1 /* Instantiate a public key crypto key from an X.509 Certificate 2 * 3 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12 #define pr_fmt(fmt) "X.509: "fmt 13 #include <linux/module.h> 14 #include <linux/kernel.h> 15 #include <linux/slab.h> 16 #include <linux/err.h> 17 #include <linux/mpi.h> 18 #include <linux/asn1_decoder.h> 19 #include <keys/asymmetric-subtype.h> 20 #include <keys/asymmetric-parser.h> 21 #include <keys/system_keyring.h> 22 #include <crypto/hash.h> 23 #include "asymmetric_keys.h" 24 #include "public_key.h" 25 #include "x509_parser.h" 26 27 static bool use_builtin_keys; 28 static struct asymmetric_key_id *ca_keyid; 29 30 #ifndef MODULE 31 static struct { 32 struct asymmetric_key_id id; 33 unsigned char data[10]; 34 } cakey; 35 36 static int __init ca_keys_setup(char *str) 37 { 38 if (!str) /* default system keyring */ 39 return 1; 40 41 if (strncmp(str, "id:", 3) == 0) { 42 struct asymmetric_key_id *p = &cakey.id; 43 size_t hexlen = (strlen(str) - 3) / 2; 44 int ret; 45 46 if (hexlen == 0 || hexlen > sizeof(cakey.data)) { 47 pr_err("Missing or invalid ca_keys id\n"); 48 return 1; 49 } 50 51 ret = __asymmetric_key_hex_to_key_id(str + 3, p, hexlen); 52 if (ret < 0) 53 pr_err("Unparsable ca_keys id hex string\n"); 54 else 55 ca_keyid = p; /* owner key 'id:xxxxxx' */ 56 } else if (strcmp(str, "builtin") == 0) { 57 use_builtin_keys = true; 58 } 59 60 return 1; 61 } 62 __setup("ca_keys=", ca_keys_setup); 63 #endif 64 65 /** 66 * x509_request_asymmetric_key - Request a key by X.509 certificate params. 67 * @keyring: The keys to search. 68 * @id: The issuer & serialNumber to look for or NULL. 69 * @skid: The subjectKeyIdentifier to look for or NULL. 70 * @partial: Use partial match if true, exact if false. 71 * 72 * Find a key in the given keyring by identifier. The preferred identifier is 73 * the issuer + serialNumber and the fallback identifier is the 74 * subjectKeyIdentifier. If both are given, the lookup is by the former, but 75 * the latter must also match. 76 */ 77 struct key *x509_request_asymmetric_key(struct key *keyring, 78 const struct asymmetric_key_id *id, 79 const struct asymmetric_key_id *skid, 80 bool partial) 81 { 82 struct key *key; 83 key_ref_t ref; 84 const char *lookup; 85 char *req, *p; 86 int len; 87 88 if (id) { 89 lookup = id->data; 90 len = id->len; 91 } else { 92 lookup = skid->data; 93 len = skid->len; 94 } 95 96 /* Construct an identifier "id:<keyid>". */ 97 p = req = kmalloc(2 + 1 + len * 2 + 1, GFP_KERNEL); 98 if (!req) 99 return ERR_PTR(-ENOMEM); 100 101 if (partial) { 102 *p++ = 'i'; 103 *p++ = 'd'; 104 } else { 105 *p++ = 'e'; 106 *p++ = 'x'; 107 } 108 *p++ = ':'; 109 p = bin2hex(p, lookup, len); 110 *p = 0; 111 112 pr_debug("Look up: \"%s\"\n", req); 113 114 ref = keyring_search(make_key_ref(keyring, 1), 115 &key_type_asymmetric, req); 116 if (IS_ERR(ref)) 117 pr_debug("Request for key '%s' err %ld\n", req, PTR_ERR(ref)); 118 kfree(req); 119 120 if (IS_ERR(ref)) { 121 switch (PTR_ERR(ref)) { 122 /* Hide some search errors */ 123 case -EACCES: 124 case -ENOTDIR: 125 case -EAGAIN: 126 return ERR_PTR(-ENOKEY); 127 default: 128 return ERR_CAST(ref); 129 } 130 } 131 132 key = key_ref_to_ptr(ref); 133 if (id && skid) { 134 const struct asymmetric_key_ids *kids = asymmetric_key_ids(key); 135 if (!kids->id[1]) { 136 pr_debug("issuer+serial match, but expected SKID missing\n"); 137 goto reject; 138 } 139 if (!asymmetric_key_id_same(skid, kids->id[1])) { 140 pr_debug("issuer+serial match, but SKID does not\n"); 141 goto reject; 142 } 143 } 144 145 pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key)); 146 return key; 147 148 reject: 149 key_put(key); 150 return ERR_PTR(-EKEYREJECTED); 151 } 152 EXPORT_SYMBOL_GPL(x509_request_asymmetric_key); 153 154 /* 155 * Set up the signature parameters in an X.509 certificate. This involves 156 * digesting the signed data and extracting the signature. 