CoCalc -- public

GitHub Repository: torvalds/linux
Path: blob/master/include/crypto/public_key.h
²⁶²⁸² views
1
/* SPDX-License-Identifier: GPL-2.0-or-later */
2
/* Asymmetric public-key algorithm definitions
3
 *
4
 * See Documentation/crypto/asymmetric-keys.rst
5
 *
6
 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
7
 * Written by David Howells ([email protected])
8
 */
9

10
#ifndef _LINUX_PUBLIC_KEY_H
11
#define _LINUX_PUBLIC_KEY_H
12

13
#include <linux/errno.h>
14
#include <linux/keyctl.h>
15
#include <linux/oid_registry.h>
16

17
/*
18
 * Cryptographic data for the public-key subtype of the asymmetric key type.
19
 *
20
 * Note that this may include private part of the key as well as the public
21
 * part.
22
 */
23
struct public_key {
24
	void *key;
25
	u32 keylen;
26
	enum OID algo;
27
	void *params;
28
	u32 paramlen;
29
	bool key_is_private;
30
	const char *id_type;
31
	const char *pkey_algo;
32
	unsigned long key_eflags;	/* key extension flags */
33
#define KEY_EFLAG_CA		0	/* set if the CA basic constraints is set */
34
#define KEY_EFLAG_DIGITALSIG	1	/* set if the digitalSignature usage is set */
35
#define KEY_EFLAG_KEYCERTSIGN	2	/* set if the keyCertSign usage is set */
36
};
37

38
extern void public_key_free(struct public_key *key);
39

40
/*
41
 * Public key cryptography signature data
42
 */
43
struct public_key_signature {
44
	struct asymmetric_key_id *auth_ids[3];
45
	u8 *s;			/* Signature */
46
	u8 *digest;
47
	u32 s_size;		/* Number of bytes in signature */
48
	u32 digest_size;	/* Number of bytes in digest */
49
	const char *pkey_algo;
50
	const char *hash_algo;
51
	const char *encoding;
52
};
53

54
extern void public_key_signature_free(struct public_key_signature *sig);
55

56
extern struct asymmetric_key_subtype public_key_subtype;
57

58
struct key;
59
struct key_type;
60
union key_payload;
61

62
extern int restrict_link_by_signature(struct key *dest_keyring,
63
				      const struct key_type *type,
64
				      const union key_payload *payload,
65
				      struct key *trust_keyring);
66

67
extern int restrict_link_by_key_or_keyring(struct key *dest_keyring,
68
					   const struct key_type *type,
69
					   const union key_payload *payload,
70
					   struct key *trusted);
71

72
extern int restrict_link_by_key_or_keyring_chain(struct key *trust_keyring,
73
						 const struct key_type *type,
74
						 const union key_payload *payload,
75
						 struct key *trusted);
76

77
#if IS_REACHABLE(CONFIG_ASYMMETRIC_KEY_TYPE)
78
extern int restrict_link_by_ca(struct key *dest_keyring,
79
			       const struct key_type *type,
80
			       const union key_payload *payload,
81
			       struct key *trust_keyring);
82
int restrict_link_by_digsig(struct key *dest_keyring,
83
			    const struct key_type *type,
84
			    const union key_payload *payload,
85
			    struct key *trust_keyring);
86
#else
87
static inline int restrict_link_by_ca(struct key *dest_keyring,
88
				      const struct key_type *type,
89
				      const union key_payload *payload,
90
				      struct key *trust_keyring)
91
{
92
	return 0;
93
}
94

95
static inline int restrict_link_by_digsig(struct key *dest_keyring,
96
					  const struct key_type *type,
97
					  const union key_payload *payload,
98
					  struct key *trust_keyring)
99
{
100
	return 0;
101
}
102
#endif
103

104
extern int query_asymmetric_key(const struct kernel_pkey_params *,
105
				struct kernel_pkey_query *);
106

107
extern int verify_signature(const struct key *,
108
			    const struct public_key_signature *);
109

110
#if IS_REACHABLE(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE)
111
int public_key_verify_signature(const struct public_key *pkey,
112
				const struct public_key_signature *sig);
113
#else
114
static inline
115
int public_key_verify_signature(const struct public_key *pkey,
116
				const struct public_key_signature *sig)
117
{
118
	return -EINVAL;
119
}
120
#endif
121

122
#endif /* _LINUX_PUBLIC_KEY_H */
123

124
Product

Resources

Company
