pefile: Parse a PE binary to find a key and a signature contained therein Parse a PE binary to find a key and a signature contained therein. Later patches will check the signature and add the key if the signature checks out. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org>

commit: 26d1164be37f1145a96af15f294122876d8e5c77 [log] [tgz]
author: David Howells <dhowells@redhat.com> Tue Jul 01 16:02:51 2014 +0100
committer: David Howells <dhowells@redhat.com> Wed Jul 09 14:58:37 2014 +0100
tree: 3cf981b54d3a275710d840c3674e09271c00c36d
parent: 9c87e0f10e281f782312e7b6aa202f2d434c84bf [diff] [blame]
diff --git a/include/linux/verify_pefile.h b/include/linux/verify_pefile.h
new file mode 100644
index 0000000..ac34819
--- /dev/null
+++ b/include/linux/verify_pefile.h

@@ -0,0 +1,18 @@
+/* Signed PE file verification
+ *
+ * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+
+#ifndef _LINUX_VERIFY_PEFILE_H
+#define _LINUX_VERIFY_PEFILE_H
+
+extern int verify_pefile_signature(const void *pebuf, unsigned pelen,
+				   struct key *trusted_keyring, bool *_trusted);
+
+#endif /* _LINUX_VERIFY_PEFILE_H */
commit	26d1164be37f1145a96af15f294122876d8e5c77	[log] [tgz]
author	David Howells <dhowells@redhat.com>	Tue Jul 01 16:02:51 2014 +0100
committer	David Howells <dhowells@redhat.com>	Wed Jul 09 14:58:37 2014 +0100
tree	3cf981b54d3a275710d840c3674e09271c00c36d
parent	9c87e0f10e281f782312e7b6aa202f2d434c84bf [diff] [blame]