| Message ID | 20200903131242.128665-8-tianjia.zhang@linux.alibaba.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | crpyto: introduce OSCCA certificate and SM2 asymmetric algorithm | expand |
Hi, On Thu, Sep 3, 2020 at 4:13 PM Tianjia Zhang <tianjia.zhang@linux.alibaba.com> wrote: > > The digital certificate format based on SM2 crypto algorithm as > specified in GM/T 0015-2012. It was published by State Encryption > Management Bureau, China. > > The method of generating Other User Information is defined as > ZA=H256(ENTLA || IDA || a || b || xG || yG || xA || yA), it also > specified in https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02. > > The x509 certificate supports sm2-with-sm3 type certificate > verification. Because certificate verification requires ZA > in addition to tbs data, ZA also depends on elliptic curve > parameters and public key data, so you need to access tbs in sig > and calculate ZA. Finally calculate the digest of the > signature and complete the verification work. The calculation > process of ZA is declared in specifications GM/T 0009-2012 > and GM/T 0003.2-2012. > > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> > Tested-by: Xufeng Zhang <yunbo.xufeng@linux.alibaba.com> > --- > crypto/asymmetric_keys/Makefile | 1 + > crypto/asymmetric_keys/public_key.c | 6 +++ > crypto/asymmetric_keys/public_key_sm2.c | 61 ++++++++++++++++++++++++ > crypto/asymmetric_keys/x509_public_key.c | 3 ++ > include/crypto/public_key.h | 15 ++++++ > 5 files changed, 86 insertions(+) > create mode 100644 crypto/asymmetric_keys/public_key_sm2.c > > diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile > index 28b91adba2ae..1a99ea5acb6b 100644 > --- a/crypto/asymmetric_keys/Makefile > +++ b/crypto/asymmetric_keys/Makefile > @@ -11,6 +11,7 @@ asymmetric_keys-y := \ > signature.o > > obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o > +obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key_sm2.o > obj-$(CONFIG_ASYMMETRIC_TPM_KEY_SUBTYPE) += asym_tpm.o > > # > diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c > index d8410ffd7f12..1d0492098bbd 100644 > --- a/crypto/asymmetric_keys/public_key.c > +++ b/crypto/asymmetric_keys/public_key.c > @@ -299,6 +299,12 @@ int public_key_verify_signature(const struct public_key *pkey, > if (ret) > goto error_free_key; > > + if (strcmp(sig->pkey_algo, "sm2") == 0 && sig->data_size) { > + ret = cert_sig_digest_update(sig, tfm); > + if (ret) > + goto error_free_key; > + } > + > sg_init_table(src_sg, 2); > sg_set_buf(&src_sg[0], sig->s, sig->s_size); > sg_set_buf(&src_sg[1], sig->digest, sig->digest_size); > diff --git a/crypto/asymmetric_keys/public_key_sm2.c b/crypto/asymmetric_keys/public_key_sm2.c > new file mode 100644 > index 000000000000..7325cf21dbb4 > --- /dev/null > +++ b/crypto/asymmetric_keys/public_key_sm2.c > @@ -0,0 +1,61 @@ > +/* SPDX-License-Identifier: GPL-2.0-or-later */ > +/* > + * asymmetric public-key algorithm for SM2-with-SM3 certificate > + * as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012 SM2 and > + * described at https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 > + * > + * Copyright (c) 2020, Alibaba Group. > + * Authors: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> > + */ > + > +#include <crypto/sm3_base.h> > +#include <crypto/sm2.h> > +#include <crypto/public_key.h> > + > +#if IS_REACHABLE(CONFIG_CRYPTO_SM2) > + > +int cert_sig_digest_update(const struct public_key_signature *sig, > + struct crypto_akcipher *tfm_pkey) > +{ > + struct crypto_shash *tfm; > + struct shash_desc *desc; > + size_t desc_size; > + unsigned char dgst[SM3_DIGEST_SIZE]; > + int ret; > + > + BUG_ON(!sig->data); > + > + ret = sm2_compute_z_digest(tfm_pkey, SM2_DEFAULT_USERID, > + SM2_DEFAULT_USERID_LEN, dgst); > + if (ret) > + return ret; > + > + tfm = crypto_alloc_shash(sig->hash_algo, 0, 0); > + if (IS_ERR(tfm)) > + return PTR_ERR(tfm); > + > + desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); > + desc = kzalloc(desc_size, GFP_KERNEL); > + if (!desc) > + goto