pefile: Parse a PE binary to find a key and a signature contained therein

Parse a PE binary to find a key and a signature contained therein.  Later
patches will check the signature and add the key if the signature checks out.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Vivek Goyal <vgoyal@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>

1 files changed, 37 insertions, 0 deletions

diff --git a/crypto/asymmetric_keys/verify_pefile.h b/crypto/asymmetric_keys/verify_pefile.h
new file mode 100644
index 000000000000..e165d23458d4
--- /dev/null
+++ b/crypto/asymmetric_keys/verify_pefile.h
@@ -0,0 +1,37 @@
+/* PE Binary parser bits
+ *
+ * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+
+#include <linux/verify_pefile.h>
+#include <crypto/pkcs7.h>
+#include <crypto/hash_info.h>
+
+struct pefile_context {
+        unsigned        header_size;
+        unsigned        image_checksum_offset;
+        unsigned        cert_dirent_offset;
+        unsigned        n_data_dirents;
+        unsigned        n_sections;
+        unsigned        certs_size;
+        unsigned        sig_offset;
+        unsigned        sig_len;
+        const struct section_header *secs;
+        struct pkcs7_message *pkcs7;
+
+        /* PKCS#7 MS Individual Code Signing content */
+        const void      *digest;                /* Digest */
+        unsigned        digest_len;             /* Digest length */
+        enum hash_algo  digest_algo;            /* Digest algorithm */
+};
+
+#define kenter(FMT, ...)                                        \
+        pr_devel("==> %s("FMT")\n", __func__, ##__VA_ARGS__)
+#define kleave(FMT, ...) \
+        pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__)