~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/crypto/asymmetric_keys/signature.c

Version: ~ [ linux-6.11-rc3 ] ~ [ linux-6.10.4 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.45 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.104 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.164 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.223 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.281 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.319 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~ 
  1 // SPDX-License-Identifier: GPL-2.0-or-later
  2 /* Signature verification with an asymmetric key
  3  *
  4  * See Documentation/crypto/asymmetric-keys.rst
  5  *
  6  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
  7  * Written by David Howells (dhowells@redhat.com)
  8  */
  9 
 10 #define pr_fmt(fmt) "SIG: "fmt
 11 #include <keys/asymmetric-subtype.h>
 12 #include <linux/export.h>
 13 #include <linux/err.h>
 14 #include <linux/slab.h>
 15 #include <linux/keyctl.h>
 16 #include <crypto/public_key.h>
 17 #include <keys/user-type.h>
 18 #include "asymmetric_keys.h"
 19 
 20 /*
 21  * Destroy a public key signature.
 22  */
 23 void public_key_signature_free(struct public_key_signature *sig)
 24 {
 25         int i;
 26 
 27         if (sig) {
 28                 for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
 29                         kfree(sig->auth_ids[i]);
 30                 kfree(sig->s);
 31                 kfree(sig->digest);
 32                 kfree(sig);
 33         }
 34 }
 35 EXPORT_SYMBOL_GPL(public_key_signature_free);
 36 
 37 /**
 38  * query_asymmetric_key - Get information about an asymmetric key.
 39  * @params: Various parameters.
 40  * @info: Where to put the information.
 41  */
 42 int query_asymmetric_key(const struct kernel_pkey_params *params,
 43                          struct kernel_pkey_query *info)
 44 {
 45         const struct asymmetric_key_subtype *subtype;
 46         struct key *key = params->key;
 47         int ret;
 48 
 49         pr_devel("==>%s()\n", __func__);
 50 
 51         if (key->type != &key_type_asymmetric)
 52                 return -EINVAL;
 53         subtype = asymmetric_key_subtype(key);
 54         if (!subtype ||
 55             !key->payload.data[0])
 56                 return -EINVAL;
 57         if (!subtype->query)
 58                 return -ENOTSUPP;
 59 
 60         ret = subtype->query(params, info);
 61 
 62         pr_devel("<==%s() = %d\n", __func__, ret);
 63         return ret;
 64 }
 65 EXPORT_SYMBOL_GPL(query_asymmetric_key);
 66 
 67 /**
 68  * encrypt_blob - Encrypt data using an asymmetric key
 69  * @params: Various parameters
 70  * @data: Data blob to be encrypted, length params->data_len
 71  * @enc: Encrypted data buffer, length params->enc_len
 72  *
 73  * Encrypt the specified data blob using the private key specified by
 74  * params->key.  The encrypted data is wrapped in an encoding if
 75  * params->encoding is specified (eg. "pkcs1").
 76  *
 77  * Returns the length of the data placed in the encrypted data buffer or an
 78  * error.
 79  */
 80 int encrypt_blob(struct kernel_pkey_params *params,
 81                  const void *data, void *enc)
 82 {
 83         params->op = kernel_pkey_encrypt;
 84         return asymmetric_key_eds_op(params, data, enc);
 85 }
 86 EXPORT_SYMBOL_GPL(encrypt_blob);
 87 
 88 /**
 89  * decrypt_blob - Decrypt data using an asymmetric key
 90  * @params: Various parameters
 91  * @enc: Encrypted data to be decrypted, length params->enc_len
 92  * @data: Decrypted data buffer, length params->data_len
 93  *
 94  * Decrypt the specified data blob using the private key specified by
 95  * params->key.  The decrypted data is wrapped in an encoding if
 96  * params->encoding is specified (eg. "pkcs1").
 97  *
 98  * Returns the length of the data placed in the decrypted data buffer or an
 99  * error.
100  */
101 int decrypt_blob(struct kernel_pkey_params *params,
102                  const void *enc, void *data)
103 {
104         params->op = kernel_pkey_decrypt;
105         return asymmetric_key_eds_op(params, enc, data);
106 }
107 EXPORT_SYMBOL_GPL(decrypt_blob);
108 
109 /**
110  * create_signature - Sign some data using an asymmetric key
111  * @params: Various parameters
112  * @data: Data blob to be signed, length params->data_len
113  * @enc: Signature buffer, length params->enc_len
114  *
115  * Sign the specified data blob using the private key specified by params->key.
116  * The signature is wrapped in an encoding if params->encoding is specified
117  * (eg. "pkcs1").  If the encoding needs to know the digest type, this can be
118  * passed through params->hash_algo (eg. "sha1").
119  *
120  * Returns the length of the data placed in the signature buffer or an error.
121  */
122 int create_signature(struct kernel_pkey_params *params,
123                      const void *data, void *enc)
124 {
125         params->op = kernel_pkey_sign;
126         return asymmetric_key_eds_op(params, data, enc);
127 }
128 EXPORT_SYMBOL_GPL(create_signature);
129 
130 /**
131  * verify_signature - Initiate the use of an asymmetric key to verify a signature
132  * @key: The asymmetric key to verify against
133  * @sig: The signature to check
134  *
135  * Returns 0 if successful or else an error.
136  */
137 int verify_signature(const struct key *key,
138                      const struct public_key_signature *sig)
139 {
140         const struct asymmetric_key_subtype *subtype;
141         int ret;
142 
143         pr_devel("==>%s()\n", __func__);
144 
145         if (key->type != &key_type_asymmetric)
146                 return -EINVAL;
147         subtype = asymmetric_key_subtype(key);
148         if (!subtype ||
149             !key->payload.data[0])
150                 return -EINVAL;
151         if (!subtype->verify_signature)
152                 return -ENOTSUPP;
153 
154         ret = subtype->verify_signature(key, sig);
155 
156         pr_devel("<==%s() = %d\n", __func__, ret);
157         return ret;
158 }
159 EXPORT_SYMBOL_GPL(verify_signature);
160
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php