// SPDX-License-Identifier: GPL-2.0-or-later /* Signature verification with an asymmetric key * * See Documentation/crypto/asymmetric-keys.rst * * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. * Written by David Howells ([email protected]) */ #define pr_fmt(fmt) … #include <keys/asymmetric-subtype.h> #include <linux/export.h> #include <linux/err.h> #include <linux/slab.h> #include <linux/keyctl.h> #include <crypto/public_key.h> #include <keys/user-type.h> #include "asymmetric_keys.h" /* * Destroy a public key signature. */ void public_key_signature_free(struct public_key_signature *sig) { … } EXPORT_SYMBOL_GPL(…); /** * query_asymmetric_key - Get information about an asymmetric key. * @params: Various parameters. * @info: Where to put the information. */ int query_asymmetric_key(const struct kernel_pkey_params *params, struct kernel_pkey_query *info) { … } EXPORT_SYMBOL_GPL(…); /** * encrypt_blob - Encrypt data using an asymmetric key * @params: Various parameters * @data: Data blob to be encrypted, length params->data_len * @enc: Encrypted data buffer, length params->enc_len * * Encrypt the specified data blob using the private key specified by * params->key. The encrypted data is wrapped in an encoding if * params->encoding is specified (eg. "pkcs1"). * * Returns the length of the data placed in the encrypted data buffer or an * error. */ int encrypt_blob(struct kernel_pkey_params *params, const void *data, void *enc) { … } EXPORT_SYMBOL_GPL(…); /** * decrypt_blob - Decrypt data using an asymmetric key * @params: Various parameters * @enc: Encrypted data to be decrypted, length params->enc_len * @data: Decrypted data buffer, length params->data_len * * Decrypt the specified data blob using the private key specified by * params->key. The decrypted data is wrapped in an encoding if * params->encoding is specified (eg. "pkcs1"). * * Returns the length of the data placed in the decrypted data buffer or an * error. */ int decrypt_blob(struct kernel_pkey_params *params, const void *enc, void *data) { … } EXPORT_SYMBOL_GPL(…); /** * create_signature - Sign some data using an asymmetric key * @params: Various parameters * @data: Data blob to be signed, length params->data_len * @enc: Signature buffer, length params->enc_len * * Sign the specified data blob using the private key specified by params->key. * The signature is wrapped in an encoding if params->encoding is specified * (eg. "pkcs1"). If the encoding needs to know the digest type, this can be * passed through params->hash_algo (eg. "sha1"). * * Returns the length of the data placed in the signature buffer or an error. */ int create_signature(struct kernel_pkey_params *params, const void *data, void *enc) { … } EXPORT_SYMBOL_GPL(…); /** * verify_signature - Initiate the use of an asymmetric key to verify a signature * @key: The asymmetric key to verify against * @sig: The signature to check * * Returns 0 if successful or else an error. */ int verify_signature(const struct key *key, const struct public_key_signature *sig) { … } EXPORT_SYMBOL_GPL(…);
Codebase Browser
linux