crypto: certs: fix FIPS selftest dependency

JIRA: https://issues.redhat.com/browse/RHEL-81929



commit 0f5d4a0b995faa6537c4de79973817a4f8da206a
Author: Arnd Bergmann <arnd@arndb.de>
Date:   Thu Dec 15 18:02:52 2022 +0100

    crypto: certs: fix FIPS selftest dependency

    The selftest code is built into the x509_key_parser module, and depends
    on the pkcs7_message_parser module, which in turn has a dependency on
    the key parser, creating a dependency loop and a resulting link
    failure when the pkcs7 code is a loadable module:

    ld: crypto/asymmetric_keys/selftest.o: in function `fips_signature_selftest':
    crypto/asymmetric_keys/selftest.c:205: undefined reference to `pkcs7_parse_message'
    ld: crypto/asymmetric_keys/selftest.c:209: undefined reference to `pkcs7_supply_detached_data'
    ld: crypto/asymmetric_keys/selftest.c:211: undefined reference to `pkcs7_verify'
    ld: crypto/asymmetric_keys/selftest.c:215: undefined reference to `pkcs7_validate_trust'
    ld: crypto/asymmetric_keys/selftest.c:219: undefined reference to `pkcs7_free_message'

    Avoid this by only allowing the selftest to be enabled when either
    both parts are loadable modules, or both are built-in.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

Signed-off-by: Herbert Xu <herbert.xu@redhat.com>

crypto/asymmetric_keys/Kconfig

@@ -104,6 +104,6 @@ config FIPS_SIGNATURE_SELFTEST
 	  for FIPS.
 	depends on KEYS
 	depends on ASYMMETRIC_KEY_TYPE
-	depends on PKCS7_MESSAGE_PARSER
+	depends on PKCS7_MESSAGE_PARSER=X509_CERTIFICATE_PARSER
 
 endif # ASYMMETRIC_KEY_TYPE

crypto/asymmetric_keys/pkcs7_verify.c

@@ -494,3 +494,4 @@ int pkcs7_supply_detached_data(struct pkcs7_message *pkcs7,
 	pkcs7->data_len = datalen;
 	return 0;
 }
+EXPORT_SYMBOL_GPL(pkcs7_supply_detached_data);