diff options
author | Stefan Berger <stefanb@linux.ibm.com> | 2024-03-21 10:44:33 -0400 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2024-04-02 10:49:38 +0800 |
commit | 565cda63ce1cb51649ec69e45062ca8fab137402 (patch) | |
tree | e48e6544eed8f592f829b04d7d3e44f159c27176 /crypto/ripemd.h | |
parent | 7156543c59626a6be2cfd51be32491f24ef46afc (diff) | |
download | linux-crypto-565cda63ce1cb51649ec69e45062ca8fab137402.tar.gz linux-crypto-565cda63ce1cb51649ec69e45062ca8fab137402.zip |
crypto: ecdsa - Fix module auto-load on add-key
Add module alias with the algorithm cra_name similar to what we have for
RSA-related and other algorithms.
The kernel attempts to modprobe asymmetric algorithms using the names
"crypto-$cra_name" and "crypto-$cra_name-all." However, since these
aliases are currently missing, the modules are not loaded. For instance,
when using the `add_key` function, the hash algorithm is typically
loaded automatically, but the asymmetric algorithm is not.
Steps to test:
1. Create certificate
openssl req -x509 -sha256 -newkey ec \
-pkeyopt "ec_paramgen_curve:secp384r1" -keyout key.pem -days 365 \
-subj '/CN=test' -nodes -outform der -out nist-p384.der
2. Optionally, trace module requests with: trace-cmd stream -e module &
3. Trigger add_key call for the cert:
# keyctl padd asymmetric "" @u < nist-p384.der
641069229
# lsmod | head -2
Module Size Used by
ecdsa_generic 16384 0
Fixes: ba1c2bd22584 ("crypto: ecdsa - Register NIST P384 and extend test suite")
Cc: stable@vger.kernel.org
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/ripemd.h')
0 files changed, 0 insertions, 0 deletions