Linux Audio

Check our new training course

Open Menu / security / integrity / digsig_asymmetric.c
Loading...
v5.4
  1// SPDX-License-Identifier: GPL-2.0-only
  2/*
  3 * Copyright (C) 2013 Intel Corporation
  4 *
  5 * Author:
  6 * Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 
 
 
 
 
  7 */
  8
  9#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
 10
 11#include <linux/err.h>
 12#include <linux/ratelimit.h>
 13#include <linux/key-type.h>
 14#include <crypto/public_key.h>
 15#include <crypto/hash_info.h>
 16#include <keys/asymmetric-type.h>
 17#include <keys/system_keyring.h>
 18
 19#include "integrity.h"
 20
 21/*
 22 * Request an asymmetric key.
 23 */
 24static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
 25{
 26	struct key *key;
 27	char name[12];
 28
 29	sprintf(name, "id:%08x", keyid);
 30
 31	pr_debug("key search: \"%s\"\n", name);
 32
 33	key = get_ima_blacklist_keyring();
 34	if (key) {
 35		key_ref_t kref;
 36
 37		kref = keyring_search(make_key_ref(key, 1),
 38				      &key_type_asymmetric, name, true);
 39		if (!IS_ERR(kref)) {
 40			pr_err("Key '%s' is in ima_blacklist_keyring\n", name);
 41			return ERR_PTR(-EKEYREJECTED);
 42		}
 43	}
 44
 45	if (keyring) {
 46		/* search in specific keyring */
 47		key_ref_t kref;
 48
 49		kref = keyring_search(make_key_ref(keyring, 1),
 50				      &key_type_asymmetric, name, true);
 51		if (IS_ERR(kref))
 52			key = ERR_CAST(kref);
 53		else
 54			key = key_ref_to_ptr(kref);
 55	} else {
 56		key = request_key(&key_type_asymmetric, name, NULL);
 57	}
 58
 59	if (IS_ERR(key)) {
 60		pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
 61				   name, PTR_ERR(key));
 62		switch (PTR_ERR(key)) {
 63			/* Hide some search errors */
 64		case -EACCES:
 65		case -ENOTDIR:
 66		case -EAGAIN:
 67			return ERR_PTR(-ENOKEY);
 68		default:
 69			return key;
 70		}
 71	}
 72
 73	pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key));
 74
 75	return key;
 76}
 77
 78int asymmetric_verify(struct key *keyring, const char *sig,
 79		      int siglen, const char *data, int datalen)
 80{
 81	struct public_key_signature pks;
 82	struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
 83	struct key *key;
 84	int ret = -ENOMEM;
 85
 86	if (siglen <= sizeof(*hdr))
 87		return -EBADMSG;
 88
 89	siglen -= sizeof(*hdr);
 90
 91	if (siglen != be16_to_cpu(hdr->sig_size))
 92		return -EBADMSG;
 93
 94	if (hdr->hash_algo >= HASH_ALGO__LAST)
 95		return -ENOPKG;
 96
 97	key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid));
 98	if (IS_ERR(key))
 99		return PTR_ERR(key);
100
101	memset(&pks, 0, sizeof(pks));
102
 
103	pks.hash_algo = hash_algo_name[hdr->hash_algo];
104	if (hdr->hash_algo == HASH_ALGO_STREEBOG_256 ||
105	    hdr->hash_algo == HASH_ALGO_STREEBOG_512) {
106		/* EC-RDSA and Streebog should go together. */
107		pks.pkey_algo = "ecrdsa";
108		pks.encoding = "raw";
109	} else {
110		pks.pkey_algo = "rsa";
111		pks.encoding = "pkcs1";
112	}
113	pks.digest = (u8 *)data;
114	pks.digest_size = datalen;
115	pks.s = hdr->sig;
116	pks.s_size = siglen;
117	ret = verify_signature(key, &pks);
118	key_put(key);
119	pr_debug("%s() = %d\n", __func__, ret);
120	return ret;
121}
122
123/**
124 * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests
125 * @kmod_name: kernel module name
126 *
127 * We have situation, when public_key_verify_signature() in case of RSA
128 * algorithm use alg_name to store internal information in order to
129 * construct an algorithm on the fly, but crypto_larval_lookup() will try
130 * to use alg_name in order to load kernel module with same name.
131 * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules,
132 * we are safe to fail such module request from crypto_larval_lookup().
133 *
134 * In this way we prevent modprobe execution during digsig verification
135 * and avoid possible deadlock if modprobe and/or it's dependencies
136 * also signed with digsig.
137 */
138int integrity_kernel_module_request(char *kmod_name)
139{
140	if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0)
141		return -EINVAL;
142
143	return 0;
144}
v4.6
 
