From fda4d578ed0a7e1d116f56a15efea0e4ba78acad Mon Sep 17 00:00:00 2001 From: Laurent Bigonville Date: Tue, 7 Jul 2015 23:10:52 +0200 Subject: selinux: explicitly declare the role "base_r" This fixes the compilation of policy generated by mdp with the recent version of checkpolicy. Signed-off-by: Laurent Bigonville Acked-by: Stephen Smalley Signed-off-by: Paul Moore --- scripts/selinux/mdp/mdp.c | 1 + 1 file changed, 1 insertion(+) (limited to 'scripts') diff --git a/scripts/selinux/mdp/mdp.c b/scripts/selinux/mdp/mdp.c index 62b34ce1f50d..e10beb11b696 100644 --- a/scripts/selinux/mdp/mdp.c +++ b/scripts/selinux/mdp/mdp.c @@ -98,6 +98,7 @@ int main(int argc, char *argv[]) /* types, roles, and allows */ fprintf(fout, "type base_t;\n"); + fprintf(fout, "role base_r;\n"); fprintf(fout, "role base_r types { base_t };\n"); for (i = 0; secclass_map[i].name; i++) fprintf(fout, "allow base_t base_t:%s *;\n", -- cgit v1.2.3 From 8d9b21dcfe6814c92c9f445a7c742b7bab4f86b8 Mon Sep 17 00:00:00 2001 From: David Howells Date: Wed, 5 Aug 2015 12:54:45 +0100 Subject: ASN.1: Fix handling of CHOICE in ASN.1 compiler Fix the handling of CHOICE types in the ASN.1 compiler to make SEQUENCE and SET elements in a CHOICE be correctly rendered as skippable and conditional as appropriate. For example, in the following ASN.1: Foo ::= SEQUENCE { w1 INTEGER, w2 Bar, w3 OBJECT IDENTIFIER } Bar ::= CHOICE { x1 Seq1, x2 [0] IMPLICIT OCTET STRING, x3 Seq2, x4 SET OF INTEGER } Seq1 ::= SEQUENCE { y1 INTEGER, y2 INTEGER, y3 INTEGER } Seq2 ::= SEQUENCE { z1 BOOLEAN, z2 BOOLEAN, z3 BOOLEAN } the output in foo.c generated by: ./scripts/asn1_compiler foo.asn1 foo.c foo.h included: // Bar // Seq1 [ 4] = ASN1_OP_MATCH, [ 5] = _tag(UNIV, CONS, SEQ), ... [ 13] = ASN1_OP_COND_MATCH_OR_SKIP, // x2 [ 14] = _tagn(CONT, PRIM, 0), // Seq2 [ 15] = ASN1_OP_MATCH, [ 16] = _tag(UNIV, CONS, SEQ), ... [ 24] = ASN1_OP_COND_MATCH_JUMP_OR_SKIP, // x4 [ 25] = _tag(UNIV, CONS, SET), ... [ 27] = ASN1_OP_COND_FAIL, as a result of the CHOICE - but this is wrong on lines 4 and 15 because both of these should be skippable (one and only one of the four can be picked) and the one on line 15 should also be conditional so that it is ignored if anything before it matches. After the patch, it looks like: // Bar // Seq1 [ 4] = ASN1_OP_MATCH_JUMP_OR_SKIP, // x1 [ 5] = _tag(UNIV, CONS, SEQ), ... [ 7] = ASN1_OP_COND_MATCH_OR_SKIP, // x2 [ 8] = _tagn(CONT, PRIM, 0), // Seq2 [ 9] = ASN1_OP_COND_MATCH_JUMP_OR_SKIP, // x3 [ 10] = _tag(UNIV, CONS, SEQ), ... [ 12] = ASN1_OP_COND_MATCH_JUMP_OR_SKIP, // x4 [ 13] = _tag(UNIV, CONS, SET), ... [ 15] = ASN1_OP_COND_FAIL, where all four options are skippable and the second, third and fourth are all conditional, as is the backstop at the end. This hasn't been a problem so far because in the ASN.1 specs we have are either using primitives or are using SET OF and SEQUENCE OF which are handled correctly. Whilst we're at it, also make sure that element labels get included in comments in the output for elements that have complex types. This cannot be tested with the code as it stands, but rather affects future code. Signed-off-by: David Howells Reviewed-By: David Woodhouse --- scripts/asn1_compiler.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'scripts') diff --git a/scripts/asn1_compiler.c b/scripts/asn1_compiler.c index 7750e9c31483..e87359cd23c0 100644 --- a/scripts/asn1_compiler.c +++ b/scripts/asn1_compiler.c @@ -666,7 +666,7 @@ struct element { unsigned flags; #define ELEMENT_IMPLICIT 0x0001 #define ELEMENT_EXPLICIT 0x0002 -#define ELEMENT_MARKED 0x0004 +#define ELEMENT_TAG_SPECIFIED 0x0004 #define ELEMENT_RENDERED 0x0008 #define ELEMENT_SKIPPABLE 0x0010 #define ELEMENT_CONDITIONAL 0x0020 @@ -879,6 +879,7 @@ static struct element *parse_type(struct token **_cursor, struct token *end, element->tag &= ~0x1f; element->tag |= strtoul(cursor->value, &p, 10); + element->flags |= ELEMENT_TAG_SPECIFIED; if (p - cursor->value != cursor->size) abort(); cursor++; @@ -1376,7 +1377,7 @@ static void render_out_of_line_list(FILE *out) */ static void render_element(FILE *out, struct element *e, struct element *tag) { - struct element *ec; + struct element *ec, *x; const char *cond, *act; int entry, skippable = 0, outofline = 0; @@ -1435,15 +1436,17 @@ static void render_element(FILE *out, struct element *e, struct element *tag) break; } - if (e->name) + x = tag ?: e; + if (x->name) render_more(out, "\t\t// %*.*s", - (int)e->name->size, (int)e->name->size, - e->name->value); + (int)x->name->size, (int)x->name->size, + x->name->value); render_more(out, "\n"); /* Render the tag */ - if (!tag) + if (!tag || !(tag->flags & ELEMENT_TAG_SPECIFIED)) tag = e; + if (tag->class == ASN1_UNIV && tag->tag != 14 && tag->tag != 15 && @@ -1539,7 +1542,7 @@ dont_render_tag: case CHOICE: for (ec = e->children; ec; ec = ec->next) - render_element(out, ec, NULL); + render_element(out, ec, ec); if (!skippable) render_opcode(out, "ASN1_OP_COND_FAIL,\n"); if (e->action) -- cgit v1.2.3 From 3f3af97d8225a58ecdcde7217c030b17e5198226 Mon Sep 17 00:00:00 2001 From: David Howells Date: Wed, 5 Aug 2015 12:54:46 +0100 Subject: ASN.1: Fix actions on CHOICE elements with IMPLICIT tags In an ASN.1 description where there is a CHOICE construct that contains elements with IMPLICIT tags that refer to constructed types, actions to be taken on those elements should be conditional on the corresponding element actually being matched. Currently, however, such actions are performed unconditionally in the middle of processing the CHOICE. For example, look at elements 'b' and 'e' here: A ::= SEQUENCE { CHOICE { b [0] IMPLICIT B ({ do_XXXXXXXXXXXX_b }), c [1] EXPLICIT C ({ do_XXXXXXXXXXXX_c }), d [2] EXPLICIT B ({ do_XXXXXXXXXXXX_d }), e [3] IMPLICIT C ({ do_XXXXXXXXXXXX_e }), f [4] IMPLICIT INTEGER ({ do_XXXXXXXXXXXX_f }) } } ({ do_XXXXXXXXXXXX_A }) B ::= SET OF OBJECT IDENTIFIER ({ do_XXXXXXXXXXXX_oid }) C ::= SET OF INTEGER ({ do_XXXXXXXXXXXX_int }) They each have an action (do_XXXXXXXXXXXX_b and do_XXXXXXXXXXXX_e) that should only be processed if that element is matched. The problem is that there's no easy place to hang the action off in the subclause (type B for element 'b' and type C for element 'e') because subclause opcode sequences can be shared. To fix this, introduce a conditional action opcode(ASN1_OP_MAYBE_ACT) that the decoder only processes if the preceding match was successful. This can be seen in an excerpt from the output of the fixed ASN.1 compiler for the above ASN.1 description: [ 13] = ASN1_OP_COND_MATCH_JUMP_OR_SKIP, // e [ 14] = _tagn(CONT, CONS, 3), [ 15] = _jump_target(45), // --> C [ 16] = ASN1_OP_MAYBE_ACT, [ 17] = _action(ACT_do_XXXXXXXXXXXX_e), In this, if the op at [13] is matched (ie. element 'e' above) then the action at [16] will be performed. However, if the op at [13] doesn't match or is skipped because it is conditional and some previous op matched, then the action at [16] will be ignored. Note that to make this work in the decoder, the ASN1_OP_RETURN op must set the flag to indicate that a match happened. This is necessary because the _jump_target() seen above introduces a subclause (in this case an object of type 'C') which is likely to alter the flag. Setting the flag here is okay because to process a subclause, a match must have happened and caused a jump. This cannot be tested with the code as it stands, but rather affects future code. Signed-off-by: David Howells Reviewed-by: David Woodhouse --- scripts/asn1_compiler.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/asn1_compiler.c b/scripts/asn1_compiler.c index e87359cd23c0..0515bced929a 100644 --- a/scripts/asn1_compiler.c +++ b/scripts/asn1_compiler.c @@ -1468,7 +1468,8 @@ dont_render_tag: case TYPE_REF: render_element(out, e->type->type->element, tag); if (e->action) - render_opcode(out, "ASN1_OP_ACT,\n"); + render_opcode(out, "ASN1_OP_%sACT,\n", + skippable ? "MAYBE_" : ""); break; case SEQUENCE: -- cgit v1.2.3 From 233ce79db4b23a174bcf30bde5d6ad913d5f46d3 Mon Sep 17 00:00:00 2001 From: David Howells Date: Wed, 5 Aug 2015 12:54:46 +0100 Subject: ASN.1: Handle 'ANY OPTIONAL' in grammar An ANY object in an ASN.1 grammar that is marked OPTIONAL should be skipped if there is no more data to be had. This can be tested by editing X.509 certificates or PKCS#7 messages to remove the NULL from subobjects that look like the following: SEQUENCE { OBJECT(2a864886f70d01010b); NULL(); } This is an algorithm identifier plus an optional parameter. The modified DER can be passed to one of: keyctl padd asymmetric "" @s Tested-by: Marcel Holtmann Reviewed-by: David Woodhouse --- scripts/asn1_compiler.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/asn1_compiler.c b/scripts/asn1_compiler.c index 0515bced929a..1c75e22b6385 100644 --- a/scripts/asn1_compiler.c +++ b/scripts/asn1_compiler.c @@ -1401,7 +1401,8 @@ static void render_element(FILE *out, struct element *e, struct element *tag) act = e->action ? "_ACT" : ""; switch (e->compound) { case ANY: - render_opcode(out, "ASN1_OP_%sMATCH_ANY%s,", cond, act); + render_opcode(out, "ASN1_OP_%sMATCH_ANY%s%s,", + cond, act, skippable ? "_OR_SKIP" : ""); if (e->name) render_more(out, "\t\t// %*.*s", (int)e->name->size, (int)e->name->size, -- cgit v1.2.3 From ae44a2f6a03338cb9d2bd32864f686c732b7841f Mon Sep 17 00:00:00 2001 From: David Howells Date: Wed, 5 Aug 2015 14:07:01 +0100 Subject: ASN.1: Add an ASN.1 compiler option to dump the element tree Add an ASN.1 compiler option to dump the element tree to stdout. Signed-off-by: David Howells Reviewed-By: David Woodhouse --- scripts/asn1_compiler.c | 88 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 76 insertions(+), 12 deletions(-) (limited to 'scripts') diff --git a/scripts/asn1_compiler.c b/scripts/asn1_compiler.c index 1c75e22b6385..6e4ba992a51f 100644 --- a/scripts/asn1_compiler.c +++ b/scripts/asn1_compiler.