public_key.h source code [linux/include/crypto/public_key.h]

1	/ SPDX-License-Identifier: GPL-2.0-or-later /
2	/ Asymmetric public-key algorithm definitions*
3	*
4	* See Documentation/crypto/asymmetric-keys.rst
5	*
6	* Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
7	* Written by David Howells (dhowells@redhat.com)
8	*/
9
10	#ifndef _LINUX_PUBLIC_KEY_H
11	#define _LINUX_PUBLIC_KEY_H
12
13	#include <linux/errno.h>
14	#include <linux/keyctl.h>
15	#include <linux/oid_registry.h>
16
17	/*
18	* Cryptographic data for the public-key subtype of the asymmetric key type.
19	*
20	* Note that this may include private part of the key as well as the public
21	* part.
22	*/
23	struct public_key {
24	void *key;
25	u32 keylen;
26	enum OID algo;
27	void *params;
28	u32 paramlen;
29	bool key_is_private;
30	const char *id_type;
31	const char *pkey_algo;
32	unsigned long key_eflags; / key extension flags /
33	#define KEY_EFLAG_CA 0 /* set if the CA basic constraints is set */
34	#define KEY_EFLAG_DIGITALSIG 1 /* set if the digitalSignature usage is set */
35	#define KEY_EFLAG_KEYCERTSIGN 2 /* set if the keyCertSign usage is set */
36	};
37
38	extern void public_key_free(struct public_key *key);
39
40	/*
41	* Public key cryptography signature data
42	*/
43	struct public_key_signature {
44	struct asymmetric_key_id *auth_ids[`3`];
45	u8 s; /* Signature /
46	u8 *digest;
47	u32 s_size; / Number of bytes in signature /
48	u32 digest_size; / Number of bytes in digest /
49	const char *pkey_algo;
50	const char *hash_algo;
51	const char *encoding;
52	};
53
54	extern void public_key_signature_free(struct public_key_signature *sig);
55
56	extern struct asymmetric_key_subtype public_key_subtype;
57
58	struct key;
59	struct key_type;
60	union key_payload;
61
62	extern int restrict_link_by_signature(struct key *dest_keyring,
63	const struct key_type *type,
64	const union key_payload *payload,
65	struct key *trust_keyring);
66
67	extern int restrict_link_by_key_or_keyring(struct key *dest_keyring,
68	const struct key_type *type,
69	const union key_payload *payload,
70	struct key *trusted);
71
72	extern int restrict_link_by_key_or_keyring_chain(struct key *trust_keyring,
73	const struct key_type *type,
74	const union key_payload *payload,
75	struct key *trusted);
76
77	#if IS_REACHABLE(CONFIG_ASYMMETRIC_KEY_TYPE)
78	extern int restrict_link_by_ca(struct key *dest_keyring,
79	const struct key_type *type,
80	const union key_payload *payload,
81	struct key *trust_keyring);
82	int restrict_link_by_digsig(struct key *dest_keyring,
83	const struct key_type *type,
84	const union key_payload *payload,
85	struct key *trust_keyring);
86	#else
87	static inline int restrict_link_by_ca(struct key *dest_keyring,
88	const struct key_type *type,
89	const union key_payload *payload,
90	struct key *trust_keyring)
91	{
92	return `0`;
93	}
94
95	static inline int restrict_link_by_digsig(struct key *dest_keyring,
96	const struct key_type *type,
97	const union key_payload *payload,
98	struct key *trust_keyring)
99	{
100	return `0`;
101	}
102	#endif
103
104	extern int query_asymmetric_key(const struct kernel_pkey_params *,
105	struct kernel_pkey_query *);
106
107	extern int verify_signature(const struct key *,
108	const struct public_key_signature *);
109
110	#if IS_REACHABLE(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE)
111	int public_key_verify_signature(const struct public_key *pkey,
112	const struct public_key_signature *sig);
113	#else
114	static inline
115	int public_key_verify_signature(const struct public_key *pkey,
116	const struct public_key_signature *sig)
117	{
118	return -EINVAL;
119	}
120	#endif
121
122	#endif /* _LINUX_PUBLIC_KEY_H */
123

source code of linux/include/crypto/public_key.h