diff options
Diffstat (limited to 'include/crypto')
-rw-r--r-- | include/crypto/backport-pkcs7.h | 47 | ||||
-rw-r--r-- | include/crypto/backport-public_key.h | 74 | ||||
-rw-r--r-- | include/crypto/pkcs7.h | 11 | ||||
-rw-r--r-- | include/crypto/public_key.h | 6 |
4 files changed, 138 insertions, 0 deletions
diff --git a/include/crypto/backport-pkcs7.h b/include/crypto/backport-pkcs7.h new file mode 100644 index 0000000..583f199 --- /dev/null +++ b/include/crypto/backport-pkcs7.h @@ -0,0 +1,47 @@ +/* PKCS#7 crypto data parser + * + * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public Licence + * as published by the Free Software Foundation; either version + * 2 of the Licence, or (at your option) any later version. + */ + +#ifndef _CRYPTO_PKCS7_H +#define _CRYPTO_PKCS7_H + +#include <linux/verification.h> +#include <crypto/public_key.h> + +struct key; +struct pkcs7_message; + +/* + * pkcs7_parser.c + */ +extern struct pkcs7_message *pkcs7_parse_message(const void *data, + size_t datalen); +extern void pkcs7_free_message(struct pkcs7_message *pkcs7); + +extern int pkcs7_get_content_data(const struct pkcs7_message *pkcs7, + const void **_data, size_t *_datalen, + size_t *_headerlen); + +/* + * pkcs7_trust.c + */ +extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7, + struct key *trust_keyring); + +/* + * pkcs7_verify.c + */ +extern int pkcs7_verify(struct pkcs7_message *pkcs7, + enum key_being_used_for usage); + +extern int pkcs7_supply_detached_data(struct pkcs7_message *pkcs7, + const void *data, size_t datalen); + +#endif /* _CRYPTO_PKCS7_H */ diff --git a/include/crypto/backport-public_key.h b/include/crypto/backport-public_key.h new file mode 100644 index 0000000..e0b681a --- /dev/null +++ b/include/crypto/backport-public_key.h @@ -0,0 +1,74 @@ +/* Asymmetric public-key algorithm definitions + * + * See Documentation/crypto/asymmetric-keys.txt + * + * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public Licence + * as published by the Free Software Foundation; either version + * 2 of the Licence, or (at your option) any later version. + */ + +#ifndef _LINUX_PUBLIC_KEY_H +#define _LINUX_PUBLIC_KEY_H + +/* + * Cryptographic data for the public-key subtype of the asymmetric key type. + * + * Note that this may include private part of the key as well as the public + * part. + */ +struct public_key { + void *key; + u32 keylen; + const char *id_type; + const char *pkey_algo; +}; + +extern void public_key_free(struct public_key *key); + +/* + * Public key cryptography signature data + */ +struct public_key_signature { + struct asymmetric_key_id *auth_ids[2]; + u8 *s; /* Signature */ + u32 s_size; /* Number of bytes in signature */ + u8 *digest; + u8 digest_size; /* Number of bytes in digest */ + const char *pkey_algo; + const char *hash_algo; +}; + +extern void public_key_signature_free(struct public_key_signature *sig); + +extern struct asymmetric_key_subtype public_key_subtype; + +struct key; +struct key_type; +union key_payload; + +extern int restrict_link_by_signature(struct key *dest_keyring, + const struct key_type *type, + const union key_payload *payload, + struct key *trust_keyring); + +extern int restrict_link_by_key_or_keyring(struct key *dest_keyring, + const struct key_type *type, + const union key_payload *payload, + struct key *trusted); + +extern int restrict_link_by_key_or_keyring_chain(struct key *trust_keyring, + const struct key_type *type, + const union key_payload *payload, + struct key *trusted); + +extern int verify_signature(const struct key *key, + const struct public_key_signature *sig); + +int public_key_verify_signature(const struct public_key *pkey, + const struct public_key_signature *sig); + +#endif /* _LINUX_PUBLIC_KEY_H */ diff --git a/include/crypto/pkcs7.h b/include/crypto/pkcs7.h new file mode 100644 index 0000000..c6e6e69 --- /dev/null +++ b/include/crypto/pkcs7.h @@ -0,0 +1,11 @@ +/* Automatically created during backport process */ +#ifndef CPTCFG_BPAUTO_PKCS7 +#include_next <crypto/pkcs7.h> +#else +#define pkcs7_verify LINUX_BACKPORT(pkcs7_verify) +#define pkcs7_get_content_data LINUX_BACKPORT(pkcs7_get_content_data) +#define pkcs7_parse_message LINUX_BACKPORT(pkcs7_parse_message) +#define pkcs7_free_message LINUX_BACKPORT(pkcs7_free_message) +#define pkcs7_validate_trust LINUX_BACKPORT(pkcs7_validate_trust) +#include <crypto/backport-pkcs7.h> +#endif /* CPTCFG_BPAUTO_PKCS7 */ diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h new file mode 100644 index 0000000..35c0b37 --- /dev/null +++ b/include/crypto/public_key.h @@ -0,0 +1,6 @@ +/* Automatically created during backport process */ +#ifndef CPTCFG_BPAUTO_PUBLIC_KEY +#include_next <crypto/public_key.h> +#else +#include <crypto/backport-public_key.h> +#endif /* CPTCFG_BPAUTO_PUBLIC_KEY */ |