verification.h source code [linux/include/linux/verification.h]

1	/ SPDX-License-Identifier: GPL-2.0-or-later /
2	/ Signature verification*
3	*
4	* Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
5	* Written by David Howells (dhowells@redhat.com)
6	*/
7
8	#ifndef _LINUX_VERIFICATION_H
9	#define _LINUX_VERIFICATION_H
10
11	#include <linux/errno.h>
12	#include <linux/types.h>
13
14	/*
15	* Indicate that both builtin trusted keys and secondary trusted keys
16	* should be used.
17	*/
18	#define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL)
19	#define VERIFY_USE_PLATFORM_KEYRING ((struct key *)2UL)
20
21	static inline int system_keyring_id_check(u64 id)
22	{
23	if (id > (unsigned long)VERIFY_USE_PLATFORM_KEYRING)
24	return -EINVAL;
25
26	return `0`;
27	}
28
29	/*
30	* The use to which an asymmetric key is being put.
31	*/
32	enum key_being_used_for {
33	VERIFYING_MODULE_SIGNATURE,
34	VERIFYING_FIRMWARE_SIGNATURE,
35	VERIFYING_KEXEC_PE_SIGNATURE,
36	VERIFYING_KEY_SIGNATURE,
37	VERIFYING_KEY_SELF_SIGNATURE,
38	VERIFYING_UNSPECIFIED_SIGNATURE,
39	NR__KEY_BEING_USED_FOR
40	};
41	#ifdef CONFIG_SYSTEM_DATA_VERIFICATION
42
43	struct key;
44	struct pkcs7_message;
45
46	extern int verify_pkcs7_signature(const void *data, size_t len,
47	const void *raw_pkcs7, size_t pkcs7_len,
48	struct key *trusted_keys,
49	enum key_being_used_for usage,
50	int (view_content)(void* *ctx,
51	const void *data, size_t len,
52	size_t asn1hdrlen),
53	void *ctx);
54	extern int verify_pkcs7_message_sig(const void *data, size_t len,
55	struct pkcs7_message *pkcs7,
56	struct key *trusted_keys,
57	enum key_being_used_for usage,
58	int (view_content)(void* *ctx,
59	const void *data,
60	size_t len,
61	size_t asn1hdrlen),
62	void *ctx);
63
64	#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
65	extern int verify_pefile_signature(const void pebuf, unsigned* pelen,
66	struct key *trusted_keys,
67	enum key_being_used_for usage);
68	#endif
69
70	#endif /* CONFIG_SYSTEM_DATA_VERIFICATION */
71	#endif /* _LINUX_VERIFY_PEFILE_H */
72

source code of linux/include/linux/verification.h