KEYS: Allow authentication data to be stored in an asymmetric key

Allow authentication data to be stored in an asymmetric key in the 4th
element of the key payload and provide a way for it to be destroyed.

For the public key subtype, this will be a public_key_signature struct.

Signed-off-by: David Howells <dhowells@redhat.com>

2 files changed, 5 insertions, 4 deletions

diff --git a/include/keys/asymmetric-subtype.h b/include/keys/asymmetric-subtype.h
index 4915d40d3c3c..2480469ce8fb 100644
--- a/include/keys/asymmetric-subtype.h
+++ b/include/keys/asymmetric-subtype.h
@@ -32,7 +32,7 @@ struct asymmetric_key_subtype {
         void (*describe)(const struct key *key, struct seq_file *m);
 
         /* Destroy a key of this subtype */
-        void (*destroy)(void *payload);
+        void (*destroy)(void *payload_crypto, void *payload_auth);
 
         /* Verify the signature on a key of this subtype (optional) */
         int (*verify_signature)(const struct key *key,
diff --git a/include/keys/asymmetric-type.h b/include/keys/asymmetric-type.h
index 59c1df9cf922..70a8775bb444 100644
--- a/include/keys/asymmetric-type.h
+++ b/include/keys/asymmetric-type.h
@@ -23,9 +23,10 @@ extern struct key_type key_type_asymmetric;
  * follows:
  */
 enum asymmetric_payload_bits {
-        asym_crypto,
-        asym_subtype,
-        asym_key_ids,
+        asym_crypto,            /* The data representing the key */
+        asym_subtype,           /* Pointer to an asymmetric_key_subtype struct */
+        asym_key_ids,           /* Pointer to an asymmetric_key_ids struct */
+        asym_auth               /* The key's authorisation (signature, parent key ID) */
 };
 
 /*