Blame SOURCES/0357-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch

5975ab
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
5975ab
From: Daniel Axtens <dja@axtens.net>
5975ab
Date: Fri, 2 Oct 2020 10:49:26 +1000
5975ab
Subject: [PATCH] crypto: move storage for grub_crypto_pk_* to crypto.c
5975ab
5975ab
The way gcry_rsa and friends (the asymmetric ciphers) are loaded for the
5975ab
pgp module is a bit quirky.
5975ab
5975ab
include/grub/crypto.h contains:
5975ab
  extern struct gcry_pk_spec *grub_crypto_pk_rsa;
5975ab
5975ab
commands/pgp.c contains the actual storage:
5975ab
  struct gcry_pk_spec *grub_crypto_pk_rsa;
5975ab
5975ab
And the module itself saves to the storage in pgp.c:
5975ab
  GRUB_MOD_INIT(gcry_rsa)
5975ab
  {
5975ab
    grub_crypto_pk_rsa = &_gcry_pubkey_spec_rsa;
5975ab
  }
5975ab
5975ab
This is annoying: gcry_rsa now has a dependency on pgp!
5975ab
5975ab
We want to be able to bring in gcry_rsa without bringing in PGP,
5975ab
so move the storage to crypto.c.
5975ab
5975ab
Previously, gcry_rsa depended on pgp and mpi. Now it depends on
5975ab
crypto and mpi. As pgp depends on crypto, this doesn't add any new
5975ab
module dependencies using the PGP verfier.
5975ab
5975ab
[FWIW, the story is different for the symmetric ciphers. cryptodisk
5975ab
and friends (zfs encryption etc) use grub_crypto_lookup_cipher_by_name()
5975ab
to get a cipher handle. That depends on grub_ciphers being populated
5975ab
by people calling grub_cipher_register. import_gcry.py ensures that the
5975ab
symmetric ciphers call it.]
5975ab
5975ab
Signed-off-by: Daniel Axtens <dja@axtens.net>
5975ab
---
5975ab
 grub-core/commands/pgp.c | 4 ----
5975ab
 grub-core/lib/crypto.c   | 4 ++++
5975ab
 2 files changed, 4 insertions(+), 4 deletions(-)
5975ab
5975ab
diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c
09e3cc
index bb6543819..75de32c2a 100644
5975ab
--- a/grub-core/commands/pgp.c
5975ab
+++ b/grub-core/commands/pgp.c
5975ab
@@ -147,10 +147,6 @@ const char *hashes[] = {
5975ab
   [0x0b] = "sha224"
5975ab
 };
5975ab
 
5975ab
-struct gcry_pk_spec *grub_crypto_pk_dsa;
5975ab
-struct gcry_pk_spec *grub_crypto_pk_ecdsa;
5975ab
-struct gcry_pk_spec *grub_crypto_pk_rsa;
5975ab
-
5975ab
 static int
5975ab
 dsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval,
5975ab
 	 const gcry_md_spec_t *hash, struct grub_public_subkey *sk);
5975ab
diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
09e3cc
index e6c78d16d..ff62fa30e 100644
5975ab
--- a/grub-core/lib/crypto.c
5975ab
+++ b/grub-core/lib/crypto.c
5975ab
@@ -121,6 +121,10 @@ grub_md_unregister (gcry_md_spec_t *cipher)
5975ab
       }
5975ab
 }
5975ab
 
5975ab
+struct gcry_pk_spec *grub_crypto_pk_dsa;
5975ab
+struct gcry_pk_spec *grub_crypto_pk_ecdsa;
5975ab
+struct gcry_pk_spec *grub_crypto_pk_rsa;
5975ab
+
5975ab
 void
5975ab
 grub_crypto_hash (const gcry_md_spec_t *hash, void *out, const void *in,
5975ab
 		  grub_size_t inlen)