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include #include @@ -311,9 +312,11 @@ struct token { static struct token *token_list; static unsigned nr_tokens; -static _Bool verbose; +static bool verbose_opt; +static bool debug_opt; -#define debug(fmt, ...) do { if (verbose) printf(fmt, ## __VA_ARGS__); } while (0) +#define verbose(fmt, ...) do { if (verbose_opt) printf(fmt, ## __VA_ARGS__); } while (0) +#define debug(fmt, ...) do { if (debug_opt) printf(fmt, ## __VA_ARGS__); } while (0) static int directive_compare(const void *_key, const void *_pdir) { @@ -518,7 +521,7 @@ static void tokenise(char *buffer, char *end) } nr_tokens = tix; - debug("Extracted %u tokens\n", nr_tokens); + verbose("Extracted %u tokens\n", nr_tokens); #if 0 { @@ -534,6 +537,7 @@ static void tokenise(char *buffer, char *end) static void build_type_list(void); static void parse(void); +static void dump_elements(void); static void render(FILE *out, FILE *hdr); /* @@ -548,16 +552,27 @@ int main(int argc, char **argv) char *kbuild_verbose; int fd; + kbuild_verbose = getenv("KBUILD_VERBOSE"); + if (kbuild_verbose) + verbose_opt = atoi(kbuild_verbose); + + while (argc > 4) { + if (strcmp(argv[1], "-v") == 0) + verbose_opt = true; + else if (strcmp(argv[1], "-d") == 0) + debug_opt = true; + else + break; + memmove(&argv[1], &argv[2], (argc - 2) * sizeof(char *)); + argc--; + } + if (argc != 4) { - fprintf(stderr, "Format: %s \n", + fprintf(stderr, "Format: %s [-v] [-d] \n", argv[0]); exit(2); } - kbuild_verbose = getenv("KBUILD_VERBOSE"); - if (kbuild_verbose) - verbose = atoi(kbuild_verbose); - filename = argv[1]; outputname = argv[2]; headername = argv[3]; @@ -608,6 +623,7 @@ int main(int argc, char **argv) tokenise(buffer, buffer + readlen); build_type_list(); parse(); + dump_elements(); out = fopen(outputname, "w"); if (!out) { @@ -756,7 +772,7 @@ static void build_type_list(void) qsort(type_index, nr, sizeof(type_index[0]), type_index_compare); - debug("Extracted %u types\n", nr_types); + verbose("Extracted %u types\n", nr_types); #if 0 for (n = 0; n < nr_types; n++) { struct type *type = type_index[n]; @@ -801,7 +817,7 @@ static void parse(void) } while (type++, !(type->flags & TYPE_STOP_MARKER)); - debug("Extracted %u actions\n", nr_actions); + verbose("Extracted %u actions\n", nr_actions); } static struct element *element_list; @@ -1192,6 +1208,54 @@ overrun_error: exit(1); } +static void dump_element(const struct element *e, int level) +{ + const struct element *c; + const struct type *t = e->type_def; + const char *name = e->name ? e->name->value : "."; + int nsize = e->name ? e->name->size : 1; + const char *tname = t && t->name ? t->name->value : "."; + int tnsize = t && t->name ? t->name->size : 1; + char tag[32]; + + if (e->class == 0 && e->method == 0 && e->tag == 0) + strcpy(tag, "<...>"); + else if (e->class == ASN1_UNIV) + sprintf(tag, "%s %s %s", + asn1_classes[e->class], + asn1_methods[e->method], + asn1_universal_tags[e->tag]); + else + sprintf(tag, "%s %s %u", + asn1_classes[e->class], + asn1_methods[e->method], + e->tag); + + printf("%c%c%c%c%c %c %*s[*] \e[33m%s\e[m %*.*s %*.*s \e[35m%s\e[m\n", + e->flags & ELEMENT_IMPLICIT ? 'I' : '-', + e->flags & ELEMENT_EXPLICIT ? 'E' : '-', + e->flags & ELEMENT_TAG_SPECIFIED ? 'T' : '-', + e->flags & ELEMENT_SKIPPABLE ? 'S' : '-', + e->flags & ELEMENT_CONDITIONAL ? 'C' : '-', + "-tTqQcaro"[e->compound], + level, "", + tag, + tnsize, tnsize, tname, + nsize, nsize, name, + e->action ? e->action->name : ""); + if (e->compound == TYPE_REF) + dump_element(e->type->type->element, level + 3); + else + for (c = e->children; c; c = c->next) + dump_element(c, level + 3); +} + +static void dump_elements(void) +{ + if (debug_opt) + dump_element(type_list[0].element, 0); +} + static void render_element(FILE *out, struct element *e, struct element *tag); static void render_out_of_line_list(FILE *out); @@ -1293,7 +1357,7 @@ static void render(FILE *out, FILE *hdr) } /* We do two passes - the first one calculates all the offsets */ - debug("Pass 1\n"); + verbose("Pass 1\n"); nr_entries = 0; root = &type_list[0]; render_element(NULL, root->element, NULL); @@ -1304,7 +1368,7 @@ static void render(FILE *out, FILE *hdr) e->flags &= ~ELEMENT_RENDERED; /* And then we actually render */ - debug("Pass 2\n"); + verbose("Pass 2\n"); fprintf(out, "\n"); fprintf(out, "static const unsigned char %s_machine[] = {\n", grammar_name); -- cgit v1.2.3 From c05cae9a58dca6dcbc6e66b228a9589c6b60880c Mon Sep 17 00:00:00 2001 From: David Howells Date: Wed, 29 Jul 2015 21:14:00 +0100 Subject: ASN.1: Copy string names to tokens in ASN.1 compiler Copy string names to tokens in ASN.1 compiler rather than storing a pointer into the source text. This means we don't have to use "%*.*s" all over the place. Signed-off-by: David Howells Reviewed-by: David Woodhouse --- scripts/asn1_compiler.c | 155 +++++++++++++++++++++++------------------------- 1 file changed, 73 insertions(+), 82 deletions(-) (limited to 'scripts') diff --git a/scripts/asn1_compiler.c b/scripts/asn1_compiler.c index 6e4ba992a51f..e000f44e37b8 100644 --- a/scripts/asn1_compiler.c +++ b/scripts/asn1_compiler.c @@ -294,8 +294,8 @@ static const char *const directives[NR__DIRECTIVES] = { struct action { struct action *next; + char *name; unsigned char index; - char name[]; }; static struct action *action_list; @@ -306,7 +306,7 @@ struct token { enum token_type token_type : 8; unsigned char size; struct action *action; - const char *value; + char *content; struct type *type; }; @@ -328,11 +328,9 @@ static int directive_compare(const void *_key, const void *_pdir) dlen = strlen(dir); clen = (dlen < token->size) ? dlen : token->size; - //debug("cmp(%*.*s,%s) = ", - // (int)token->size, (int)token->size, token->value, - // dir); + //debug("cmp(%s,%s) = ", token->content, dir); - val = memcmp(token->value, dir, clen); + val = memcmp(token->content, dir, clen); if (val != 0) { //debug("%d [cmp]\n", val); return val; @@ -352,7 +350,7 @@ static int directive_compare(const void *_key, const void *_pdir) static void tokenise(char *buffer, char *end) { struct token *tokens; - char *line, *nl, *p, *q; + char *line, *nl, *start, *p, *q; unsigned tix, lineno; /* Assume we're going to have half as many tokens as we have @@ -411,11 +409,11 @@ static void tokenise(char *buffer, char *end) break; tokens[tix].line = lineno; - tokens[tix].value = p; + start = p; /* Handle string tokens */ if (isalpha(*p)) { - const char **dir; + const char **dir, *start = p; /* Can be a directive, type name or element * name. Find the end of the name. @@ -426,10 +424,18 @@ static void tokenise(char *buffer, char *end) tokens[tix].size = q - p; p = q; + tokens[tix].content = malloc(tokens[tix].size + 1); + if (!tokens[tix].content) { + perror(NULL); + exit(1); + } + memcpy(tokens[tix].content, start, tokens[tix].size); + tokens[tix].content[tokens[tix].size] = 0; + /* If it begins with a lowercase letter then * it's an element name */ - if (islower(tokens[tix].value[0])) { + if (islower(tokens[tix].content[0])) { tokens[tix++].token_type = TOKEN_ELEMENT_NAME; continue; } @@ -458,6 +464,13 @@ static void tokenise(char *buffer, char *end) q++; tokens[tix].size = q - p; p = q; + tokens[tix].content = malloc(tokens[tix].size + 1); + if (!tokens[tix].content) { + perror(NULL); + exit(1); + } + memcpy(tokens[tix].content, start, tokens[tix].size); + tokens[tix].content[tokens[tix].size] = 0; tokens[tix++].token_type = TOKEN_NUMBER; continue; } @@ -466,6 +479,7 @@ static void tokenise(char *buffer, char *end) if (memcmp(p, "::=", 3) == 0) { p += 3; tokens[tix].size = 3; + tokens[tix].content = "::="; tokens[tix++].token_type = TOKEN_ASSIGNMENT; continue; } @@ -475,12 +489,14 @@ static void tokenise(char *buffer, char *end) if (memcmp(p, "({", 2) == 0) { p += 2; tokens[tix].size = 2; + tokens[tix].content = "({"; tokens[tix++].token_type = TOKEN_OPEN_ACTION; continue; } if (memcmp(p, "})", 2) == 0) { p += 2; tokens[tix].size = 2; + tokens[tix].content = "})"; tokens[tix++].token_type = TOKEN_CLOSE_ACTION; continue; } @@ -491,22 +507,27 @@ static void tokenise(char *buffer, char *end) switch (*p) { case '{': p += 1; + tokens[tix].content = "{"; tokens[tix++].token_type = TOKEN_OPEN_CURLY; continue; case '}': p += 1; + tokens[tix].content = "}"; tokens[tix++].token_type = TOKEN_CLOSE_CURLY; continue; case '[': p += 1; + tokens[tix].content = "["; tokens[tix++].token_type = TOKEN_OPEN_SQUARE; continue; case ']': p += 1; + tokens[tix].content = "]"; tokens[tix++].token_type = TOKEN_CLOSE_SQUARE; continue; case ',': p += 1; + tokens[tix].content = ","; tokens[tix++].token_type = TOKEN_COMMA; continue; default: @@ -527,10 +548,7 @@ static void tokenise(char *buffer, char *end) { int n; for (n = 0; n < nr_tokens; n++) - debug("Token %3u: '%*.*s'\n", - n, - (int)token_list[n].size, (int)token_list[n].size, - token_list[n].value); + debug("Token %3u: '%s'\n", n, token_list[n].content); } #endif } @@ -709,7 +727,7 @@ static int type_index_compare(const void *_a, const void *_b) if ((*a)->name->size != (*b)->name->size) return (*a)->name->size - (*b)->name->size; else - return memcmp((*a)->name->value, (*b)->name->value, + return memcmp((*a)->name->content, (*b)->name->content, (*a)->name->size); } @@ -722,7 +740,7 @@ static int type_finder(const void *_key, const void *_ti) if (token->size != type->name->size) return token->size - type->name->size; else - return memcmp(token->value, type->name->value, + return memcmp(token->content, type->name->content, token->size); } @@ -776,10 +794,7 @@ static void build_type_list(void) #if 0 for (n = 0; n < nr_types; n++) { struct type *type = type_index[n]; - debug("- %*.