verification.h (1815B)
1/* SPDX-License-Identifier: GPL-2.0-or-later */ 2/* Signature verification 3 * 4 * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8#ifndef _LINUX_VERIFICATION_H 9#define _LINUX_VERIFICATION_H 10 11#include <linux/types.h> 12 13/* 14 * Indicate that both builtin trusted keys and secondary trusted keys 15 * should be used. 16 */ 17#define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL) 18#define VERIFY_USE_PLATFORM_KEYRING ((struct key *)2UL) 19 20/* 21 * The use to which an asymmetric key is being put. 22 */ 23enum key_being_used_for { 24 VERIFYING_MODULE_SIGNATURE, 25 VERIFYING_FIRMWARE_SIGNATURE, 26 VERIFYING_KEXEC_PE_SIGNATURE, 27 VERIFYING_KEY_SIGNATURE, 28 VERIFYING_KEY_SELF_SIGNATURE, 29 VERIFYING_UNSPECIFIED_SIGNATURE, 30 NR__KEY_BEING_USED_FOR 31}; 32extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR]; 33 34#ifdef CONFIG_SYSTEM_DATA_VERIFICATION 35 36struct key; 37struct pkcs7_message; 38 39extern int verify_pkcs7_signature(const void *data, size_t len, 40 const void *raw_pkcs7, size_t pkcs7_len, 41 struct key *trusted_keys, 42 enum key_being_used_for usage, 43 int (*view_content)(void *ctx, 44 const void *data, size_t len, 45 size_t asn1hdrlen), 46 void *ctx); 47extern int verify_pkcs7_message_sig(const void *data, size_t len, 48 struct pkcs7_message *pkcs7, 49 struct key *trusted_keys, 50 enum key_being_used_for usage, 51 int (*view_content)(void *ctx, 52 const void *data, 53 size_t len, 54 size_t asn1hdrlen), 55 void *ctx); 56 57#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION 58extern int verify_pefile_signature(const void *pebuf, unsigned pelen, 59 struct key *trusted_keys, 60 enum key_being_used_for usage); 61#endif 62 63#endif /* CONFIG_SYSTEM_DATA_VERIFICATION */ 64#endif /* _LINUX_VERIFY_PEFILE_H */