1 /* Instantiate a public key crypto key from an X.509 Certificate 2 * 3 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12 #define pr_fmt(fmt) "X.509: "fmt 13 #include <linux/module.h> 14 #include <linux/kernel.h> 15 #include <linux/slab.h> 16 #include <linux/err.h> 17 #include <linux/mpi.h> 18 #include <linux/asn1_decoder.h> 19 #include <keys/asymmetric-subtype.h> 20 #include <keys/asymmetric-parser.h> 21 #include <keys/system_keyring.h> 22 #include <crypto/hash.h> 23 #include "asymmetric_keys.h" 24 #include "public_key.h" 25 #include "x509_parser.h" 26 27 static bool use_builtin_keys; 28 static struct asymmetric_key_id *ca_keyid; 29 30 #ifndef MODULE 31 static struct { 32 struct asymmetric_key_id id; 33 unsigned char data[10]; 34 } cakey; 35 36 static int __init ca_keys_setup(char *str) 37 { 38 if (!str) /* default system keyring */ 39 return 1; 40 41 if (strncmp(str, "id:", 3) == 0) { 42 struct asymmetric_key_id *p = &cakey.id; 43 size_t hexlen = (strlen(str) - 3) / 2; 44 int ret; 45 46 if (hexlen == 0 || hexlen > sizeof(cakey.data)) { 47 pr_err("Missing or invalid ca_keys id\n"); 48 return 1; 49 } 50 51 ret = __asymmetric_key_hex_to_key_id(str + 3, p, hexlen); 52 if (ret < 0) 53 pr_err("Unparsable ca_keys id hex string\n"); 54 else 55 ca_keyid = p; /* owner key 'id:xxxxxx' */ 56 } else if (strcmp(str, "builtin") == 0) { 57 use_builtin_keys = true; 58 } 59 60 return 1; 61 } 62 __setup("ca_keys=", ca_keys_setup); 63 #endif 64 65 /** 66 * x509_request_asymmetric_key - Request a key by X.509 certificate params. 67 * @keyring: The keys to search. 68 * @id: The issuer & serialNumber to look for or NULL. 69 * @skid: The subjectKeyIdentifier to look for or NULL. 70 * @partial: Use partial match if true, exact if false. 71 * 72 * Find a key in the given keyring by identifier. The preferred identifier is 73 * the issuer + serialNumber and the fallback identifier is the 74 * subjectKeyIdentifier. If both are given, the lookup is by the former, but 75 * the latter must also match. 76 */ 77 struct key *x509_request_asymmetric_key(struct key *keyring, 78 const struct asymmetric_key_id *id, 79 const struct asymmetric_key_id *skid, 80 bool partial) 81 { 82 struct key *key; 83 key_ref_t ref; 84 const char *lookup; 85 char *req, *p; 86 int len; 87 88 if (id) { 89 lookup = id->data; 90 len = id->len; 91 } else { 92 lookup = skid->data; 93 len = skid->len; 94 } 95 96 /* Construct an identifier "id:<keyid>". */ 97 p = req = kmalloc(2 + 1 + len * 2 + 1, GFP_KERNEL); 98 if (!req) 99 return ERR_PTR(-ENOMEM); 100 101 if (partial) { 102 *p++ = 'i'; 103 *p++ = 'd'; 104 } else { 105 *p++ = 'e'; 106 *p++ = 'x'; 107 } 108 *p++ = ':'; 109 p = bin2hex(p, lookup, len); 110 *p = 0; 111 112 pr_debug("Look up: \"%s\"\n", req); 113 114 ref = keyring_search(make_key_ref(keyring, 1), 115 &key_type_asymmetric, req); 116 if (IS_ERR(ref)) 117 pr_debug("Request for key '%s' err %ld\n", req, PTR_ERR(ref)); 118 kfree(req); 119 120 if (IS_ERR(ref)) { 121 switch (PTR_ERR(ref)) { 122 /* Hide some search errors */ 123 case -EACCES: 124 case -ENOTDIR: 125 case -EAGAIN: 126 return ERR_PTR(-ENOKEY); 127 default: 128 return ERR_CAST(ref); 129 } 130 } 131 132 key = key_ref_to_ptr(ref); 133 if (id && skid) { 134 const struct asymmetric_key_ids *kids = asymmetric_key_ids(key); 135 if (!kids->id[1]) { 136 pr_debug("issuer+serial match, but expected SKID missing\n"); 137 goto reject; 138 } 139 if (!asymmetric_key_id_same(skid, kids->id[1])) { 140 pr_debug("issuer+serial match, but SKID does not\n"); 141 goto reject; 142 } 143 } 144 145 pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key)); 146 return key; 147 148 reject: 149 key_put(key); 150 return ERR_PTR(-EKEYREJECTED); 151 } 152 EXPORT_SYMBOL_GPL(x509_request_asymmetric_key); 153 154 /* 155 * Set up the signature parameters in an X.509 certificate. This involves 156 * digesting the signed data and extracting the signature. 