xref: /linux/security/integrity/digsig_asymmetric.c (revision 5ea5880764cbb164afb17a62e76ca75dc371409d) 
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Copyright (C) 2013 Intel Corporation
4  *
5  * Author:
6  * Dmitry Kasatkin <dmitry.kasatkin@intel.com>
7  */
8 
9 #include <linux/err.h>
10 #include <linux/ratelimit.h>
11 #include <linux/key-type.h>
12 #include <crypto/public_key.h>
13 #include <crypto/hash_info.h>
14 #include <keys/asymmetric-type.h>
15 #include <keys/system_keyring.h>
16 
17 #include "integrity.h"
18 
19 /*
20  * Request an asymmetric key.
21  */
22 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
23 {
24 	struct key *key;
25 	char name[12];
26 
27 	sprintf(name, "id:%08x", keyid);
28 
29 	pr_debug("key search: \"%s\"\n", name);
30 
31 	key = get_ima_blacklist_keyring();
32 	if (key) {
33 		key_ref_t kref;
34 
35 		kref = keyring_search(make_key_ref(key, 1),
36 				      &key_type_asymmetric, name, true);
37 		if (!IS_ERR(kref)) {
38 			pr_err("Key '%s' is in ima_blacklist_keyring\n", name);
39 			return ERR_PTR(-EKEYREJECTED);
40 		}
41 	}
42 
43 	if (keyring) {
44 		/* search in specific keyring */
45 		key_ref_t kref;
46 
47 		kref = keyring_search(make_key_ref(keyring, 1),
48 				      &key_type_asymmetric, name, true);
49 		if (IS_ERR(kref))
50 			key = ERR_CAST(kref);
51 		else
52 			key = key_ref_to_ptr(kref);
53 	} else {
54 		key = request_key(&key_type_asymmetric, name, NULL);
55 	}
56 
57 	if (IS_ERR(key)) {
58 		if (keyring)
59 			pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n",
60 					   name, keyring->description,
61 					   PTR_ERR(key));
62 		else
63 			pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
64 					   name, PTR_ERR(key));
65 
66 		switch (PTR_ERR(key)) {
67 			/* Hide some search errors */
68 		case -EACCES:
69 		case -ENOTDIR:
70 		case -EAGAIN:
71 			return ERR_PTR(-ENOKEY);
72 		default:
73 			return key;
74 		}
75 	}
76 
77 	pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key));
78 
79 	return key;
80 }
81 
82 int asymmetric_verify(struct key *keyring, const char *sig,
83 		      int siglen, const char *data, int datalen)
84 {
85 	struct public_key_signature pks;
86 	struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
87 	const struct public_key *pk;
88 	struct key *key;
89 	int ret;
90 
91 	if (siglen <= sizeof(*hdr))
92 		return -EBADMSG;
93 
94 	siglen -= sizeof(*hdr);
95 
96 	if (siglen != be16_to_cpu(hdr->sig_size))
97 		return -EBADMSG;
98 
99 	if (hdr->hash_algo >= HASH_ALGO__LAST)
100 		return -ENOPKG;
101 
102 	key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid));
103 	if (IS_ERR(key))
104 		return PTR_ERR(key);
105 
106 	memset(&pks, 0, sizeof(pks));
107 
108 	pks.hash_algo = hash_algo_name[hdr->hash_algo];
109 
110 	pk = asymmetric_key_public_key(key);
111 	pks.pkey_algo = pk->pkey_algo;
112 	if (!strcmp(pk->pkey_algo, "rsa")) {
113 		pks.encoding = "pkcs1";
114 	} else if (!strncmp(pk->pkey_algo, "ecdsa-", 6)) {
115 		/* edcsa-nist-p192 etc. */
116 		pks.encoding = "x962";
117 	} else if (!strcmp(pk->pkey_algo, "ecrdsa")) {
118 		pks.encoding = "raw";
119 	} else {
120 		ret = -ENOPKG;
121 		goto out;
122 	}
123 
124 	pks.m = (u8 *)data;
125 	pks.m_size = datalen;
126 	pks.s = hdr->sig;
127 	pks.s_size = siglen;
128 	ret = verify_signature(key, &pks);
129 out:
130 	key_put(key);
131 	pr_debug("%s() = %d\n", __func__, ret);
132 	return ret;
133 }
134 
135 /*
136  * calc_file_id_hash - calculate the hash of the ima_file_id struct data
137  * @type: xattr type [enum evm_ima_xattr_type]
138  * @algo: hash algorithm [enum hash_algo]
139  * @digest: pointer to the digest to be hashed
140  * @hash: (out) pointer to the hash
141  *
142  * IMA signature version 3 disambiguates the data that is signed by
143  * indirectly signing the hash of the ima_file_id structure data.
144  *
145  * Return 0 on success, error code otherwise.
146  */
147 static int calc_file_id_hash(enum evm_ima_xattr_type type,
148 			     enum hash_algo algo, const u8 *digest,
149 			     struct ima_max_digest_data *hash)
150 {
151 	struct ima_file_id file_id = {.hash_type = type, .hash_algorithm = algo};
152 	size_t digest_size = hash_digest_size[algo];
153 	struct crypto_shash *tfm;
154 	size_t file_id_size;
155 	int rc;
156 
157 	if (type != IMA_VERITY_DIGSIG && type != EVM_IMA_XATTR_DIGSIG &&
158 	    type != EVM_XATTR_PORTABLE_DIGSIG)
159 		return -EINVAL;
160 
161 	tfm = crypto_alloc_shash(hash_algo_name[algo], 0, 0);
162 	if (IS_ERR(tfm))
163 		return PTR_ERR(tfm);
164 
165 	memcpy(file_id.hash, digest, digest_size);
166 
167 	/* Calculate the ima_file_id struct hash on the portion used. */
168 	file_id_size = sizeof(file_id) - (HASH_MAX_DIGESTSIZE - digest_size);
169 
170 	hash->hdr.algo = algo;
171 	hash->hdr.length = digest_size;
172 	rc = crypto_shash_tfm_digest(tfm, (const u8 *)&file_id, file_id_size,
173 				     hash->digest);
174 
175 	crypto_free_shash(tfm);
176 	return rc;
177 }
178 
179 int asymmetric_verify_v3(struct key *keyring, const char *sig, int siglen,
180 			 const char *data, int datalen, u8 algo)
181 {
182 	struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
183 	struct ima_max_digest_data hash;
184 	int rc;
185 
186 	rc = calc_file_id_hash(hdr->type, algo, data, &hash);
187 	if (rc)
188 		return -EINVAL;
189 
190 	return asymmetric_verify(keyring, sig, siglen, hash.digest,
191 				 hash.hdr.length);
192 }
193