summaryrefslogtreecommitdiff
path: root/include/keys
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2016-04-06 18:13:33 +0300
committerDavid Howells <dhowells@redhat.com>2016-04-06 18:13:33 +0300
commit3b764563177c1e435ef3e2608271c07955f73ea6 (patch)
tree6c2c109d6fdde374e9a514976f49e236f79459f4 /include/keys
parent864e7a816a0646a6d9aecbd59a8e366c39b8ad2d (diff)
downloadlinux-3b764563177c1e435ef3e2608271c07955f73ea6.tar.xz
KEYS: Allow authentication data to be stored in an asymmetric key
Allow authentication data to be stored in an asymmetric key in the 4th element of the key payload and provide a way for it to be destroyed. For the public key subtype, this will be a public_key_signature struct. Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'include/keys')
-rw-r--r--include/keys/asymmetric-subtype.h2
-rw-r--r--include/keys/asymmetric-type.h7
2 files changed, 5 insertions, 4 deletions
diff --git a/include/keys/asymmetric-subtype.h b/include/keys/asymmetric-subtype.h
index 4915d40d3c3c..2480469ce8fb 100644
--- a/include/keys/asymmetric-subtype.h
+++ b/include/keys/asymmetric-subtype.h
@@ -32,7 +32,7 @@ struct asymmetric_key_subtype {
void (*describe)(const struct key *key, struct seq_file *m);
/* Destroy a key of this subtype */
- void (*destroy)(void *payload);
+ void (*destroy)(void *payload_crypto, void *payload_auth);
/* Verify the signature on a key of this subtype (optional) */
int (*verify_signature)(const struct key *key,
diff --git a/include/keys/asymmetric-type.h b/include/keys/asymmetric-type.h
index 59c1df9cf922..70a8775bb444 100644
--- a/include/keys/asymmetric-type.h
+++ b/include/keys/asymmetric-type.h
@@ -23,9 +23,10 @@ extern struct key_type key_type_asymmetric;
* follows:
*/
enum asymmetric_payload_bits {
- asym_crypto,
- asym_subtype,
- asym_key_ids,
+ asym_crypto, /* The data representing the key */
+ asym_subtype, /* Pointer to an asymmetric_key_subtype struct */
+ asym_key_ids, /* Pointer to an asymmetric_key_ids struct */
+ asym_auth /* The key's authorisation (signature, parent key ID) */
};
/*