diff options
Diffstat (limited to 'include/libfsverity.h')
| -rw-r--r-- | include/libfsverity.h | 106 |
1 files changed, 16 insertions, 90 deletions
diff --git a/include/libfsverity.h b/include/libfsverity.h index a0a1527..6c42e5e 100644 --- a/include/libfsverity.h +++ b/include/libfsverity.h @@ -22,7 +22,7 @@ extern "C" { #include <stdint.h> #define FSVERITY_UTILS_MAJOR_VERSION 1 -#define FSVERITY_UTILS_MINOR_VERSION 5 +#define FSVERITY_UTILS_MINOR_VERSION 3 #define FS_VERITY_HASH_ALG_SHA256 1 #define FS_VERITY_HASH_ALG_SHA512 2 @@ -61,18 +61,8 @@ struct libfsverity_merkle_tree_params { /** @reserved1: must be 0 */ uint64_t reserved1[8]; - /** - * @metadata_callbacks: if non-NULL, this gives a set of callback - * functions to which libfsverity_compute_digest() will pass the Merkle - * tree blocks and fs-verity descriptor after they are computed. - * Normally this isn't useful, but this can be needed in rare cases - * where the metadata needs to be consumed by something other than one - * of the native Linux kernel implementations of fs-verity. - */ - const struct libfsverity_metadata_callbacks *metadata_callbacks; - /** @reserved2: must be 0 */ - uintptr_t reserved2[7]; + uintptr_t reserved2[8]; }; struct libfsverity_digest { @@ -81,75 +71,11 @@ struct libfsverity_digest { uint8_t digest[]; /* the actual digest */ }; -/** - * struct libfsverity_signature_params - certificate and private key information - * - * Zero this, then set @certfile. Then, to specify the private key by key file, - * set @keyfile. Alternatively, to specify the private key by PKCS#11 token, - * set @pkcs11_engine, @pkcs11_module, and optionally @pkcs11_keyid. - * - * Support for PKCS#11 tokens is unavailable when libfsverity was linked to - * BoringSSL rather than OpenSSL. - */ struct libfsverity_signature_params { - - /** @keyfile: the path to the key file in PEM format, when applicable */ - const char *keyfile; - - /** @certfile: the path to the certificate file in PEM format */ - const char *certfile; - - /** @reserved1: must be 0 */ - uint64_t reserved1[8]; - - /** - * @pkcs11_engine: the path to the PKCS#11 engine .so file, when - * applicable - */ - const char *pkcs11_engine; - - /** - * @pkcs11_module: the path to the PKCS#11 module .so file, when - * applicable - */ - const char *pkcs11_module; - - /** @pkcs11_keyid: the PKCS#11 key identifier, when applicable */ - const char *pkcs11_keyid; - - /** @reserved2: must be 0 */ - uintptr_t reserved2[5]; -}; - -struct libfsverity_metadata_callbacks { - - /** @ctx: context passed to the below callbacks (opaque to library) */ - void *ctx; - - /** - * @merkle_tree_size: if non-NULL, called with the total size of the - * Merkle tree in bytes, prior to any call to @merkle_tree_block. Must - * return 0 on success, or a negative errno value on failure. - */ - int (*merkle_tree_size)(void *ctx, uint64_t size); - - /** - * @merkle_tree_block: if non-NULL, called with each block of the - * Merkle tree after it is computed. The offset is the offset in bytes - * to the block within the Merkle tree, using the Merkle tree layout - * used by FS_IOC_READ_VERITY_METADATA. The offsets won't necessarily - * be in increasing order. Must return 0 on success, or a negative - * errno value on failure. - */ - int (*merkle_tree_block)(void *ctx, const void *block, size_t size, - uint64_t offset); - - /** - * @descriptor: if non-NULL, called with the fs-verity descriptor after - * it is computed. Must return 0 on success, or a negative errno value - * on failure. - */ - int (*descriptor)(void *ctx, const void *descriptor, size_t size); + const char *keyfile; /* path to key file (PEM format) */ + const char *certfile; /* path to certificate (PEM format) */ + uint64_t reserved1[8]; /* must be 0 */ + uintptr_t reserved2[8]; /* must be 0 */ }; /* @@ -175,8 +101,7 @@ typedef int (*libfsverity_read_fn_t)(void *fd, void *buf, size_t count); * * Returns: * * 0 for success, -EINVAL for invalid input arguments, -ENOMEM if libfsverity - * failed to allocate memory, or an error returned by @read_fn or by one of - * the @params->metadata_callbacks. + * failed to allocate memory, or an error returned by @read_fn. * * digest_ret returns a pointer to the digest on success. The digest object * is allocated by libfsverity and must be freed by the caller using free(). */ @@ -186,15 +111,16 @@ libfsverity_compute_digest(void *fd, libfsverity_read_fn_t read_fn, struct libfsverity_digest **digest_ret); /** - * libfsverity_sign_digest() - Sign a file for built-in signature verification - * Sign a file digest in a way that is compatible with the Linux - * kernel's fs-verity built-in signature verification support. The - * resulting signature will be a PKCS#7 message in DER format. Note - * that this is not the only way to do signatures with fs-verity. For - * more details, refer to the fsverity-utils README and to - * Documentation/filesystems/fsverity.rst in the kernel source tree. + * libfsverity_sign_digest() - Sign previously computed digest of a file + * This signature is used by the filesystem to validate the signed file + * digest against a public key loaded into the .fs-verity kernel + * keyring, when CONFIG_FS_VERITY_BUILTIN_SIGNATURES is enabled. The + * signature is formatted as PKCS#7 stored in DER format. See + * Documentation/filesystems/fsverity.rst in the kernel source tree for + * further details. * @digest: pointer to previously computed digest - * @sig_params: pointer to the certificate and private key information + * @sig_params: struct libfsverity_signature_params providing filenames of + * the keyfile and certificate file. Reserved fields must be zero. * @sig_ret: Pointer to pointer for signed digest * @sig_size_ret: Pointer to size of signed return digest * |