1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /* Signature verification
4 * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
8 #ifndef _LINUX_VERIFICATION_H
9 #define _LINUX_VERIFICATION_H
11 #include <linux/types.h>
14 * Indicate that both builtin trusted keys and secondary trusted keys
17 #define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL)
18 #define VERIFY_USE_PLATFORM_KEYRING ((struct key *)2UL)
21 * The use to which an asymmetric key is being put.
23 enum key_being_used_for
{
24 VERIFYING_MODULE_SIGNATURE
,
25 VERIFYING_FIRMWARE_SIGNATURE
,
26 VERIFYING_KEXEC_PE_SIGNATURE
,
27 VERIFYING_KEY_SIGNATURE
,
28 VERIFYING_KEY_SELF_SIGNATURE
,
29 VERIFYING_UNSPECIFIED_SIGNATURE
,
30 NR__KEY_BEING_USED_FOR
32 extern const char *const key_being_used_for
[NR__KEY_BEING_USED_FOR
];
34 #ifdef CONFIG_SYSTEM_DATA_VERIFICATION
39 extern int verify_pkcs7_signature(const void *data
, size_t len
,
40 const void *raw_pkcs7
, size_t pkcs7_len
,
41 struct key
*trusted_keys
,
42 enum key_being_used_for usage
,
43 int (*view_content
)(void *ctx
,
44 const void *data
, size_t len
,
47 extern int verify_pkcs7_message_sig(const void *data
, size_t len
,
48 struct pkcs7_message
*pkcs7
,
49 struct key
*trusted_keys
,
50 enum key_being_used_for usage
,
51 int (*view_content
)(void *ctx
,
57 #ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
58 extern int verify_pefile_signature(const void *pebuf
, unsigned pelen
,
59 struct key
*trusted_keys
,
60 enum key_being_used_for usage
);
63 #endif /* CONFIG_SYSTEM_DATA_VERIFICATION */
64 #endif /* _LINUX_VERIFY_PEFILE_H */