linux/include/keys/asymmetric-type.h
<<
>>
Prefs
   1/* Asymmetric Public-key cryptography key type interface
   2 *
   3 * See Documentation/security/asymmetric-keys.txt
   4 *
   5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
   6 * Written by David Howells (dhowells@redhat.com)
   7 *
   8 * This program is free software; you can redistribute it and/or
   9 * modify it under the terms of the GNU General Public Licence
  10 * as published by the Free Software Foundation; either version
  11 * 2 of the Licence, or (at your option) any later version.
  12 */
  13
  14#ifndef _KEYS_ASYMMETRIC_TYPE_H
  15#define _KEYS_ASYMMETRIC_TYPE_H
  16
  17#include <linux/key-type.h>
  18
  19extern struct key_type key_type_asymmetric;
  20
  21/*
  22 * Identifiers for an asymmetric key ID.  We have three ways of looking up a
  23 * key derived from an X.509 certificate:
  24 *
  25 * (1) Serial Number & Issuer.  Non-optional.  This is the only valid way to
  26 *     map a PKCS#7 signature to an X.509 certificate.
  27 *
  28 * (2) Issuer & Subject Unique IDs.  Optional.  These were the original way to
  29 *     match X.509 certificates, but have fallen into disuse in favour of (3).
  30 *
  31 * (3) Auth & Subject Key Identifiers.  Optional.  SKIDs are only provided on
  32 *     CA keys that are intended to sign other keys, so don't appear in end
  33 *     user certificates unless forced.
  34 *
  35 * We could also support an PGP key identifier, which is just a SHA1 sum of the
  36 * public key and certain parameters, but since we don't support PGP keys at
  37 * the moment, we shall ignore those.
  38 *
  39 * What we actually do is provide a place where binary identifiers can be
  40 * stashed and then compare against them when checking for an id match.
  41 */
  42struct asymmetric_key_id {
  43        unsigned short  len;
  44        unsigned char   data[];
  45};
  46
  47struct asymmetric_key_ids {
  48        void            *id[2];
  49};
  50
  51extern bool asymmetric_key_id_same(const struct asymmetric_key_id *kid1,
  52                                   const struct asymmetric_key_id *kid2);
  53
  54extern bool asymmetric_key_id_partial(const struct asymmetric_key_id *kid1,
  55                                      const struct asymmetric_key_id *kid2);
  56
  57extern struct asymmetric_key_id *asymmetric_key_generate_id(const void *val_1,
  58                                                            size_t len_1,
  59                                                            const void *val_2,
  60                                                            size_t len_2);
  61
  62/*
  63 * The payload is at the discretion of the subtype.
  64 */
  65
  66#endif /* _KEYS_ASYMMETRIC_TYPE_H */
  67