157 */ 158 int x509_get_sig_params(struct x509_certificate *cert) 159 { 160 struct crypto_shash *tfm; 161 struct shash_desc *desc; 162 size_t digest_size, desc_size; 163 void *digest; 164 int ret; 165 166 pr_devel("==>%s()\n", __func__); 167 168 if (cert->unsupported_crypto) 169 return -ENOPKG; 170 if (cert->sig.rsa.s) 171 return 0; 172 173 cert->sig.rsa.s = mpi_read_raw_data(cert->raw_sig, cert->raw_sig_size); 174 if (!cert->sig.rsa.s) 175 return -ENOMEM; 176 cert->sig.nr_mpi = 1; 177 178 /* Allocate the hashing algorithm we're going to need and find out how 179 * big the hash operational data will be. 180 */ 181 tfm = crypto_alloc_shash(hash_algo_name[cert->sig.pkey_hash_algo], 0, 0); 182 if (IS_ERR(tfm)) { 183 if (PTR_ERR(tfm) == -ENOENT) { 184 cert->unsupported_crypto = true; 185 return -ENOPKG; 186 } 187 return PTR_ERR(tfm); 188 } 189 190 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); 191 digest_size = crypto_shash_digestsize(tfm); 192 193 /* We allocate the hash operational data storage on the end of the 194 * digest storage space. 195 */ 196 ret = -ENOMEM; 197 digest = kzalloc(ALIGN(digest_size, __alignof__(*desc)) + desc_size, 198 GFP_KERNEL); 199 if (!digest) 200 goto error; 201 202 cert->sig.digest = digest; 203 cert->sig.digest_size = digest_size; 204 205 desc = PTR_ALIGN(digest + digest_size, __alignof__(*desc)); 206 desc->tfm = tfm; 207 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; 208 209 ret = crypto_shash_init(desc); 210 if (ret < 0) 211 goto error; 212 might_sleep(); 213 ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, digest); 214 error: 215 crypto_free_shash(tfm); 216 pr_devel("<==%s() = %d\n", __func__, ret); 217 return ret; 218 } 219 EXPORT_SYMBOL_GPL(x509_get_sig_params); 220 221 /* 222 * Check the signature on a certificate using the provided public key 223 */ 224 int x509_check_signature(const struct public_key *pub, 225 struct x509_certificate *cert) 226 { 227 int ret; 228 229 pr_devel("==>%s()\n", __func__); 230 231 ret = x509_get_sig_params(cert); 232 if (ret < 0) 233 return ret; 234 235 ret = public_key_verify_signature(pub, &cert->sig); 236 if (ret == -ENOPKG) 237 cert->unsupported_crypto = true; 238 pr_debug("Cert Verification: %d\n", ret); 239 return ret; 240 } 241 EXPORT_SYMBOL_GPL(x509_check_signature); 242 243 /* 244 * Check the new certificate against the ones in the trust keyring. If one of 245 * those is the signing key and validates the new certificate, then mark the 246 * new certificate as being trusted. 247 * 248 * Return 0 if the new certificate was successfully validated, 1 if we couldn't 249 * find a matching parent certificate in the trusted list and an error if there 250 * is a matching certificate but the signature check fails. 251 */ 252 static int x509_validate_trust(struct x509_certificate *cert, 253 struct key *trust_keyring) 254 { 255 struct key *key; 256 int ret = 1; 257 258 if (!trust_keyring) 259 return -EOPNOTSUPP; 260 261 if (ca_keyid && !asymmetric_key_id_partial(cert->akid_skid, ca_keyid)) 262 return -EPERM; 263 264 key = x509_request_asymmetric_key(trust_keyring, 265 cert->akid_id, cert->akid_skid, 266 false); 267 if (!IS_ERR(key)) { 268 if (!use_builtin_keys 269 || test_bit(KEY_FLAG_BUILTIN, &key->flags)) 270 ret = x509_check_signature(key->payload.data[asym_crypto], 271 cert); 272 key_put(key); 273 } 274 return ret; 275 } 276 277 /* 278 * Attempt to parse a data blob for a key as an X509 certificate. 