blob: 004d5fc8e56be7ac48897b7417e336c7bc4c918c [file] [log] [blame]
David Howells4ae71c12012-09-21 23:25:04 +01001/* Signature verification with an asymmetric key
2 *
3 * See Documentation/security/asymmetric-keys.txt
4 *
5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
6 * Written by David Howells (dhowells@redhat.com)
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public Licence
10 * as published by the Free Software Foundation; either version
11 * 2 of the Licence, or (at your option) any later version.
12 */
13
David Howellsc3ce6df2014-09-02 13:52:15 +010014#define pr_fmt(fmt) "SIG: "fmt
David Howells4ae71c12012-09-21 23:25:04 +010015#include <keys/asymmetric-subtype.h>
Paul Gortmaker1f6a9ab2015-12-09 15:05:28 -050016#include <linux/export.h>
David Howells4ae71c12012-09-21 23:25:04 +010017#include <linux/err.h>
18#include <crypto/public_key.h>
19#include "asymmetric_keys.h"
20
21/**
22 * verify_signature - Initiate the use of an asymmetric key to verify a signature
23 * @key: The asymmetric key to verify against
24 * @sig: The signature to check
25 *
26 * Returns 0 if successful or else an error.
27 */
28int verify_signature(const struct key *key,
29 const struct public_key_signature *sig)
30{
31 const struct asymmetric_key_subtype *subtype;
32 int ret;
33
34 pr_devel("==>%s()\n", __func__);
35
36 if (key->type != &key_type_asymmetric)
37 return -EINVAL;
38 subtype = asymmetric_key_subtype(key);
39 if (!subtype ||
David Howells146aa8b2015-10-21 14:04:48 +010040 !key->payload.data[0])
David Howells4ae71c12012-09-21 23:25:04 +010041 return -EINVAL;
42 if (!subtype->verify_signature)
43 return -ENOTSUPP;
44
45 ret = subtype->verify_signature(key, sig);
46
47 pr_devel("<==%s() = %d\n", __func__, ret);
48 return ret;
49}
50EXPORT_SYMBOL_GPL(verify_signature);