ima: digital signature verification using asymmetric keys

[karo-tx-linux.git] / security / integrity / integrity.h

diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index 0ae08fc88585d7ea0ee0c8d10baa9775017ff45c..84c37c4db914ac46cd07adae4ee4040fe9446390 100644 (file)
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -14,6 +14,7 @@
 #include <linux/types.h>
 #include <linux/integrity.h>
 #include <crypto/sha.h>
+#include <linux/key.h>
 
 /* iint action cache flags */
 #define IMA_MEASURE            0x00000001
@@ -101,5 +102,16 @@ static inline int integrity_digsig_verify(const unsigned int id,
 
 #endif /* CONFIG_INTEGRITY_SIGNATURE */
 
+#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
+int asymmetric_verify(struct key *keyring, const char *sig,
+                     int siglen, const char *data, int datalen);
+#else
+static inline int asymmetric_verify(struct key *keyring, const char *sig,
+                                   int siglen, const char *data, int datalen)
+{
+       return -EOPNOTSUPP;
+}
+#endif
+
 /* set during initialization */
 extern int iint_initialized;