error_free_tfm; > + > + desc->tfm = tfm; > + > + ret = crypto_shash_init(desc); > + if (ret < 0) > + goto error_free_desc; > + > + ret = crypto_shash_update(desc, dgst, SM3_DIGEST_SIZE); > + if (ret < 0) > + goto error_free_desc; > + > + ret = crypto_shash_finup(desc, sig->data, sig->data_size, sig->digest); It looks like you are doing a separate init, update, finup every time - I would consider using crypto_shash_digest() in one go. In fact, considering the fact that you are allocating a tfm just for this use and then releasing it, I would consider switching to crypto_shash_tfm_digest() and dropping the kzalloc all together. This should simplify the code a bit. Other than that I don't have anything smart to say :-) Gilad
Hi Gilad, On 9/13/20 3:12 PM, Gilad Ben-Yossef wrote: > Hi, > > > On Thu, Sep 3, 2020 at 4:13 PM Tianjia Zhang > <tianjia.zhang@linux.alibaba.com> wrote: >> >> The digital certificate format based on SM2 crypto algorithm as >> specified in GM/T 0015-2012. It was published by State Encryption >> Management Bureau, China. >> >> The method of generating Other User Information is defined as >> ZA=H256(ENTLA || IDA || a || b || xG || yG || xA || yA), it also >> specified in https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02. >> >> The x509 certificate supports sm2-with-sm3 type certificate >> verification. Because certificate verification requires ZA >> in addition to tbs data, ZA also depends on elliptic curve >> parameters and public key data, so you need to access tbs in sig >> and calculate ZA. Finally calculate the digest of the >> signature and complete the verification work. The calculation >> process of ZA is declared in specifications GM/T 0009-2012 >> and GM/T 0003.2-2012. >> >> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> >> Tested-by: Xufeng Zhang <yunbo.xufeng@linux.alibaba.com> >> --- >> crypto/asymmetric_keys/Makefile | 1 + >> crypto/asymmetric_keys/public_key.c | 6 +++ >> crypto/asymmetric_keys/public_key_sm2.c | 61 ++++++++++++++++++++++++ >> crypto/asymmetric_keys/x509_public_key.c | 3 ++ >> include/crypto/public_key.h | 15 ++++++ >> 5 files changed, 86 insertions(+) >> create mode 100644 crypto/asymmetric_keys/public_key_sm2.c >> >> diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile >> index 28b91adba2ae..1a99ea5acb6b 100644 >> --- a/crypto/asymmetric_keys/Makefile >> +++ b/crypto/asymmetric_keys/Makefile >> @@ -11,6 +11,7 @@ asymmetric_keys-y := \ >> signature.o >> >> obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o >> +obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key_sm2.o >> obj-$(CONFIG_ASYMMETRIC_TPM_KEY_SUBTYPE) += asym_tpm.o >> >> # >> diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c >> index d8410ffd7f12..1d0492098bbd 100644 >> --- a/crypto/asymmetric_keys/public_key.c >> +++ b/crypto/asymmetric_keys/public_key.c >> @@ -299,6 +299,12 @@ int public_key_verify_signature(const struct public_key *pkey, >> if (ret) >> goto error_free_key; >> >> + if (strcmp(sig->pkey_algo, "sm2") == 0 && sig->data_size) { >> + ret = cert_sig_digest_update(sig, tfm); >> + if (ret) >> + goto error_free_key; >> + } >> + >> sg_init_table(src_sg, 2); >> sg_set_buf(&src_sg[0], sig->s, sig->s_size); >> sg_set_buf(&src_sg[1], sig->digest, sig->digest_size); >> diff --git a/crypto/asymmetric_keys/public_key_sm2.c b/crypto/asymmetric_keys/public_key_sm2.c >> new file mode 100644 >> index 000000000000..7325cf21dbb4 >> --- /dev/null >> +++ b/crypto/asymmetric_keys/public_key_sm2.c >> @@ -0,0 +1,61 @@ >> +/* SPDX-License-Identifier: GPL-2.0-or-later */ >> +/* >> + * asymmetric public-key algorithm for SM2-with-SM3 certificate >> + * as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012 SM2 and >> + * described at https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 >> + * >> + * Copyright (c) 2020, Alibaba Group. >> + * Authors: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> >> + */ >> + >> +#include <crypto/sm3_base.h> >> +#include <crypto/sm2.h> >> +#include <crypto/public_key.h> >> + >> +#if