1 /* Public-key operation keyctls 2 * 3 * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved. 4 * Written by David Howells (dhowells@redhat.com) 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public Licence 8 * as published by the Free Software Foundation; either version 9 * 2 of the Licence, or (at your option) any later version. 10 */ 11 12 #include <linux/slab.h> 13 #include <linux/err.h> 14 #include <linux/key.h> 15 #include <linux/keyctl.h> 16 #include <linux/parser.h> 17 #include <linux/uaccess.h> 18 #include <keys/user-type.h> 19 #include "internal.h" 20 21 static void keyctl_pkey_params_free(struct kernel_pkey_params *params) 22 { 23 kfree(params->info); 24 key_put(params->key); 25 } 26 27 enum { 28 Opt_err = -1, 29 Opt_enc, /* "enc=<encoding>" eg. "enc=oaep" */ 30 Opt_hash, /* "hash=<digest-name>" eg. "hash=sha1" */ 31 }; 32 33 static const match_table_t param_keys = { 34 { Opt_enc, "enc=%s" }, 35 { Opt_hash, "hash=%s" }, 36 { Opt_err, NULL } 37 }; 38 39 /* 40 * Parse the information string which consists of key=val pairs. 41 */ 42 static int keyctl_pkey_params_parse(struct kernel_pkey_params *params) 43 { 44 unsigned long token_mask = 0; 45 substring_t args[MAX_OPT_ARGS]; 46 char *c = params->info, *p, *q; 47 int token; 48 49 while ((p = strsep(&c, " \t"))) { 50 if (*p == '\0' || *p == ' ' || *p == '\t') 51 continue; 52 token = match_token(p, param_keys, args); 53 if (__test_and_set_bit(token, &token_mask)) 54 return -EINVAL; 55 q = args[0].from; 56 if (!q[0]) 57 return -EINVAL; 58 59 switch (token) { 60 case Opt_enc: 61 params->encoding = q; 62 break; 63 64 case Opt_hash: 65 params->hash_algo = q; 66 break; 67 68 default: 69 return -EINVAL; 70 } 71 } 72 73 return 0; 74 } 75 76 /* 77 * Interpret parameters. Callers must always call the free function 78 * on params, even if an error is returned. 79 */ 80 static int keyctl_pkey_params_get(key_serial_t id, 81 const char __user *_info, 82 struct kernel_pkey_params *params) 83 { 84 key_ref_t key_ref; 85 void *p; 86 int ret; 87 88 memset(params, 0, sizeof(*params)); 89 params->encoding = "raw"; 90 91 p = strndup_user(_info, PAGE_SIZE); 92 if (IS_ERR(p)) 93 return PTR_ERR(p); 94 params->info = p; 95 96 ret = keyctl_pkey_params_parse(params); 97 if (ret < 0) 98 return ret; 99 100 key_ref = lookup_user_key(id, 0, KEY_NEED_SEARCH); 101 if (IS_ERR(key_ref)) 102 return PTR_ERR(key_ref); 103 params->key = key_ref_to_ptr(key_ref); 104 105 if (!params->key->type->asym_query) 106 return -EOPNOTSUPP; 107 108 return 0; 109 } 110 111 /* 112 * Get parameters from userspace. Callers must always call the free function 113 * on params, even if an error is returned. 114 */ 115 static int keyctl_pkey_params_get_2(const struct keyctl_pkey_params __user *_params, 116 const char __user *_info, 117 int op, 118 struct kernel_pkey_params *params) 119 { 120 struct keyctl_pkey_params uparams; 121 struct kernel_pkey_query info; 122 int ret; 123 124 memset(params, 0, sizeof(*params)); 125 params->encoding = "raw"; 126 127 if (copy_from_user(&uparams, _params, sizeof(uparams)) != 0) 128 return -EFAULT; 129 130 ret = keyctl_pkey_params_get(uparams.key_id, _info, params); 131 if (ret < 0) 132 return ret; 133 134 ret = params->key->type->asym_query(params, &info); 135 if (ret < 0) 136 return ret; 137 138 switch (op) { 139 case KEYCTL_PKEY_ENCRYPT: 140 case KEYCTL_PKEY_DECRYPT: 141 if (uparams.in_len > info.max_enc_size || 142 uparams.out_len > info.max_dec_size) 143 return -EINVAL; 144 break; 145 case KEYCTL_PKEY_SIGN: 146 case KEYCTL_PKEY_VERIFY: 147 if (uparams.in_len > info.max_sig_size || 148 uparams.out_len > info.max_data_size) 149 return -EINVAL; 150 break; 151 default: 152 BUG(); 153 } 154 155 params->in_len = uparams.in_len; 156 params->out_len = uparams.out_len; 157 return 0; 158 } 159 160 /* 161 * Query information about an asymmetric key. 162 */ 163 long keyctl_pkey_query(key_serial_t id, 164 const