Home Explore Help
Register Sign In
dingyu
/
CooCenter-System-kernel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
CooCenter-Sy...
/
include
/
keys
/
asymmetric-type.h

asymmetric-type.h 2.5 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. /* Asymmetric Public-key cryptography key type interface
    2. 

  2.  *
    3. 

  3.  * See Documentation/security/asymmetric-keys.txt
    4. 

  4.  *
    5. 

  5.  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
    6. 

  6.  * Written by David Howells (dhowells@redhat.com)
    7. 

  7.  *
    8. 

  8.  * This program is free software; you can redistribute it and/or
    9. 

  9.  * modify it under the terms of the GNU General Public Licence
    10. 

  10.  * as published by the Free Software Foundation; either version
    11. 

  11.  * 2 of the Licence, or (at your option) any later version.
    12. 

  12.  */
    13. 

  13. 

  14. #ifndef _KEYS_ASYMMETRIC_TYPE_H
    15. 

  15. #define _KEYS_ASYMMETRIC_TYPE_H
    16. 

  16. 

  17. #include <linux/key-type.h>
    18. 

  18. 

  19. extern struct key_type key_type_asymmetric;
    20. 

  20. 

  21. /*
    22. 

  22.  * The key payload is four words.  The asymmetric-type key uses them as
    23. 

  23.  * follows:
    24. 

  24.  */
    25. 

  25. enum asymmetric_payload_bits {
    26. 

  26. 	asym_crypto,
    27. 

  27. 	asym_subtype,
    28. 

  28. 	asym_key_ids,
    29. 

  29. };
    30. 

  30. 

  31. /*
    32. 

  32.  * Identifiers for an asymmetric key ID.  We have three ways of looking up a
    33. 

  33.  * key derived from an X.509 certificate:
    34. 

  34.  *
    35. 

  35.  * (1) Serial Number & Issuer.  Non-optional.  This is the only valid way to
    36. 

  36.  *     map a PKCS#7 signature to an X.509 certificate.
    37. 

  37.  *
    38. 

  38.  * (2) Issuer & Subject Unique IDs.  Optional.  These were the original way to
    39. 

  39.  *     match X.509 certificates, but have fallen into disuse in favour of (3).
    40. 

  40.  *
    41. 

  41.  * (3) Auth & Subject Key Identifiers.  Optional.  SKIDs are only provided on
    42. 

  42.  *     CA keys that are intended to sign other keys, so don't appear in end
    43. 

  43.  *     user certificates unless forced.
    44. 

  44.  *
    45. 

  45.  * We could also support an PGP key identifier, which is just a SHA1 sum of the
    46. 

  46.  * public key and certain parameters, but since we don't support PGP keys at
    47. 

  47.  * the moment, we shall ignore those.
    48. 

  48.  *
    49. 

  49.  * What we actually do is provide a place where binary identifiers can be
    50. 

  50.  * stashed and then compare against them when checking for an id match.
    51. 

  51.  */
    52. 

  52. struct asymmetric_key_id {
    53. 

  53. 	unsigned short	len;
    54. 

  54. 	unsigned char	data[];
    55. 

  55. };
    56. 

  56. 

  57. struct asymmetric_key_ids {
    58. 

  58. 	void		*id[2];
    59. 

  59. };
    60. 

  60. 

  61. extern bool asymmetric_key_id_same(const struct asymmetric_key_id *kid1,
    62. 

  62. 				   const struct asymmetric_key_id *kid2);
    63. 

  63. 

  64. extern bool asymmetric_key_id_partial(const struct asymmetric_key_id *kid1,
    65. 

  65. 				      const struct asymmetric_key_id *kid2);
    66. 

  66. 

  67. extern struct asymmetric_key_id *asymmetric_key_generate_id(const void *val_1,
    68. 

  68. 							    size_t len_1,
    69. 

  69. 							    const void *val_2,
    70. 

  70. 							    size_t len_2);
    71. 

  71. static inline
    72. 

  72. const struct asymmetric_key_ids *asymmetric_key_ids(const struct key *key)
    73. 

  73. {
    74. 

  74. 	return key->payload.data[asym_key_ids];
    75. 

  75. }
    76. 

  76. 

  77. /*
    78. 

  78.  * The payload is at the discretion of the subtype.
    79. 

  79.  */
    80. 

  80. 

  81. #endif /* _KEYS_ASYMMETRIC_TYPE_H */
    82.