/* Asymmetric public-key algorithm definitions * * See Documentation/crypto/asymmetric-keys.txt * * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public Licence * as published by the Free Software Foundation; either version * 2 of the Licence, or (at your option) any later version. */ #ifndef _LINUX_PUBLIC_KEY_H #define _LINUX_PUBLIC_KEY_H #include <linux/mpi.h> #include <crypto/hash_info.h> enum pkey_algo { PKEY_ALGO_DSA, PKEY_ALGO_RSA, PKEY_ALGO__LAST }; extern const char *const pkey_algo_name[PKEY_ALGO__LAST]; extern const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST]; /* asymmetric key implementation supports only up to SHA224 */ #define PKEY_HASH__LAST (HASH_ALGO_SHA224 + 1) enum pkey_id_type { PKEY_ID_PGP, /* OpenPGP generated key ID */ PKEY_ID_X509, /* X.509 arbitrary subjectKeyIdentifier */ PKEY_ID_PKCS7, /* Signature in PKCS#7 message */ PKEY_ID_TYPE__LAST }; extern const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST]; /* * The use to which an asymmetric key is being put. */ enum key_being_used_for { VERIFYING_MODULE_SIGNATURE, VERIFYING_FIRMWARE_SIGNATURE, VERIFYING_KEXEC_PE_SIGNATURE, VERIFYING_KEY_SIGNATURE, VERIFYING_KEY_SELF_SIGNATURE, VERIFYING_UNSPECIFIED_SIGNATURE, NR__KEY_BEING_USED_FOR }; extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR]; /* * Cryptographic data for the public-key subtype of the asymmetric key type. * * Note that this may include private part of the key as well as the public * part. */ struct public_key { const struct public_key_algorithm *algo; u8 capabilities; #define PKEY_CAN_ENCRYPT 0x01 #define PKEY_CAN_DECRYPT 0x02 #define PKEY_CAN_SIGN 0x04 #define PKEY_CAN_VERIFY 0x08 enum pkey_algo pkey_algo : 8; enum pkey_id_type id_type : 8; union { MPI mpi[5]; struct { MPI p; /* DSA prime */ MPI q; /* DSA group order */ MPI g; /* DSA group generator */ MPI y; /* DSA public-key value = g^x mod p */ MPI x; /* DSA secret exponent (if present) */ } dsa; struct { MPI n; /* RSA public modulus */ MPI e; /* RSA public encryption exponent */ MPI d; /* RSA secret encryption exponent (if present) */ MPI p; /* RSA secret prime (if present) */ MPI q; /* RSA secret prime (if present) */ } rsa; }; }; extern void public_key_destroy(void *payload); /* * Public key cryptography signature data */ struct public_key_signature { u8 *digest; u8 digest_size; /* Number of bytes in digest */ u8 nr_mpi; /* Occupancy of mpi[] */ enum pkey_algo pkey_algo : 8; enum hash_algo pkey_hash_algo : 8; union { MPI mpi[2]; struct { MPI s; /* m^d mod n */ } rsa; struct { MPI r; MPI s; } dsa; }; }; struct key; extern int verify_signature(const struct key *key, const struct public_key_signature *sig); struct asymmetric_key_id; extern struct key *x509_request_asymmetric_key(struct key *keyring, const struct asymmetric_key_id *id, const struct asymmetric_key_id *skid, bool partial); #endif /* _LINUX_PUBLIC_KEY_H */