[PATCH 6/8] X.509: Make the public_key asymmetric key type internal data private

[David Howells]

Make the public_key asymmetric key type internal data (struct public_key)
private by moving it to the asymmetric keys directory.

Whilst struct public_key_signature needs to be available, since that's part
of the asymmetric key API to verify a signature, anyone using asymmetric
keys should not be poking around inside the subtype internals, but should
rather use API functions, such as verify_signature(), in case the internals
turn out not to be of the subtype expected.

An exception is made for the X.509 and PKCS#7 parsers as they don't create
keys but rather use the public key routines directly.

Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
---

 crypto/asymmetric_keys/pkcs7_verify.c     |    2 +-
 crypto/asymmetric_keys/public_key.c       |    2 +-
 crypto/asymmetric_keys/software_pkey.h    |   33 +++++++++++++++++++++++++++++
 crypto/asymmetric_keys/x509_cert_parser.c |    2 +-
 crypto/asymmetric_keys/x509_public_key.c  |    1 +
 include/crypto/public_key.h               |   19 -----------------
 6 files changed, 37 insertions(+), 22 deletions(-)
 create mode 100644 crypto/asymmetric_keys/software_pkey.h

diff --git a/crypto/asymmetric_keys/pkcs7_verify.c b/crypto/asymmetric_keys/pkcs7_verify.c
index 50be2a15e531..6aad267f19bb 100644
--- a/crypto/asymmetric_keys/pkcs7_verify.c
+++ b/crypto/asymmetric_keys/pkcs7_verify.c
@@ -16,7 +16,7 @@
 #include <linux/err.h>
 #include <linux/asn1.h>
 #include <crypto/hash.h>
-#include <crypto/public_key.h>
+#include "software_pkey.h"
 #include "pkcs7_parser.h"
 
 /*
diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
index 16895996c2e2..3024081026c1 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -19,7 +19,7 @@
 #include <linux/seq_file.h>
 #include <linux/scatterlist.h>
 #include <keys/asymmetric-subtype.h>
-#include <crypto/public_key.h>
+#include "software_pkey.h"
 #include <crypto/akcipher.h>
 
 MODULE_LICENSE("GPL");
diff --git a/crypto/asymmetric_keys/software_pkey.h b/crypto/asymmetric_keys/software_pkey.h
new file mode 100644
index 000000000000..06d6500e5825
--- /dev/null
+++ b/crypto/asymmetric_keys/software_pkey.h
@@ -0,0 +1,33 @@
+/* Internal definitions for the software public key subtype
+ *
+ * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@xxxxxxxxxx)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+
+#include <crypto/public_key.h>
+
+extern struct asymmetric_key_subtype public_key_subtype;
+
+/*
+ * Cryptographic data for the software public-key subtype of the asymmetric key
+ * type.
+ *
+ * Note that this may include private part of the key as well as the public
+ * part.
+ */
+struct public_key {
+	void *key;
+	u32 keylen;
+	const char *id_type;
+	const char *pkey_algo;
+};
+
+extern void public_key_destroy(void *payload);
+
+extern int public_key_verify_signature(const struct public_key *pkey,
+				       const struct public_key_signature *sig);
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index dffd30f107cd..a008a945aa82 100644
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -15,7 +15,7 @@
 #include <linux/slab.h>
 #include <linux/err.h>
 #include <linux/oid_registry.h>
-#include <crypto/public_key.h>
+#include "software_pkey.h"
 #include "x509_parser.h"
 #include "x509-asn1.h"
 #include "x509_akid-asn1.h"
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index 733c046aacc6..0896f784cfda 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -18,6 +18,7 @@
 #include <keys/system_keyring.h>
 #include <crypto/hash.h>
 #include "asymmetric_keys.h"
+#include "software_pkey.h"
 #include "x509_parser.h"
 
 static bool use_builtin_keys;
diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index aa730ea7faf8..d55f9f9bfd65 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -29,21 +29,6 @@ enum key_being_used_for {
 extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
 
 /*
- * Cryptographic data for the public-key subtype of the asymmetric key type.
- *
- * Note that this may include private part of the key as well as the public
- * part.
- */
-struct public_key {
-	void *key;
-	u32 keylen;
-	const char *id_type;
-	const char *pkey_algo;
-};
-
-extern void public_key_destroy(void *payload);
-
-/*
  * Public key cryptography signature data
  */
 struct public_key_signature {
@@ -55,7 +40,6 @@ struct public_key_signature {
 	const char *hash_algo;
 };
 
-extern struct asymmetric_key_subtype public_key_subtype;
 struct key;
 extern int verify_signature(const struct key *key,
 			    const struct public_key_signature *sig);
@@ -66,7 +50,4 @@ extern struct key *x509_request_asymmetric_key(struct key *keyring,
 					       const struct asymmetric_key_id *skid,
 					       bool partial);
 
-int public_key_verify_signature(const struct public_key *pkey,
-				const struct public_key_signature *sig);
-
 #endif /* _LINUX_PUBLIC_KEY_H */