linux/crypto/asymmetric_keys/signature.c
<<
>>
Prefs
   1/* Signature verification with an asymmetric key
   2 *
   3 * See Documentation/security/asymmetric-keys.txt
   4 *
   5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
   6 * Written by David Howells (dhowells@redhat.com)
   7 *
   8 * This program is free software; you can redistribute it and/or
   9 * modify it under the terms of the GNU General Public Licence
  10 * as published by the Free Software Foundation; either version
  11 * 2 of the Licence, or (at your option) any later version.
  12 */
  13
  14#define pr_fmt(fmt) "SIG: "fmt
  15#include <keys/asymmetric-subtype.h>
  16#include <linux/export.h>
  17#include <linux/err.h>
  18#include <linux/slab.h>
  19#include <crypto/public_key.h>
  20#include "asymmetric_keys.h"
  21
  22/*
  23 * Destroy a public key signature.
  24 */
  25void public_key_signature_free(struct public_key_signature *sig)
  26{
  27        int i;
  28
  29        if (sig) {
  30                for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
  31                        kfree(sig->auth_ids[i]);
  32                kfree(sig->s);
  33                kfree(sig->digest);
  34                kfree(sig);
  35        }
  36}
  37EXPORT_SYMBOL_GPL(public_key_signature_free);
  38
  39/**
  40 * verify_signature - Initiate the use of an asymmetric key to verify a signature
  41 * @key: The asymmetric key to verify against
  42 * @sig: The signature to check
  43 *
  44 * Returns 0 if successful or else an error.
  45 */
  46int verify_signature(const struct key *key,
  47                     const struct public_key_signature *sig)
  48{
  49        const struct asymmetric_key_subtype *subtype;
  50        int ret;
  51
  52        pr_devel("==>%s()\n", __func__);
  53
  54        if (key->type != &key_type_asymmetric)
  55                return -EINVAL;
  56        subtype = asymmetric_key_subtype(key);
  57        if (!subtype ||
  58            !key->payload.data[0])
  59                return -EINVAL;
  60        if (!subtype->verify_signature)
  61                return -ENOTSUPP;
  62
  63        ret = subtype->verify_signature(key, sig);
  64
  65        pr_devel("<==%s() = %d\n", __func__, ret);
  66        return ret;
  67}
  68EXPORT_SYMBOL_GPL(verify_signature);
  69