Khorenko khorenko at virtuozzo.com
Wed Jun 24 02:10:46 PDT 2015


The commit is pushed to "branch-rh7-3.10.0-123.1.2-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-123.1.2.vz7.5.17
------>
commit 3450bc1506bbfead5301dc26af1343872c8b66a4
Author: Vladimir Davydov <vdavydov at parallels.com>
Date:   Wed Jun 24 13:10:46 2015 +0400

    Revert "crypto: DSA algorithm"
    
    It was only introduced for the sake of vzlicense, which is absent in
    RH7.
    
    Vladimir Davydov (2):
      Revert "DSA: add module description and license"
      Revert "crypto: DSA algorithm"
    
    This reverts commit 1d011a2577bb026f46638d6d24ec3994ea08b9cd.
    
    Signed-off-by: Vladimir Davydov <vdavydov at parallels.com>
---
 crypto/asymmetric_keys/Kconfig  |  8 +---
 crypto/asymmetric_keys/Makefile |  1 -
 crypto/asymmetric_keys/dsa.c    | 96 -----------------------------------------
 3 files changed, 1 insertion(+), 104 deletions(-)

diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig
index cbd1652..78afa6a 100644
--- a/crypto/asymmetric_keys/Kconfig
+++ b/crypto/asymmetric_keys/Kconfig
@@ -21,15 +21,9 @@ config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 
 config PUBLIC_KEY_ALGO_RSA
 	tristate "RSA public-key algorithm"
-	help
-	  This option enables support for the RSA algorithm (PKCS#1, RFC3447).
-
-config PUBLIC_KEY_ALGO_DSA
-	tristate "DSA public-key algorithm"
-	depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE
 	select MPILIB_EXTRA
 	help
-	  This option enables support for the DSA algorithm.
+	  This option enables support for the RSA algorithm (PKCS#1, RFC3447).
 
 config X509_CERTIFICATE_PARSER
 	tristate "X.509 certificate parser"
diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile
index af8de0f..cd8388e 100644
--- a/crypto/asymmetric_keys/Makefile
+++ b/crypto/asymmetric_keys/Makefile
@@ -8,7 +8,6 @@ asymmetric_keys-y := asymmetric_type.o signature.o
 
 obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o
 obj-$(CONFIG_PUBLIC_KEY_ALGO_RSA) += rsa.o
-obj-$(CONFIG_PUBLIC_KEY_ALGO_DSA) += dsa.o
 obj-$(CONFIG_EFI_SIGNATURE_LIST_PARSER) += efi_parser.o
 
 #
diff --git a/crypto/asymmetric_keys/dsa.c b/crypto/asymmetric_keys/dsa.c
deleted file mode 100644
index 7a06ee7..0000000
--- a/crypto/asymmetric_keys/dsa.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* dsa.c  -  DSA signature algorithm
- *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-#include <linux/module.h>
-#include <linux/mpi.h>
-#include <asm/errno.h>
-
-/*
- * perform DSA algorithm signature verification
- */
-int DSA_verify(const MPI datahash, const MPI sig[], const MPI pkey[])
-{
-	MPI p, q, g, y, r, s;
-	MPI w = NULL, u1 = NULL, u2 = NULL, v = NULL;
-	MPI base[3];
-	MPI exp[3];
-	int rc;
-
-	if (!datahash ||
-	    !sig[0] || !sig[1] ||
-	    !pkey[0] || !pkey[1] || !pkey[2] || !pkey[3])
-		return -EINVAL;
-
-	p = pkey[0];	/* prime */
-	q = pkey[1];	/* group order */
-	g = pkey[2];	/* group generator */
-	y = pkey[3];	/* g^x mod p */
-	r = sig[0];
-	s = sig[1];
-
-	if (!(mpi_cmp_ui(r, 0) > 0 && mpi_cmp(r, q) < 0)) {
-		printk("DSA_verify assertion failed [0 < r < q]\n");
-		return -EKEYREJECTED;
-	}
-
-	if (!(mpi_cmp_ui(s, 0) > 0 && mpi_cmp(s, q) < 0)) {
-		printk("DSA_verify assertion failed [0 < s < q]\n");
-		return -EKEYREJECTED;
-	}
-
-	rc = -ENOMEM;
-	w  = mpi_alloc(mpi_get_nlimbs(q)); if (!w ) goto cleanup;
-	u1 = mpi_alloc(mpi_get_nlimbs(q)); if (!u1) goto cleanup;
-	u2 = mpi_alloc(mpi_get_nlimbs(q)); if (!u2) goto cleanup;
-	v  = mpi_alloc(mpi_get_nlimbs(p)); if (!v ) goto cleanup;
-
-	/* w = s^(-1) mod q */
-	if (mpi_invm(w, s, q) < 0)
-		goto cleanup;
-
-	/* u1 = (datahash * w) mod q */
-	if (mpi_mulm(u1, datahash, w, q) < 0)
-		goto cleanup;
-
-	/* u2 = r * w mod q  */
-	if (mpi_mulm(u2, r, w, q) < 0)
-		goto cleanup;
-
-	/* v =  g^u1 * y^u2 mod p mod q */
-	base[0] = g;	exp[0] = u1;
-	base[1] = y;	exp[1] = u2;
-	base[2] = NULL;	exp[2] = NULL;
-
-	if (mpi_mulpowm(v, base, exp, p) < 0)
-		goto cleanup;
-
-	if (mpi_fdiv_r(v, v, q) < 0)
-		goto cleanup;
-
-	rc = (mpi_cmp(v, r) == 0) ? 0 : -EKEYREJECTED;
-
-cleanup:
-	mpi_free(w);
-	mpi_free(u1);
-	mpi_free(u2);
-	mpi_free(v);
-	return rc;
-}
-EXPORT_SYMBOL(DSA_verify);



More information about the Devel mailing list