Linux Audio

Check our new training course

Open Menu / include / crypto / public_key.h
Loading...
v6.8
  1/* SPDX-License-Identifier: GPL-2.0-or-later */
  2/* Asymmetric public-key algorithm definitions
  3 *
  4 * See Documentation/crypto/asymmetric-keys.rst
  5 *
  6 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
  7 * Written by David Howells (dhowells@redhat.com)
 
 
 
 
 
  8 */
  9
 10#ifndef _LINUX_PUBLIC_KEY_H
 11#define _LINUX_PUBLIC_KEY_H
 12
 13#include <linux/keyctl.h>
 14#include <linux/oid_registry.h>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 15
 16/*
 17 * Cryptographic data for the public-key subtype of the asymmetric key type.
 18 *
 19 * Note that this may include private part of the key as well as the public
 20 * part.
 21 */
 22struct public_key {
 23	void *key;
 24	u32 keylen;
 25	enum OID algo;
 26	void *params;
 27	u32 paramlen;
 28	bool key_is_private;
 29	const char *id_type;
 30	const char *pkey_algo;
 31	unsigned long key_eflags;	/* key extension flags */
 32#define KEY_EFLAG_CA		0	/* set if the CA basic constraints is set */
 33#define KEY_EFLAG_DIGITALSIG	1	/* set if the digitalSignature usage is set */
 34#define KEY_EFLAG_KEYCERTSIGN	2	/* set if the keyCertSign usage is set */
 
 
 
 
 
 
 
 
 
 
 
 
 
 35};
 36
 37extern void public_key_free(struct public_key *key);
 38
 39/*
 40 * Public key cryptography signature data
 41 */
 42struct public_key_signature {
 43	struct asymmetric_key_id *auth_ids[3];
 44	u8 *s;			/* Signature */
 45	u8 *digest;
 46	u32 s_size;		/* Number of bytes in signature */
 47	u32 digest_size;	/* Number of bytes in digest */
 48	const char *pkey_algo;
 49	const char *hash_algo;
 50	const char *encoding;
 
 
 
 
 
 
 
 
 
 51};
 52
 53extern void public_key_signature_free(struct public_key_signature *sig);
 54
 55extern struct asymmetric_key_subtype public_key_subtype;
 56
 57struct key;
 58struct key_type;
 59union key_payload;
 60
 61extern int restrict_link_by_signature(struct key *dest_keyring,
 62				      const struct key_type *type,
 63				      const union key_payload *payload,
 64				      struct key *trust_keyring);
 65
 66extern int restrict_link_by_key_or_keyring(struct key *dest_keyring,
 67					   const struct key_type *type,
 68					   const union key_payload *payload,
 69					   struct key *trusted);
 70
 71extern int restrict_link_by_key_or_keyring_chain(struct key *trust_keyring,
 72						 const struct key_type *type,
 73						 const union key_payload *payload,
 74						 struct key *trusted);
 75
 76#if IS_REACHABLE(CONFIG_ASYMMETRIC_KEY_TYPE)
 77extern int restrict_link_by_ca(struct key *dest_keyring,
 78			       const struct key_type *type,
 79			       const union key_payload *payload,
 80			       struct key *trust_keyring);
 81int restrict_link_by_digsig(struct key *dest_keyring,
 82			    const struct key_type *type,
 83			    const union key_payload *payload,
 84			    struct key *trust_keyring);
 85#else
 86static inline int restrict_link_by_ca(struct key *dest_keyring,
 87				      const struct key_type *type,
 88				      const union key_payload *payload,
 89				      struct key *trust_keyring)
 90{
 91	return 0;
 92}
 93
 94static inline int restrict_link_by_digsig(struct key *dest_keyring,
 95					  const struct key_type *type,
 96					  const union key_payload *payload,
 97					  struct key *trust_keyring)
 98{
 99	return 0;
100}
101#endif
102
103extern int query_asymmetric_key(const struct kernel_pkey_params *,
104				struct kernel_pkey_query *);
105
106extern int encrypt_blob(struct kernel_pkey_params *, const void *, void *);
107extern int decrypt_blob(struct kernel_pkey_params *, const void *, void *);
108extern int create_signature(struct kernel_pkey_params *, const void *, void *);
109extern int verify_signature(const struct key *,
110			    const struct public_key_signature *);
111
112#if IS_REACHABLE(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE)
113int public_key_verify_signature(const struct public_key *pkey,
114				const struct public_key_signature *sig);
115#else
116static inline
117int public_key_verify_signature(const struct public_key *pkey,
118				const struct public_key_signature *sig)
119{
120	return -EINVAL;
121}
122#endif
123
124#endif /* _LINUX_PUBLIC_KEY_H */
v3.15
 
