1 /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 /* Signature verification 3 * 4 * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8 #ifndef _LINUX_VERIFICATION_H 9 #define _LINUX_VERIFICATION_H 10 11 #include <linux/errno.h> 12 #include <linux/types.h> 13 14 /* 15 * Indicate that both builtin trusted keys and secondary trusted keys 16 * should be used. 17 */ 18 #define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL) 19 #define VERIFY_USE_PLATFORM_KEYRING ((struct key *)2UL) 20 21 static inline int system_keyring_id_check(u64 id) 22 { 23 if (id > (unsigned long)VERIFY_USE_PLATFORM_KEYRING) 24 return -EINVAL; 25 26 return 0; 27 } 28 29 /* 30 * The use to which an asymmetric key is being put. 31 */ 32 enum key_being_used_for { 33 VERIFYING_MODULE_SIGNATURE, 34 VERIFYING_FIRMWARE_SIGNATURE, 35 VERIFYING_KEXEC_PE_SIGNATURE, 36 VERIFYING_KEY_SIGNATURE, 37 VERIFYING_KEY_SELF_SIGNATURE, 38 VERIFYING_UNSPECIFIED_SIGNATURE, 39 NR__KEY_BEING_USED_FOR 40 }; 41 extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR]; 42 43 #ifdef CONFIG_SYSTEM_DATA_VERIFICATION 44 45 struct key; 46 struct pkcs7_message; 47 48 extern int verify_pkcs7_signature(const void *data, size_t len, 49 const void *raw_pkcs7, size_t pkcs7_len, 50 struct key *trusted_keys, 51 enum key_being_used_for usage, 52 int (*view_content)(void *ctx, 53 const void *data, size_t len, 54 size_t asn1hdrlen), 55 void *ctx); 56 extern int verify_pkcs7_message_sig(const void *data, size_t len, 57 struct pkcs7_message *pkcs7, 58 struct key *trusted_keys, 59 enum key_being_used_for usage, 60 int (*view_content)(void *ctx, 61 const void *data, 62 size_t len, 63 size_t asn1hdrlen), 64 void *ctx); 65 66 #ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION 67 extern int verify_pefile_signature(const void *pebuf, unsigned pelen, 68 struct key *trusted_keys, 69 enum key_being_used_for usage); 70 #endif 71 72 #endif /* CONFIG_SYSTEM_DATA_VERIFICATION */ 73 #endif /* _LINUX_VERIFY_PEFILE_H */ 74
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.