blob: 5c0e2b622db4a778cc30f03f68786a99d0419775 [file] [log] [blame]
AKASHI Takahirob4adf622019-11-13 09:45:00 +09001// SPDX-License-Identifier: GPL-2.0-or-later
2/* Instantiate a public key crypto key from an X.509 Certificate
3 *
4 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
6 */
7
8#define pr_fmt(fmt) "X.509: "fmt
9#ifdef __UBOOT__
10#include <common.h>
AKASHI Takahiro6244b3c2020-07-21 19:35:18 +090011#include <image.h>
Simon Glass61b29b82020-02-03 07:36:15 -070012#include <dm/devres.h>
AKASHI Takahirob4adf622019-11-13 09:45:00 +090013#include <linux/compat.h>
Simon Glass61b29b82020-02-03 07:36:15 -070014#include <linux/err.h>
AKASHI Takahirob4adf622019-11-13 09:45:00 +090015#include <linux/errno.h>
16#else
17#include <linux/module.h>
18#endif
19#include <linux/kernel.h>
AKASHI Takahiroe3f5c9c2020-04-21 09:38:17 +090020#ifdef __UBOOT__
21#include <crypto/x509_parser.h>
Alexandru Gagniuc0bcb28d2021-02-19 12:45:10 -060022#include <u-boot/hash-checksum.h>
AKASHI Takahiroe3f5c9c2020-04-21 09:38:17 +090023#else
AKASHI Takahirob4adf622019-11-13 09:45:00 +090024#include <linux/slab.h>
25#include <keys/asymmetric-subtype.h>
26#include <keys/asymmetric-parser.h>
27#include <keys/system_keyring.h>
28#include <crypto/hash.h>
29#include "asymmetric_keys.h"
AKASHI Takahirob4adf622019-11-13 09:45:00 +090030#include "x509_parser.h"
AKASHI Takahiroe3f5c9c2020-04-21 09:38:17 +090031#endif
AKASHI Takahirob4adf622019-11-13 09:45:00 +090032
33/*
34 * Set up the signature parameters in an X.509 certificate. This involves
35 * digesting the signed data and extracting the signature.
36 */
37int x509_get_sig_params(struct x509_certificate *cert)
38{
39 struct public_key_signature *sig = cert->sig;
AKASHI Takahiro6244b3c2020-07-21 19:35:18 +090040#ifdef __UBOOT__
41 struct image_region region;
42#else
AKASHI Takahirob4adf622019-11-13 09:45:00 +090043 struct crypto_shash *tfm;
44 struct shash_desc *desc;
45 size_t desc_size;
46#endif
47 int ret;
48
49 pr_devel("==>%s()\n", __func__);
50
51 if (!cert->pub->pkey_algo)
52 cert->unsupported_key = true;
53
54 if (!sig->pkey_algo)
55 cert->unsupported_sig = true;
56
57 /* We check the hash if we can - even if we can't then verify it */
58 if (!sig->hash_algo) {
59 cert->unsupported_sig = true;
60 return 0;
61 }
62
63 sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL);
64 if (!sig->s)
65 return -ENOMEM;
66
67 sig->s_size = cert->raw_sig_size;
68
69#ifdef __UBOOT__
AKASHI Takahiro6244b3c2020-07-21 19:35:18 +090070 if (!sig->hash_algo)
71 return -ENOPKG;
72 if (!strcmp(sig->hash_algo, "sha256"))
73 sig->digest_size = SHA256_SUM_LEN;
Dhananjay Phadkee146a2c2022-03-15 10:19:32 -070074 else if (!strcmp(sig->hash_algo, "sha384"))
75 sig->digest_size = SHA384_SUM_LEN;
76 else if (!strcmp(sig->hash_algo, "sha512"))
77 sig->digest_size = SHA512_SUM_LEN;
AKASHI Takahiro6244b3c2020-07-21 19:35:18 +090078 else if (!strcmp(sig->hash_algo, "sha1"))
79 sig->digest_size = SHA1_SUM_LEN;
80 else
81 return -ENOPKG;
82
83 sig->digest = calloc(1, sig->digest_size);
84 if (!sig->digest)
85 return -ENOMEM;
86
87 region.data = cert->tbs;
88 region.size = cert->tbs_size;
89 hash_calculate(sig->hash_algo, &region, 1, sig->digest);
90
91 /* TODO: is_hash_blacklisted()? */
92
AKASHI Takahirob4adf622019-11-13 09:45:00 +090093 ret = 0;
94#else
95 /* Allocate the hashing algorithm we're going to need and find out how
96 * big the hash operational data will be.