*s\n", - (int)type->name->size, - (int)type->name->size, - type->name->value); + debug("- %*.*s\n", type->name->content); } #endif } @@ -809,9 +824,8 @@ static void parse(void) type->element->type_def = type; if (cursor != type[1].name) { - fprintf(stderr, "%s:%d: Parse error at token '%*.*s'\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Parse error at token '%s'\n", + filename, cursor->line, cursor->content); exit(1); } @@ -878,34 +892,31 @@ static struct element *parse_type(struct token **_cursor, struct token *end, cursor++; break; default: - fprintf(stderr, "%s:%d: Unrecognised tag class token '%*.*s'\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Unrecognised tag class token '%s'\n", + filename, cursor->line, cursor->content); exit(1); } if (cursor >= end) goto overrun_error; if (cursor->token_type != TOKEN_NUMBER) { - fprintf(stderr, "%s:%d: Missing tag number '%*.*s'\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Missing tag number '%s'\n", + filename, cursor->line, cursor->content); exit(1); } element->tag &= ~0x1f; - element->tag |= strtoul(cursor->value, &p, 10); + element->tag |= strtoul(cursor->content, &p, 10); element->flags |= ELEMENT_TAG_SPECIFIED; - if (p - cursor->value != cursor->size) + if (p - cursor->content != cursor->size) abort(); cursor++; if (cursor >= end) goto overrun_error; if (cursor->token_type != TOKEN_CLOSE_SQUARE) { - fprintf(stderr, "%s:%d: Missing closing square bracket '%*.*s'\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Missing closing square bracket '%s'\n", + filename, cursor->line, cursor->content); exit(1); } cursor++; @@ -1005,9 +1016,8 @@ static struct element *parse_type(struct token **_cursor, struct token *end, ref = bsearch(cursor, type_index, nr_types, sizeof(type_index[0]), type_finder); if (!ref) { - fprintf(stderr, "%s:%d: Type '%*.*s' undefined\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Type '%s' undefined\n", + filename, cursor->line, cursor->content); exit(1); } cursor->type = *ref; @@ -1056,9 +1066,8 @@ static struct element *parse_type(struct token **_cursor, struct token *end, break; default: - fprintf(stderr, "%s:%d: Token '%*.*s' does not introduce a type\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Token '%s' does not introduce a type\n", + filename, cursor->line, cursor->content); exit(1); } @@ -1075,20 +1084,18 @@ static struct element *parse_type(struct token **_cursor, struct token *end, if (cursor >= end) goto overrun_error; if (cursor->token_type != TOKEN_ELEMENT_NAME) { - fprintf(stderr, "%s:%d: Token '%*.*s' is not an action function name\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Token '%s' is not an action function name\n", + filename, cursor->line, cursor->content); exit(1); } - action = malloc(sizeof(struct action) + cursor->size + 1); + action = malloc(sizeof(struct action)); if (!action) { perror(NULL); exit(1); } action->index = 0; - memcpy(action->name, cursor->value, cursor->size); - action->name[cursor->size] = 0; + action->name = cursor->content; for (ppaction = &action_list; *ppaction; @@ -1118,9 +1125,8 @@ static struct element *parse_type(struct token **_cursor, struct token *end, if (cursor >= end) goto overrun_error; if (cursor->token_type != TOKEN_CLOSE_ACTION) { - fprintf(stderr, "%s:%d: Missing close action, got '%*.*s'\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Missing close action, got '%s'\n", + filename, cursor->line, cursor->content); exit(1); } cursor++; @@ -1130,9 +1136,8 @@ static struct element *parse_type(struct token **_cursor, struct token *end, return top; parse_error: - fprintf(stderr, "%s:%d: Unexpected token '%*.*s'\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Unexpected token '%s'\n", + filename, cursor->line, cursor->content); exit(1); overrun_error: @@ -1150,9 +1155,8 @@ static struct element *parse_compound(struct token **_cursor, struct token *end, struct token *cursor = *_cursor, *name; if (cursor->token_type != TOKEN_OPEN_CURLY) { - fprintf(stderr, "%s:%d: Expected compound to start with brace not '%*.*s'\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Expected compound to start with brace not '%s'\n", + filename, cursor->line, cursor->content); exit(1); } cursor++; @@ -1193,9 +1197,8 @@ static struct element *parse_compound(struct token **_cursor, struct token *end, children->flags &= ~ELEMENT_CONDITIONAL; if (cursor->token_type != TOKEN_CLOSE_CURLY) { - fprintf(stderr, "%s:%d: Expected compound closure, got '%*.*s'\n", - filename, cursor->line, - (int)cursor->size, (int)cursor->size, cursor->value); + fprintf(stderr, "%s:%d: Expected compound closure, got '%s'\n", + filename, cursor->line, cursor->content); exit(1); } cursor++; @@ -1212,10 +1215,8 @@ static void dump_element(const struct element *e, int level) { const struct element *c; const struct type *t = e->type_def; - const char *name = e->name ? e->name->value : "."; - int nsize = e->name ? e->name->size : 1; - const char *tname = t && t->name ? t->name->value : "."; - int tnsize = t && t->name ? t->name->size : 1; + const char *name = e->name ? e->name->content : "."; + const char *tname = t && t->name ? t->name->content : "."; char tag[32]; if (e->class == 0 && e->method == 0 && e->tag == 0) @@ -1231,7 +1232,7 @@ static void dump_element(const struct element *e, int level) asn1_methods[e->method], e->tag); - printf("%c%c%c%c%c %c %*s[*] \e[33m%s\e[m %*.*s %*.*s \e[35m%s\e[m\n", + printf("%c%c%c%c%c %c %*s[*] \e[33m%s\e[m %s %s \e[35m%s\e[m\n", e->flags & ELEMENT_IMPLICIT ? 'I' : '-', e->flags & ELEMENT_EXPLICIT ? 'E' : '-', e->flags & ELEMENT_TAG_SPECIFIED ? 'T' : '-', @@ -1240,8 +1241,8 @@ static void dump_element(const struct element *e, int level) "-tTqQcaro"[e->compound], level, "", tag, - tnsize, tnsize, tname, - nsize, nsize, name, + tname, + name, e->action ? e->action->name : ""); if (e->compound == TYPE_REF) dump_element(e->type->type->element, level + 3); @@ -1454,9 +1455,7 @@ static void render_element(FILE *out, struct element *e, struct element *tag) outofline = 1; if (e->type_def && out) { - render_more(out, "\t// %*.*s\n", - (int)e->type_def->name->size, (int)e->type_def->name->size, - e->type_def->name->value); + render_more(out, "\t// %s\n", e->type_def->name->content); } /* Render the operation */ @@ -1468,9 +1467,7 @@ static void render_element(FILE *out, struct element *e, struct element *tag) render_opcode(out, "ASN1_OP_%sMATCH_ANY%s%s,", cond, act, skippable ? "_OR_SKIP" : ""); if (e->name) - render_more(out, "\t\t// %*.*s", - (int)e->name->size, (int)e->name->size, - e->name->value); + render_more(out, "\t\t// %s", e->name->content); render_more(out, "\n"); goto dont_render_tag; @@ -1503,9 +1500,7 @@ static void render_element(FILE *out, struct element *e, struct element *tag) x = tag ?: e; if (x->name) - render_more(out, "\t\t// %*.*s", - (int)x->name->size, (int)x->name->size, - x->name->value); + render_more(out, "\t\t// %s", x->name->content); render_more(out, "\n"); /* Render the tag */ @@ -1543,10 +1538,8 @@ dont_render_tag: * skipability */ render_opcode(out, "_jump_target(%u),", e->entry_index); if (e->type_def && e->type_def->name) - render_more(out, "\t\t// --> %*.*s", - (int)e->type_def->name->size, - (int)e->type_def->name->size, - e->type_def->name->value); + render_more(out, "\t\t// --> %s", + e->type_def->name->content); render_more(out, "\n"); if (!(e->flags & ELEMENT_RENDERED)) { e->flags |= ELEMENT_RENDERED; @@ -1571,10 +1564,8 @@ dont_render_tag: * skipability */ render_opcode(out, "_jump_target(%u),", e->entry_index); if (e->type_def && e->type_def->name) - render_more(out, "\t\t// --> %*.*s", - (int)e->type_def->name->size, - (int)e->type_def->name->size, - e->type_def->name->value); + render_more(out, "\t\t// --> %s", + e->type_def->name->content); render_more(out, "\n"); if (!(e->flags & ELEMENT_RENDERED)) { e->flags |= ELEMENT_RENDERED; -- cgit v1.2.3 From bc1c373dd2a5113800360f7152be729c9da996cc Mon Sep 17 00:00:00 2001 From: David Howells Date: Mon, 20 Jul 2015 21:16:27 +0100 Subject: MODSIGN: Provide a utility to append a PKCS#7 signature to a module Provide a utility that: (1) Digests a module using the specified hash algorithm (typically sha256). [The digest can be dumped into a file by passing the '-d' flag] (2) Generates a PKCS#7 message that: (a) Has detached data (ie. the module content). (b) Is signed with the specified private key. (c) Refers to the specified X.509 certificate. (d) Has an empty X.509 certificate list. [The PKCS#7 message can be dumped into a file by passing the '-p' flag] (3) Generates a signed module by concatenating the old module, the PKCS#7 message, a descriptor and a magic string. The descriptor contains the size of the PKCS#7 message and indicates the id_type as PKEY_ID_PKCS7. (4) Either writes the signed module to the specified destination or renames it over the source module. This allows module signing to reuse the PKCS#7 handling code that was added for PE file parsing for signed kexec. Note that the utility is written in C and must be linked against the OpenSSL crypto library. Note further that I have temporarily dropped support for handling externally created signatures until we can work out the best way to do those. Hopefully, whoever creates the signature can give me a PKCS#7 certificate. Signed-off-by: David Howells Tested-by: Vivek Goyal --- scripts/sign-file.c | 205 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 205 insertions(+) create mode 100755 scripts/sign-file.c (limited to 'scripts') diff --git a/scripts/sign-file.c b/scripts/sign-file.c new file mode 100755 index 000000000000..5b8a6dda3235 --- /dev/null +++ b/scripts/sign-file.c @@ -0,0 +1,205 @@ +/* Sign a module file using the given key. + * + * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public Licence + * as published by the Free Software Foundation; either version + * 2 of the Licence, or (at your option) any later version. + */ +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +struct module_signature { + uint8_t algo; /* Public-key crypto algorithm [0] */ + uint8_t hash; /* Digest algorithm [0] */ + uint8_t id_type; /* Key identifier type [PKEY_ID_PKCS7] */ + uint8_t signer_len; /* Length of signer's name [0] */ + uint8_t key_id_len; /* Length of key identifier [0] */ + uint8_t __pad[3]; + uint32_t sig_len; /* Length of signature data */ +}; + +#define PKEY_ID_PKCS7 2 + +static char magic_number[] = "~Module signature appended~\n"; + +static __attribute__((noreturn)) +void format(void) +{ + fprintf(stderr, + "Usage: scripts/sign-file [-dp] []\n"); + exit(2); +} + +static void display_openssl_errors(int l) +{ + const char *file; + char buf[120]; + int e, line; + + if (ERR_peek_error() == 0) + return; + fprintf(stderr, "At main.c:%d:\n", l); + + while ((e = ERR_get_error_line(&file, &line))) { + ERR_error_string(e, buf); + fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line); + } +} + +static void drain_openssl_errors(void) +{ + const char *file; + int line; + + if (ERR_peek_error() == 0) + return; + while (ERR_get_error_line(&file, &line)) {} +} + +#define ERR(cond, fmt, ...) \ + do { \ + bool __cond = (cond); \ + display_openssl_errors(__LINE__); \ + if (__cond) { \ + err(1, fmt, ## __VA_ARGS__); \ + } \ + } while(0) + +int main(int argc, char **argv) +{ + struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 }; + char *hash_algo = NULL; + char *private_key_name, *x509_name, *module_name, *dest_name; + bool save_pkcs7 = false, replace_orig; + unsigned char buf[4096]; + unsigned long module_size, pkcs7_size; + const EVP_MD *digest_algo; + EVP_PKEY *private_key; + PKCS7 *pkcs7; + X509 *x509; + BIO *b, *bd, *bm; + int opt, n; + + ERR_load_crypto_strings(); + ERR_clear_error(); + + do { + opt = getopt(argc, argv, "dp"); + switch (opt) { + case 'p': save_pkcs7 = true; break; + case -1: break; + default: format(); + } + } while (opt != -1); + + argc -= optind; + argv += optind; + if (argc < 4 || argc > 5) + format(); + + hash_algo = argv[0]; + private_key_name = argv[1]; + x509_name = argv[2]; + module_name = argv[3]; + if (argc == 5) { + dest_name = argv[4]; + replace_orig = false; + } else { + ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0, + "asprintf"); + replace_orig = true; + } + + /* Read the private key and the X.509 cert the PKCS#7 message + * will point to. + */ + b = BIO_new_file(private_key_name, "rb"); + ERR(!b, "%s", private_key_name); + private_key = PEM_read_bio_PrivateKey(b, NULL, NULL, NULL); + BIO_free(b); + + b = BIO_new_file(x509_name, "rb"); + ERR(!b, "%s", x509_name); + x509 = d2i_X509_bio(b, NULL); /* Binary encoded X.509 */ + if (!x509) { + BIO_reset(b); + x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); /* PEM encoded X.509 */ + if (x509) + drain_openssl_errors(); + } + BIO_free(b); + ERR(!x509, "%s", x509_name); + + /* Open the destination file now so that we can shovel the module data + * across as we read it. + */ + bd = BIO_new_file(dest_name, "wb"); + ERR(!bd, "%s", dest_name); + + /* Digest the module data. */ + OpenSSL_add_all_digests(); + display_openssl_errors(__LINE__); + digest_algo = EVP_get_digestbyname(hash_algo); + ERR(!digest_algo, "EVP_get_digestbyname"); + + bm = BIO_new_file(module_name, "rb"); + ERR(!bm, "%s", module_name); + + /* Load the PKCS#7 message from the digest buffer. */ + pkcs7 = PKCS7_sign(NULL, NULL, NULL, NULL, + PKCS7_NOCERTS | PKCS7_PARTIAL | PKCS7_BINARY | PKCS7_DETACHED | PKCS7_STREAM); + ERR(!pkcs7, "PKCS7_sign"); + + ERR(!PKCS7_sign_add_signer(pkcs7, x509, private_key, digest_algo, PKCS7_NOCERTS | PKCS7_BINARY), + "PKCS7_sign_add_signer"); + ERR(PKCS7_final(pkcs7, bm, PKCS7_NOCERTS | PKCS7_BINARY) < 0, + "PKCS7_final"); + + if (save_pkcs7) { + char *pkcs7_name; + + ERR(asprintf(&pkcs7_name, "%s.pkcs7", module_name) < 0, "asprintf"); + b = BIO_new_file(pkcs7_name, "wb"); + ERR(!b, "%s", pkcs7_name); + ERR(i2d_PKCS7_bio_stream(b, pkcs7, NULL, 0) < 0, "%s", pkcs7_name); + BIO_free(b); + } + + /* Append the marker and the PKCS#7 message to the destination file */ + ERR(BIO_reset(bm) < 0, "%s", module_name); + while ((n = BIO_read(bm, buf, sizeof(buf))), + n > 0) { + ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name); + } + ERR(n < 0, "%s", module_name); + module_size = BIO_number_written(bd); + + ERR(i2d_PKCS7_bio_stream(bd, pkcs7, NULL, 0) < 0, "%s", dest_name); + pkcs7_size = BIO_number_written(bd) - module_size; + sig_info.sig_len = htonl(pkcs7_size); + ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", dest_name); + ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", dest_name); + + ERR(BIO_free(bd) < 0, "%s", dest_name); + + /* Finally, if we're signing in place, replace the original. */ + if (replace_orig) + ERR(rename(dest_name, module_name) < 0, "%s", dest_name); + + return 0; +} -- cgit v1.2.3 From 3f1e1bea34740069f70c6bc92d0f712345d5c28e Mon Sep 17 00:00:00 2001 From: David Howells Date: Mon, 20 Jul 2015 21:16:27 +0100 Subject: MODSIGN: Use PKCS#7 messages as module signatures Move to using PKCS#7 messages as module signatures because: (1) We have to be able to support the use of X.509 certificates that don't have a subjKeyId set. We're currently relying on this to look up the X.509 certificate in the trusted keyring list. (2) PKCS#7 message signed information blocks have a field that supplies the data required to match with the X.509 certificate that signed it. (3) The PKCS#7 certificate carries fields that specify the digest algorithm used to generate the signature in a standardised way and the X.509 certificates specify the public key algorithm in a standardised way - so we don't need our own methods of specifying these. (4) We now have PKCS#7 message support in the kernel for signed kexec purposes and we can make use of this. To make this work, the old sign-file script has been replaced with a program that needs compiling in a previous patch. The rules to build it are added here. Signed-off-by: David Howells Tested-by: Vivek Goyal --- scripts/Makefile | 2 + scripts/sign-file | 421 ------------------------------------------------------ 2 files changed, 2 insertions(+), 421 deletions(-) delete mode 100755 scripts/sign-file (limited to 'scripts') diff --git a/scripts/Makefile b/scripts/Makefile index 2016a64497ab..b12fe020664d 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -16,9 +16,11 @@ hostprogs-$(CONFIG_VT) += conmakehash hostprogs-$(BUILD_C_RECORDMCOUNT) += recordmcount hostprogs-$(CONFIG_BUILDTIME_EXTABLE_SORT) += sortextable hostprogs-$(CONFIG_ASN1) += asn1_compiler +hostprogs-$(CONFIG_MODULE_SIG) += sign-file HOSTCFLAGS_sortextable.o = -I$(srctree)/tools/include HOSTCFLAGS_asn1_compiler.o = -I$(srctree)/include +HOSTLOADLIBES_sign-file = -lcrypto always := $(hostprogs-y) $(hostprogs-m) diff --git a/scripts/sign-file b/scripts/sign-file deleted file mode 100755 index 3906ee1e2f76..000000000000 --- a/scripts/sign-file +++ /dev/null @@ -1,421 +0,0 @@ -#!/usr/bin/perl -w -# -# Sign a module file using the given key. -# - -my $USAGE = -"Usage: scripts/sign-file [-v] []\n" . -" scripts/sign-file [-v] -s []\n"; - -use strict; -use FileHandle; -use IPC::Open2; -use Getopt::Std; - -my %opts; -getopts('vs:', \%opts) or die $USAGE; -my $verbose = $opts{'v'}; -my $signature_file = $opts{'s'}; - -die $USAGE if ($#ARGV > 4); -die $USAGE if (!$signature_file && $#ARGV < 3 || $signature_file && $#ARGV < 2); - -my $dgst = shift @ARGV; -my $private_key; -if (!$signature_file) { - $private_key = shift @ARGV; -} -my $x509 = shift @ARGV; -my $module = shift @ARGV; -my ($dest, $keep_orig); -if (@ARGV) { - $dest = $ARGV[0]; - $keep_orig = 1; -} else { - $dest = $module . "~"; -} - -die "Can't read private key\n" if (!$signature_file && !-r $private_key); -die "Can't read signature file\n" if ($signature_file && !-r $signature_file); -die "Can't read X.509 certificate\n" unless (-r $x509); -die "Can't read module\n" unless (-r $module); - -# -# Function to read the contents of a file into a variable. -# -sub read_file($) -{ - my ($file) = @_; - my $contents; - my $len; - - open(FD, "<$file") || die $file; - binmode FD; - my @st = stat(FD); - die $file if (!