157 */ 158 int x509_get_sig_params(struct x509_certificate *cert) 159 { 160 struct crypto_shash *tfm; 161 struct shash_desc *desc; 162 size_t digest_size, desc_size; 163 void *digest; 164 int ret; 165 166 pr_devel("==>%s()\n", __func__); 167 168 if (cert->unsupported_crypto) 169 return -ENOPKG; 170 if (cert->sig.rsa.s) 171 return 0; 172 173 cert->sig.rsa.s = mpi_read_raw_data(cert->raw_sig, cert->raw_sig_size); 174 if (!cert->sig.rsa.s) 175 return -ENOMEM; 176 cert->sig.nr_mpi = 1; 177 178 /* Allocate the hashing algorithm we're going to need and find out how 179 * big the hash operational data will be. 180 */ 181 tfm = crypto_alloc_shash(hash_algo_name[cert->sig.pkey_hash_algo], 0, 0); 182 if (IS_ERR(tfm)) { 183 if (PTR_ERR(tfm) == -ENOENT) { 184 cert->unsupported_crypto = true; 185 return -ENOPKG; 186 } 187 return PTR_ERR(tfm); 188 } 189 190 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc); 191 digest_size = crypto_shash_digestsize(tfm); 192 193 /* We allocate the hash operational data storage on the end of the 194 * digest storage space. 195 */ 196 ret = -ENOMEM; 197 digest = kzalloc(digest_size + desc_size, GFP_KERNEL); 198 if (!digest) 199 goto error; 200 201 cert->sig.digest = digest; 202 cert->sig.digest_size = digest_size; 203 204 desc = digest + digest_size; 205 desc->tfm = tfm; 206 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; 207 208 ret = crypto_shash_init(desc); 209 if (ret < 0) 210 goto error; 211 might_sleep(); 212 ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, digest); 213 error: 214 crypto_free_shash(tfm); 215 pr_devel("<==%s() = %d\n", __func__, ret); 216 return ret; 217 } 218 EXPORT_SYMBOL_GPL(x509_get_sig_params); 219 220 /* 221 * Check the signature on a certificate using the provided public key 222 */ 223 int x509_check_signature(const struct public_key *pub, 224 struct x509_certificate *cert) 225 { 226 int ret; 227 228 pr_devel("==>%s()\n", __func__); 229 230 ret = x509_get_sig_params(cert); 231 if (ret < 0) 232 return ret; 233 234 ret = public_key_verify_signature(pub, &cert->sig); 235 if (ret == -ENOPKG) 236 cert->unsupported_crypto = true; 237 pr_debug("Cert Verification: %d\n", ret); 238 return ret; 239 } 240 EXPORT_SYMBOL_GPL(x509_check_signature); 241 242 /* 243 * Check the new certificate against the ones in the trust keyring. If one of 244 * those is the signing key and validates the new certificate, then mark the 245 * new certificate as being trusted. 246 * 247 * Return 0 if the new certificate was successfully validated, 1 if we couldn't 248 * find a matching parent certificate in the trusted list and an error if there 249 * is a matching certificate but the signature check fails. 250 */ 251 static int x509_validate_trust(struct x509_certificate *cert, 252 struct key *trust_keyring) 253 { 254 struct key *key; 255 int ret = 1; 256 257 if (!trust_keyring) 258 return -EOPNOTSUPP; 259 260 if (ca_keyid && !asymmetric_key_id_partial(cert->akid_skid, ca_keyid)) 261 return -EPERM; 262 263 key = x509_request_asymmetric_key(trust_keyring, 264 cert->akid_id, cert->akid_skid, 265 false); 266 if (!IS_ERR(key)) { 267 if (!use_builtin_keys 268 || test_bit(KEY_FLAG_BUILTIN, &key->flags)) 269 ret = x509_check_signature(key->payload.data, cert); 270 key_put(key); 271 } 272 return ret; 273 } 274 275 /* 276 * Attempt to parse a data blob for a key as an X509 certificate. 