98 lines
3 KiB
C
98 lines
3 KiB
C
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*-
|
|
* vi:set noexpandtab tabstop=8 shiftwidth=8:
|
|
*
|
|
* Copyright (C) 2024 Red Hat <www.redhat.com>
|
|
*
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <glib.h>
|
|
#include <glib-object.h>
|
|
|
|
G_BEGIN_DECLS
|
|
|
|
#define GS_AKMODS_KEY_PATH "/etc/pki/akmods/certs"
|
|
#define GS_AKMODS_KEY_FILENAME GS_AKMODS_KEY_PATH "/public_key.der"
|
|
|
|
/*
|
|
* GsDkmsKeyKind:
|
|
* @GS_DKMS_KEY_KIND_AKMODS: use akmods key
|
|
* @GS_DKMS_KEY_KIND_DKMS: use DKMS key
|
|
*
|
|
* The DKMS code can handle both DKMS and akmods keys. This enum helps
|
|
* to distinguish, which one should be used.
|
|
*
|
|
* Since: 47
|
|
**/
|
|
|
|
typedef enum {
|
|
GS_DKMS_KEY_KIND_AKMODS,
|
|
GS_DKMS_KEY_KIND_DKMS
|
|
} GsDkmsKeyKind;
|
|
|
|
/*
|
|
* GsDkmsState:
|
|
* @GS_DKMS_STATE_ERROR: there was an error determining the key state
|
|
* @GS_DKMS_STATE_ENROLLED: the key is enrolled, which means it can used to sign the drivers
|
|
* @GS_DKMS_STATE_NOT_FOUND: the key was not found, it's needed to be created first
|
|
* @GS_DKMS_STATE_NOT_ENROLLED: the key exists, but is not enrolled yet
|
|
* @GS_DKMS_STATE_PENDING: the key is scheduled to be enrolled the next boot
|
|
*
|
|
* Declares DKMS or akmods key states.
|
|
*
|
|
* Since: 47
|
|
**/
|
|
typedef enum {
|
|
GS_DKMS_STATE_ERROR = 0,
|
|
GS_DKMS_STATE_ENROLLED = 1,
|
|
GS_DKMS_STATE_NOT_FOUND = 2,
|
|
GS_DKMS_STATE_NOT_ENROLLED = 3,
|
|
GS_DKMS_STATE_PENDING = 4
|
|
} GsDkmsState;
|
|
|
|
/*
|
|
* GsSecurebootState:
|
|
* @GS_SECUREBOOT_STATE_UNKNOWN: the Secure Boot state is unknown; it can
|
|
* for example mean there is not installed the tool to check its state
|
|
* @GS_SECUREBOOT_STATE_DISABLED: the Secure Boot is disabled
|
|
* @GS_SECUREBOOT_STATE_ENABLED: the Secure Boot is disabled
|
|
* @GS_SECUREBOOT_STATE_NOT_SUPPORTED: the Secure Boot is not supported
|
|
* in this installation, like for example when the system is not
|
|
* installed with UEFI
|
|
*
|
|
* Declares states of the Secure Boot.
|
|
*
|
|
* Since: 47
|
|
**/
|
|
typedef enum {
|
|
GS_SECUREBOOT_STATE_UNKNOWN = 0,
|
|
GS_SECUREBOOT_STATE_DISABLED = 1,
|
|
GS_SECUREBOOT_STATE_ENABLED,
|
|
GS_SECUREBOOT_STATE_NOT_SUPPORTED
|
|
} GsSecurebootState;
|
|
|
|
void gs_dkms_get_key_state_async (GsDkmsKeyKind key_kind,
|
|
GCancellable *cancellable,
|
|
GAsyncReadyCallback callback,
|
|
gpointer user_data);
|
|
GsDkmsState gs_dkms_get_key_state_finish (GAsyncResult *result,
|
|
GError **error);
|
|
void gs_dkms_enroll_async (GsDkmsKeyKind key_kind,
|
|
const gchar *password,
|
|
GCancellable *cancellable,
|
|
GAsyncReadyCallback callback,
|
|
gpointer user_data);
|
|
GsDkmsState gs_dkms_enroll_finish (GAsyncResult *result,
|
|
GError **error);
|
|
void gs_dkms_get_secureboot_state_async (GCancellable *cancellable,
|
|
GAsyncReadyCallback callback,
|
|
gpointer user_data);
|
|
GsSecurebootState gs_dkms_get_secureboot_state_finish (GAsyncResult *result,
|
|
GError **error);
|
|
GsSecurebootState gs_dkms_get_last_secureboot_state (void);
|
|
gchar * gs_dkms_get_dkms_key_path (void);
|
|
gchar * gs_dkms_get_dkms_key_filename (void);
|
|
|
|
G_END_DECLS
|