66 	struct x509_parse_context *ctx;  in x509_cert_parse()  local
80 	ctx = kzalloc(sizeof(struct x509_parse_context), GFP_KERNEL);  in x509_cert_parse()
81 	if (!ctx)  in x509_cert_parse()
84 	ctx->cert = cert;  in x509_cert_parse()
85 	ctx->data = (unsigned long)data;  in x509_cert_parse()
88 	ret = asn1_ber_decoder(&x509_decoder, ctx, data, datalen);  in x509_cert_parse()
93 	if (ctx->raw_akid) {  in x509_cert_parse()
95 			 ctx->raw_akid_size, ctx->raw_akid_size, ctx->raw_akid);  in x509_cert_parse()
96 		ret = asn1_ber_decoder(&x509_akid_decoder, ctx,  in x509_cert_parse()
97 				       ctx->raw_akid, ctx->raw_akid_size);  in x509_cert_parse()
105 	cert->pub->key = kmemdup(ctx->key, ctx->key_size, GFP_KERNEL);  in x509_cert_parse()
109 	cert->pub->keylen = ctx->key_size;  in x509_cert_parse()
111 	cert->pub->params = kmemdup(ctx->params, ctx->params_size, GFP_KERNEL);  in x509_cert_parse()
115 	cert->pub->paramlen = ctx->params_size;  in x509_cert_parse()
116 	cert->pub->algo = ctx->key_algo;  in x509_cert_parse()
139 	kfree(ctx);  in x509_cert_parse()
143 	kfree(ctx);  in x509_cert_parse()
159 	struct x509_parse_context *ctx = context;  in x509_note_OID()  local
161 	ctx->last_oid = look_up_OID(value, vlen);  in x509_note_OID()
162 	if (ctx->last_oid == OID__NR) {  in x509_note_OID()
166 			 (unsigned long)value - ctx->data, buffer);  in x509_note_OID()
179 	struct x509_parse_context *ctx = context;  in x509_note_tbs_certificate()  local
182 		 hdrlen, tag, (unsigned long)value - ctx->data, vlen);  in x509_note_tbs_certificate()
184 	ctx->cert->tbs = value - hdrlen;  in x509_note_tbs_certificate()
185 	ctx->cert->tbs_size = vlen + hdrlen;  in x509_note_tbs_certificate()
196 	struct x509_parse_context *ctx = context;  in x509_note_pkey_algo()  local
198 	pr_debug("PubKey Algo: %u\n", ctx->last_oid);  in x509_note_pkey_algo()
200 	switch (ctx->last_oid) {  in x509_note_pkey_algo()
207 		ctx->cert->sig->hash_algo = "md4";  in x509_note_pkey_algo()
211 		ctx->cert->sig->hash_algo = "sha1";  in x509_note_pkey_algo()
215 		ctx->cert->sig->hash_algo = "sha256";  in x509_note_pkey_algo()
219 		ctx->cert->sig->hash_algo = "sha384";  in x509_note_pkey_algo()
223 		ctx->cert->sig->hash_algo = "sha512";  in x509_note_pkey_algo()
227 		ctx->cert->sig->hash_algo = "sha224";  in x509_note_pkey_algo()
231 		ctx->cert->sig->hash_algo = "streebog256";  in x509_note_pkey_algo()
235 		ctx->cert->sig->hash_algo = "streebog512";  in x509_note_pkey_algo()
240 	ctx->cert->sig->pkey_algo = "rsa";  in x509_note_pkey_algo()
241 	ctx->cert->sig->encoding = "pkcs1";  in x509_note_pkey_algo()
242 	ctx->algo_oid = ctx->last_oid;  in x509_note_pkey_algo()
245 	ctx->cert->sig->pkey_algo = "ecrdsa";  in x509_note_pkey_algo()
246 	ctx->cert->sig->encoding = "raw";  in x509_note_pkey_algo()
247 	ctx->algo_oid = ctx->last_oid;  in x509_note_pkey_algo()
258 	struct x509_parse_context *ctx = context;  in x509_note_signature()  local
260 	pr_debug("Signature type: %u size %zu\n", ctx->last_oid, vlen);  in x509_note_signature()
262 	if (ctx->last_oid != ctx->algo_oid) {  in x509_note_signature()
264 			ctx->algo_oid, ctx->last_oid);  in x509_note_signature()
