Blame view

kernel/linux-rt-4.4.41/include/crypto/public_key.h 3.15 KB
5113f6f70   김현기   kernel add
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
  /* Asymmetric public-key algorithm definitions
   *
   * See Documentation/crypto/asymmetric-keys.txt
   *
   * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
   * Written by David Howells (dhowells@redhat.com)
   *
   * This program is free software; you can redistribute it and/or
   * modify it under the terms of the GNU General Public Licence
   * as published by the Free Software Foundation; either version
   * 2 of the Licence, or (at your option) any later version.
   */
  
  #ifndef _LINUX_PUBLIC_KEY_H
  #define _LINUX_PUBLIC_KEY_H
  
  #include <linux/mpi.h>
  #include <crypto/hash_info.h>
  
  enum pkey_algo {
  	PKEY_ALGO_DSA,
  	PKEY_ALGO_RSA,
  	PKEY_ALGO__LAST
  };
  
  extern const char *const pkey_algo_name[PKEY_ALGO__LAST];
  extern const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST];
  
  /* asymmetric key implementation supports only up to SHA224 */
  #define PKEY_HASH__LAST		(HASH_ALGO_SHA224 + 1)
  
  enum pkey_id_type {
  	PKEY_ID_PGP,		/* OpenPGP generated key ID */
  	PKEY_ID_X509,		/* X.509 arbitrary subjectKeyIdentifier */
  	PKEY_ID_PKCS7,		/* Signature in PKCS#7 message */
  	PKEY_ID_TYPE__LAST
  };
  
  extern const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST];
  
  /*
   * The use to which an asymmetric key is being put.
   */
  enum key_being_used_for {
  	VERIFYING_MODULE_SIGNATURE,
  	VERIFYING_FIRMWARE_SIGNATURE,
  	VERIFYING_KEXEC_PE_SIGNATURE,
  	VERIFYING_KEY_SIGNATURE,
  	VERIFYING_KEY_SELF_SIGNATURE,
  	VERIFYING_UNSPECIFIED_SIGNATURE,
  	NR__KEY_BEING_USED_FOR
  };
  extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
  
  /*
   * Cryptographic data for the public-key subtype of the asymmetric key type.
   *
   * Note that this may include private part of the key as well as the public
   * part.
   */
  struct public_key {
  	const struct public_key_algorithm *algo;
  	u8	capabilities;
  #define PKEY_CAN_ENCRYPT	0x01
  #define PKEY_CAN_DECRYPT	0x02
  #define PKEY_CAN_SIGN		0x04
  #define PKEY_CAN_VERIFY		0x08
  	enum pkey_algo pkey_algo : 8;
  	enum pkey_id_type id_type : 8;
  	union {
  		MPI	mpi[5];
  		struct {
  			MPI	p;	/* DSA prime */
  			MPI	q;	/* DSA group order */
  			MPI	g;	/* DSA group generator */
  			MPI	y;	/* DSA public-key value = g^x mod p */
  			MPI	x;	/* DSA secret exponent (if present) */
  		} dsa;
  		struct {
  			MPI	n;	/* RSA public modulus */
  			MPI	e;	/* RSA public encryption exponent */
  			MPI	d;	/* RSA secret encryption exponent (if present) */
  			MPI	p;	/* RSA secret prime (if present) */
  			MPI	q;	/* RSA secret prime (if present) */
  		} rsa;
  	};
  };
  
  extern void public_key_destroy(void *payload);
  
  /*
   * Public key cryptography signature data
   */
  struct public_key_signature {
  	u8 *digest;
  	u8 digest_size;			/* Number of bytes in digest */
  	u8 nr_mpi;			/* Occupancy of mpi[] */
  	enum pkey_algo pkey_algo : 8;
  	enum hash_algo pkey_hash_algo : 8;
  	union {
  		MPI mpi[2];
  		struct {
  			MPI s;		/* m^d mod n */
  		} rsa;
  		struct {
  			MPI r;
  			MPI s;
  		} dsa;
  	};
  };
  
  struct key;
  extern int verify_signature(const struct key *key,
  			    const struct public_key_signature *sig);
  
  struct asymmetric_key_id;
  extern struct key *x509_request_asymmetric_key(struct key *keyring,
  					       const struct asymmetric_key_id *id,
  					       const struct asymmetric_key_id *skid,
  					       bool partial);
  
  #endif /* _LINUX_PUBLIC_KEY_H */