linux/Documentation/digsig.txt
<<
>>
Prefs
   1Digital Signature Verification API
   2
   3CONTENTS
   4
   51. Introduction
   62. API
   73. User-space utilities
   8
   9
  101. Introduction
  11
  12Digital signature verification API provides a method to verify digital signature.
  13Currently digital signatures are used by the IMA/EVM integrity protection subsystem.
  14
  15Digital signature verification is implemented using cut-down kernel port of
  16GnuPG multi-precision integers (MPI) library. The kernel port provides
  17memory allocation errors handling, has been refactored according to kernel
  18coding style, and checkpatch.pl reported errors and warnings have been fixed.
  19
  20Public key and signature consist of header and MPIs.
  21
  22struct pubkey_hdr {
  23        uint8_t         version;        /* key format version */
  24        time_t          timestamp;      /* key made, always 0 for now */
  25        uint8_t         algo;
  26        uint8_t         nmpi;
  27        char            mpi[0];
  28} __packed;
  29
  30struct signature_hdr {
  31        uint8_t         version;        /* signature format version */
  32        time_t          timestamp;      /* signature made */
  33        uint8_t         algo;
  34        uint8_t         hash;
  35        uint8_t         keyid[8];
  34      2.6.20.15