IS_REACHABLE(CONFIG_CRYPTO_SM2) >> + >> +int cert_sig_digest_update(const struct public_key_signature *sig, >> + struct crypto_akcipher *tfm_pkey) >> +{ >> + struct crypto_shash *tfm; >> + struct shash_desc *desc; >> + size_t desc_size; >> + unsigned char dgst[SM3_DIGEST_SIZE]; >> + int ret; >> + >> + BUG_ON(!sig->data); >> + >> + ret = sm2_compute_z_digest(tfm_pkey, SM2_DEFAULT_USERID, >> + SM2_DEFAULT_USERID_LEN, dgst); >> + if (ret) >> + return ret; >> + >> + tfm = crypto_alloc_shash(sig->hash_algo, 0, 0); >> + if (IS_ERR(tfm)) >> + return PTR_ERR(tfm); >> + >> + desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); >> + desc = kzalloc(desc_size, GFP_KERNEL); >> + if (!desc) >> + goto error_free_tfm; >> + >> + desc->tfm = tfm; >> + >> + ret = crypto_shash_init(desc); >> + if (ret < 0) >> + goto error_free_desc; >> + >> + ret = crypto_shash_update(desc, dgst, SM3_DIGEST_SIZE); >> + if (ret < 0) >> + goto error_free_desc; >> + >> + ret = crypto_shash_finup(desc, sig->data, sig->data_size, sig->digest); > > It looks like you are doing a separate init, update, finup every time > - I would consider using crypto_shash_digest() in one go. > > In fact, considering the fact that you are allocating a tfm just for > this use and then releasing it, I would consider switching to > crypto_shash_tfm_digest() and dropping the kzalloc all together. > > This should simplify the code a bit. > > Other than that I don't have anything smart to say :-) > > Gilad > The hash calculation here includes two parts of data, 'dgst' and 'sig->data'. The last call is 'finup()' not 'final()'. I understand that it should not be possible to use 'crypto_shash_tfm_digest()' This kind of function is simplified. If a new scope is added, the assignment of desc can be optimized, as follows: ``` do { SHASH_DESC_ON_STACK(desc, tfm); desc->tfm = tfm; /* ... */ } while (0); ``` However, the kernel code may not accept this style. What is your opinion? Thanks, Tianjia
On Mon, Sep 14, 2020 at 9:34 AM Tianjia Zhang <tianjia.zhang@linux.alibaba.com> wrote: > > Hi Gilad, > > On 9/13/20 3:12 PM, Gilad Ben-Yossef wrote: > > Hi, > > > > > > On Thu, Sep 3, 2020 at 4:13 PM Tianjia Zhang > > <tianjia.zhang@linux.alibaba.com> wrote: > >> > >> The digital certificate format based on SM2 crypto algorithm as > >> specified in GM/T 0015-2012. It was published by State Encryption > >> Management Bureau, China. > >> > >> The method of generating Other User Information is defined as > >> ZA=H256(ENTLA || IDA || a || b || xG || yG || xA || yA), it also > >> specified in https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02. > >> > >> The x509 certificate supports sm2-with-sm3 type certificate > >> verification. Because certificate verification requires ZA > >> in addition to tbs data, ZA also depends on elliptic curve > >> parameters and public key data, so you need to access tbs in sig > >> and calculate ZA. Finally calculate the digest of the > >> signature and complete the verification work. The calculation > >> process of ZA is declared in specifications GM/T 0009-2012 > >> and GM/T 0003.2-2012. > >> > >> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> > >> Tested-by: Xufeng Zhang <yunbo.xufeng@linux.alibaba.com> > >> --- > >> crypto/asymmetric_keys/Makefile | 1 + > >> crypto/asymmetric_keys/public_key.c | 6 +++ > >> crypto/asymmetric_keys/public_key_sm2.c | 61 ++++++++++++++++++++++++ > >> crypto/asymmetric_keys/x509_public_key.c | 3 ++ > >> include/crypto/public_key.h | 15 ++++++ > >> 5 files changed, 86 insertions(+) > >> create mode 100644 crypto/asymmetric_keys/public_key_sm2.c > >> > >> diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile > >> index 28b91adba2ae..1a99ea5acb6b 100644 > >> --- a/crypto/asymmetric_keys/Makefile > >> +++ b/crypto/asymmetric_keys/Makefile > >> @@ -11,6 +11,7 @@ asymmetric_keys-y := \ > >> signature.o > >> > >> obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o > >> +obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key_sm2.o > >> obj-$(CONFIG_ASYMMETRIC_TPM_KEY_SUBTYPE) += asym_tpm.o > >> > >> # > >> diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c > >> index d8410ffd7f12..1d0492098bbd 100644 > >> --- a/crypto/asymmetric_keys/public_key.c > >> +++ b/crypto/asymmetric_keys/public_key.c > >> @@ -299,6 +299,12 @@ int public_key_verify_signature(const struct public_key *pkey, > >> if (ret) > >> goto error_free_key; > >> > >> + if (strcmp(sig->pkey_algo, "sm2") == 0 && sig->data_size) { > >> + ret = cert_sig_digest_update(sig, tfm); > >> + if (ret) > >> + goto error_free_key; > >> + } > >> + > >> sg_init_table(src_sg, 2); > >> sg_set_buf(&src_sg[0], sig->s, sig->s_size); > >> sg_set_buf(&src_sg[1], sig->digest, sig->digest_size); > >> diff --git a/crypto/asymmetric_keys/public_key_sm2.c b/crypto/asymmetric_keys/public_key_sm2.c > >> new file mode 100644 > >> index 000000000000..7325cf21dbb4 > >> --- /dev/null > >> +++ b/crypto/asymmetric_keys/public_key_sm2.c > >> @@ -0,0 +1,61 @@ > >> +/* SPDX-License-Identifier: GPL-2.0-or-later */ > >> +/* > >> + * asymmetric public-key algorithm for SM2-with-SM3 certificate > >> + * as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012 SM2 and > >> + * described at https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 > >> + * > >> + * Copyright (c) 2020, Alibaba Group. > >> + * Authors: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> > >> + */ > >> + > >> +#include <crypto/sm3_base.h> > >> +#include <crypto/sm2.h> > >> +#include <crypto/public_key.h> > >> + > >> +#if IS_REACHABLE(CONFIG_CRYPTO_SM2) > >> + > >> +int cert_sig_digest_update(const struct public_key_signature *sig, > >> + struct crypto_akcipher *tfm_pkey) > >> +{ > >> + struct crypto_shash *tfm; > >> + struct shash_desc *desc; > >> + size_t desc_size; > >> + unsigned char dgst[SM3_DIGEST_SIZE]; > >> + int ret; > >> + > >> + BUG_ON(!sig->data); > >> + > >> + ret = sm2_compute_z_digest(tfm_pkey, SM2_DEFAULT_USERID, > >> + SM2_DEFAULT_USERID_LEN, dgst); > >> + if (ret) > >> + return ret; > >> + > >> + tfm = crypto_alloc_shash(sig->hash_algo, 0, 0); > >> + if (IS_ERR(tfm)) > >> + return PTR_ERR(tfm); > >> + > >> + desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); > >> + desc = kzalloc(desc_size, GFP_KERNEL); > >> + if (!desc) > >> + goto error_free_tfm; > >> + > >> + desc->tfm = tfm; > >> + > >> + ret = crypto_shash_init(desc); > >> + if (ret < 0) > >> + goto error_free_desc; > >> + > >> + ret = crypto_shash_update(desc, dgst, SM3_DIGEST_SIZE); > >> + if (ret < 0) > >> + goto error_free_desc; > >> + > >> + ret = crypto_shash_finup(desc, sig->data, sig->data_size, sig->digest); > > > > It looks like you are doing a separate init, update, finup every time > > - I would consider using crypto_shash_digest() in one go. > > > > In fact, considering the fact that you are allocating a tfm just for > > this use and then releasing it, I would consider switching to > > crypto_shash_tfm_digest() and dropping the kzalloc all together. > > > > This should simplify the code a bit. > > > > Other than that I don't have anything smart to say :-) > > > > Gilad > > > > The hash calculation here includes two parts of data, 'dgst' and > 'sig->data'. The last call is 'finup()' not 'final()'. I understand that > it should not be possible to use 'crypto_shash_tfm_digest()' This kind > of function is simplified. > > If a new scope is added, the assignment of desc can be optimized, as > follows: > ``` > do { > SHASH_DESC_ON_STACK(desc, tfm); > desc->tfm = tfm; > > /* ... */ > } while (0); > ``` > However, the kernel code may not accept this style. What is your opinion? No, you are right. I've indeed missed that it's a finup() and not a final(). If the size of data was big enough it might have been worth going to the async. hash interface and creating a scatter list for this but I suspect it is not justified with the data sizes we are dealing with there. So: Reviewed-by: Gilad Ben-Yossef <gilad@benyossef.com> Thanks, Gilad
diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile index 28b91adba2ae..1a99ea5acb6b 100644 --- a/crypto/asymmetric_keys/Makefile +++ b/crypto/asymmetric_keys/Makefile @@ -11,6 +11,7 @@ asymmetric_keys-y := \ signature.o obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o +obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key_sm2.o obj-$(CONFIG_ASYMMETRIC_TPM_KEY_SUBTYPE) += asym_tpm.o # diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c index d8410ffd7f12..1d0492098bbd 100644 --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -299,6 +299,12 @@ int public_key_verify_signature(const struct public_key *pkey, if (ret) goto error_free_key; + if (strcmp(sig->pkey_algo, "sm2") == 0 && sig->data_size) { + ret = cert_sig_digest_update(sig, tfm); + if (ret) + goto error_free_key; + } + sg_init_table(src_sg, 2); sg_set_buf(&src_sg[0], sig->s, sig->s_size); sg_set_buf(&src_sg[1], sig->digest, sig->digest_size); diff --git a/crypto/asymmetric_keys/public_key_sm2.c b/crypto/asymmetric_keys/public_key_sm2.c new file mode 100644 index 000000000000..7325cf21dbb4 --- /dev/null +++ b/crypto/asymmetric_keys/public_key_sm2.c @@ -0,0 +1,61 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * asymmetric public-key algorithm for SM2-with-SM3 certificate + * as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012 SM2 and + * described at https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 + * + * Copyright (c) 2020, Alibaba Group. + * Authors: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> + */ + +#include <crypto/sm3_base.h> +#include <crypto/sm2.h> +#include <crypto/public_key.h> + +#if IS_REACHABLE(CONFIG_CRYPTO_SM2) + +int cert_sig_digest_update(const struct public_key_signature *sig, + struct crypto_akcipher *tfm_pkey) +{ + struct crypto_shash *tfm; + struct shash_desc *desc; + size_t desc_size; + unsigned char dgst[SM3_DIGEST_SIZE]; + int ret; + + BUG_ON(!sig->data); + + ret = sm2_compute_z_digest(tfm_pkey, SM2_DEFAULT_USERID, + SM2_DEFAULT_USERID_LEN, dgst); + if (ret) + return ret; + + tfm = crypto_alloc_shash(sig->hash_algo, 0, 0); + if (IS_ERR(tfm)) + return PTR_ERR(tfm); + + desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); + desc = kzalloc(desc_size, GFP_KERNEL); + if (!desc) + goto error_free_tfm; + + desc->tfm = tfm; + + ret = crypto_shash_init(desc); + if (ret < 0) + goto error_free_desc; + + ret = crypto_shash_update(desc, dgst, SM3_DIGEST_SIZE); + if (ret < 0) + goto error_free_desc; + + ret = crypto_shash_finup(desc, sig->data, sig->data_size, sig->digest); + +error_free_desc: + kfree(desc); +error_free_tfm: + crypto_free_shash(tfm); + return ret; +} + +#endif /* ! IS_REACHABLE(CONFIG_CRYPTO_SM2) */ diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index d964cc82b69c..ae450eb8be14 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -30,6 +30,9 @@ int x509_get_sig_params(struct x509_certificate *cert) pr_devel("==>%s()\n", __func__); + sig->data = cert->tbs; + sig->data_size = cert->tbs_size; + if (!cert->pub->pkey_algo) cert->unsupported_key = true; diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h index 11f535cfb810..02a6dbe5c366 100644 --- a/include/crypto/public_key.h +++ b/include/crypto/public_key.h @@ -12,6 +12,7 @@ #include <linux/keyctl.h> #include <linux/oid_registry.h> +#include <crypto/akcipher.h> /* * Cryptographic data for the public-key subtype of the asymmetric key type. @@ -44,6 +45,8 @@ struct public_key_signature { const char *pkey_algo; const char *hash_algo; const char *encoding; + const void *data; + unsigned int data_size; }; extern void public_key_signature_free(struct public_key_signature *sig); @@ -81,4 +84,16 @@ extern int verify_signature(const struct key *, int public_key_verify_signature(const struct public_key *pkey, const struct public_key_signature *sig); +#if IS_REACHABLE(CONFIG_CRYPTO_SM2) +int cert_sig_digest_update(const struct public_key_signature *sig, + struct crypto_akcipher *tfm_pkey); +#else +static inline +int cert_sig_digest_update(const struct public_key_signature *sig, + struct crypto_akcipher *tfm_pkey) +{ + return -ENOTSUPP; +} +#endif + #endif /* _LINUX_PUBLIC_KEY_H */