blob: 4fb6a1487a428a8a82ddd84ae6ed30281011d000 [file] [log] [blame]
.\" Copyright (C) 2018 Red Hat, Inc. All Rights Reserved.
.\" Written by David Howells (
.\" This program is free software; you can redistribute it and/or
.\" modify it under the terms of the GNU General Public Licence
.\" as published by the Free Software Foundation; either version
.\" 2 of the Licence, or (at your option) any later version.
.TH KEYCTL_PKEY_SIGN 3 "8 Nov 2018" Linux "Linux Public-Key Signatures"
keyctl_pkey_sign, keyctl_pkey_verify \- Generate and verify signatures
.B #include <keyutils.h>
.BI "long keyctl_pkey_sign(key_serial_t " key ", const char *" info ,
.BI " const void *" data ", size_t " data_len ,
.BI " void *" sig ", size_t " sig_len ");"
.BI "long keyctl_pkey_verify(key_serial_t " key ", const char *" info ,
.BI " const void *" data ", size_t " data_len ,
.BI " const void *" sig ", size_t " sig_len ");"
.BR keyctl_pkey_sign ()
asks the kernel to use the crypto data attached to a key to generate a
detached signature for a blob of data. Note that this may involve calling out
to cryptographic hardware.
.BR keyctl_pkey_verify ()
asks the kernel to use the key to generate a verify the signature against the
same blob of data. This may also involve calling out to cryptographic
The caller must have
.B search
permission on a key to be able to perform either operation.
When invoking the function,
.I key
indicates the key that will provide the cryptographic material and
.I info
points to a space- or tab-separated string of "key[=value]" parameters that
indicate things like encoding forms and passwords to unlock the key; see
asymmetric-key(7) for more information.
.IR data " and " datalen
indicate the address and size of the buffer of data to be signed and
.IR sig " and " siglen
indicate the address and size of the signature buffer. The sign function
draws data from the data buffer, generates a signature from it and places the
output into the signature buffer. The verify function also draws data from
the data buffer, then decrypts the signature and compares the result.
Note that the data buffer is strictly limited in capacity, typically unable to
hold more bits than the size of the key. The caller is expected to have
pre-digested the actual data and will thus pass the digest output to this
function. The name of the digest used should be passed as part of the info
string as \fPhash=<name>\fR for use in constructing the signature metadata.
.BR keyctl_pkey_query (2)
can be called to find out how large the buffers need to be and what the
maximum size of the data can be for a specific signature encoding.
Note that not all asymmetric-type keys will support these operations; further,
the operations available may depend on which components of the key material are
available: typically encryption only requires the public key, but decryption
requires the private key as well. Which operations are supported on a
particular key can also be determined using the query function.
On success
.BR keyctl_pkey_sign ()
returns the amount of data written into the signature buffer.
.BR keyctl_pkey_verify ()
will return 0 in this case as it doesn't write to userspace.
On error the value
.B -1
will be returned and
.I errno
will have been set to an appropriate error.
The key specified is invalid.
The key specified has expired.
The key specified has been revoked.
The key exists, but is not
.B searchable
by the calling process.
Some part of the key material or signature data is bad.
Signature verification failed.
Some facility needed to complete the requested operation is not available.
This is most probably a requested or required digest or encryption algorithm.
Bad address.
This is a library function that can be found in
.IR libkeyutils .
When linking,
.B \-lkeyutils
should be specified to the linker.
.ad l
.BR keyctl (1),
.BR add_key (2),
.BR keyctl (2),
.BR keyctl (3),
.BR keyctl_pkey_query (3),
.BR keyrings (7),
.BR keyutils (7)