Merge tag 'pci-v6.6-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci
[platform/kernel/linux-rpi.git] / crypto / asymmetric_keys / x509_parser.h
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /* X.509 certificate parser internal definitions
3  *
4  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
5  * Written by David Howells (dhowells@redhat.com)
6  */
7
8 #include <linux/time.h>
9 #include <crypto/public_key.h>
10 #include <keys/asymmetric-type.h>
11
12 struct x509_certificate {
13         struct x509_certificate *next;
14         struct x509_certificate *signer;        /* Certificate that signed this one */
15         struct public_key *pub;                 /* Public key details */
16         struct public_key_signature *sig;       /* Signature parameters */
17         char            *issuer;                /* Name of certificate issuer */
18         char            *subject;               /* Name of certificate subject */
19         struct asymmetric_key_id *id;           /* Issuer + Serial number */
20         struct asymmetric_key_id *skid;         /* Subject + subjectKeyId (optional) */
21         time64_t        valid_from;
22         time64_t        valid_to;
23         const void      *tbs;                   /* Signed data */
24         unsigned        tbs_size;               /* Size of signed data */
25         unsigned        raw_sig_size;           /* Size of signature */
26         const void      *raw_sig;               /* Signature data */
27         const void      *raw_serial;            /* Raw serial number in ASN.1 */
28         unsigned        raw_serial_size;
29         unsigned        raw_issuer_size;
30         const void      *raw_issuer;            /* Raw issuer name in ASN.1 */
31         const void      *raw_subject;           /* Raw subject name in ASN.1 */
32         unsigned        raw_subject_size;
33         unsigned        raw_skid_size;
34         const void      *raw_skid;              /* Raw subjectKeyId in ASN.1 */
35         unsigned        index;
36         bool            seen;                   /* Infinite recursion prevention */
37         bool            verified;
38         bool            self_signed;            /* T if self-signed (check unsupported_sig too) */
39         bool            unsupported_sig;        /* T if signature uses unsupported crypto */
40         bool            blacklisted;
41 };
42
43 /*
44  * selftest.c
45  */
46 #ifdef CONFIG_FIPS_SIGNATURE_SELFTEST
47 extern int __init fips_signature_selftest(void);
48 #else
49 static inline int fips_signature_selftest(void) { return 0; }
50 #endif
51
52 /*
53  * x509_cert_parser.c
54  */
55 extern void x509_free_certificate(struct x509_certificate *cert);
56 extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen);
57 extern int x509_decode_time(time64_t *_t,  size_t hdrlen,
58                             unsigned char tag,
59                             const unsigned char *value, size_t vlen);
60
61 /*
62  * x509_public_key.c
63  */
64 extern int x509_get_sig_params(struct x509_certificate *cert);
65 extern int x509_check_for_self_signed(struct x509_certificate *cert);