Commit | Line | Data |
---|---|---|
b4d0d230 | 1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
e68503bd DH |
2 | /* Signature verification |
3 | * | |
4 | * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. | |
5 | * Written by David Howells (dhowells@redhat.com) | |
e68503bd DH |
6 | */ |
7 | ||
8 | #ifndef _LINUX_VERIFICATION_H | |
9 | #define _LINUX_VERIFICATION_H | |
10 | ||
f14602ca MS |
11 | #include <linux/types.h> |
12 | ||
817aef26 YS |
13 | /* |
14 | * Indicate that both builtin trusted keys and secondary trusted keys | |
15 | * should be used. | |
16 | */ | |
17 | #define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL) | |
278311e4 | 18 | #define VERIFY_USE_PLATFORM_KEYRING ((struct key *)2UL) |
817aef26 | 19 | |
e68503bd DH |
20 | /* |
21 | * The use to which an asymmetric key is being put. | |
22 | */ | |
23 | enum key_being_used_for { | |
24 | VERIFYING_MODULE_SIGNATURE, | |
25 | VERIFYING_FIRMWARE_SIGNATURE, | |
26 | VERIFYING_KEXEC_PE_SIGNATURE, | |
27 | VERIFYING_KEY_SIGNATURE, | |
28 | VERIFYING_KEY_SELF_SIGNATURE, | |
29 | VERIFYING_UNSPECIFIED_SIGNATURE, | |
30 | NR__KEY_BEING_USED_FOR | |
31 | }; | |
32 | extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR]; | |
33 | ||
34 | #ifdef CONFIG_SYSTEM_DATA_VERIFICATION | |
35 | ||
36 | struct key; | |
2a7bf671 | 37 | struct pkcs7_message; |
e68503bd DH |
38 | |
39 | extern int verify_pkcs7_signature(const void *data, size_t len, | |
40 | const void *raw_pkcs7, size_t pkcs7_len, | |
41 | struct key *trusted_keys, | |
e68503bd DH |
42 | enum key_being_used_for usage, |
43 | int (*view_content)(void *ctx, | |
44 | const void *data, size_t len, | |
45 | size_t asn1hdrlen), | |
46 | void *ctx); | |
2a7bf671 TJB |
47 | extern int verify_pkcs7_message_sig(const void *data, size_t len, |
48 | struct pkcs7_message *pkcs7, | |
49 | struct key *trusted_keys, | |
50 | enum key_being_used_for usage, | |
51 | int (*view_content)(void *ctx, | |
52 | const void *data, | |
53 | size_t len, | |
54 | size_t asn1hdrlen), | |
55 | void *ctx); | |
e68503bd DH |
56 | |
57 | #ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION | |
58 | extern int verify_pefile_signature(const void *pebuf, unsigned pelen, | |
59 | struct key *trusted_keys, | |
60 | enum key_being_used_for usage); | |
61 | #endif | |
62 | ||
63 | #endif /* CONFIG_SYSTEM_DATA_VERIFICATION */ | |
64 | #endif /* _LINUX_VERIFY_PEFILE_H */ |