  1/* Asymmetric public-key algorithm definitions
  2 *
  3 * See Documentation/crypto/asymmetric-keys.txt
  4 *
  5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
  6 * Written by David Howells (dhowells@redhat.com)
  7 *
  8 * This program is free software; you can redistribute it and/or
  9 * modify it under the terms of the GNU General Public Licence
 10 * as published by the Free Software Foundation; either version
 11 * 2 of the Licence, or (at your option) any later version.
 12 */
 13
 14#ifndef _LINUX_PUBLIC_KEY_H
 15#define _LINUX_PUBLIC_KEY_H
 16
 17#include <linux/mpi.h>
 18#include <crypto/hash_info.h>
 19
 20enum pkey_algo {
 21	PKEY_ALGO_DSA,
 22	PKEY_ALGO_RSA,
 23	PKEY_ALGO__LAST
 24};
 25
 26extern const char *const pkey_algo_name[PKEY_ALGO__LAST];
 27extern const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST];
 28
 29/* asymmetric key implementation supports only up to SHA224 */
 30#define PKEY_HASH__LAST		(HASH_ALGO_SHA224 + 1)
 31
 32enum pkey_id_type {
 33	PKEY_ID_PGP,		/* OpenPGP generated key ID */
 34	PKEY_ID_X509,		/* X.509 arbitrary subjectKeyIdentifier */
 35	PKEY_ID_TYPE__LAST
 36};
 37
 38extern const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST];
 39
 40/*
 41 * Cryptographic data for the public-key subtype of the asymmetric key type.
 42 *
 43 * Note that this may include private part of the key as well as the public
 44 * part.
 45 */
 46struct public_key {
 47	const struct public_key_algorithm *algo;
 48	u8	capabilities;
 49#define PKEY_CAN_ENCRYPT	0x01
 50#define PKEY_CAN_DECRYPT	0x02
 51#define PKEY_CAN_SIGN		0x04
 52#define PKEY_CAN_VERIFY		0x08
 53	enum pkey_algo pkey_algo : 8;
 54	enum pkey_id_type id_type : 8;
 55	union {
 56		MPI	mpi[5];
 57		struct {
 58			MPI	p;	/* DSA prime */
 59			MPI	q;	/* DSA group order */
 60			MPI	g;	/* DSA group generator */
 61			MPI	y;	/* DSA public-key value = g^x mod p */
 62			MPI	x;	/* DSA secret exponent (if present) */
 63		} dsa;
 64		struct {
 65			MPI	n;	/* RSA public modulus */
 66			MPI	e;	/* RSA public encryption exponent */
 67			MPI	d;	/* RSA secret encryption exponent (if present) */
 68			MPI	p;	/* RSA secret prime (if present) */
 69			MPI	q;	/* RSA secret prime (if present) */
 70		} rsa;
 71	};
 72};
 73
 74extern void public_key_destroy(void *payload);
 75
 76/*
 77 * Public key cryptography signature data
 78 */
 79struct public_key_signature {
 
 
 80	u8 *digest;
 81	u8 digest_size;			/* Number of bytes in digest */
 82	u8 nr_mpi;			/* Occupancy of mpi[] */
 83	enum pkey_algo pkey_algo : 8;
 84	enum hash_algo pkey_hash_algo : 8;
 85	union {
 86		MPI mpi[2];
 87		struct {
 88			MPI s;		/* m^d mod n */
 89		} rsa;
 90		struct {
 91			MPI r;
 92			MPI s;
 93		} dsa;
 94	};
 95};
 96
 
 
 
 
 97struct key;
 98extern int verify_signature(const struct key *key,
 99			    const struct public_key_signature *sig);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
100
101#endif /* _LINUX_PUBLIC_KEY_H */