iPXE
|
Cryptographic Message Syntax (PKCS #7) More...
#include <time.h>
#include <ipxe/asn1.h>
#include <ipxe/crypto.h>
#include <ipxe/x509.h>
#include <ipxe/refcnt.h>
#include <ipxe/uaccess.h>
Go to the source code of this file.
Data Structures | |
struct | cms_type |
A CMS message type. More... | |
struct | cms_participant |
CMS participant information. More... | |
struct | cms_message |
A CMS message. More... | |
Functions | |
FILE_LICENCE (GPL2_OR_LATER_OR_UBDL) | |
static struct cms_message * | cms_get (struct cms_message *cms) |
Get reference to CMS message. More... | |
static void | cms_put (struct cms_message *cms) |
Drop reference to CMS message. More... | |
static int | cms_is_signature (struct cms_message *cms) |
Check if CMS message is a signature message. More... | |
static int | cms_is_encrypted (struct cms_message *cms) |
Check if CMS message is an encrypted message. More... | |
int | cms_message (struct image *image, struct cms_message **cms) |
Create CMS message. More... | |
int | cms_verify (struct cms_message *cms, struct image *image, const char *name, time_t time, struct x509_chain *store, struct x509_root *root) |
Verify CMS signature. More... | |
int | cms_decrypt (struct cms_message *cms, struct image *image, const char *name, struct private_key *private_key) |
Decrypt CMS message. More... | |
Cryptographic Message Syntax (PKCS #7)
Definition in file cms.h.
FILE_LICENCE | ( | GPL2_OR_LATER_OR_UBDL | ) |
|
inlinestatic |
Get reference to CMS message.
cms | CMS message |
cms | CMS message |
Definition at line 83 of file cms.h.
References ref_get, and cms_message::refcnt.
|
inlinestatic |
Drop reference to CMS message.
cms | CMS message |
Definition at line 94 of file cms.h.
References ref_put, and cms_message::refcnt.
Referenced by cms_message(), cms_test_exec(), imgdecrypt(), and imgverify().
|
inlinestatic |
Check if CMS message is a signature message.
cms | CMS message |
is_signature | Message is a signature message |
Definition at line 105 of file cms.h.
References cms_message::certificates, and NULL.
Referenced by cms_parse_identifier(), cms_parse_participant(), and cms_verify().
|
inlinestatic |
Check if CMS message is an encrypted message.
cms | CMS message |
is_encrypted | Message is an encrypted message |
Definition at line 118 of file cms.h.
References cms_message::cipher, and NULL.
int cms_message | ( | struct image * | image, |
struct cms_message ** | cms | ||
) |
Create CMS message.
image | Image |
sig | CMS message |
rc | Return status code |
On success, the caller holds a reference to the CMS message, and is responsible for ultimately calling cms_put().
Definition at line 677 of file cms.c.
References asn1_shrink_any(), cipher_null, cms_free(), cms_parse(), cms_put(), DBGC, ENOMEM, image_asn1(), INIT_LIST_HEAD, next, rc, ref_init, strerror(), and zalloc().
int cms_verify | ( | struct cms_message * | cms, |
struct image * | image, | ||
const char * | name, | ||
time_t | time, | ||
struct x509_chain * | store, | ||
struct x509_root * | root | ||
) |
Verify CMS signature.
cms | CMS message |
image | Signed image |
name | Required common name, or NULL to check all signatures |
time | Time at which to validate certificates |
store | Certificate store, or NULL to use default |
root | Root certificate list, or NULL to use default |
rc | Return status code |
Definition at line 854 of file cms.c.
References cms_participant::chain, cms_is_signature(), cms_verify_signer(), count, image::data, DBGC, EACCES_NO_SIGNATURES, EACCES_WRONG_NAME, ENOTTY, image_trust(), image_untrust(), image::len, list_for_each_entry, name, cms_message::participants, rc, root, x509_certificate::store, x509_check_name(), and x509_first().
Referenced by cms_verify_fail_okx(), cms_verify_okx(), and imgverify().
int cms_decrypt | ( | struct cms_message * | cms, |
struct image * | image, | ||
const char * | name, | ||
struct private_key * | private_key | ||
) |
Decrypt CMS message.
cms | CMS message |
image | Image to decrypt |
name | Decrypted image name, or NULL to use default |
private_key | Private key |
rc | Return status code |
Definition at line 1059 of file cms.c.
References cipher_algorithm::auth, cipher_algorithm::authsize, cipher_algorithm::blocksize, cms_message::cipher, cipher_auth(), cipher_decrypt, cipher_encrypt, cms_cipher(), CMS_DECRYPT_BLKSZ, cms_verify_padding(), copy_from_user(), copy_to_user(), ctx, cipher_algorithm::ctxsize, asn1_cursor::data, image::data, DBGC, DBGC_HDA, EACCES_LEN, EACCES_MAC, ENOMEM, ENOTTY, image::flags, free, image_get(), image_put(), IMAGE_REGISTERED, image_set_name(), image_strip_suffix(), image_untrust(), asn1_cursor::len, image::len, cms_message::mac, malloc(), memcmp(), memcpy(), name, NULL, offset, pad_len, rc, register_image(), tmp, image::type, and unregister_image().
Referenced by cms_decrypt_okx(), and imgdecrypt().