pefile: Parse a PE binary to find a key and a signature contained therein

Parse a PE binary to find a key and a signature contained therein. Later patches will check the signature and add the key if the signature checks out. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>
author: David Howells <dhowells@redhat.com> 2014-07-01 16:02:51 +0100
committer: David Howells <dhowells@redhat.com> 2014-07-09 14:58:37 +0100
commit: 26d1164be37f1145a96af15f294122876d8e5c77 (patch)
tree: 3cf981b54d3a275710d840c3674e09271c00c36d /include/linux/verify_pefile.h
parent: 9c87e0f10e281f782312e7b6aa202f2d434c84bf (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/include/linux/verify_pefile.h b/include/linux/verify_pefile.h
new file mode 100644
index 000000000000..ac34819214f9
--- /dev/null
+++ b/include/linux/verify_pefile.h
@@ -0,0 +1,18 @@
+/* Signed PE file verification
+ *
+ * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+
+#ifndef _LINUX_VERIFY_PEFILE_H
+#define _LINUX_VERIFY_PEFILE_H
+
+extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
+				   struct key *trusted_keyring, bool *_trusted);
+
+#endif /* _LINUX_VERIFY_PEFILE_H */
author	David Howells <dhowells@redhat.com>	2014-07-01 16:02:51 +0100
committer	David Howells <dhowells@redhat.com>	2014-07-09 14:58:37 +0100
commit	26d1164be37f1145a96af15f294122876d8e5c77 (patch)
tree	3cf981b54d3a275710d840c3674e09271c00c36d /include/linux/verify_pefile.h
parent	9c87e0f10e281f782312e7b6aa202f2d434c84bf (diff)