ima-evm-utils: try to load digest by its alias

Primary names of the algorithms are different for OpenSSL and Kernel. "Streebog" is a name of the hash algorithm in the Kernel Crypto API. "md_gost12_X" is the name used by most versions of OpenSSL, it's placed in pkey_hash_algo[] so that algo IDs are resolved to them. Allow to use both names. Signed-off-by: Vitaly Chikunov <vt@altlinux.org> [zohar@linux.ibm.com: updated patch description based input from Vitaly] Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2025-10-31 05:00:41 +01:00 · 2019-03-23 04:41:52 +03:00
parent b628d8bfdb
commit ebbfc41ad6
1 changed files with 12 additions and 0 deletions
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -61,6 +61,7 @@
 #include "imaevm.h"
 #include "hash_info.h"

+/* Names that are primary for OpenSSL. */
 const char *const pkey_hash_algo[PKEY_HASH__LAST] = {
 	[PKEY_HASH_MD4]		= "md4",
 	[PKEY_HASH_MD5]		= "md5",
@@ -70,6 +71,12 @@ const char *const pkey_hash_algo[PKEY_HASH__LAST] = {
 	[PKEY_HASH_SHA384]	= "sha384",
 	[PKEY_HASH_SHA512]	= "sha512",
 	[PKEY_HASH_SHA224]	= "sha224",
+	[PKEY_HASH_STREEBOG_256] = "md_gost12_256",
+	[PKEY_HASH_STREEBOG_512] = "md_gost12_512",
+};
+
+/* Names that are primary for the kernel. */
+const char *const pkey_hash_algo_kern[PKEY_HASH__LAST] = {
 	[PKEY_HASH_STREEBOG_256] = "streebog256",
 	[PKEY_HASH_STREEBOG_512] = "streebog512",
 };
@@ -551,6 +558,11 @@ int get_hash_algo(const char *algo)
 		    !strcmp(algo, pkey_hash_algo[i]))
 			return i;

+	for (i = 0; i < PKEY_HASH__LAST; i++)
+		if (pkey_hash_algo_kern[i] &&
+		    !strcmp(algo, pkey_hash_algo_kern[i]))
+			return i;
+
 	/* iterate over algorithms provided by kernel-headers */
 	for (i = 0; i < HASH_ALGO__LAST; i++)
 		if (hash_algo_name[i] &&