Kezdőlap Felfedezés Súgó
Bejelentkezés
chaosmonk
/
CHIP-linux-libre
Figyelés 1
Kedvenc 0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: b2c476490d
Branch-ok Tag-ek
CHIP-linux-l...
/
include
/
keys
/
asymmetric-type.h

asymmetric-type.h 2.2 KB
Előzmények Nyers

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. /* Asymmetric Public-key cryptography key type interface
    2. 

  2.  *
    3. 

  3.  * See Documentation/security/asymmetric-keys.txt
    4. 

  4.  *
    5. 

  5.  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
    6. 

  6.  * Written by David Howells (dhowells@redhat.com)
    7. 

  7.  *
    8. 

  8.  * This program is free software; you can redistribute it and/or
    9. 

  9.  * modify it under the terms of the GNU General Public Licence
    10. 

  10.  * as published by the Free Software Foundation; either version
    11. 

  11.  * 2 of the Licence, or (at your option) any later version.
    12. 

  12.  */
    13. 

  13. 

  14. #ifndef _KEYS_ASYMMETRIC_TYPE_H
    15. 

  15. #define _KEYS_ASYMMETRIC_TYPE_H
    16. 

  16. 

  17. #include <linux/key-type.h>
    18. 

  18. 

  19. extern struct key_type key_type_asymmetric;
    20. 

  20. 

  21. /*
    22. 

  22.  * Identifiers for an asymmetric key ID.  We have three ways of looking up a
    23. 

  23.  * key derived from an X.509 certificate:
    24. 

  24.  *
    25. 

  25.  * (1) Serial Number & Issuer.  Non-optional.  This is the only valid way to
    26. 

  26.  *     map a PKCS#7 signature to an X.509 certificate.
    27. 

  27.  *
    28. 

  28.  * (2) Issuer & Subject Unique IDs.  Optional.  These were the original way to
    29. 

  29.  *     match X.509 certificates, but have fallen into disuse in favour of (3).
    30. 

  30.  *
    31. 

  31.  * (3) Auth & Subject Key Identifiers.  Optional.  SKIDs are only provided on
    32. 

  32.  *     CA keys that are intended to sign other keys, so don't appear in end
    33. 

  33.  *     user certificates unless forced.
    34. 

  34.  *
    35. 

  35.  * We could also support an PGP key identifier, which is just a SHA1 sum of the
    36. 

  36.  * public key and certain parameters, but since we don't support PGP keys at
    37. 

  37.  * the moment, we shall ignore those.
    38. 

  38.  *
    39. 

  39.  * What we actually do is provide a place where binary identifiers can be
    40. 

  40.  * stashed and then compare against them when checking for an id match.
    41. 

  41.  */
    42. 

  42. struct asymmetric_key_id {
    43. 

  43. 	unsigned short	len;
    44. 

  44. 	unsigned char	data[];
    45. 

  45. };
    46. 

  46. 

  47. struct asymmetric_key_ids {
    48. 

  48. 	void		*id[2];
    49. 

  49. };
    50. 

  50. 

  51. extern bool asymmetric_key_id_same(const struct asymmetric_key_id *kid1,
    52. 

  52. 				   const struct asymmetric_key_id *kid2);
    53. 

  53. 

  54. extern bool asymmetric_key_id_partial(const struct asymmetric_key_id *kid1,
    55. 

  55. 				      const struct asymmetric_key_id *kid2);
    56. 

  56. 

  57. extern struct asymmetric_key_id *asymmetric_key_generate_id(const void *val_1,
    58. 

  58. 							    size_t len_1,
    59. 

  59. 							    const void *val_2,
    60. 

  60. 							    size_t len_2);
    61. 

  61. 

  62. /*
    63. 

  63.  * The payload is at the discretion of the subtype.
    64. 

  64.  */
    65. 

  65. 

  66. #endif /* _KEYS_ASYMMETRIC_TYPE_H */
    67. 

  67.