Commit | Line | Data |
---|---|---|
b4d0d230 | 1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
a9681bf3 DH |
2 | /* Asymmetric public-key algorithm definitions |
3 | * | |
0efaaa86 | 4 | * See Documentation/crypto/asymmetric-keys.rst |
a9681bf3 DH |
5 | * |
6 | * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. | |
7 | * Written by David Howells (dhowells@redhat.com) | |
a9681bf3 DH |
8 | */ |
9 | ||
10 | #ifndef _LINUX_PUBLIC_KEY_H | |
11 | #define _LINUX_PUBLIC_KEY_H | |
12 | ||
5a307718 | 13 | #include <linux/keyctl.h> |
f1774cb8 | 14 | #include <linux/oid_registry.h> |
5a307718 | 15 | |
a9681bf3 DH |
16 | /* |
17 | * Cryptographic data for the public-key subtype of the asymmetric key type. | |
18 | * | |
19 | * Note that this may include private part of the key as well as the public | |
20 | * part. | |
21 | */ | |
22 | struct public_key { | |
db6c43bd TS |
23 | void *key; |
24 | u32 keylen; | |
f1774cb8 VC |
25 | enum OID algo; |
26 | void *params; | |
27 | u32 paramlen; | |
f7c4e06e | 28 | bool key_is_private; |
4e8ae72a DH |
29 | const char *id_type; |
30 | const char *pkey_algo; | |
30eae2b0 ES |
31 | unsigned long key_eflags; /* key extension flags */ |
32 | #define KEY_EFLAG_CA 0 /* set if the CA basic constraints is set */ | |
56767128 ES |
33 | #define KEY_EFLAG_DIGITALSIG 1 /* set if the digitalSignature usage is set */ |
34 | #define KEY_EFLAG_KEYCERTSIGN 2 /* set if the keyCertSign usage is set */ | |
a9681bf3 DH |
35 | }; |
36 | ||
3b764563 | 37 | extern void public_key_free(struct public_key *key); |
a9681bf3 DH |
38 | |
39 | /* | |
40 | * Public key cryptography signature data | |
41 | */ | |
42 | struct public_key_signature { | |
7d30198e | 43 | struct asymmetric_key_id *auth_ids[3]; |
db6c43bd | 44 | u8 *s; /* Signature */ |
a9681bf3 | 45 | u8 *digest; |
f985911b | 46 | u32 s_size; /* Number of bytes in signature */ |
47 | u32 digest_size; /* Number of bytes in digest */ | |
4e8ae72a DH |
48 | const char *pkey_algo; |
49 | const char *hash_algo; | |
5a307718 | 50 | const char *encoding; |
21552563 TZ |
51 | const void *data; |
52 | unsigned int data_size; | |
a9681bf3 DH |
53 | }; |
54 | ||
3b764563 DH |
55 | extern void public_key_signature_free(struct public_key_signature *sig); |
56 | ||
db6c43bd | 57 | extern struct asymmetric_key_subtype public_key_subtype; |
3b764563 | 58 | |
4ae71c1d | 59 | struct key; |
a511e1af DH |
60 | struct key_type; |
61 | union key_payload; | |
62 | ||
aaf66c88 | 63 | extern int restrict_link_by_signature(struct key *dest_keyring, |
a511e1af | 64 | const struct key_type *type, |
aaf66c88 MM |
65 | const union key_payload *payload, |
66 | struct key *trust_keyring); | |
a511e1af | 67 | |
7e3c4d22 MM |
68 | extern int restrict_link_by_key_or_keyring(struct key *dest_keyring, |
69 | const struct key_type *type, | |
70 | const union key_payload *payload, | |
71 | struct key *trusted); | |
72 | ||
8e323a02 MM |
73 | extern int restrict_link_by_key_or_keyring_chain(struct key *trust_keyring, |
74 | const struct key_type *type, | |
75 | const union key_payload *payload, | |
76 | struct key *trusted); | |
77 | ||
76adb2fb ES |
78 | #if IS_REACHABLE(CONFIG_ASYMMETRIC_KEY_TYPE) |
79 | extern int restrict_link_by_ca(struct key *dest_keyring, | |
80 | const struct key_type *type, | |
81 | const union key_payload *payload, | |
82 | struct key *trust_keyring); | |
83 | #else | |
84 | static inline int restrict_link_by_ca(struct key *dest_keyring, | |
85 | const struct key_type *type, | |
86 | const union key_payload *payload, | |
87 | struct key *trust_keyring) | |
88 | { | |
89 | return 0; | |
90 | } | |
91 | #endif | |
92 | ||
5a307718 DH |
93 | extern int query_asymmetric_key(const struct kernel_pkey_params *, |
94 | struct kernel_pkey_query *); | |
95 | ||
96 | extern int encrypt_blob(struct kernel_pkey_params *, const void *, void *); | |
97 | extern int decrypt_blob(struct kernel_pkey_params *, const void *, void *); | |
98 | extern int create_signature(struct kernel_pkey_params *, const void *, void *); | |
99 | extern int verify_signature(const struct key *, | |
100 | const struct public_key_signature *); | |
4ae71c1d | 101 | |
7f8da991 | 102 | #if IS_REACHABLE(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) |
db6c43bd TS |
103 | int public_key_verify_signature(const struct public_key *pkey, |
104 | const struct public_key_signature *sig); | |
7f8da991 ES |
105 | #else |
106 | static inline | |
107 | int public_key_verify_signature(const struct public_key *pkey, | |
108 | const struct public_key_signature *sig) | |
109 | { | |
110 | return -EINVAL; | |
111 | } | |
112 | #endif | |
db6c43bd | 113 | |
a9681bf3 | 114 | #endif /* _LINUX_PUBLIC_KEY_H */ |