@st); - $len = read(FD, $contents, $st[7]) || die $file; - close(FD) || die $file; - die "$file: Wanted length ", $st[7], ", got ", $len, "\n" - if ($len != $st[7]); - return $contents; -} - -############################################################################### -# -# First of all, we have to parse the X.509 certificate to find certain details -# about it. -# -# We read the DER-encoded X509 certificate and parse it to extract the Subject -# name and Subject Key Identifier. Theis provides the data we need to build -# the certificate identifier. -# -# The signer's name part of the identifier is fabricated from the commonName, -# the organizationName or the emailAddress components of the X.509 subject -# name. -# -# The subject key ID is used to select which of that signer's certificates -# we're intending to use to sign the module. -# -############################################################################### -my $x509_certificate = read_file($x509); - -my $UNIV = 0 << 6; -my $APPL = 1 << 6; -my $CONT = 2 << 6; -my $PRIV = 3 << 6; - -my $CONS = 0x20; - -my $BOOLEAN = 0x01; -my $INTEGER = 0x02; -my $BIT_STRING = 0x03; -my $OCTET_STRING = 0x04; -my $NULL = 0x05; -my $OBJ_ID = 0x06; -my $UTF8String = 0x0c; -my $SEQUENCE = 0x10; -my $SET = 0x11; -my $UTCTime = 0x17; -my $GeneralizedTime = 0x18; - -my %OIDs = ( - pack("CCC", 85, 4, 3) => "commonName", - pack("CCC", 85, 4, 6) => "countryName", - pack("CCC", 85, 4, 10) => "organizationName", - pack("CCC", 85, 4, 11) => "organizationUnitName", - pack("CCCCCCCCC", 42, 134, 72, 134, 247, 13, 1, 1, 1) => "rsaEncryption", - pack("CCCCCCCCC", 42, 134, 72, 134, 247, 13, 1, 1, 5) => "sha1WithRSAEncryption", - pack("CCCCCCCCC", 42, 134, 72, 134, 247, 13, 1, 9, 1) => "emailAddress", - pack("CCC", 85, 29, 35) => "authorityKeyIdentifier", - pack("CCC", 85, 29, 14) => "subjectKeyIdentifier", - pack("CCC", 85, 29, 19) => "basicConstraints" -); - -############################################################################### -# -# Extract an ASN.1 element from a string and return information about it. -# -############################################################################### -sub asn1_extract($$@) -{ - my ($cursor, $expected_tag, $optional) = @_; - - return [ -1 ] - if ($cursor->[1] == 0 && $optional); - - die $x509, ": ", $cursor->[0], ": ASN.1 data underrun (elem ", $cursor->[1], ")\n" - if ($cursor->[1] < 2); - - my ($tag, $len) = unpack("CC", substr(${$cursor->[2]}, $cursor->[0], 2)); - - if ($expected_tag != -1 && $tag != $expected_tag) { - return [ -1 ] - if ($optional); - die $x509, ": ", $cursor->[0], ": ASN.1 unexpected tag (", $tag, - " not ", $expected_tag, ")\n"; - } - - $cursor->[0] += 2; - $cursor->[1] -= 2; - - die $x509, ": ", $cursor->[0], ": ASN.1 long tag\n" - if (($tag & 0x1f) == 0x1f); - die $x509, ": ", $cursor->[0], ": ASN.1 indefinite length\n" - if ($len == 0x80); - - if ($len > 0x80) { - my $l = $len - 0x80; - die $x509, ": ", $cursor->[0], ": ASN.1 data underrun (len len $l)\n" - if ($cursor->[1] < $l); - - if ($l == 0x1) { - $len = unpack("C", substr(${$cursor->[2]}, $cursor->[0], 1)); - } elsif ($l == 0x2) { - $len = unpack("n", substr(${$cursor->[2]}, $cursor->[0], 2)); - } elsif ($l == 0x3) { - $len = unpack("C", substr(${$cursor->[2]}, $cursor->[0], 1)) << 16; - $len = unpack("n", substr(${$cursor->[2]}, $cursor->[0] + 1, 2)); - } elsif ($l == 0x4) { - $len = unpack("N", substr(${$cursor->[2]}, $cursor->[0], 4)); - } else { - die $x509, ": ", $cursor->[0], ": ASN.1 element too long (", $l, ")\n"; - } - - $cursor->[0] += $l; - $cursor->[1] -= $l; - } - - die $x509, ": ", $cursor->[0], ": ASN.1 data underrun (", $len, ")\n" - if ($cursor->[1] < $len); - - my $ret = [ $tag, [ $cursor->[0], $len, $cursor->[2] ] ]; - $cursor->[0] += $len; - $cursor->[1] -= $len; - - return $ret; -} - -############################################################################### -# -# Retrieve the data referred to by a cursor -# -############################################################################### -sub asn1_retrieve($) -{ - my ($cursor) = @_; - my ($offset, $len, $data) = @$cursor; - return substr($$data, $offset, $len); -} - -############################################################################### -# -# Roughly parse the X.509 certificate -# -############################################################################### -my $cursor = [ 0, length($x509_certificate), \$x509_certificate ]; - -my $cert = asn1_extract($cursor, $UNIV | $CONS | $SEQUENCE); -my $tbs = asn1_extract($cert->[1], $UNIV | $CONS | $SEQUENCE); -my $version = asn1_extract($tbs->[1], $CONT | $CONS | 0, 1); -my $serial_number = asn1_extract($tbs->[1], $UNIV | $INTEGER); -my $sig_type = asn1_extract($tbs->[1], $UNIV | $CONS | $SEQUENCE); -my $issuer = asn1_extract($tbs->[1], $UNIV | $CONS | $SEQUENCE); -my $validity = asn1_extract($tbs->[1], $UNIV | $CONS | $SEQUENCE); -my $subject = asn1_extract($tbs->[1], $UNIV | $CONS | $SEQUENCE); -my $key = asn1_extract($tbs->[1], $UNIV | $CONS | $SEQUENCE); -my $issuer_uid = asn1_extract($tbs->[1], $CONT | $CONS | 1, 1); -my $subject_uid = asn1_extract($tbs->[1], $CONT | $CONS | 2, 1); -my $extension_list = asn1_extract($tbs->[1], $CONT | $CONS | 3, 1); - -my $subject_key_id = (); -my $authority_key_id = (); - -# -# Parse the extension list -# -if ($extension_list->[0] != -1) { - my $extensions = asn1_extract($extension_list->[1], $UNIV | $CONS | $SEQUENCE); - - while ($extensions->[1]->[1] > 0) { - my $ext = asn1_extract($extensions->[1], $UNIV | $CONS | $SEQUENCE); - my $x_oid = asn1_extract($ext->[1], $UNIV | $OBJ_ID); - my $x_crit = asn1_extract($ext->[1], $UNIV | $BOOLEAN, 1); - my $x_val = asn1_extract($ext->[1], $UNIV | $OCTET_STRING); - - my $raw_oid = asn1_retrieve($x_oid->[1]); - next if (!exists($OIDs{$raw_oid})); - my $x_type = $OIDs{$raw_oid}; - - my $raw_value = asn1_retrieve($x_val->[1]); - - if ($x_type eq "subjectKeyIdentifier") { - my $vcursor = [ 0, length($raw_value), \$raw_value ]; - - $subject_key_id = asn1_extract($vcursor, $UNIV | $OCTET_STRING); - } - } -} - -############################################################################### -# -# Determine what we're going to use as the signer's name. In order of -# preference, take one of: commonName, organizationName or emailAddress. -# -############################################################################### -my $org = ""; -my $cn = ""; -my $email = ""; - -while ($subject->[1]->[1] > 0) { - my $rdn = asn1_extract($subject->[1], $UNIV | $CONS | $SET); - my $attr = asn1_extract($rdn->[1], $UNIV | $CONS | $SEQUENCE); - my $n_oid = asn1_extract($attr->[1], $UNIV | $OBJ_ID); - my $n_val = asn1_extract($attr->[1], -1); - - my $raw_oid = asn1_retrieve($n_oid->[1]); - next if (!exists($OIDs{$raw_oid})); - my $n_type = $OIDs{$raw_oid}; - - my $raw_value = asn1_retrieve($n_val->[1]); - - if ($n_type eq "organizationName") { - $org = $raw_value; - } elsif ($n_type eq "commonName") { - $cn = $raw_value; - } elsif ($n_type eq "emailAddress") { - $email = $raw_value; - } -} - -my $signers_name = $email; - -if ($org && $cn) { - # Don't use the organizationName if the commonName repeats it - if (length($org) <= length($cn) && - substr($cn, 0, length($org)) eq $org) { - $signers_name = $cn; - goto got_id_name; - } - - # Or a signifcant chunk of it - if (length($org) >= 7 && - length($cn) >= 7 && - substr($cn, 0, 7) eq substr($org, 0, 7)) { - $signers_name = $cn; - goto got_id_name; - } - - $signers_name = $org . ": " . $cn; -} elsif ($org) { - $signers_name = $org; -} elsif ($cn) { - $signers_name = $cn; -} - -got_id_name: - -die $x509, ": ", "X.509: Couldn't find the Subject Key Identifier extension\n" - if (!$subject_key_id); - -my $key_identifier = asn1_retrieve($subject_key_id->[1]); - -############################################################################### -# -# Create and attach the module signature -# -############################################################################### - -# -# Signature parameters -# -my $algo = 1; # Public-key crypto algorithm: RSA -my $hash = 0; # Digest algorithm -my $id_type = 1; # Identifier type: X.509 - -# -# Digest the data -# -my $prologue; -if ($dgst eq "sha1") { - $prologue = pack("C*", - 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, - 0x2B, 0x0E, 0x03, 0x02, 0x1A, - 0x05, 0x00, 0x04, 0x14); - $hash = 2; -} elsif ($dgst eq "sha224") { - $prologue = pack("C*", - 0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, - 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, - 0x05, 0x00, 0x04, 0x1C); - $hash = 7; -} elsif ($dgst eq "sha256") { - $prologue = pack("C*", - 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, - 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, - 0x05, 0x00, 0x04, 0x20); - $hash = 4; -} elsif ($dgst eq "sha384") { - $prologue = pack("C*", - 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, - 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, - 0x05, 0x00, 0x04, 0x30); - $hash = 5; -} elsif ($dgst eq "sha512") { - $prologue = pack("C*", - 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, - 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, - 0x05, 0x00, 0x04, 0x40); - $hash = 6; -} else { - die "Unknown hash algorithm: $dgst\n"; -} - -my $signature; -if ($signature_file) { - $signature = read_file($signature_file); -} else { - # - # Generate the digest and read from openssl's stdout - # - my $digest; - $digest = readpipe("openssl dgst -$dgst -binary $module") || die "openssl dgst"; - - # - # Generate the binary signature, which will be just the integer that - # comprises the signature with no metadata attached. - # - my $pid; - $pid = open2(*read_from, *write_to, - "openssl rsautl -sign -inkey $private_key -keyform PEM") || - die "openssl rsautl"; - binmode write_to; - print write_to $prologue . $digest || die "pipe to openssl rsautl"; - close(write_to) || die "pipe to openssl rsautl"; - - binmode read_from; - read(read_from, $signature, 4096) || die "pipe from openssl rsautl"; - close(read_from) || die "pipe from openssl rsautl"; - waitpid($pid, 0) || die; - die "openssl rsautl died: $?" if ($? >> 8); -} -$signature = pack("n", length($signature)) . $signature, - -# -# Build the signed binary -# -my $unsigned_module = read_file($module); - -my $magic_number = "~Module signature appended~\n"; - -my $info = pack("CCCCCxxxN", - $algo, $hash, $id_type, - length($signers_name), - length($key_identifier), - length($signature)); - -if ($verbose) { - print "Size of unsigned module: ", length($unsigned_module), "\n"; - print "Size of signer's name : ", length($signers_name), "\n"; - print "Size of key identifier : ", length($key_identifier), "\n"; - print "Size of signature : ", length($signature), "\n"; - print "Size of information : ", length($info), "\n"; - print "Size of magic number : ", length($magic_number), "\n"; - print "Signer's name : '", $signers_name, "'\n"; - print "Digest : $dgst\n"; -} - -open(FD, ">$dest") || die $dest; -binmode FD; -print FD - $unsigned_module, - $signers_name, - $key_identifier, - $signature, - $info, - $magic_number - ; -close FD || die $dest; - -if (!