1/* Signature verification with an asymmetric key
 2 *
 3 * See Documentation/security/asymmetric-keys.txt
 4 *
 5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
 6 * Written by David Howells (dhowells@redhat.com)
 7 *
 8 * This program is free software; you can redistribute it and/or
 9 * modify it under the terms of the GNU General Public Licence
10 * as published by the Free Software Foundation; either version
11 * 2 of the Licence, or (at your option) any later version.
12 */
13
14#define pr_fmt(fmt) "SIG: "fmt
15#include <keys/asymmetric-subtype.h>
16#include <linux/export.h>
17#include <linux/err.h>
18#include <linux/slab.h>
19#include <crypto/public_key.h>
20#include "asymmetric_keys.h"
21
22/*
23 * Destroy a public key signature.
24 */
25void public_key_signature_free(struct public_key_signature *sig)
26{
27	int i;
28
29	if (sig) {
30		for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
31			kfree(sig->auth_ids[i]);
32		kfree(sig->s);
33		kfree(sig->digest);
34		kfree(sig);
35	}
36}
37EXPORT_SYMBOL_GPL(public_key_signature_free);
38
39/**
40 * verify_signature - Initiate the use of an asymmetric key to verify a signature
41 * @key: The asymmetric key to verify against
42 * @sig: The signature to check
43 *
44 * Returns 0 if successful or else an error.
45 */
46int verify_signature(const struct key *key,
47		     const struct public_key_signature *sig)
48{
49	const struct asymmetric_key_subtype *subtype;
50	int ret;
51
52	pr_devel("==>%s()\n", __func__);
53
54	if (key->type != &key_type_asymmetric)
55		return -EINVAL;
56	subtype = asymmetric_key_subtype(key);
57	if (!subtype ||
58	    !key->payload.data[0])
59		return -EINVAL;
60	if (!subtype->verify_signature)
61		return -ENOTSUPP;
62
63	ret = subtype->verify_signature(key, sig);
64
65	pr_devel("<==%s() = %d\n", __func__, ret);
66	return ret;
67}
68EXPORT_SYMBOL_GPL(verify_signature);