1 /* SPDX-License-Identifier: GPL-2.0+ */ 2 /* 3 * Module signature handling. 4 * 5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 6 * Written by David Howells (dhowells@redhat.com) 7 */ 8 9 #ifndef _LINUX_MODULE_SIGNATURE_H 10 #define _LINUX_MODULE_SIGNATURE_H 11 12 #include <linux/types.h> 13 14 /* In stripped ARM and x86-64 modules, ~ is surprisingly rare. */ 15 #define MODULE_SIG_STRING "~Module signature appended~\n" 16 17 enum pkey_id_type { 18 PKEY_ID_PGP, /* OpenPGP generated key ID */ 19 PKEY_ID_X509, /* X.509 arbitrary subjectKeyIdentifier */ 20 PKEY_ID_PKCS7, /* Signature in PKCS#7 message */ 21 }; 22 23 /* 24 * Module signature information block. 25 * 26 * The constituents of the signature section are, in order: 27 * 28 * - Signer's name 29 * - Key identifier 30 * - Signature data 31 * - Information block 32 */ 33 struct module_signature { 34 u8 algo; /* Public-key crypto algorithm [0] */ 35 u8 hash; /* Digest algorithm [0] */ 36 u8 id_type; /* Key identifier type [PKEY_ID_PKCS7] */ 37 u8 signer_len; /* Length of signer's name [0] */ 38 u8 key_id_len; /* Length of key identifier [0] */ 39 u8 __pad[3]; 40 __be32 sig_len; /* Length of signature data */ 41 }; 42 43 int mod_check_sig(const struct module_signature *ms, size_t file_len, 44 const char *name); 45 46 #endif /* _LINUX_MODULE_SIGNATURE_H */ 47