268 	if (strcmp(ctx->cert->sig->pkey_algo, "rsa") == 0 ||  in x509_note_signature()
269 	    strcmp(ctx->cert->sig->pkey_algo, "ecrdsa") == 0) {  in x509_note_signature()
278 	ctx->cert->raw_sig = value;  in x509_note_signature()
279 	ctx->cert->raw_sig_size = vlen;  in x509_note_signature()
290 	struct x509_parse_context *ctx = context;  in x509_note_serial()  local
291 	ctx->cert->raw_serial = value;  in x509_note_serial()
292 	ctx->cert->raw_serial_size = vlen;  in x509_note_serial()
303 	struct x509_parse_context *ctx = context;  in x509_extract_name_segment()  local
305 	switch (ctx->last_oid) {  in x509_extract_name_segment()
307 		ctx->cn_size = vlen;  in x509_extract_name_segment()
308 		ctx->cn_offset = (unsigned long)value - ctx->data;  in x509_extract_name_segment()
311 		ctx->o_size = vlen;  in x509_extract_name_segment()
312 		ctx->o_offset = (unsigned long)value - ctx->data;  in x509_extract_name_segment()
315 		ctx->email_size = vlen;  in x509_extract_name_segment()
316 		ctx->email_offset = (unsigned long)value - ctx->data;  in x509_extract_name_segment()
328 static int x509_fabricate_name(struct x509_parse_context *ctx, size_t hdrlen,  in x509_fabricate_name()  argument
332 	const void *name, *data = (const void *)ctx->data;  in x509_fabricate_name()
340 	if (!ctx->cn_size && !ctx->o_size && !ctx->email_size) {  in x509_fabricate_name()
348 	if (ctx->cn_size && ctx->o_size) {  in x509_fabricate_name()
352 		namesize = ctx->cn_size;  in x509_fabricate_name()
353 		name = data + ctx->cn_offset;  in x509_fabricate_name()
354 		if (ctx->cn_size >= ctx->o_size &&  in x509_fabricate_name()
355 		    memcmp(data + ctx->cn_offset, data + ctx->o_offset,  in x509_fabricate_name()
356 			   ctx->o_size) == 0)  in x509_fabricate_name()
358 		if (ctx->cn_size >= 7 &&  in x509_fabricate_name()
359 		    ctx->o_size >= 7 &&  in x509_fabricate_name()
360 		    memcmp(data + ctx->cn_offset, data + ctx->o_offset, 7) == 0)  in x509_fabricate_name()
363 		buffer = kmalloc(ctx->o_size + 2 + ctx->cn_size + 1,  in x509_fabricate_name()
369 		       data + ctx->o_offset, ctx->o_size);  in x509_fabricate_name()
370 		buffer[ctx->o_size + 0] = ':';  in x509_fabricate_name()
371 		buffer[ctx->o_size + 1] = ' ';  in x509_fabricate_name()
372 		memcpy(buffer + ctx->o_size + 2,  in x509_fabricate_name()
373 		       data + ctx->cn_offset, ctx->cn_size);  in x509_fabricate_name()
374 		buffer[ctx->o_size + 2 + ctx->cn_size] = 0;  in x509_fabricate_name()
377 	} else if (ctx->cn_size) {  in x509_fabricate_name()
378 		namesize = ctx->cn_size;  in x509_fabricate_name()
379 		name = data + ctx->cn_offset;  in x509_fabricate_name()
380 	} else if (ctx->o_size) {  in x509_fabricate_name()
381 		namesize = ctx->o_size;  in x509_fabricate_name()
382 		name = data + ctx->o_offset;  in x509_fabricate_name()
384 		namesize = ctx->email_size;  in x509_fabricate_name()
385 		name = data + ctx->email_offset;  in x509_fabricate_name()
397 	ctx->cn_size = 0;  in x509_fabricate_name()
398 	ctx->o_size = 0;  in x509_fabricate_name()
399 	ctx->email_size = 0;  in x509_fabricate_name()
407 	struct x509_parse_context *ctx = context;  in x509_note_issuer()  local
408 	ctx->cert->raw_issuer = value;  in x509_note_issuer()