97 */
98 tfm = crypto_alloc_shash(sig->hash_algo, 0, 0);
99 if (IS_ERR(tfm)) {
100 if (PTR_ERR(tfm) == -ENOENT) {
101 cert->unsupported_sig = true;
102 return 0;
103 }
104 return PTR_ERR(tfm);
105 }
106
107 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc);
108 sig->digest_size = crypto_shash_digestsize(tfm);
109
110 ret = -ENOMEM;
111 sig->digest = kmalloc(sig->digest_size, GFP_KERNEL);
112 if (!sig->digest)
113 goto error;
114
115 desc = kzalloc(desc_size, GFP_KERNEL);
116 if (!desc)
117 goto error;
118
119 desc->tfm = tfm;
120
121 ret = crypto_shash_digest(desc, cert->tbs, cert->tbs_size, sig->digest);
122 if (ret < 0)
123 goto error_2;
124
125 ret = is_hash_blacklisted(sig->digest, sig->digest_size, "tbs");
126 if (ret == -EKEYREJECTED) {
127 pr_err("Cert %*phN is blacklisted\n",
128 sig->digest_size, sig->digest);
129 cert->blacklisted = true;
130 ret = 0;
131 }
132
133error_2:
134 kfree(desc);
135error:
136 crypto_free_shash(tfm);
137#endif /* __UBOOT__ */
138 pr_devel("<==%s() = %d\n", __func__, ret);
139 return ret;
140}
141
AKASHI Takahirob4adf622019-11-13 09:45:00 +0900142/*
143 * Check for self-signedness in an X.509 cert and if found, check the signature
144 * immediately if we can.
145 */
146int x509_check_for_self_signed(struct x509_certificate *cert)
147{
148 int ret = 0;
149
150 pr_devel("==>%s()\n", __func__);
151
152 if (cert->raw_subject_size != cert->raw_issuer_size ||
153 memcmp(cert->raw_subject, cert->raw_issuer,
154 cert->raw_issuer_size) != 0)
155 goto not_self_signed;
156
157 if (cert->sig->auth_ids[0] || cert->sig->auth_ids[1]) {
158 /* If the AKID is present it may have one or two parts. If
159 * both are supplied, both must match.
160 */
161 bool a = asymmetric_key_id_same(cert->skid, cert->sig->auth_ids[1]);
162 bool b = asymmetric_key_id_same(cert->id, cert->sig->auth_ids[0]);
163
164 if (!a && !b)
165 goto not_self_signed;
166
167 ret = -EKEYREJECTED;
168 if (((a && !b) || (b && !a)) &&
169 cert->sig->auth_ids[0] && cert->sig->auth_ids[1])
170 goto out;
171 }
172
173 ret = -EKEYREJECTED;
174 if (strcmp(cert->pub->pkey_algo, cert->sig->pkey_algo) != 0)
175 goto out;
176
177 ret = public_key_verify_signature(cert->pub, cert->sig);
178 if (ret < 0) {
179 if (ret == -ENOPKG) {
180 cert->unsupported_sig = true;
181 ret = 0;
182 }
183 goto out;
184 }
185
186 pr_devel("Cert Self-signature verified");
187 cert->self_signed = true;
188
189out:
190 pr_devel("<==%s() = %d\n", __func__, ret);
191 return ret;
192
193not_self_signed:
194 pr_devel("<==%s() = 0 [not]\n", __func__);
195 return 0;
196}
197
AKASHI Takahiro6244b3c2020-07-21 19:35:18 +0900198#ifndef __UBOOT__
AKASHI Takahirob4adf622019-11-13 09:45:00 +0900199/*
200 * Attempt to parse a data blob for a key as an X509 certificate.