$keep_orig) { - rename($dest, $module) || die $module; -} -- cgit v1.2.3 From 23dfbbabbb3a62104b040b422121c84800312ad0 Mon Sep 17 00:00:00 2001 From: "Luis R. Rodriguez" Date: Mon, 20 Jul 2015 21:16:27 +0100 Subject: sign-file: Add option to only create signature file Make the -d option (which currently isn't actually wired to anything) write out the PKCS#7 message as per the -p option and then exit without either modifying the source or writing out a compound file of the source, signature and metadata. This will be useful when firmware signature support is added upstream as firmware will be left intact, and we'll only require the signature file. The descriptor is implicit by file extension and the file's own size. Signed-off-by: Luis R. Rodriguez Signed-off-by: David Howells --- scripts/sign-file.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'scripts') diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 5b8a6dda3235..39aaabe89388 100755 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -86,13 +86,14 @@ int main(int argc, char **argv) char *hash_algo = NULL; char *private_key_name, *x509_name, *module_name, *dest_name; bool save_pkcs7 = false, replace_orig; + bool sign_only = false; unsigned char buf[4096]; unsigned long module_size, pkcs7_size; const EVP_MD *digest_algo; EVP_PKEY *private_key; PKCS7 *pkcs7; X509 *x509; - BIO *b, *bd, *bm; + BIO *b, *bd = NULL, *bm; int opt, n; ERR_load_crypto_strings(); @@ -102,6 +103,7 @@ int main(int argc, char **argv) opt = getopt(argc, argv, "dp"); switch (opt) { case 'p': save_pkcs7 = true; break; + case 'd': sign_only = true; save_pkcs7 = true; break; case -1: break; default: format(); } @@ -148,8 +150,10 @@ int main(int argc, char **argv) /* Open the destination file now so that we can shovel the module data * across as we read it. */ - bd = BIO_new_file(dest_name, "wb"); - ERR(!bd, "%s", dest_name); + if (!sign_only) { + bd = BIO_new_file(dest_name, "wb"); + ERR(!bd, "%s", dest_name); + } /* Digest the module data. */ OpenSSL_add_all_digests(); @@ -180,6 +184,9 @@ int main(int argc, char **argv) BIO_free(b); } + if (sign_only) + return 0; + /* Append the marker and the PKCS#7 message to the destination file */ ERR(BIO_reset(bm) < 0, "%s", module_name); while ((n = BIO_read(bm, buf, sizeof(buf))), -- cgit v1.2.3 From caf6fe91ddf62a96401e21e9b7a07227440f4185 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 20 Jul 2015 21:16:28 +0100 Subject: modsign: Abort modules_install when signing fails Signed-off-by: David Woodhouse Signed-off-by: David Howells --- scripts/Makefile.modinst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/Makefile.modinst b/scripts/Makefile.modinst index e48a4e9d8868..07650eeaaf06 100644 --- a/scripts/Makefile.modinst +++ b/scripts/Makefile.modinst @@ -22,7 +22,7 @@ quiet_cmd_modules_install = INSTALL $@ mkdir -p $(2) ; \ cp $@ $(2) ; \ $(mod_strip_cmd) $(2)/$(notdir $@) ; \ - $(mod_sign_cmd) $(2)/$(notdir $@) $(patsubst %,|| true,$(KBUILD_EXTMOD)) ; \ + $(mod_sign_cmd) $(2)/$(notdir $@) $(patsubst %,|| true,$(KBUILD_EXTMOD)) && \ $(mod_compress_cmd) $(2)/$(notdir $@) # Modules built outside the kernel source tree go into extra by default -- cgit v1.2.3 From af1eb2913275c3ab1598b0c24c893499092df08a Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 20 Jul 2015 21:16:28 +0100 Subject: modsign: Allow password to be specified for signing key We don't want this in the Kconfig since it might then get exposed in /proc/config.gz. So make it a parameter to Kbuild instead. This also means we don't have to jump through hoops to strip quotes from it, as we would if it was a config option. Signed-off-by: David Woodhouse Signed-off-by: David Howells Reviewed-by: Mimi Zohar --- scripts/sign-file.c | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 39aaabe89388..720b9bc933ae 100755 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -80,6 +80,27 @@ static void drain_openssl_errors(void) } \ } while(0) +static const char *key_pass; + +static int pem_pw_cb(char *buf, int len, int w, void *v) +{ + int pwlen; + + if (!key_pass) + return -1; + + pwlen = strlen(key_pass); + if (pwlen >= len) + return -1; + + strcpy(buf, key_pass); + + /* If it's wrong, don't keep trying it. */ + key_pass = NULL; + + return pwlen; +} + int main(int argc, char **argv) { struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 }; @@ -96,9 +117,12 @@ int main(int argc, char **argv) BIO *b, *bd = NULL, *bm; int opt, n; + OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); ERR_clear_error(); + key_pass = getenv("KBUILD_SIGN_PIN"); + do { opt = getopt(argc, argv, "dp"); switch (opt) { @@ -132,7 +156,8 @@ int main(int argc, char **argv) */ b = BIO_new_file(private_key_name, "rb"); ERR(!b, "%s", private_key_name); - private_key = PEM_read_bio_PrivateKey(b, NULL, NULL, NULL); + private_key = PEM_read_bio_PrivateKey(b, NULL, pem_pw_cb, NULL); + ERR(!private_key, "%s", private_key_name); BIO_free(b); b = BIO_new_file(x509_name, "rb"); -- cgit v1.2.3 From 6e3e281f39af78bd680b82d9762bf6c4f8f3f5f4 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 20 Jul 2015 21:16:29 +0100 Subject: modsign: Allow signing key to be PKCS#11 This is only the key; the corresponding *cert* still needs to be in $(topdir)/signing_key.x509. And there's no way to actually use this from the build system yet. Signed-off-by: David Woodhouse Signed-off-by: David Howells --- scripts/sign-file.c | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) (limited to 'scripts') diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 720b9bc933ae..ad0aa21bd3ac 100755 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -22,6 +22,7 @@ #include #include #include +#include struct module_signature { uint8_t algo; /* Public-key crypto algorithm [0] */ @@ -154,11 +155,29 @@ int main(int argc, char **argv) /* Read the private key and the X.509 cert the PKCS#7 message * will point to. */ - b = BIO_new_file(private_key_name, "rb"); - ERR(!b, "%s", private_key_name); - private_key = PEM_read_bio_PrivateKey(b, NULL, pem_pw_cb, NULL); - ERR(!private_key, "%s", private_key_name); - BIO_free(b); + if (!strncmp(private_key_name, "pkcs11:", 7)) { + ENGINE *e; + + ENGINE_load_builtin_engines(); + drain_openssl_errors(); + e = ENGINE_by_id("pkcs11"); + ERR(!e, "Load PKCS#11 ENGINE"); + if (ENGINE_init(e)) + drain_openssl_errors(); + else + ERR(1, "ENGINE_init"); + if (key_pass) + ERR(!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0), "Set PKCS#11 PIN"); + private_key = ENGINE_load_private_key(e, private_key_name, NULL, + NULL); + ERR(!private_key, "%s", private_key_name); + } else { + b = BIO_new_file(private_key_name, "rb"); + ERR(!b, "%s", private_key_name); + private_key = PEM_read_bio_PrivateKey(b, NULL, pem_pw_cb, NULL); + ERR(!private_key, "%s", private_key_name); + BIO_free(b); + } b = BIO_new_file(x509_name, "rb"); ERR(!b, "%s", x509_name); -- cgit v1.2.3 From 1329e8cc69b93a0b1bc6d197b30dcff628c18dbf Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 20 Jul 2015 21:16:30 +0100 Subject: modsign: Extract signing cert from CONFIG_MODULE_SIG_KEY if needed Where an external PEM file or PKCS#11 URI is given, we can get the cert from it for ourselves instead of making the user drop signing_key.x509 in place for us. Signed-off-by: David Woodhouse Signed-off-by: David Howells --- scripts/Makefile | 3 +- scripts/extract-cert.c | 132 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 134 insertions(+), 1 deletion(-) create mode 100644 scripts/extract-cert.c (limited to 'scripts') diff --git a/scripts/Makefile b/scripts/Makefile index b12fe020664d..236f683510bd 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -16,11 +16,12 @@ hostprogs-$(CONFIG_VT) += conmakehash hostprogs-$(BUILD_C_RECORDMCOUNT) += recordmcount hostprogs-$(CONFIG_BUILDTIME_EXTABLE_SORT) += sortextable hostprogs-$(CONFIG_ASN1) += asn1_compiler -hostprogs-$(CONFIG_MODULE_SIG) += sign-file +hostprogs-$(CONFIG_MODULE_SIG) += sign-file extract-cert HOSTCFLAGS_sortextable.o = -I$(srctree)/tools/include HOSTCFLAGS_asn1_compiler.o = -I$(srctree)/include HOSTLOADLIBES_sign-file = -lcrypto +HOSTLOADLIBES_extract-cert = -lcrypto always := $(hostprogs-y) $(hostprogs-m) diff --git a/scripts/extract-cert.c b/scripts/extract-cert.c new file mode 100644 index 000000000000..4fd5b2f07b45 --- /dev/null +++ b/scripts/extract-cert.c @@ -0,0 +1,132 @@ +/* Extract X.509 certificate in DER form from PKCS#11 or PEM. + * + * Copyright © 2014 Red Hat, Inc. All Rights Reserved. + * Copyright © 2015 Intel Corporation. + * + * Authors: David Howells + * David Woodhouse + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public Licence + * as published by the Free Software Foundation; either version + * 2 of the Licence, or (at your option) any later version. + */ +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define PKEY_ID_PKCS7 2 + +static __attribute__((noreturn)) +void format(void) +{ + fprintf(stderr, + "Usage: scripts/extract-cert \n"); + exit(2); +} + +static void display_openssl_errors(int l) +{ + const char *file; + char buf[120]; + int e, line; + + if (ERR_peek_error() == 0) + return; + fprintf(stderr, "At main.c:%d:\n", l); + + while ((e = ERR_get_error_line(&file, &line))) { + ERR_error_string(e, buf); + fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line); + } +} + +static void drain_openssl_errors(void) +{ + const char *file; + int line; + + if (ERR_peek_error() == 0) + return; + while (ERR_get_error_line(&file, &line)) {} +} + +#define ERR(cond, fmt, ...) \ + do { \ + bool __cond = (cond); \ + display_openssl_errors(__LINE__); \ + if (__cond) { \ + err(1, fmt, ## __VA_ARGS__); \ + } \ + } while(0) + +static const char *key_pass; + +int main(int argc, char **argv) +{ + char *cert_src, *cert_dst; + X509 *x509; + BIO *b; + + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + ERR_clear_error(); + + key_pass = getenv("KBUILD_SIGN_PIN"); + + if (argc != 3) + format(); + + cert_src = argv[1]; + cert_dst = argv[2]; + + if (!strncmp(cert_src, "pkcs11:", 7)) { + ENGINE *e; + struct { + const char *cert_id; + X509 *cert; + } parms; + + parms.cert_id = cert_src; + parms.cert = NULL; + + ENGINE_load_builtin_engines(); + drain_openssl_errors(); + e = ENGINE_by_id("pkcs11"); + ERR(!e, "Load PKCS#11 ENGINE"); + if (ENGINE_init(e)) + drain_openssl_errors(); + else + ERR(1, "ENGINE_init"); + if (key_pass) + ERR(!