xref: /linux/include/crypto/public_key.h (revision a2cce7a9f1b8cc3d4edce106fb971529f1d4d9ce)
1 /* Asymmetric public-key algorithm definitions
2  *
3  * See Documentation/crypto/asymmetric-keys.txt
4  *
5  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
6  * Written by David Howells (dhowells@redhat.com)
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public Licence
10  * as published by the Free Software Foundation; either version
11  * 2 of the Licence, or (at your option) any later version.
12  */
13 
14 #ifndef _LINUX_PUBLIC_KEY_H
15 #define _LINUX_PUBLIC_KEY_H
16 
17 #include <linux/mpi.h>
18 #include <keys/asymmetric-type.h>
19 #include <crypto/hash_info.h>
20 
21 enum pkey_algo {
22 	PKEY_ALGO_DSA,
23 	PKEY_ALGO_RSA,
24 	PKEY_ALGO__LAST
25 };
26 
27 extern const char *const pkey_algo_name[PKEY_ALGO__LAST];
28 extern const struct public_key_algorithm *pkey_algo[PKEY_ALGO__LAST];
29 
30 /* asymmetric key implementation supports only up to SHA224 */
31 #define PKEY_HASH__LAST		(HASH_ALGO_SHA224 + 1)
32 
33 enum pkey_id_type {
34 	PKEY_ID_PGP,		/* OpenPGP generated key ID */
35 	PKEY_ID_X509,		/* X.509 arbitrary subjectKeyIdentifier */
36 	PKEY_ID_PKCS7,		/* Signature in PKCS#7 message */
37 	PKEY_ID_TYPE__LAST
38 };
39 
40 extern const char *const pkey_id_type_name[PKEY_ID_TYPE__LAST];
41 
42 /*
43  * The use to which an asymmetric key is being put.
44  */
45 enum key_being_used_for {
46 	VERIFYING_MODULE_SIGNATURE,
47 	VERIFYING_FIRMWARE_SIGNATURE,
48 	VERIFYING_KEXEC_PE_SIGNATURE,
49 	VERIFYING_KEY_SIGNATURE,
50 	VERIFYING_KEY_SELF_SIGNATURE,
51 	VERIFYING_UNSPECIFIED_SIGNATURE,
52 	NR__KEY_BEING_USED_FOR
53 };
54 extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
55 
56 /*
57  * Cryptographic data for the public-key subtype of the asymmetric key type.
58  *
59  * Note that this may include private part of the key as well as the public
60  * part.
61  */
62 struct public_key {
63 	const struct public_key_algorithm *algo;
64 	u8	capabilities;
65 #define PKEY_CAN_ENCRYPT	0x01
66 #define PKEY_CAN_DECRYPT	0x02
67 #define PKEY_CAN_SIGN		0x04
68 #define PKEY_CAN_VERIFY		0x08
69 	enum pkey_algo pkey_algo : 8;
70 	enum pkey_id_type id_type : 8;
71 	union {
72 		MPI	mpi[5];
73 		struct {
74 			MPI	p;	/* DSA prime */
75 			MPI	q;	/* DSA group order */
76 			MPI	g;	/* DSA group generator */
77 			MPI	y;	/* DSA public-key value = g^x mod p */
78 			MPI	x;	/* DSA secret exponent (if present) */
79 		} dsa;
80 		struct {
81 			MPI	n;	/* RSA public modulus */
82 			MPI	e;	/* RSA public encryption exponent */
83 			MPI	d;	/* RSA secret encryption exponent (if present) */
84 			MPI	p;	/* RSA secret prime (if present) */
85 			MPI	q;	/* RSA secret prime (if present) */
86 		} rsa;
87 	};
88 };
89 
90 extern void public_key_destroy(void *payload);
91 
92 /*
93  * Public key cryptography signature data
94  */
95 struct public_key_signature {
96 	u8 *digest;
97 	u8 digest_size;			/* Number of bytes in digest */
98 	u8 nr_mpi;			/* Occupancy of mpi[] */
99 	enum pkey_algo pkey_algo : 8;
100 	enum hash_algo pkey_hash_algo : 8;
101 	union {
102 		MPI mpi[2];
103 		struct {
104 			MPI s;		/* m^d mod n */
105 		} rsa;
106 		struct {
107 			MPI r;
108 			MPI s;
109 		} dsa;
110 	};
111 };
112 
113 struct key;
114 extern int verify_signature(const struct key *key,
115 			    const struct public_key_signature *sig);
116 
117 struct asymmetric_key_id;
118 extern struct key *x509_request_asymmetric_key(struct key *keyring,
119 					       const struct asymmetric_key_id *id,
120 					       const struct asymmetric_key_id *skid,
121 					       bool partial);
122 
123 #endif /* _LINUX_PUBLIC_KEY_H */
124