201 */
202static int x509_key_preparse(struct key_preparsed_payload *prep)
203{
204 struct asymmetric_key_ids *kids;
205 struct x509_certificate *cert;
206 const char *q;
207 size_t srlen, sulen;
208 char *desc = NULL, *p;
209 int ret;
210
211 cert = x509_cert_parse(prep->data, prep->datalen);
212 if (IS_ERR(cert))
213 return PTR_ERR(cert);
214
215 pr_devel("Cert Issuer: %s\n", cert->issuer);
216 pr_devel("Cert Subject: %s\n", cert->subject);
217
218 if (cert->unsupported_key) {
219 ret = -ENOPKG;
220 goto error_free_cert;
221 }
222
223 pr_devel("Cert Key Algo: %s\n", cert->pub->pkey_algo);
224 pr_devel("Cert Valid period: %lld-%lld\n", cert->valid_from, cert->valid_to);
225
226 cert->pub->id_type = "X509";
227
228 if (cert->unsupported_sig) {
229 public_key_signature_free(cert->sig);
230 cert->sig = NULL;
231 } else {
232 pr_devel("Cert Signature: %s + %s\n",
233 cert->sig->pkey_algo, cert->sig->hash_algo);
234 }
235
236 /* Don't permit addition of blacklisted keys */
237 ret = -EKEYREJECTED;
238 if (cert->blacklisted)
239 goto error_free_cert;
240
241 /* Propose a description */
242 sulen = strlen(cert->subject);
243 if (cert->raw_skid) {
244 srlen = cert->raw_skid_size;
245 q = cert->raw_skid;
246 } else {
247 srlen = cert->raw_serial_size;
248 q = cert->raw_serial;
249 }
250
251 ret = -ENOMEM;
252 desc = kmalloc(sulen + 2 + srlen * 2 + 1, GFP_KERNEL);
253 if (!desc)
254 goto error_free_cert;
255 p = memcpy(desc, cert->subject, sulen);
256 p += sulen;
257 *p++ = ':';
258 *p++ = ' ';
259 p = bin2hex(p, q, srlen);
260 *p = 0;
261
262 kids = kmalloc(sizeof(struct asymmetric_key_ids), GFP_KERNEL);
263 if (!kids)
264 goto error_free_desc;
265 kids->id[0] = cert->id;
266 kids->id[1] = cert->skid;
267
268 /* We're pinning the module by being linked against it */
269 __module_get(public_key_subtype.owner);
270 prep->payload.data[asym_subtype] = &public_key_subtype;
271 prep->payload.data[asym_key_ids] = kids;
272 prep->payload.data[asym_crypto] = cert->pub;
273 prep->payload.data[asym_auth] = cert->sig;
274 prep->description = desc;
275 prep->quotalen = 100;
276
277 /* We've finished with the certificate */
278 cert->pub = NULL;
279 cert->id = NULL;
280 cert->skid = NULL;
281 cert->sig = NULL;
282 desc = NULL;
283 ret = 0;
284
285error_free_desc:
286 kfree(desc);
287error_free_cert:
288 x509_free_certificate(cert);
289 return ret;
290}
291
292static struct asymmetric_key_parser x509_key_parser = {
293 .owner = THIS_MODULE,
294 .name = "x509",
295 .parse = x509_key_preparse,
296};
297
298/*
299 * Module stuff
300 */
301static int __init x509_key_init(void)
302{
303 return register_asymmetric_key_parser(&x509_key_parser);
304}
305
306static void __exit x509_key_exit(void)
307{
308 unregister_asymmetric_key_parser(&x509_key_parser);
309}
310
311module_init(x509_key_init);
312module_exit(x509_key_exit);
313#endif /* !__UBOOT__ */
314
315MODULE_DESCRIPTION("X.509 certificate parser");
316MODULE_AUTHOR("Red Hat, Inc.");
317MODULE_LICENSE("GPL");