crypto/asymmetric_keys/signature.c

   1 /* Signature verification with an asymmetric key
   2  *
   3  * See Documentation/security/asymmetric-keys.txt
   4  *
   5  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
   6  * Written by David Howells (dhowells@redhat.com)
   7  *
   8  * This program is free software; you can redistribute it and/or
   9  * modify it under the terms of the GNU General Public Licence
  10  * as published by the Free Software Foundation; either version
  11  * 2 of the Licence, or (at your option) any later version.
  12  */
  13
  14 #define pr_fmt(fmt) "SIG: "fmt
  15 #include <keys/asymmetric-subtype.h>
  16 #include <linux/export.h>
  17 #include <linux/err.h>
  18 #include <linux/slab.h>
  19 #include <crypto/public_key.h>
  20 #include "asymmetric_keys.h"
  21
  22 /*
  23  * Destroy a public key signature.
  24  */
  25 void public_key_signature_free(struct public_key_signature *sig)
  26 {
  27         int i;
  28
  29         if (sig) {
  30                 for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
  31                         kfree(sig->auth_ids[i]);
  32                 kfree(sig->s);
  33                 kfree(sig->digest);
  34                 kfree(sig);
  35         }
  36 }
  37 EXPORT_SYMBOL_GPL(public_key_signature_free);
  38
  39 /**
  40  * verify_signature - Initiate the use of an asymmetric key to verify a signature
  41  * @key: The asymmetric key to verify against
  42  * @sig: The signature to check
  43  *
  44  * Returns 0 if successful or else an error.
  45  */
  46 int verify_signature(const struct key *key,
  47                      const struct public_key_signature *sig)
  48 {
  49         const struct asymmetric_key_subtype *subtype;
  50         int ret;
  51
  52         pr_devel("==>%s()\n", __func__);
  53
  54         if (key->type != &key_type_asymmetric)
  55                 return -EINVAL;
  56         subtype = asymmetric_key_subtype(key);
  57         if (!subtype ||
  58             !key->payload.data[0])
  59                 return -EINVAL;
  60         if (!subtype->verify_signature)
  61                 return -ENOTSUPP;
  62
  63         ret = subtype->verify_signature(key, sig);
  64
  65         pr_devel("<==%s() = %d\n", __func__, ret);
  66         return ret;
  67 }
  68 EXPORT_SYMBOL_GPL(verify_signature);