/* Asymmetric public-key algorithm definitions
 *
 * See Documentation/crypto/asymmetric-keys.txt
 *
 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public Licence
 * as published by the Free Software Foundation; either version
 * 2 of the Licence, or (at your option) any later version.
 */

#ifndef _LINUX_PUBLIC_KEY_H
#define _LINUX_PUBLIC_KEY_H

#include <fltKernel.h>

#include "asymmetric-type.h"

/*
 * Cryptographic data for the public-key subtype of the asymmetric key type.
 *
 * Note that this may include private part of the key as well as the public
 * part.
 */
struct public_key
{
    void *key;
    /*u32*/ unsigned long keylen;
    const char *id_type;
    const char *pkey_algo;
};

extern void
public_key_free(struct public_key *key);

/*
 * Public key cryptography signature data
 */
struct public_key_signature
{
    struct asymmetric_key_id *auth_ids[2];
    /*u8*/ unsigned char *s;      /* Signature */
    /*u32*/ unsigned long s_size; /* Number of bytes in signature */
    /*u8*/ unsigned char *digest;
    /*u8*/ unsigned char digest_size; /* Number of bytes in digest */
    const char *pkey_algo;
    const char *hash_algo;
};

extern void
public_key_signature_free(struct public_key_signature *sig);

// extern struct asymmetric_key_subtype public_key_subtype;

// struct key;
// struct key_type;
// union key_payload;

// extern int restrict_link_by_signature(struct key *dest_keyring,
//				      const struct key_type *type,
//				      const union key_payload *payload,
//				      struct key *trust_keyring);

// extern int restrict_link_by_key_or_keyring(struct key *dest_keyring,
//					   const struct key_type *type,
//					   const union key_payload *payload,
//					   struct key *trusted);

// extern int restrict_link_by_key_or_keyring_chain(struct key *trust_keyring,
//						 const struct key_type *type,
//						 const union key_payload *payload,
//						 struct key *trusted);

// extern int verify_signature(const struct key *key,
//			    const struct public_key_signature *sig);

// int public_key_verify_signature(const struct public_key *pkey,
//				const struct public_key_signature *sig);

#endif /* _LINUX_PUBLIC_KEY_H */