summaryrefslogtreecommitdiffstats
path: root/crypto/asymmetric_keys/pkcs8_parser.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2018-10-09 18:47:38 +0200
committerJames Morris <james.morris@microsoft.com>2018-10-26 10:30:46 +0200
commitc08fed73712620eb0a19244dbbbbdf00edbe5e47 (patch)
treeac2ce0609c78d7a217e9e933d872acb1bdcd3237 /crypto/asymmetric_keys/pkcs8_parser.c
parentKEYS: Allow the public_key struct to hold a private key [ver #2] (diff)
downloadlinux-c08fed73712620eb0a19244dbbbbdf00edbe5e47.tar.xz
linux-c08fed73712620eb0a19244dbbbbdf00edbe5e47.zip
KEYS: Implement encrypt, decrypt and sign for software asymmetric key [ver #2]
Implement the encrypt, decrypt and sign operations for the software asymmetric key subtype. This mostly involves offloading the call to the crypto layer. Note that the decrypt and sign operations require a private key to be supplied. Encrypt (and also verify) will work with either a public or a private key. A public key can be supplied with an X.509 certificate and a private key can be supplied using a PKCS#8 blob: # j=`openssl pkcs8 -in ~/pkcs7/firmwarekey2.priv -topk8 -nocrypt -outform DER | keyctl padd asymmetric foo @s` # keyctl pkey_query $j - enc=pkcs1 key_size=4096 max_data_size=512 max_sig_size=512 max_enc_size=512 max_dec_size=512 encrypt=y decrypt=y sign=y verify=y # keyctl pkey_encrypt $j 0 data enc=pkcs1 >/tmp/enc # keyctl pkey_decrypt $j 0 /tmp/enc enc=pkcs1 >/tmp/dec # cmp data /tmp/dec # keyctl pkey_sign $j 0 data enc=pkcs1 hash=sha1 >/tmp/sig # keyctl pkey_verify $j 0 data /tmp/sig enc=pkcs1 hash=sha1 # Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Marcel Holtmann <marcel@holtmann.org> Reviewed-by: Marcel Holtmann <marcel@holtmann.org> Reviewed-by: Denis Kenzior <denkenz@gmail.com> Tested-by: Denis Kenzior <denkenz@gmail.com> Signed-off-by: James Morris <james.morris@microsoft.com>
Diffstat (limited to 'crypto/asymmetric_keys/pkcs8_parser.c')
0 files changed, 0 insertions, 0 deletions