| /* SPDX-License-Identifier: GPL-2.0+ */ |
| /* |
| * Module signature handling. |
| * |
| * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. |
| * Written by David Howells (dhowells@redhat.com) |
| */ |
| |
| #ifndef _LINUX_MODULE_SIGNATURE_H |
| #define _LINUX_MODULE_SIGNATURE_H |
| |
| #include <linux/types.h> |
| |
| /* In stripped ARM and x86-64 modules, ~ is surprisingly rare. */ |
| #define MODULE_SIG_STRING "~Module signature appended~\n" |
| |
| enum pkey_id_type { |
| PKEY_ID_PGP, /* OpenPGP generated key ID */ |
| PKEY_ID_X509, /* X.509 arbitrary subjectKeyIdentifier */ |
| PKEY_ID_PKCS7, /* Signature in PKCS#7 message */ |
| }; |
| |
| /* |
| * Module signature information block. |
| * |
| * The constituents of the signature section are, in order: |
| * |
| * - Signer's name |
| * - Key identifier |
| * - Signature data |
| * - Information block |
| */ |
| struct module_signature { |
| u8 algo; /* Public-key crypto algorithm [0] */ |
| u8 hash; /* Digest algorithm [0] */ |
| u8 id_type; /* Key identifier type [PKEY_ID_PKCS7] */ |
| u8 signer_len; /* Length of signer's name [0] */ |
| u8 key_id_len; /* Length of key identifier [0] */ |
| u8 __pad[3]; |
| __be32 sig_len; /* Length of signature data */ |
| }; |
| |
| int mod_check_sig(const struct module_signature *ms, size_t file_len, |
| const char *name); |
| |
| #endif /* _LINUX_MODULE_SIGNATURE_H */ |
