include/linux/verification.h

   1 /* Signature verification
   2  *
   3  * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
   4  * Written by David Howells (dhowells@redhat.com)
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU General Public Licence
   8  * as published by the Free Software Foundation; either version
   9  * 2 of the Licence, or (at your option) any later version.
  10  */
  11
  12 #ifndef _LINUX_VERIFICATION_H
  13 #define _LINUX_VERIFICATION_H
  14
  15 /*
  16  * The use to which an asymmetric key is being put.
  17  */
  18 enum key_being_used_for {
  19         VERIFYING_MODULE_SIGNATURE,
  20         VERIFYING_FIRMWARE_SIGNATURE,
  21         VERIFYING_KEXEC_PE_SIGNATURE,
  22         VERIFYING_KEY_SIGNATURE,
  23         VERIFYING_KEY_SELF_SIGNATURE,
  24         VERIFYING_UNSPECIFIED_SIGNATURE,
  25         NR__KEY_BEING_USED_FOR
  26 };
  27 extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
  28
  29 #ifdef CONFIG_SYSTEM_DATA_VERIFICATION
  30
  31 struct key;
  32
  33 extern int verify_pkcs7_signature(const void *data, size_t len,
  34                                   const void *raw_pkcs7, size_t pkcs7_len,
  35                                   struct key *trusted_keys,
  36                                   enum key_being_used_for usage,
  37                                   int (*view_content)(void *ctx,
  38                                                       const void *data, size_t len,
  39                                                       size_t asn1hdrlen),
  40                                   void *ctx);
  41
  42 #ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
  43 extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
  44                                    struct key *trusted_keys,
  45                                    enum key_being_used_for usage);
  46 #endif
  47
  48 #endif /* CONFIG_SYSTEM_DATA_VERIFICATION */
  49 #endif /* _LINUX_VERIFY_PEFILE_H */