409 	ctx->cert->raw_issuer_size = vlen;  in x509_note_issuer()
410 	return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->issuer, vlen);  in x509_note_issuer()
417 	struct x509_parse_context *ctx = context;  in x509_note_subject()  local
418 	ctx->cert->raw_subject = value;  in x509_note_subject()
419 	ctx->cert->raw_subject_size = vlen;  in x509_note_subject()
420 	return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->subject, vlen);  in x509_note_subject()
430 	struct x509_parse_context *ctx = context;  in x509_note_params()  local
437 	if (!ctx->cert->raw_subject || ctx->key)  in x509_note_params()
439 	ctx->params = value - hdrlen;  in x509_note_params()
440 	ctx->params_size = vlen + hdrlen;  in x509_note_params()
451 	struct x509_parse_context *ctx = context;  in x509_extract_key_data()  local
453 	ctx->key_algo = ctx->last_oid;  in x509_extract_key_data()
454 	if (ctx->last_oid == OID_rsaEncryption)  in x509_extract_key_data()
455 		ctx->cert->pub->pkey_algo = "rsa";  in x509_extract_key_data()
456 	else if (ctx->last_oid == OID_gost2012PKey256 ||  in x509_extract_key_data()
457 		 ctx->last_oid == OID_gost2012PKey512)  in x509_extract_key_data()
458 		ctx->cert->pub->pkey_algo = "ecrdsa";  in x509_extract_key_data()
465 	ctx->key = value + 1;  in x509_extract_key_data()
466 	ctx->key_size = vlen - 1;  in x509_extract_key_data()
480 	struct x509_parse_context *ctx = context;  in x509_process_extension()  local
484 	pr_debug("Extension: %u\n", ctx->last_oid);  in x509_process_extension()
486 	if (ctx->last_oid == OID_subjectKeyIdentifier) {  in x509_process_extension()
488 		if (ctx->cert->skid || vlen < 3)  in x509_process_extension()
495 		ctx->cert->raw_skid_size = vlen;  in x509_process_extension()
496 		ctx->cert->raw_skid = v;  in x509_process_extension()
500 		ctx->cert->skid = kid;  in x509_process_extension()
505 	if (ctx->last_oid == OID_authorityKeyIdentifier) {  in x509_process_extension()
507 		ctx->raw_akid = v;  in x509_process_extension()
508 		ctx->raw_akid_size = vlen;  in x509_process_extension()
614 	struct x509_parse_context *ctx = context;  in x509_note_not_before()  local
615 	return x509_decode_time(&ctx->cert->valid_from, hdrlen, tag, value, vlen);  in x509_note_not_before()
622 	struct x509_parse_context *ctx = context;  in x509_note_not_after()  local
623 	return x509_decode_time(&ctx->cert->valid_to, hdrlen, tag, value, vlen);  in x509_note_not_after()
633 	struct x509_parse_context *ctx = context;  in x509_akid_note_kid()  local
638 	if (ctx->cert->sig->auth_ids[1])  in x509_akid_note_kid()
645 	ctx->cert->sig->auth_ids[1] = kid;  in x509_akid_note_kid()
656 	struct x509_parse_context *ctx = context;  in x509_akid_note_name()  local
660 	ctx->akid_raw_issuer = value;  in x509_akid_note_name()
661 	ctx->akid_raw_issuer_size = vlen;  in x509_akid_note_name()
672 	struct x509_parse_context *ctx = context;  in x509_akid_note_serial()  local
677 	if (!ctx->akid_raw_issuer || ctx->cert->sig->auth_ids[0])  in x509_akid_note_serial()
682 					 ctx->akid_raw_issuer,  in x509_akid_note_serial()
683 					 ctx->akid_raw_issuer_size);  in x509_akid_note_serial()
688 	ctx->cert->sig->auth_ids[0] = kid;  in x509_akid_note_serial()