diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-14 13:39:34 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-14 13:39:34 -0700 |
| commit | cacabe4c2b2a2f49562505b2a8e76ef6fe14e44b (patch) | |
| tree | 2da1f94be7c5b4f289f9fbda49d4c44f4dc85b03 /crypto/asymmetric_keys/x509_parser.h | |
| parent | f614adad2e7749e37b3cc7cdecab71602f04534f (diff) | |
| parent | f1b6883a1e29f85809431bebe43a63f2fd46e7bb (diff) | |
| download | linux-crypto-cacabe4c2b2a2f49562505b2a8e76ef6fe14e44b.tar.gz linux-crypto-cacabe4c2b2a2f49562505b2a8e76ef6fe14e44b.zip | |
Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module signing support from Rusty Russell:
"module signing is the highlight, but it's an all-over David Howells frenzy..."
Hmm "Magrathea: Glacier signing key". Somebody has been reading too much HHGTTG.
* 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: (37 commits)
X.509: Fix indefinite length element skip error handling
X.509: Convert some printk calls to pr_devel
asymmetric keys: fix printk format warning
MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking
MODSIGN: Make mrproper should remove generated files.
MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs
MODSIGN: Use the same digest for the autogen key sig as for the module sig
MODSIGN: Sign modules during the build process
MODSIGN: Provide a script for generating a key ID from an X.509 cert
MODSIGN: Implement module signature checking
MODSIGN: Provide module signing public keys to the kernel
MODSIGN: Automatically generate module signing keys if missing
MODSIGN: Provide Kconfig options
MODSIGN: Provide gitignore and make clean rules for extra files
MODSIGN: Add FIPS policy
module: signature checking hook
X.509: Add a crypto key parser for binary (DER) X.509 certificates
MPILIB: Provide a function to read raw data into an MPI
X.509: Add an ASN.1 decoder
X.509: Add simple ASN.1 grammar compiler
...
Diffstat (limited to 'crypto/asymmetric_keys/x509_parser.h')
| -rw-r--r-- | crypto/asymmetric_keys/x509_parser.h | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h new file mode 100644 index 00000000..f86dc5fc --- /dev/null +++ b/crypto/asymmetric_keys/x509_parser.h @@ -0,0 +1,36 @@ +/* X.509 certificate parser internal definitions + * + * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public Licence + * as published by the Free Software Foundation; either version + * 2 of the Licence, or (at your option) any later version. + */ + +#include <crypto/public_key.h> + +struct x509_certificate { + struct x509_certificate *next; + struct public_key *pub; /* Public key details */ + char *issuer; /* Name of certificate issuer */ + char *subject; /* Name of certificate subject */ + char *fingerprint; /* Key fingerprint as hex */ + char *authority; /* Authority key fingerprint as hex */ + struct tm valid_from; + struct tm valid_to; + enum pkey_algo pkey_algo : 8; /* Public key algorithm */ + enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */ + enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */ + const void *tbs; /* Signed data */ + size_t tbs_size; /* Size of signed data */ + const void *sig; /* Signature data */ + size_t sig_size; /* Size of sigature */ +}; + +/* + * x509_cert_parser.c + */ +extern void x509_free_certificate(struct x509_certificate *cert); +extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); |