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0), "Set PKCS#11 PIN"); + ENGINE_ctrl_cmd(e, "LOAD_CERT_CTRL", 0, &parms, NULL, 1); + ERR(!parms.cert, "Get X.509 from PKCS#11"); + x509 = parms.cert; + } else { + b = BIO_new_file(cert_src, "rb"); + ERR(!b, "%s", cert_src); + x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); + ERR(!x509, "%s", cert_src); + BIO_free(b); + } + + b = BIO_new_file(cert_dst, "wb"); + ERR(!b, "%s", cert_dst); + ERR(!i2d_X509_bio(b, x509), cert_dst); + BIO_free(b); + + return 0; +} -- cgit v1.2.3 From ed8c20762a314124cbdd62e9d3e8aa7aa2a16020 Mon Sep 17 00:00:00 2001 From: David Howells Date: Mon, 20 Jul 2015 21:16:33 +0100 Subject: sign-file: Generate CMS message as signature instead of PKCS#7 Make sign-file use the OpenSSL CMS routines to generate a message to be used as the signature blob instead of the PKCS#7 routines. This allows us to change how the matching X.509 certificate is selected. With PKCS#7 the only option is to match on the serial number and issuer fields of an X.509 certificate; with CMS, we also have the option of matching by subjectKeyId extension. The new behaviour is selected with the "-k" flag. Without the -k flag specified, the output is pretty much identical to the PKCS#7 output. Whilst we're at it, don't include the S/MIME capability list in the message as it's irrelevant to us. Signed-off-by: David Howells Reviewed-By: David Woodhouse #include #include -#include +#include #include #include @@ -107,13 +107,14 @@ int main(int argc, char **argv) struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 }; char *hash_algo = NULL; char *private_key_name, *x509_name, *module_name, *dest_name; - bool save_pkcs7 = false, replace_orig; + bool save_cms = false, replace_orig; bool sign_only = false; unsigned char buf[4096]; - unsigned long module_size, pkcs7_size; + unsigned long module_size, cms_size; + unsigned int use_keyid = 0; const EVP_MD *digest_algo; EVP_PKEY *private_key; - PKCS7 *pkcs7; + CMS_ContentInfo *cms; X509 *x509; BIO *b, *bd = NULL, *bm; int opt, n; @@ -125,10 +126,11 @@ int main(int argc, char **argv) key_pass = getenv("KBUILD_SIGN_PIN"); do { - opt = getopt(argc, argv, "dp"); + opt = getopt(argc, argv, "dpk"); switch (opt) { - case 'p': save_pkcs7 = true; break; - case 'd': sign_only = true; save_pkcs7 = true; break; + case 'p': save_cms = true; break; + case 'd': sign_only = true; save_cms = true; break; + case 'k': use_keyid = CMS_USE_KEYID; break; case -1: break; default: format(); } @@ -208,23 +210,24 @@ int main(int argc, char **argv) bm = BIO_new_file(module_name, "rb"); ERR(!bm, "%s", module_name); - /* Load the PKCS#7 message from the digest buffer. */ - pkcs7 = PKCS7_sign(NULL, NULL, NULL, NULL, - PKCS7_NOCERTS | PKCS7_PARTIAL | PKCS7_BINARY | PKCS7_DETACHED | PKCS7_STREAM); - ERR(!pkcs7, "PKCS7_sign"); + /* Load the CMS message from the digest buffer. */ + cms = CMS_sign(NULL, NULL, NULL, NULL, + CMS_NOCERTS | CMS_PARTIAL | CMS_BINARY | CMS_DETACHED | CMS_STREAM); + ERR(!cms, "CMS_sign"); - ERR(!PKCS7_sign_add_signer(pkcs7, x509, private_key, digest_algo, PKCS7_NOCERTS | PKCS7_BINARY), - "PKCS7_sign_add_signer"); - ERR(PKCS7_final(pkcs7, bm, PKCS7_NOCERTS | PKCS7_BINARY) < 0, - "PKCS7_final"); + ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo, + CMS_NOCERTS | CMS_BINARY | CMS_NOSMIMECAP | use_keyid), + "CMS_sign_add_signer"); + ERR(CMS_final(cms, bm, NULL, CMS_NOCERTS | CMS_BINARY) < 0, + "CMS_final"); - if (save_pkcs7) { - char *pkcs7_name; + if (save_cms) { + char *cms_name; - ERR(asprintf(&pkcs7_name, "%s.pkcs7", module_name) < 0, "asprintf"); - b = BIO_new_file(pkcs7_name, "wb"); - ERR(!b, "%s", pkcs7_name); - ERR(i2d_PKCS7_bio_stream(b, pkcs7, NULL, 0) < 0, "%s", pkcs7_name); + ERR(asprintf(&cms_name, "%s.p7s", module_name) < 0, "asprintf"); + b = BIO_new_file(cms_name, "wb"); + ERR(!b, "%s", cms_name); + ERR(i2d_CMS_bio_stream(b, cms, NULL, 0) < 0, "%s", cms_name); BIO_free(b); } @@ -240,9 +243,9 @@ int main(int argc, char **argv) ERR(n < 0, "%s", module_name); module_size = BIO_number_written(bd); - ERR(i2d_PKCS7_bio_stream(bd, pkcs7, NULL, 0) < 0, "%s", dest_name); - pkcs7_size = BIO_number_written(bd) - module_size; - sig_info.sig_len = htonl(pkcs7_size); + ERR(i2d_CMS_bio_stream(bd, cms, NULL, 0) < 0, "%s", dest_name); + cms_size = BIO_number_written(bd) - module_size; + sig_info.sig_len = htonl(cms_size); ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", dest_name); ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", dest_name); -- cgit v1.2.3 From 84706caae9e06363db4f956cde4f9715ce5c0ef3 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 20 Jul 2015 21:16:33 +0100 Subject: extract-cert: Cope with multiple X.509 certificates in a single file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is not required for the module signing key, although it doesn't do any harm — it just means that any additional certs in the PEM file are also trusted by the kernel. But it does allow us to use the extract-cert tool for processing the extra certs from CONFIG_SYSTEM_TRUSTED_KEYS, instead of that horrid awk|base64 hack. Also cope with being invoked with no input file, creating an empty output file as a result. Signed-off-by: David Woodhouse Signed-off-by: David Howells --- scripts/extract-cert.c | 58 +++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 46 insertions(+), 12 deletions(-) (limited to 'scripts') diff --git a/scripts/extract-cert.c b/scripts/extract-cert.c index 4fd5b2f07b45..fd0db015c65c 100644 --- a/scripts/extract-cert.c +++ b/scripts/extract-cert.c @@ -73,17 +73,34 @@ static void drain_openssl_errors(void) } while(0) static const char *key_pass; +static BIO *wb; +static char *cert_dst; +int kbuild_verbose; + +static void write_cert(X509 *x509) +{ + char buf[200]; + + if (!wb) { + wb = BIO_new_file(cert_dst, "wb"); + ERR(!wb, "%s", cert_dst); + } + X509_NAME_oneline(X509_get_subject_name(x509), buf, sizeof(buf)); + ERR(!i2d_X509_bio(wb, x509), cert_dst); + if (kbuild_verbose) + fprintf(stderr, "Extracted cert: %s\n", buf); +} int main(int argc, char **argv) { - char *cert_src, *cert_dst; - X509 *x509; - BIO *b; + char *cert_src; OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); ERR_clear_error(); + kbuild_verbose = atoi(getenv("KBUILD_VERBOSE")?:"0"); + key_pass = getenv("KBUILD_SIGN_PIN"); if (argc != 3) @@ -92,7 +109,13 @@ int main(int argc, char **argv) cert_src = argv[1]; cert_dst = argv[2]; - if (!strncmp(cert_src, "pkcs11:", 7)) { + if (!cert_src[0]) { + /* Invoked with no input; create empty file */ + FILE *f = fopen(cert_dst, "wb"); + ERR(!f, "%s", cert_dst); + fclose(f); + exit(0); + } else if (!strncmp(cert_src, "pkcs11:", 7)) { ENGINE *e; struct { const char *cert_id; @@ -114,19 +137,30 @@ int main(int argc, char **argv) ERR(!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0), "Set PKCS#11 PIN"); ENGINE_ctrl_cmd(e, "LOAD_CERT_CTRL", 0, &parms, NULL, 1); ERR(!parms.cert, "Get X.509 from PKCS#11"); - x509 = parms.cert; + write_cert(parms.cert); } else { + BIO *b; + X509 *x509; + b = BIO_new_file(cert_src, "rb"); ERR(!b, "%s", cert_src); - x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); - ERR(!x509, "%s", cert_src); - BIO_free(b); + + while (1) { + x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); + if (wb && !x509) { + unsigned long err = ERR_peek_last_error(); + if (ERR_GET_LIB(err) == ERR_LIB_PEM && + ERR_GET_REASON(err) == PEM_R_NO_START_LINE) { + ERR_clear_error(); + break; + } + } + ERR(!x509, "%s", cert_src); + write_cert(x509); + } } - b = BIO_new_file(cert_dst, "wb"); - ERR(!b, "%s", cert_dst); - ERR(!i2d_X509_bio(b, x509), cert_dst); - BIO_free(b); + BIO_free(wb); return 0; } -- cgit v1.2.3 From 770f2b98760ef0500183d7206724aac762433e2d Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 20 Jul 2015 21:16:34 +0100 Subject: modsign: Use extract-cert to process CONFIG_SYSTEM_TRUSTED_KEYS Fix up the dependencies somewhat too, while we're at it. Signed-off-by: David Woodhouse Signed-off-by: David Howells --- scripts/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/Makefile b/scripts/Makefile index 236f683510bd..1b2661712d44 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -16,7 +16,8 @@ hostprogs-$(CONFIG_VT) += conmakehash hostprogs-$(BUILD_C_RECORDMCOUNT) += recordmcount hostprogs-$(CONFIG_BUILDTIME_EXTABLE_SORT) += sortextable hostprogs-$(CONFIG_ASN1) += asn1_compiler -hostprogs-$(CONFIG_MODULE_SIG) += sign-file extract-cert +hostprogs-$(CONFIG_MODULE_SIG) += sign-file +hostprogs-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += extract-cert HOSTCFLAGS_sortextable.o = -I$(srctree)/tools/include HOSTCFLAGS_asn1_compiler.o = -I$(srctree)/include -- cgit v1.2.3 From 99db44350672c8a5ee9a7b0a6f4cd6ff10136065 Mon Sep 17 00:00:00 2001 From: David Howells Date: Wed, 5 Aug 2015 15:22:27 +0100 Subject: PKCS#7: Appropriately restrict authenticated attributes and content type A