Linux Audio

Check our new training course

Open Menu / crypto / asymmetric_keys / signature.c
Loading...
v5.4
  1// SPDX-License-Identifier: GPL-2.0-or-later
  2/* Signature verification with an asymmetric key
  3 *
  4 * See Documentation/crypto/asymmetric-keys.txt
  5 *
  6 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
  7 * Written by David Howells (dhowells@redhat.com)
 
 
 
 
 
  8 */
  9
 10#define pr_fmt(fmt) "SIG: "fmt
 11#include <keys/asymmetric-subtype.h>
 12#include <linux/export.h>
 13#include <linux/err.h>
 14#include <linux/slab.h>
 15#include <linux/keyctl.h>
 16#include <crypto/public_key.h>
 17#include <keys/user-type.h>
 18#include "asymmetric_keys.h"
 19
 20/*
 21 * Destroy a public key signature.
 22 */
 23void public_key_signature_free(struct public_key_signature *sig)
 24{
 25	int i;
 26
 27	if (sig) {
 28		for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
 29			kfree(sig->auth_ids[i]);
 30		kfree(sig->s);
 31		kfree(sig->digest);
 32		kfree(sig);
 33	}
 34}
 35EXPORT_SYMBOL_GPL(public_key_signature_free);
 36
 37/**
 38 * query_asymmetric_key - Get information about an aymmetric key.
 39 * @params: Various parameters.
 40 * @info: Where to put the information.
 41 */
 42int query_asymmetric_key(const struct kernel_pkey_params *params,
 43			 struct kernel_pkey_query *info)
 44{
 45	const struct asymmetric_key_subtype *subtype;
 46	struct key *key = params->key;
 47	int ret;
 48
 49	pr_devel("==>%s()\n", __func__);
 50
 51	if (key->type != &key_type_asymmetric)
 52		return -EINVAL;
 53	subtype = asymmetric_key_subtype(key);
 54	if (!subtype ||
 55	    !key->payload.data[0])
 56		return -EINVAL;
 57	if (!subtype->query)
 58		return -ENOTSUPP;
 59
 60	ret = subtype->query(params, info);
 61
 62	pr_devel("<==%s() = %d\n", __func__, ret);
 63	return ret;
 64}
 65EXPORT_SYMBOL_GPL(query_asymmetric_key);
 66
 67/**
 68 * encrypt_blob - Encrypt data using an asymmetric key
 69 * @params: Various parameters
 70 * @data: Data blob to be encrypted, length params->data_len
 71 * @enc: Encrypted data buffer, length params->enc_len
 72 *
 73 * Encrypt the specified data blob using the private key specified by
 74 * params->key.  The encrypted data is wrapped in an encoding if
 75 * params->encoding is specified (eg. "pkcs1").
 76 *
 77 * Returns the length of the data placed in the encrypted data buffer or an
 78 * error.
 79 */
 80int encrypt_blob(struct kernel_pkey_params *params,
 81		 const void *data, void *enc)
 82{
 83	params->op = kernel_pkey_encrypt;
 84	return asymmetric_key_eds_op(params, data, enc);
 85}
 86EXPORT_SYMBOL_GPL(encrypt_blob);
 87
 88/**
 89 * decrypt_blob - Decrypt data using an asymmetric key
 90 * @params: Various parameters
 91 * @enc: Encrypted data to be decrypted, length params->enc_len
 92 * @data: Decrypted data buffer, length params->data_len
 93 *
 94 * Decrypt the specified data blob using the private key specified by
 95 * params->key.  The decrypted data is wrapped in an encoding if
 96 * params->encoding is specified (eg. "pkcs1").
 97 *
 98 * Returns the length of the data placed in the decrypted data buffer or an
 99 * error.
100 */
101int decrypt_blob(struct kernel_pkey_params *params,
102		 const void *enc, void *data)
103{
104	params->op = kernel_pkey_decrypt;
105	return asymmetric_key_eds_op(params, enc, data);
106}
107EXPORT_SYMBOL_GPL(decrypt_blob);
108
109/**
110 * create_signature - Sign some data using an asymmetric key
111 * @params: Various parameters
112 * @data: Data blob to be signed, length params->data_len
113 * @enc: Signature buffer, length params->enc_len
114 *
115 * Sign the specified data blob using the private key specified by params->key.
116 * The signature is wrapped in an encoding if params->encoding is specified
117 * (eg. "pkcs1").  If the encoding needs to know the digest type, this can be
118 * passed through params->hash_algo (eg. "sha1").
119 *
120 * Returns the length of the data placed in the signature buffer or an error.
121 */
122int create_signature(struct kernel_pkey_params *params,
123		     const void *data, void *enc)
124{
125	params->op = kernel_pkey_sign;
126	return asymmetric_key_eds_op(params, data, enc);
127}
128EXPORT_SYMBOL_GPL(create_signature);
129
130/**
131 * verify_signature - Initiate the use of an asymmetric key to verify a signature
132 * @key: The asymmetric key to verify against
133 * @sig: The signature to check
134 *
135 * Returns 0 if successful or else an error.
136 */
137int verify_signature(const struct key *key,
138		     const struct public_key_signature *sig)
139{
140	const struct asymmetric_key_subtype *subtype;
141	int ret;
142
143	pr_devel("==>%s()\n", __func__);
144
145	if (key->type != &key_type_asymmetric)
146		return -EINVAL;
147	subtype = asymmetric_key_subtype(key);
148	if (!subtype ||
149	    !key->payload.data[0])
150		return -EINVAL;
151	if (!subtype->verify_signature)
152		return -ENOTSUPP;
153
154	ret = subtype->verify_signature(key, sig);
155
156	pr_devel("<==%s() = %d\n", __func__, ret);
157	return ret;
158}
159EXPORT_SYMBOL_GPL(verify_signature);
v4.17
 
