Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
1/* Signature verification
2 *
3 * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public Licence
8 * as published by the Free Software Foundation; either version
9 * 2 of the Licence, or (at your option) any later version.
10 */
11
12#ifndef _LINUX_VERIFICATION_H
13#define _LINUX_VERIFICATION_H
14
15/*
16 * Indicate that both builtin trusted keys and secondary trusted keys
17 * should be used.
18 */
19#define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL)
20#define VERIFY_USE_PLATFORM_KEYRING ((struct key *)2UL)
21
22/*
23 * The use to which an asymmetric key is being put.
24 */
25enum key_being_used_for {
26 VERIFYING_MODULE_SIGNATURE,
27 VERIFYING_FIRMWARE_SIGNATURE,
28 VERIFYING_KEXEC_PE_SIGNATURE,
29 VERIFYING_KEY_SIGNATURE,
30 VERIFYING_KEY_SELF_SIGNATURE,
31 VERIFYING_UNSPECIFIED_SIGNATURE,
32 NR__KEY_BEING_USED_FOR
33};
34extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
35
36#ifdef CONFIG_SYSTEM_DATA_VERIFICATION
37
38struct key;
39
40extern int verify_pkcs7_signature(const void *data, size_t len,
41 const void *raw_pkcs7, size_t pkcs7_len,
42 struct key *trusted_keys,
43 enum key_being_used_for usage,
44 int (*view_content)(void *ctx,
45 const void *data, size_t len,
46 size_t asn1hdrlen),
47 void *ctx);
48
49#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
50extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
51 struct key *trusted_keys,
52 enum key_being_used_for usage);
53#endif
54
55#endif /* CONFIG_SYSTEM_DATA_VERIFICATION */
56#endif /* _LINUX_VERIFY_PEFILE_H */