2 files changed, 50 insertions, 22 deletions
diff --git a/include/linux/verification.h b/include/linux/verification.h
new file mode 100644
index 000000000000..bb0fcf941cb7
--- /dev/null
+++ b/include/linux/verification.h
@@ -0,0 +1,50 @@
+/* Signature verification
+ *
+ * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+#ifndef _LINUX_VERIFICATION_H
+#define _LINUX_VERIFICATION_H
+/*
+ * The use to which an asymmetric key is being put.
+ */
+enum key_being_used_for {
+        VERIFYING_MODULE_SIGNATURE,
+        VERIFYING_FIRMWARE_SIGNATURE,
+        VERIFYING_KEXEC_PE_SIGNATURE,
+        VERIFYING_KEY_SIGNATURE,
+        VERIFYING_KEY_SELF_SIGNATURE,
+        VERIFYING_UNSPECIFIED_SIGNATURE,
+        NR__KEY_BEING_USED_FOR
+};
+extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
+#ifdef CONFIG_SYSTEM_DATA_VERIFICATION
+struct key;
+extern int verify_pkcs7_signature(const void *data, size_t len,
+                                  const void *raw_pkcs7, size_t pkcs7_len,
+                                  struct key *trusted_keys,
+                                  int untrusted_error,
+                                  enum key_being_used_for usage,
+                                  int (*view_content)(void *ctx,
+                                                      const void *data, size_t len,
+                                                      size_t asn1hdrlen),
+                                  void *ctx);
+#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
+extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
+                                   struct key *trusted_keys,
+                                   enum key_being_used_for usage);
+#endif
+#endif /* CONFIG_SYSTEM_DATA_VERIFICATION */
+#endif /* _LINUX_VERIFY_PEFILE_H */
diff --git a/include/linux/verify_pefile.h b/include/linux/verify_pefile.h
deleted file mode 100644
index da2049b5161c..000000000000
--- a/include/linux/verify_pefile.h
+++ /dev/null
@@ -1,22 +0,0 @@
-/* Signed PE file verification
- *
- * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
- * Written by David Howells (dhowells@redhat.com)
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public Licence
- * as published by the Free Software Foundation; either version
- * 2 of the Licence, or (at your option) any later version.
- */
-#ifndef _LINUX_VERIFY_PEFILE_H
-#define _LINUX_VERIFY_PEFILE_H
-#include <crypto/public_key.h>
-extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
-                                   struct key *trusted_keyring,
-                                   enum key_being_used_for usage,
-                                   bool *_trusted);
-#endif /* _LINUX_VERIFY_PEFILE_H */

diff --git a/include/linux/verification.h b/include/linux/verification.h new file mode 100644 index 000000000000..bb0fcf941cb7 --- /dev/null +++ b/include/linux/verification.h
@@ -0,0 +1,50 @@
		1	/* Signature verification
		2	*
		3	* Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
		4	* Written by David Howells (dhowells@redhat.com)
		5	*
		6	* This program is free software; you can redistribute it and/or
		7	* modify it under the terms of the GNU General Public Licence
		8	* as published by the Free Software Foundation; either version
		9	* 2 of the Licence, or (at your option) any later version.
		10	*/
		11
		12	#ifndef _LINUX_VERIFICATION_H
		13	#define _LINUX_VERIFICATION_H
		14
		15	/*
		16	* The use to which an asymmetric key is being put.
		17	*/
		18	enum key_being_used_for {
		19	VERIFYING_MODULE_SIGNATURE,
		20	VERIFYING_FIRMWARE_SIGNATURE,
		21	VERIFYING_KEXEC_PE_SIGNATURE,
		22	VERIFYING_KEY_SIGNATURE,
		23	VERIFYING_KEY_SELF_SIGNATURE,
		24	VERIFYING_UNSPECIFIED_SIGNATURE,
		25	NR__KEY_BEING_USED_FOR
		26	};
		27	extern const char *const key_being_used_for[NR__KEY_BEING_USED_FOR];
		28
		29	#ifdef CONFIG_SYSTEM_DATA_VERIFICATION
		30
		31	struct key;
		32
		33	extern int verify_pkcs7_signature(const void *data, size_t len,
		34	const void *raw_pkcs7, size_t pkcs7_len,
		35	struct key *trusted_keys,
		36	int untrusted_error,
		37	enum key_being_used_for usage,
		38	int (view_content)(void ctx,
		39	const void *data, size_t len,
		40	size_t asn1hdrlen),
		41	void *ctx);
		42
		43	#ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
		44	extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
		45	struct key *trusted_keys,
		46	enum key_being_used_for usage);
		47	#endif
		48
		49	#endif /* CONFIG_SYSTEM_DATA_VERIFICATION */
		50	#endif /* _LINUX_VERIFY_PEFILE_H */


diff --git a/include/linux/verify_pefile.h b/include/linux/verify_pefile.h deleted file mode 100644 index da2049b5161c..000000000000 --- a/include/linux/verify_pefile.h +++ /dev/null
@@ -1,22 +0,0 @@
1	/* Signed PE file verification
2	*
3	* Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
4	* Written by David Howells (dhowells@redhat.com)
5	*
6	* This program is free software; you can redistribute it and/or
7	* modify it under the terms of the GNU General Public Licence
8	* as published by the Free Software Foundation; either version
9	* 2 of the Licence, or (at your option) any later version.
10	*/
11
12	#ifndef _LINUX_VERIFY_PEFILE_H
13	#define _LINUX_VERIFY_PEFILE_H
14
15	#include <crypto/public_key.h>
16
17	extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
18	struct key *trusted_keyring,
19	enum key_being_used_for usage,
20	bool *_trusted);
21
22	#endif /* _LINUX_VERIFY_PEFILE_H */