char __user *_info, 165 struct keyctl_pkey_query __user *_res) 166 { 167 struct kernel_pkey_params params; 168 struct kernel_pkey_query res; 169 long ret; 170 171 memset(¶ms, 0, sizeof(params)); 172 173 ret = keyctl_pkey_params_get(id, _info, ¶ms); 174 if (ret < 0) 175 goto error; 176 177 ret = params.key->type->asym_query(¶ms, &res); 178 if (ret < 0) 179 goto error; 180 181 ret = -EFAULT; 182 if (copy_to_user(_res, &res, sizeof(res)) == 0 && 183 clear_user(_res->__spare, sizeof(_res->__spare)) == 0) 184 ret = 0; 185 186 error: 187 keyctl_pkey_params_free(¶ms); 188 return ret; 189 } 190 191 /* 192 * Encrypt/decrypt/sign 193 * 194 * Encrypt data, decrypt data or sign data using a public key. 195 * 196 * _info is a string of supplementary information in key=val format. For 197 * instance, it might contain: 198 * 199 * "enc=pkcs1 hash=sha256" 200 * 201 * where enc= specifies the encoding and hash= selects the OID to go in that 202 * particular encoding if required. If enc= isn't supplied, it's assumed that 203 * the caller is supplying raw values. 204 * 205 * If successful, the amount of data written into the output buffer is 206 * returned. 207 */ 208 long keyctl_pkey_e_d_s(int op, 209 const struct keyctl_pkey_params __user *_params, 210 const char __user *_info, 211 const void __user *_in, 212 void __user *_out) 213 { 214 struct kernel_pkey_params params; 215 void *in, *out; 216 long ret; 217 218 ret = keyctl_pkey_params_get_2(_params, _info, op, ¶ms); 219 if (ret < 0) 220 goto error_params; 221 222 ret = -EOPNOTSUPP; 223 if (!params.key->type->asym_eds_op) 224 goto error_params; 225 226 switch (op) { 227 case KEYCTL_PKEY_ENCRYPT: 228 params.op = kernel_pkey_encrypt; 229 break; 230 case KEYCTL_PKEY_DECRYPT: 231 params.op = kernel_pkey_decrypt; 232 break; 233 case KEYCTL_PKEY_SIGN: 234 params.op = kernel_pkey_sign; 235 break; 236 default: 237 BUG(); 238 } 239 240 in = memdup_user(_in, params.in_len); 241 if (IS_ERR(in)) { 242 ret = PTR_ERR(in); 243 goto error_params; 244 } 245 246 ret = -ENOMEM; 247 out = kmalloc(params.out_len, GFP_KERNEL); 248 if (!out) 249 goto error_in; 250 251 ret = params.key->type->asym_eds_op(¶ms, in, out); 252 if (ret < 0) 253 goto error_out; 254 255 if (copy_to_user(_out, out, ret) != 0) 256 ret = -EFAULT; 257 258 error_out: 259 kfree(out); 260 error_in: 261 kfree(in); 262 error_params: 263 keyctl_pkey_params_free(¶ms); 264 return ret; 265 } 266 267 /* 268 * Verify a signature. 269 * 270 * Verify a public key signature using the given key, or if not given, search 271 * for a matching key. 272 * 273 * _info is a string of supplementary information in key=val format. For 274 * instance, it might contain: 275 * 276 * "enc=pkcs1 hash=sha256" 277 * 278 * where enc= specifies the signature blob encoding and hash= selects the OID 279 * to go in that particular encoding. If enc= isn't supplied, it's assumed 280 * that the caller is supplying raw values. 281 * 282 * If successful, 0 is returned. 283 */ 284 long keyctl_pkey_verify(const struct keyctl_pkey_params __user *_params, 285 const char __user *_info, 286 const void __user *_in, 287 const void __user *_in2) 288 { 289 struct kernel_pkey_params params; 290 void *in, *in2; 291 long ret; 292 293 ret = keyctl_pkey_params_get_2(_params, _info, KEYCTL_PKEY_VERIFY, 294 ¶ms); 295 if (ret < 0) 296 goto error_params; 297 298 ret = -EOPNOTSUPP; 299 if (!params.key->type->asym_verify_signature) 300 goto error_params; 301 302 in = memdup_user(_in, params.in_len); 303 if (IS_ERR(in)) { 304 ret = PTR_ERR(in); 305 goto error_params; 306 } 307 308 in2 = memdup_user(_in2, params.in2_len); 309 if (IS_ERR(in2)) { 310 ret = PTR_ERR(in2); 311 goto error_in; 312 } 313 314 params.op = kernel_pkey_verify; 315 ret = params.key->type->asym_verify_signature(¶ms, in, in2); 316 317 kfree(in2); 318 error_in: 319 kfree(in); 320 error_params: 321 keyctl_pkey_params_free(¶ms); 322 return ret; 323 } 324