pkey

libkeyutils-sys/src/constants.rs

@@ -27,7 +27,7 @@
 // Ignore rustfmt changes in here. The horizontal alignment is too useful to give up.
 #![cfg_attr(rustfmt, rustfmt_skip)]
 
-use types::{key_perm_t, key_serial_t};
+use types::{key_perm_t, key_serial_t, _keyctl_support_t};
 
 pub const KEY_TYPE_USER:                    &str = "user";
 pub const KEY_TYPE_LOGON:                   &str = "logon";
@@ -80,3 +80,8 @@ pub const KEY_OTH_SEARCH:  key_perm_t = 0x0000_0008;
 pub const KEY_OTH_LINK:    key_perm_t = 0x0000_0010;
 pub const KEY_OTH_SETATTR: key_perm_t = 0x0000_0020;
 pub const KEY_OTH_ALL:     key_perm_t = 0x0000_003f;
+
+pub const KEYCTL_SUPPORTS_ENCRYPT: _keyctl_support_t = 0x01;
+pub const KEYCTL_SUPPORTS_DECRYPT: _keyctl_support_t = 0x02;
+pub const KEYCTL_SUPPORTS_SIGN:    _keyctl_support_t = 0x04;
+pub const KEYCTL_SUPPORTS_VERIFY:  _keyctl_support_t = 0x08;

libkeyutils-sys/src/functions.rs

@@ -26,7 +26,7 @@
 
 use crates::libc;
 
-use types::{key_perm_t, key_serial_t};
+use types::{key_perm_t, key_serial_t, keyctl_pkey_query};
 
 #[rustfmt::skip]
 extern "C" {
@@ -143,4 +143,58 @@ extern "C" {
         buffer:     *mut libc::c_char,
         buflen:     libc::size_t)
         -> libc::c_long;
+    pub fn keyctl_dh_compute_kdf(
+        private:        key_serial_t,
+        prime:          key_serial_t,
+        base:           key_serial_t,
+        // These are typos in the original API that can't be fixed.
+        // hashname:   *mut libc::c_char,
+        // otherinfo:  *mut libc::c_char,
+        hashname:       *const libc::c_char,
+        otherinfo:      *const libc::c_void,
+        otherinfolen:   libc::size_t,
+        buffer:         *mut libc::c_char,
+        buflen:         libc::size_t)
+        -> libc::c_long;
+    pub fn keyctl_pkey_query(
+        key:        key_serial_t,
+        password:   key_serial_t,
+        info:       *mut keyctl_pkey_query)
+        -> libc::c_long;
+    pub fn keyctl_pkey_encrypt(
+        key:        key_serial_t,
+        password:   key_serial_t,
+        info:       *const libc::c_char,
+        data:       *const libc::c_void,
+        data_len:   libc::size_t,
+        enc:        *mut libc::c_void,
+        enc_len:    libc::size_t)
+        -> libc::c_long;
+    pub fn keyctl_pkey_decrypt(
+        key:        key_serial_t,
+        password:   key_serial_t,
+        info:       *const libc::c_char,
+        enc:        *const libc::c_void,
+        enc_len:    libc::size_t,
+        data:       *mut libc::c_void,
+        data_len:   libc::size_t)
+        -> libc::c_long;
+    pub fn keyctl_pkey_sign(
+        key:        key_serial_t,
+        password:   key_serial_t,
+        info:       *const libc::c_char,
+        data:       *const libc::c_void,
+        data_len:   libc::size_t,
+        sig:        *mut libc::c_void,
+        sig_len:    libc::size_t)
+        -> libc::c_long;
+    pub fn keyctl_pkey_verify(
+        key:        key_serial_t,
+        password:   key_serial_t,
+        info:       *const libc::c_char,
+        data:       *const libc::c_void,
+        data_len:   libc::size_t,
+        sig:        *const libc::c_void,
+        sig_len:    libc::size_t)
+        -> libc::c_long;
 }

libkeyutils-sys/src/types.rs

@@ -30,3 +30,32 @@ use crates::libc;
 
 pub type key_serial_t = libc::int32_t;
 pub type key_perm_t = libc::uint32_t;
+
+// No actual type in the API, but create one for simplicity.
+pub type _keyctl_support_t = libc::uint32_t;
+
+#[rustfmt::skip]
+#[repr(C)]
+pub struct keyctl_pkey_query {
+    pub supported_ops:  libc::uint32_t,
+    pub key_size:       libc::uint32_t,
+    pub max_data_size:  libc::uint16_t,
+    pub max_sig_size:   libc::uint16_t,
+    pub max_enc_size:   libc::uint16_t,
+    pub max_dec_size:   libc::uint16_t,
+    __spare:            [libc::uint32_t; 10],
+}
+
+impl keyctl_pkey_query {
+    pub fn new() -> Self {
+        keyctl_pkey_query {
+            supported_ops: 0,
+            key_size: 0,
+            max_data_size: 0,
+            max_sig_size: 0,
+            max_enc_size: 0,
+            max_dec_size: 0,
+            __spare: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0],
+        }
+    }
+}