  1/*
  2 * Copyright (C) 2013 Intel Corporation
  3 *
  4 * Author:
  5 * Dmitry Kasatkin <dmitry.kasatkin@intel.com>
  6 *
  7 * This program is free software; you can redistribute it and/or modify
  8 * it under the terms of the GNU General Public License as published by
  9 * the Free Software Foundation, version 2 of the License.
 10 *
 11 */
 12
 13#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
 14
 15#include <linux/err.h>
 16#include <linux/ratelimit.h>
 17#include <linux/key-type.h>
 18#include <crypto/public_key.h>
 19#include <crypto/hash_info.h>
 20#include <keys/asymmetric-type.h>
 21#include <keys/system_keyring.h>
 22
 23#include "integrity.h"
 24
 25/*
 26 * Request an asymmetric key.
 27 */
 28static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
 29{
 30	struct key *key;
 31	char name[12];
 32
 33	sprintf(name, "id:%08x", keyid);
 34
 35	pr_debug("key search: \"%s\"\n", name);
 36
 37	key = get_ima_blacklist_keyring();
 38	if (key) {
 39		key_ref_t kref;
 40
 41		kref = keyring_search(make_key_ref(key, 1),
 42				     &key_type_asymmetric, name);
 43		if (!IS_ERR(kref)) {
 44			pr_err("Key '%s' is in ima_blacklist_keyring\n", name);
 45			return ERR_PTR(-EKEYREJECTED);
 46		}
 47	}
 48
 49	if (keyring) {
 50		/* search in specific keyring */
 51		key_ref_t kref;
 52
 53		kref = keyring_search(make_key_ref(keyring, 1),
 54				      &key_type_asymmetric, name);
 55		if (IS_ERR(kref))
 56			key = ERR_CAST(kref);
 57		else
 58			key = key_ref_to_ptr(kref);
 59	} else {
 60		key = request_key(&key_type_asymmetric, name, NULL);
 61	}
 62
 63	if (IS_ERR(key)) {
 64		pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
 65				   name, PTR_ERR(key));
 66		switch (PTR_ERR(key)) {
 67			/* Hide some search errors */
 68		case -EACCES:
 69		case -ENOTDIR:
 70		case -EAGAIN:
 71			return ERR_PTR(-ENOKEY);
 72		default:
 73			return key;
 74		}
 75	}
 76
 77	pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key));
 78
 79	return key;
 80}
 81
 82int asymmetric_verify(struct key *keyring, const char *sig,
 83		      int siglen, const char *data, int datalen)
 84{
 85	struct public_key_signature pks;
 86	struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
 87	struct key *key;
 88	int ret = -ENOMEM;
 89
 90	if (siglen <= sizeof(*hdr))
 91		return -EBADMSG;
 92
 93	siglen -= sizeof(*hdr);
 94
 95	if (siglen != __be16_to_cpu(hdr->sig_size))
 96		return -EBADMSG;
 97
 98	if (hdr->hash_algo >= HASH_ALGO__LAST)
 99		return -ENOPKG;
100
101	key = request_asymmetric_key(keyring, __be32_to_cpu(hdr->keyid));
102	if (IS_ERR(key))
103		return PTR_ERR(key);
104
105	memset(&pks, 0, sizeof(pks));
106
107	pks.pkey_algo = "rsa";
108	pks.hash_algo = hash_algo_name[hdr->hash_algo];
 
 
 
 
 
 
 
 
 
109	pks.digest = (u8 *)data;
110	pks.digest_size = datalen;
111	pks.s = hdr->sig;
112	pks.s_size = siglen;
113	ret = verify_signature(key, &pks);
114	key_put(key);
115	pr_debug("%s() = %d\n", __func__, ret);
116	return ret;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
117}