Blame SOURCES/0160-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch

8e15ce
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
8e15ce
From: Daniel Axtens <dja@axtens.net>
8e15ce
Date: Fri, 2 Oct 2020 10:49:26 +1000
8e15ce
Subject: [PATCH] crypto: move storage for grub_crypto_pk_* to crypto.c
8e15ce
8e15ce
The way gcry_rsa and friends (the asymmetric ciphers) are loaded for the
8e15ce
pgp module is a bit quirky.
8e15ce
8e15ce
include/grub/crypto.h contains:
8e15ce
  extern struct gcry_pk_spec *grub_crypto_pk_rsa;
8e15ce
8e15ce
commands/pgp.c contains the actual storage:
8e15ce
  struct gcry_pk_spec *grub_crypto_pk_rsa;
8e15ce
8e15ce
And the module itself saves to the storage in pgp.c:
8e15ce
  GRUB_MOD_INIT(gcry_rsa)
8e15ce
  {
8e15ce
    grub_crypto_pk_rsa = &_gcry_pubkey_spec_rsa;
8e15ce
  }
8e15ce
8e15ce
This is annoying: gcry_rsa now has a dependency on pgp!
8e15ce
8e15ce
We want to be able to bring in gcry_rsa without bringing in PGP,
8e15ce
so move the storage to crypto.c.
8e15ce
8e15ce
Previously, gcry_rsa depended on pgp and mpi. Now it depends on
8e15ce
crypto and mpi. As pgp depends on crypto, this doesn't add any new
8e15ce
module dependencies using the PGP verfier.
8e15ce
8e15ce
[FWIW, the story is different for the symmetric ciphers. cryptodisk
8e15ce
and friends (zfs encryption etc) use grub_crypto_lookup_cipher_by_name()
8e15ce
to get a cipher handle. That depends on grub_ciphers being populated
8e15ce
by people calling grub_cipher_register. import_gcry.py ensures that the
8e15ce
symmetric ciphers call it.]
8e15ce
8e15ce
Signed-off-by: Daniel Axtens <dja@axtens.net>
8e15ce
---
8e15ce
 grub-core/commands/pgp.c | 4 ----
8e15ce
 grub-core/lib/crypto.c   | 4 ++++
8e15ce
 2 files changed, 4 insertions(+), 4 deletions(-)
8e15ce
8e15ce
diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c
b35c50
index 2408db4994..355a43844a 100644
8e15ce
--- a/grub-core/commands/pgp.c
8e15ce
+++ b/grub-core/commands/pgp.c
8e15ce
@@ -147,10 +147,6 @@ const char *hashes[] = {
8e15ce
   [0x0b] = "sha224"
8e15ce
 };
8e15ce
 
8e15ce
-struct gcry_pk_spec *grub_crypto_pk_dsa;
8e15ce
-struct gcry_pk_spec *grub_crypto_pk_ecdsa;
8e15ce
-struct gcry_pk_spec *grub_crypto_pk_rsa;
8e15ce
-
8e15ce
 static int
8e15ce
 dsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval,
8e15ce
 	 const gcry_md_spec_t *hash, struct grub_public_subkey *sk);
8e15ce
diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
b35c50
index ca334d5a40..c578128a59 100644
8e15ce
--- a/grub-core/lib/crypto.c
8e15ce
+++ b/grub-core/lib/crypto.c
8e15ce
@@ -121,6 +121,10 @@ grub_md_unregister (gcry_md_spec_t *cipher)
8e15ce
       }
8e15ce
 }
8e15ce
 
8e15ce
+struct gcry_pk_spec *grub_crypto_pk_dsa;
8e15ce
+struct gcry_pk_spec *grub_crypto_pk_ecdsa;
8e15ce
+struct gcry_pk_spec *grub_crypto_pk_rsa;
8e15ce
+
8e15ce
 void
8e15ce
 grub_crypto_hash (const gcry_md_spec_t *hash, void *out, const void *in,
8e15ce
 		  grub_size_t inlen)