Back to home page

OSCL-LXR
 
 

     

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /* Signature verification with an asymmetric key
0003  *
0004  * See Documentation/crypto/asymmetric-keys.rst
0005  *
0006  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
0007  * Written by David Howells (dhowells@redhat.com)
0008  */
0009 
0010 #define pr_fmt(fmt) "SIG: "fmt
0011 #include <keys/asymmetric-subtype.h>
0012 #include <linux/export.h>
0013 #include <linux/err.h>
0014 #include <linux/slab.h>
0015 #include <linux/keyctl.h>
0016 #include <crypto/public_key.h>
0017 #include <keys/user-type.h>
0018 #include "asymmetric_keys.h"
0019 
0020 /*
0021  * Destroy a public key signature.
0022  */
0023 void public_key_signature_free(struct public_key_signature *sig)
0024 {
0025     int i;
0026 
0027     if (sig) {
0028         for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
0029             kfree(sig->auth_ids[i]);
0030         kfree(sig->s);
0031         kfree(sig->digest);
0032         kfree(sig);
0033     }
0034 }
0035 EXPORT_SYMBOL_GPL(public_key_signature_free);
0036 
0037 /**
0038  * query_asymmetric_key - Get information about an asymmetric key.
0039  * @params: Various parameters.
0040  * @info: Where to put the information.
0041  */
0042 int query_asymmetric_key(const struct kernel_pkey_params *params,
0043              struct kernel_pkey_query *info)
0044 {
0045     const struct asymmetric_key_subtype *subtype;
0046     struct key *key = params->key;
0047     int ret;
0048 
0049     pr_devel("==>%s()\n", __func__);
0050 
0051     if (key->type != &key_type_asymmetric)
0052         return -EINVAL;
0053     subtype = asymmetric_key_subtype(key);
0054     if (!subtype ||
0055         !key->payload.data[0])
0056         return -EINVAL;
0057     if (!subtype->query)
0058         return -ENOTSUPP;
0059 
0060     ret = subtype->query(params, info);
0061 
0062     pr_devel("<==%s() = %d\n", __func__, ret);
0063     return ret;
0064 }
0065 EXPORT_SYMBOL_GPL(query_asymmetric_key);
0066 
0067 /**
0068  * encrypt_blob - Encrypt data using an asymmetric key
0069  * @params: Various parameters
0070  * @data: Data blob to be encrypted, length params->data_len
0071  * @enc: Encrypted data buffer, length params->enc_len
0072  *
0073  * Encrypt the specified data blob using the private key specified by
0074  * params->key.  The encrypted data is wrapped in an encoding if
0075  * params->encoding is specified (eg. "pkcs1").
0076  *
0077  * Returns the length of the data placed in the encrypted data buffer or an
0078  * error.
0079  */
0080 int encrypt_blob(struct kernel_pkey_params *params,
0081          const void *data, void *enc)
0082 {
0083     params->op = kernel_pkey_encrypt;
0084     return asymmetric_key_eds_op(params, data, enc);
0085 }
0086 EXPORT_SYMBOL_GPL(encrypt_blob);
0087 
0088 /**
0089  * decrypt_blob - Decrypt data using an asymmetric key
0090  * @params: Various parameters
0091  * @enc: Encrypted data to be decrypted, length params->enc_len
0092  * @data: Decrypted data buffer, length params->data_len
0093  *
0094  * Decrypt the specified data blob using the private key specified by
0095  * params->key.  The decrypted data is wrapped in an encoding if
0096  * params->encoding is specified (eg. "pkcs1").
0097  *
0098  * Returns the length of the data placed in the decrypted data buffer or an
0099  * error.
0100  */
0101 int decrypt_blob(struct kernel_pkey_params *params,
0102          const void *enc, void *data)
0103 {
0104     params->op = kernel_pkey_decrypt;
0105     return asymmetric_key_eds_op(params, enc, data);
0106 }
0107 EXPORT_SYMBOL_GPL(decrypt_blob);
0108 
0109 /**
0110  * create_signature - Sign some data using an asymmetric key
0111  * @params: Various parameters
0112  * @data: Data blob to be signed, length params->data_len
0113  * @enc: Signature buffer, length params->enc_len
0114  *
0115  * Sign the specified data blob using the private key specified by params->key.
0116  * The signature is wrapped in an encoding if params->encoding is specified
0117  * (eg. "pkcs1").  If the encoding needs to know the digest type, this can be
0118  * passed through params->hash_algo (eg. "sha1").
0119  *
0120  * Returns the length of the data placed in the signature buffer or an error.
0121  */
0122 int create_signature(struct kernel_pkey_params *params,
0123              const void *data, void *enc)
0124 {
0125     params->op = kernel_pkey_sign;
0126     return asymmetric_key_eds_op(params, data, enc);
0127 }
0128 EXPORT_SYMBOL_GPL(create_signature);
0129 
0130 /**
0131  * verify_signature - Initiate the use of an asymmetric key to verify a signature
0132  * @key: The asymmetric key to verify against
0133  * @sig: The signature to check
0134  *
0135  * Returns 0 if successful or else an error.
0136  */
0137 int verify_signature(const struct key *key,
0138              const struct public_key_signature *sig)
0139 {
0140     const struct asymmetric_key_subtype *subtype;
0141     int ret;
0142 
0143     pr_devel("==>%s()\n", __func__);
0144 
0145     if (key->type != &key_type_asymmetric)
0146         return -EINVAL;
0147     subtype = asymmetric_key_subtype(key);
0148     if (!subtype ||
0149         !key->payload.data[0])
0150         return -EINVAL;
0151     if (!subtype->verify_signature)
0152         return -ENOTSUPP;
0153 
0154     ret = subtype->verify_signature(key, sig);
0155 
0156     pr_devel("<==%s() = %d\n", __func__, ret);
0157     return ret;
0158 }
0159 EXPORT_SYMBOL_GPL(verify_signature);
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!