 1/* Signature verification with an asymmetric key
 2 *
 3 * See Documentation/security/asymmetric-keys.txt
 4 *
 5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
 6 * Written by David Howells (dhowells@redhat.com)
 7 *
 8 * This program is free software; you can redistribute it and/or
 9 * modify it under the terms of the GNU General Public Licence
10 * as published by the Free Software Foundation; either version
11 * 2 of the Licence, or (at your option) any later version.
12 */
13
14#define pr_fmt(fmt) "SIG: "fmt
15#include <keys/asymmetric-subtype.h>
16#include <linux/export.h>
17#include <linux/err.h>
18#include <linux/slab.h>
 
19#include <crypto/public_key.h>
 
20#include "asymmetric_keys.h"
21
22/*
23 * Destroy a public key signature.
24 */
25void public_key_signature_free(struct public_key_signature *sig)
26{
27	int i;
28
29	if (sig) {
30		for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
31			kfree(sig->auth_ids[i]);
32		kfree(sig->s);
33		kfree(sig->digest);
34		kfree(sig);
35	}
36}
37EXPORT_SYMBOL_GPL(public_key_signature_free);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
38
39/**
40 * verify_signature - Initiate the use of an asymmetric key to verify a signature
41 * @key: The asymmetric key to verify against
42 * @sig: The signature to check
43 *
44 * Returns 0 if successful or else an error.
45 */
46int verify_signature(const struct key *key,
47		     const struct public_key_signature *sig)
48{
49	const struct asymmetric_key_subtype *subtype;
50	int ret;
51
52	pr_devel("==>%s()\n", __func__);
53
54	if (key->type != &key_type_asymmetric)
55		return -EINVAL;
56	subtype = asymmetric_key_subtype(key);
57	if (!subtype ||
58	    !key->payload.data[0])
59		return -EINVAL;
60	if (!subtype->verify_signature)
61		return -ENOTSUPP;
62
63	ret = subtype->verify_signature(key, sig);
64
65	pr_devel("<==%s() = %d\n", __func__, ret);
66	return ret;
67}
68EXPORT_SYMBOL_GPL(verify_signature);