• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Signature verification
2  *
3  * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
4  * Written by David Howells (dhowells@redhat.com)
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public Licence
8  * as published by the Free Software Foundation; either version
9  * 2 of the Licence, or (at your option) any later version.
10  */
11 
12 #ifndef _LINUX_VERIFICATION_H
13 #define _LINUX_VERIFICATION_H
14 
15 /*
16  * The use to which an asymmetric key is being put.
17  */
18 enum key_being_used_for {
19 	VERIFYING_MODULE_SIGNATURE,
20 	VERIFYING_FIRMWARE_SIGNATURE,
21 	VERIFYING_KEXEC_PE_SIGNATURE,
22 	VERIFYING_KEY_SIGNATURE,
23 	VERIFYING_KEY_SELF_SIGNATURE,
24 	VERIFYING_UNSPECIFIED_SIGNATURE,
25 	NR__KEY_BEING_USED_FOR
26 };
27 extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
28 
29 #ifdef CONFIG_SYSTEM_DATA_VERIFICATION
30 
31 struct key;
32 
33 extern int verify_pkcs7_signature(const void *data, size_t len,
34 				  const void *raw_pkcs7, size_t pkcs7_len,
35 				  struct key *trusted_keys,
36 				  enum key_being_used_for usage,
37 				  int (*view_content)(void *ctx,
38 						      const void *data, size_t len,
39 						      size_t asn1hdrlen),
40 				  void *ctx);
41 
42 #ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
43 extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
44 				   struct key *trusted_keys,
45 				   enum key_being_used_for usage);
46 #endif
47 
48 #endif /* CONFIG_SYSTEM_DATA_VERIFICATION */
49 #endif /* _LINUX_VERIFY_PEFILE_H */
50