277 */ 278 static int x509_key_preparse(struct key_preparsed_payload *prep) 279 { 280 struct asymmetric_key_ids *kids; 281 struct x509_certificate *cert; 282 const char *q; 283 size_t srlen, sulen; 284 char *desc = NULL, *p; 285 int ret; 286 287 cert = x509_cert_parse(prep->data, prep->datalen); 288 if (IS_ERR(cert)) 289 return PTR_ERR(cert); 290 291 pr_devel("Cert Issuer: %s\n", cert->issuer); 292 pr_devel("Cert Subject: %s\n", cert->subject); 293 294 if (cert->pub->pkey_algo >= PKEY_ALGO__LAST || 295 cert->sig.pkey_algo >= PKEY_ALGO__LAST || 296 cert->sig.pkey_hash_algo >= PKEY_HASH__LAST || 297 !pkey_algo[cert->pub->pkey_algo] || 298 !pkey_algo[cert->sig.pkey_algo] || 299 !hash_algo_name[cert->sig.pkey_hash_algo]) { 300 ret = -ENOPKG; 301 goto error_free_cert; 302 } 303 304 pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]); 305 pr_devel("Cert Valid period: %lld-%lld\n", cert->valid_from, cert->valid_to); 306 pr_devel("Cert Signature: %s + %s\n", 307 pkey_algo_name[cert->sig.pkey_algo], 308 hash_algo_name[cert->sig.pkey_hash_algo]); 309 310 cert->pub->algo = pkey_algo[cert->pub->pkey_algo]; 311 cert->pub->id_type = PKEY_ID_X509; 312 313 /* Check the signature on the key if it appears to be self-signed */ 314 if ((!cert->akid_skid && !cert->akid_id) || 315 asymmetric_key_id_same(cert->skid, cert->akid_skid) || 316 asymmetric_key_id_same(cert->id, cert->akid_id)) { 317 ret = x509_check_signature(cert->pub, cert); /* self-signed */ 318 if (ret < 0) 319 goto error_free_cert; 320 } else if (!prep->trusted) { 321 ret = x509_validate_trust(cert, get_system_trusted_keyring()); 322 if (!ret) 323 prep->trusted = 1; 324 } 325 326 /* Propose a description */ 327 sulen = strlen(cert->subject); 328 if (cert->raw_skid) { 329 srlen = cert->raw_skid_size; 330 q = cert->raw_skid; 331 } else { 332 srlen = cert->raw_serial_size; 333 q = cert->raw_serial; 334 } 335 if (srlen > 1 && *q == 0) { 336 srlen--; 337 q++; 338 } 339 340 ret = -ENOMEM; 341 desc = kmalloc(sulen + 2 + srlen * 2 + 1, GFP_KERNEL); 342 if (!desc) 343 goto error_free_cert; 344 p = memcpy(desc, cert->subject, sulen); 345 p += sulen; 346 *p++ = ':'; 347 *p++ = ' '; 348 p = bin2hex(p, q, srlen); 349 *p = 0; 350 351 kids = kmalloc(sizeof(struct asymmetric_key_ids), GFP_KERNEL); 352 if (!kids) 353 goto error_free_desc; 354 kids->id[0] = cert->id; 355 kids->id[1] = cert->skid; 356 357 /* We're pinning the module by being linked against it */ 358 __module_get(public_key_subtype.owner); 359 prep->type_data[0] = &public_key_subtype; 360 prep->type_data[1] = kids; 361 prep->payload[0] = cert->pub; 362 prep->description = desc; 363 prep->quotalen = 100; 364 365 /* We've finished with the certificate */ 366 cert->pub = NULL; 367 cert->id = NULL; 368 cert->skid = NULL; 369 desc = NULL; 370 ret = 0; 371 372 error_free_desc: 373 kfree(desc); 374 error_free_cert: 375 x509_free_certificate(cert); 376 return ret; 377 } 378 379 static struct asymmetric_key_parser x509_key_parser = { 380 .owner = THIS_MODULE, 381 .name = "x509", 382 .parse = x509_key_preparse, 383 }; 384 385 /* 386 * Module stuff 387 */ 388 static int __init x509_key_init(void) 389 { 390 return register_asymmetric_key_parser(&x509_key_parser); 391 } 392 393 static void __exit x509_key_exit(void) 394 { 395 unregister_asymmetric_key_parser(&x509_key_parser); 396 } 397 398 module_init(x509_key_init); 399 module_exit(x509_key_exit); 400 401 MODULE_DESCRIPTION("X.509 certificate parser"); 402 MODULE_LICENSE("GPL"); 403