279 */ 280 static int x509_key_preparse(struct key_preparsed_payload *prep) 281 { 282 struct asymmetric_key_ids *kids; 283 struct x509_certificate *cert; 284 const char *q; 285 size_t srlen, sulen; 286 char *desc = NULL, *p; 287 int ret; 288 289 cert = x509_cert_parse(prep->data, prep->datalen); 290 if (IS_ERR(cert)) 291 return PTR_ERR(cert); 292 293 pr_devel("Cert Issuer: %s\n", cert->issuer); 294 pr_devel("Cert Subject: %s\n", cert->subject); 295 296 if (cert->pub->pkey_algo >= PKEY_ALGO__LAST || 297 cert->sig.pkey_algo >= PKEY_ALGO__LAST || 298 cert->sig.pkey_hash_algo >= PKEY_HASH__LAST || 299 !pkey_algo[cert->pub->pkey_algo] || 300 !pkey_algo[cert->sig.pkey_algo] || 301 !hash_algo_name[cert->sig.pkey_hash_algo]) { 302 ret = -ENOPKG; 303 goto error_free_cert; 304 } 305 306 pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]); 307 pr_devel("Cert Valid period: %lld-%lld\n", cert->valid_from, cert->valid_to); 308 pr_devel("Cert Signature: %s + %s\n", 309 pkey_algo_name[cert->sig.pkey_algo], 310 hash_algo_name[cert->sig.pkey_hash_algo]); 311 312 cert->pub->algo = pkey_algo[cert->pub->pkey_algo]; 313 cert->pub->id_type = PKEY_ID_X509; 314 315 /* Check the signature on the key if it appears to be self-signed */ 316 if ((!cert->akid_skid && !cert->akid_id) || 317 asymmetric_key_id_same(cert->skid, cert->akid_skid) || 318 asymmetric_key_id_same(cert->id, cert->akid_id)) { 319 ret = x509_check_signature(cert->pub, cert); /* self-signed */ 320 if (ret < 0) 321 goto error_free_cert; 322 } else if (!prep->trusted) { 323 ret = x509_validate_trust(cert, get_system_trusted_keyring()); 324 if (!ret) 325 prep->trusted = 1; 326 } 327 328 /* Propose a description */ 329 sulen = strlen(cert->subject); 330 if (cert->raw_skid) { 331 srlen = cert->raw_skid_size; 332 q = cert->raw_skid; 333 } else { 334 srlen = cert->raw_serial_size; 335 q = cert->raw_serial; 336 } 337 338 ret = -ENOMEM; 339 desc = kmalloc(sulen + 2 + srlen * 2 + 1, GFP_KERNEL); 340 if (!desc) 341 goto error_free_cert; 342 p = memcpy(desc, cert->subject, sulen); 343 p += sulen; 344 *p++ = ':'; 345 *p++ = ' '; 346 p = bin2hex(p, q, srlen); 347 *p = 0; 348 349 kids = kmalloc(sizeof(struct asymmetric_key_ids), GFP_KERNEL); 350 if (!kids) 351 goto error_free_desc; 352 kids->id[0] = cert->id; 353 kids->id[1] = cert->skid; 354 355 /* We're pinning the module by being linked against it */ 356 __module_get(public_key_subtype.owner); 357 prep->payload.data[asym_subtype] = &public_key_subtype; 358 prep->payload.data[asym_key_ids] = kids; 359 prep->payload.data[asym_crypto] = cert->pub; 360 prep->description = desc; 361 prep->quotalen = 100; 362 363 /* We've finished with the certificate */ 364 cert->pub = NULL; 365 cert->id = NULL; 366 cert->skid = NULL; 367 desc = NULL; 368 ret = 0; 369 370 error_free_desc: 371 kfree(desc); 372 error_free_cert: 373 x509_free_certificate(cert); 374 return ret; 375 } 376 377 static struct asymmetric_key_parser x509_key_parser = { 378 .owner = THIS_MODULE, 379 .name = "x509", 380 .parse = x509_key_preparse, 381 }; 382 383 /* 384 * Module stuff 385 */ 386 static int __init x509_key_init(void) 387 { 388 return register_asymmetric_key_parser(&x509_key_parser); 389 } 390 391 static void __exit x509_key_exit(void) 392 { 393 unregister_asymmetric_key_parser(&x509_key_parser); 394 } 395 396 module_init(x509_key_init); 397 module_exit(x509_key_exit); 398 399 MODULE_DESCRIPTION("X.509 certificate parser"); 400 MODULE_LICENSE("GPL"); 401