1/* Signature verification with an asymmetric key 2 * 3 * See Documentation/security/asymmetric-keys.txt 4 * 5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 6 * Written by David Howells (dhowells@redhat.com) 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public Licence 10 * as published by the Free Software Foundation; either version 11 * 2 of the Licence, or (at your option) any later version. 12 */ 13 14#define pr_fmt(fmt) "SIG: "fmt 15#include <keys/asymmetric-subtype.h> 16#include <linux/export.h> 17#include <linux/err.h> 18#include <linux/slab.h> 19#include <crypto/public_key.h> 20#include "asymmetric_keys.h" 21 22/* 23 * Destroy a public key signature. 24 */ 25void public_key_signature_free(struct public_key_signature *sig) 26{ 27 int i; 28 29 if (sig) { 30 for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++) 31 kfree(sig->auth_ids[i]); 32 kfree(sig->s); 33 kfree(sig->digest); 34 kfree(sig); 35 } 36} 37EXPORT_SYMBOL_GPL(public_key_signature_free); 38 39/** 40 * verify_signature - Initiate the use of an asymmetric key to verify a signature 41 * @key: The asymmetric key to verify against 42 * @sig: The signature to check 43 * 44 * Returns 0 if successful or else an error. 45 */ 46int verify_signature(const struct key *key, 47 const struct public_key_signature *sig) 48{ 49 const struct asymmetric_key_subtype *subtype; 50 int ret; 51 52 pr_devel("==>%s()\n", __func__); 53 54 if (key->type != &key_type_asymmetric) 55 return -EINVAL; 56 subtype = asymmetric_key_subtype(key); 57 if (!subtype || 58 !key->payload.data[0]) 59 return -EINVAL; 60 if (!subtype->verify_signature) 61 return -ENOTSUPP; 62 63 ret = subtype->verify_signature(key, sig); 64 65 pr_devel("<==%s() = %d\n", __func__, ret); 66 return ret; 67} 68EXPORT_SYMBOL_GPL(verify_signature); 69