PKCS#7 or CMS message can have per-signature authenticated attributes that are digested as a lump and signed by the authorising key for that signature. If such attributes exist, the content digest isn't itself signed, but rather it is included in a special authattr which then contributes to the signature. Further, we already require the master message content type to be pkcs7_signedData - but there's also a separate content type for the data itself within the SignedData object and this must be repeated inside the authattrs for each signer [RFC2315 9.2, RFC5652 11.1]. We should really validate the authattrs if they exist or forbid them entirely as appropriate. To this end: (1) Alter the PKCS#7 parser to reject any message that has more than one signature where at least one signature has authattrs and at least one that does not. (2) Validate authattrs if they are present and strongly restrict them. Only the following authattrs are permitted and all others are rejected: (a) contentType. This is checked to be an OID that matches the content type in the SignedData object. (b) messageDigest. This must match the crypto digest of the data. (c) signingTime. If present, we check that this is a valid, parseable UTCTime or GeneralTime and that the date it encodes fits within the validity window of the matching X.509 cert. (d) S/MIME capabilities. We don't check the contents. (e) Authenticode SP Opus Info. We don't check the contents. (f) Authenticode Statement Type. We don't check the contents. The message is rejected if (a) or (b) are missing. If the message is an Authenticode type, the message is rejected if (e) is missing; if not Authenticode, the message is rejected if (d) - (f) are present. The S/MIME capabilities authattr (d) unfortunately has to be allowed to support kernels already signed by the pesign program. This only affects kexec. sign-file suppresses them (CMS_NOSMIMECAP). The message is also rejected if an authattr is given more than once or if it contains more than one element in its set of values. (3) Add a parameter to pkcs7_verify() to select one of the following restrictions and pass in the appropriate option from the callers: (*) VERIFYING_MODULE_SIGNATURE This requires that the SignedData content type be pkcs7-data and forbids authattrs. sign-file sets CMS_NOATTR. We could be more flexible and permit authattrs optionally, but only permit minimal content. (*) VERIFYING_FIRMWARE_SIGNATURE This requires that the SignedData content type be pkcs7-data and requires authattrs. In future, this will require an attribute holding the target firmware name in addition to the minimal set. (*) VERIFYING_UNSPECIFIED_SIGNATURE This requires that the SignedData content type be pkcs7-data but allows either no authattrs or only permits the minimal set. (*) VERIFYING_KEXEC_PE_SIGNATURE This only supports the Authenticode SPC_INDIRECT_DATA content type and requires at least an SpcSpOpusInfo authattr in addition to the minimal set. It also permits an SPC_STATEMENT_TYPE authattr (and an S/MIME capabilities authattr because the pesign program doesn't remove these). (*) VERIFYING_KEY_SIGNATURE (*) VERIFYING_KEY_SELF_SIGNATURE These are invalid in this context but are included for later use when limiting the use of X.509 certs. (4) The pkcs7_test key type is given a module parameter to select between the above options for testing purposes. For example: echo 1 >/sys/module/pkcs7_test_key/parameters/usage keyctl padd pkcs7_test foo @s Signed-off-by: David Howells Reviewed-by: Marcel Holtmann Reviewed-by: David Woodhouse --- scripts/sign-file.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'scripts') diff --git a/scripts/sign-file.c b/scripts/sign-file.c index de213e5c0cd3..e9741e879bbd 100755 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -111,7 +111,7 @@ int main(int argc, char **argv) bool sign_only = false; unsigned char buf[4096]; unsigned long module_size, cms_size; - unsigned int use_keyid = 0; + unsigned int use_keyid = 0, use_signed_attrs = CMS_NOATTR; const EVP_MD *digest_algo; EVP_PKEY *private_key; CMS_ContentInfo *cms; @@ -216,7 +216,8 @@ int main(int argc, char **argv) ERR(!cms, "CMS_sign"); ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo, - CMS_NOCERTS | CMS_BINARY | CMS_NOSMIMECAP | use_keyid), + CMS_NOCERTS | CMS_BINARY | CMS_NOSMIMECAP | + use_keyid | use_signed_attrs), "CMS_sign_add_signer"); ERR(CMS_final(cms, bm, NULL, CMS_NOCERTS | CMS_BINARY) < 0, "CMS_final"); -- cgit v1.2.3 From e9a5e8cc55286941503f36c5b7485a5aa923b3f1 Mon Sep 17 00:00:00 2001 From: David Howells Date: Thu, 13 Aug 2015 04:03:12 +0100 Subject: sign-file: Fix warning about BIO_reset() return value MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix the following warning: scripts/sign-file.c: In function ‘main’: scripts/sign-file.c:188: warning: value computed is not used whereby the result of BIO_ctrl() is cast inside of BIO_reset() to an integer of a different size - which we're not checking but probably should. Reported-by: James Morris Signed-off-by: David Howells --- scripts/sign-file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/sign-file.c b/scripts/sign-file.c index e9741e879bbd..058bba3103e2 100755 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -185,7 +185,7 @@ int main(int argc, char **argv) ERR(!b, "%s", x509_name); x509 = d2i_X509_bio(b, NULL); /* Binary encoded X.509 */ if (!x509) { - BIO_reset(b); + ERR(BIO_reset(b) != 1, "%s", x509_name); x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); /* PEM encoded X.509 */ if (x509) drain_openssl_errors(); -- cgit v1.2.3 From 3ee550f12c1529a023f71c9b5becb3351911047b Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 14 Aug 2015 16:17:16 +0100 Subject: modsign: Handle signing key in source tree Since commit 1329e8cc69 ("modsign: Extract signing cert from CONFIG_MODULE_SIG_KEY if needed"), the build system has carefully coped with the signing key being specified as a relative path in either the source or or the build trees. However, the actual signing of modules has not worked if the filename is relative to the source tree. Fix that by moving the config_filename helper into scripts/Kbuild.include so that it can be used from elsewhere, and then using it in the top-level Makefile to find the signing key file. Kill the intermediate $(MODPUBKEY) and $(MODSECKEY) variables too, while we're at it. There's no need for them. Signed-off-by: David Woodhouse Signed-off-by: David Howells --- scripts/Kbuild.include | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) (limited to 'scripts') diff --git a/scripts/Kbuild.include b/scripts/Kbuild.include index d3437b82ac25..608ac65c61e3 100644 --- a/scripts/Kbuild.include +++ b/scripts/Kbuild.include @@ -303,3 +303,54 @@ why = \ echo-why = $(call escsq, $(strip $(why))) endif + +############################################################################### +# +# When a Kconfig string contains a filename, it is suitable for +# passing to shell commands. It is surrounded by double-quotes, and +# any double-quotes or backslashes within it are escaped by +# backslashes. +# +# This is no use for dependencies or $(wildcard). We need to strip the +# surrounding quotes and the escaping from quotes and backslashes, and +# we *do* need to escape any spaces in the string. So, for example: +# +# Usage: $(eval $(call config_filename,FOO)) +# +# Defines FOO_FILENAME based on the contents of the CONFIG_FOO option, +# transformed as described above to be suitable for use within the +# makefile. +# +# Also, if the filename is a relative filename and exists in the source +# tree but not the build tree, define FOO_SRCPREFIX as $(srctree)/ to +# be prefixed to *both* command invocation and dependencies. +# +# Note: We also print the filenames in the quiet_cmd_foo text, and +# perhaps ought to have a version specially escaped for that purpose. +# But it's only cosmetic, and $(patsubst "%",%,$(CONFIG_FOO)) is good +# enough. It'll strip the quotes in the common case where there's no +# space and it's a simple filename, and it'll retain the quotes when +# there's a space. There are some esoteric cases in which it'll print +# the wrong thing, but we don't really care. The actual dependencies +# and commands *do* get it right, with various combinations of single +# and double quotes, backslashes and spaces in the filenames. +# +############################################################################### +# +space_escape := %%%SPACE%%% +# +define config_filename +ifneq ($$(CONFIG_$(1)),"") +$(1)_FILENAME := $$(subst \\,\,$$(subst \$$(quote),$$(quote),$$(subst $$(space_escape),\$$(space),$$(patsubst "%",%,$$(subst $$(space),$$(space_escape),$$(CONFIG_$(1))))))) +ifneq ($$(patsubst /%,%,$$(firstword $$($(1)_FILENAME))),$$(firstword $$($(1)_FILENAME))) +else +ifeq ($$(wildcard $$($(1)_FILENAME)),) +ifneq ($$(wildcard $$(srctree)/$$($(1)_FILENAME)),) +$(1)_SRCPREFIX := $(srctree)/ +endif +endif +endif +endif +endef +# +############################################################################### -- cgit v1.2.3 From 30b139dfe0bfa8727ceec2a1d5294766943dcdc8 Mon Sep 17 00:00:00 2001 From: Paul Gortmaker Date: Wed, 26 Aug 2015 14:36:46 +0100 Subject: scripts: add extract-cert and sign-file to .gitignore ...so "git status" doesn't nag us about them. Cc: David Woodhouse Signed-off-by: Paul Gortmaker Signed-off-by: David Howells Signed-off-by: James Morris --- scripts/.gitignore | 2 ++ 1 file changed, 2 insertions(+) (limited to 'scripts') diff --git a/scripts/.gitignore b/scripts/.gitignore index 5ecfe93f2028..12efbbefd4d7 100644 --- a/scripts/.gitignore +++ b/scripts/.gitignore @@ -10,3 +10,5 @@ recordmcount docproc sortextable asn1_compiler +extract-cert +sign-file -- cgit v1.2.3