1 /* Testing module to load key from trusted PKCS#7 message 2 * 3 * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12 #define pr_fmt(fmt) "PKCS7key: "fmt 13 #include <linux/key.h> 14 #include <linux/err.h> 15 #include <linux/module.h> 16 #include <linux/verification.h> 17 #include <linux/key-type.h> 18 #include <keys/user-type.h> 19 20 MODULE_LICENSE("GPL"); 21 MODULE_DESCRIPTION("PKCS#7 testing key type"); 22 MODULE_AUTHOR("Red Hat, Inc."); 23 24 static unsigned pkcs7_usage; 25 module_param_named(usage, pkcs7_usage, uint, S_IWUSR | S_IRUGO); 26 MODULE_PARM_DESC(pkcs7_usage, 27 "Usage to specify when verifying the PKCS#7 message"); 28 29 /* 30 * Retrieve the PKCS#7 message content. 31 */ 32 static int pkcs7_view_content(void *ctx, const void *data, size_t len, 33 size_t asn1hdrlen) 34 { 35 struct key_preparsed_payload *prep = ctx; 36 const void *saved_prep_data; 37 size_t saved_prep_datalen; 38 int ret; 39 40 saved_prep_data = prep->data; 41 saved_prep_datalen = prep->datalen; 42 prep->data = data; 43 prep->datalen = len; 44 45 ret = user_preparse(prep); 46 47 prep->data = saved_prep_data; 48 prep->datalen = saved_prep_datalen; 49 return ret; 50 } 51 52 /* 53 * Preparse a PKCS#7 wrapped and validated data blob. 54 */ 55 static int pkcs7_preparse(struct key_preparsed_payload *prep) 56 { 57 enum key_being_used_for usage = pkcs7_usage; 58 59 if (usage >= NR__KEY_BEING_USED_FOR) { 60 pr_err("Invalid usage type %d\n", usage); 61 return -EINVAL; 62 } 63 64 return verify_pkcs7_signature(NULL, 0, 65 prep->data, prep->datalen, 66 (void *)1UL, usage, 67 pkcs7_view_content, prep); 68 } 69 70 /* 71 * user defined keys take an arbitrary string as the description and an 72 * arbitrary blob of data as the payload 73 */ 74 static struct key_type key_type_pkcs7 = { 75 .name = "pkcs7_test", 76 .preparse = pkcs7_preparse, 77 .free_preparse = user_free_preparse, 78 .instantiate = generic_key_instantiate, 79 .revoke = user_revoke, 80 .destroy = user_destroy, 81 .describe = user_describe, 82 .read = user_read, 83 }; 84 85 /* 86 * Module stuff 87 */ 88 static int __init pkcs7_key_init(void) 89 { 90 return register_key_type(&key_type_pkcs7); 91 } 92 93 static void __exit pkcs7_key_cleanup(void) 94 { 95 unregister_key_type(&key_type_pkcs7); 96 } 97 98 module_init(pkcs7_key_init); 99 module_exit(pkcs7_key_cleanup); 100