1c8424e77SThiago Jung Bauermann /* SPDX-License-Identifier: GPL-2.0+ */ 2c8424e77SThiago Jung Bauermann /* 3c8424e77SThiago Jung Bauermann * Module signature handling. 4c8424e77SThiago Jung Bauermann * 5c8424e77SThiago Jung Bauermann * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 6c8424e77SThiago Jung Bauermann * Written by David Howells (dhowells@redhat.com) 7c8424e77SThiago Jung Bauermann */ 8c8424e77SThiago Jung Bauermann 9c8424e77SThiago Jung Bauermann #ifndef _LINUX_MODULE_SIGNATURE_H 10c8424e77SThiago Jung Bauermann #define _LINUX_MODULE_SIGNATURE_H 11c8424e77SThiago Jung Bauermann 12*70433f67SStephen Rothwell #include <linux/types.h> 13*70433f67SStephen Rothwell 14c8424e77SThiago Jung Bauermann /* In stripped ARM and x86-64 modules, ~ is surprisingly rare. */ 15c8424e77SThiago Jung Bauermann #define MODULE_SIG_STRING "~Module signature appended~\n" 16c8424e77SThiago Jung Bauermann 17c8424e77SThiago Jung Bauermann enum pkey_id_type { 18c8424e77SThiago Jung Bauermann PKEY_ID_PGP, /* OpenPGP generated key ID */ 19c8424e77SThiago Jung Bauermann PKEY_ID_X509, /* X.509 arbitrary subjectKeyIdentifier */ 20c8424e77SThiago Jung Bauermann PKEY_ID_PKCS7, /* Signature in PKCS#7 message */ 21c8424e77SThiago Jung Bauermann }; 22c8424e77SThiago Jung Bauermann 23c8424e77SThiago Jung Bauermann /* 24c8424e77SThiago Jung Bauermann * Module signature information block. 25c8424e77SThiago Jung Bauermann * 26c8424e77SThiago Jung Bauermann * The constituents of the signature section are, in order: 27c8424e77SThiago Jung Bauermann * 28c8424e77SThiago Jung Bauermann * - Signer's name 29c8424e77SThiago Jung Bauermann * - Key identifier 30c8424e77SThiago Jung Bauermann * - Signature data 31c8424e77SThiago Jung Bauermann * - Information block 32c8424e77SThiago Jung Bauermann */ 33c8424e77SThiago Jung Bauermann struct module_signature { 34c8424e77SThiago Jung Bauermann u8 algo; /* Public-key crypto algorithm [0] */ 35c8424e77SThiago Jung Bauermann u8 hash; /* Digest algorithm [0] */ 36c8424e77SThiago Jung Bauermann u8 id_type; /* Key identifier type [PKEY_ID_PKCS7] */ 37c8424e77SThiago Jung Bauermann u8 signer_len; /* Length of signer's name [0] */ 38c8424e77SThiago Jung Bauermann u8 key_id_len; /* Length of key identifier [0] */ 39c8424e77SThiago Jung Bauermann u8 __pad[3]; 40c8424e77SThiago Jung Bauermann __be32 sig_len; /* Length of signature data */ 41c8424e77SThiago Jung Bauermann }; 42c8424e77SThiago Jung Bauermann 43c8424e77SThiago Jung Bauermann int mod_check_sig(const struct module_signature *ms, size_t file_len, 44c8424e77SThiago Jung Bauermann const char *name); 45c8424e77SThiago Jung Bauermann 46c8424e77SThiago Jung Bauermann #endif /* _LINUX_MODULE_SIGNATURE_H */ 47