PKCS#7: Find intersection between PKCS#7 message and known, trusted keys

pkcs7_message-y := \

	pkcs7-asn1.o \

	pkcs7_parser.o \

	pkcs7_trust.o \

	pkcs7_verify.o

$(obj)/pkcs7_parser.o: $(obj)/pkcs7-asn1.h

/* Validate the trust chain of a PKCS#7 message.

 *

 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.

 * Written by David Howells (dhowells@redhat.com)

 *

 * This program is free software; you can redistribute it and/or

 * modify it under the terms of the GNU General Public Licence

 * as published by the Free Software Foundation; either version

 * 2 of the Licence, or (at your option) any later version.

 */

#define pr_fmt(fmt) "PKCS7: "fmt

#include <linux/kernel.h>

#include <linux/export.h>

#include <linux/slab.h>

#include <linux/err.h>

#include <linux/asn1.h>

#include <linux/key.h>

#include <keys/asymmetric-type.h>

#include "public_key.h"

#include "pkcs7_parser.h"

/*

 * Request an asymmetric key.

 */

static struct key *pkcs7_request_asymmetric_key(

	struct key *keyring,

	const char *signer, size_t signer_len,

	const char *authority, size_t auth_len)

{

	key_ref_t key;

	char *id;

	kenter(",%zu,,%zu", signer_len, auth_len);

	/* Construct an identifier. */

	id = kmalloc(signer_len + 2 + auth_len + 1, GFP_KERNEL);

	if (!id)

		return ERR_PTR(-ENOMEM);

	memcpy(id, signer, signer_len);

	id[signer_len + 0] = ':';

	id[signer_len + 1] = ' ';

	memcpy(id + signer_len + 2, authority, auth_len);

	id[signer_len + 2 + auth_len] = 0;

	pr_debug("Look up: \"%s\"\n", id);

	key = keyring_search(make_key_ref(keyring, 1),

			     &key_type_asymmetric, id);

	if (IS_ERR(key))

		pr_debug("Request for module key '%s' err %ld\n",

			 id, PTR_ERR(key));

	kfree(id);

	if (IS_ERR(key)) {

		switch (PTR_ERR(key)) {

			/* Hide some search errors */

		case -EACCES:

		case -ENOTDIR:

		case -EAGAIN:

			return ERR_PTR(-ENOKEY);

		default:

			return ERR_CAST(key);

		}

	}

	pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key_ref_to_ptr(key)));

	return key_ref_to_ptr(key);

}

/**

 * Check the trust on one PKCS#7 SignedInfo block.

 */

int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7,

			     struct pkcs7_signed_info *sinfo,

			     struct key *trust_keyring)

{

	struct public_key_signature *sig = &sinfo->sig;

	struct x509_certificate *x509, *last = NULL, *p;

	struct key *key;

	bool trusted;

	int ret;

	kenter(",%u,", sinfo->index);

	for (x509 = sinfo->signer; x509; x509 = x509->signer) {

		if (x509->seen) {

			if (x509->verified) {

				trusted = x509->trusted;

				goto verified;

			}

			kleave(" = -ENOKEY [cached]");

			return -ENOKEY;

		}

		x509->seen = true;

		/* Look to see if this certificate is present in the trusted

		 * keys.

		 */

		key = pkcs7_request_asymmetric_key(

			trust_keyring,

			x509->subject, strlen(x509->subject),

			x509->fingerprint, strlen(x509->fingerprint));

		if (!IS_ERR(key))

			/* One of the X.509 certificates in the PKCS#7 message

			 * is apparently the same as one we already trust.

			 * Verify that the trusted variant can also validate

			 * the signature on the descendant.

			 */

			goto matched;

		if (key == ERR_PTR(-ENOMEM))

			return -ENOMEM;

		 /* Self-signed certificates form roots of their own, and if we

		  * don't know them, then we can't accept them.

		  */

		if (x509->next == x509) {

			kleave(" = -ENOKEY [unknown self-signed]");

			return -ENOKEY;

		}

		might_sleep();

		last = x509;

		sig = &last->sig;

	}

	/* No match - see if the root certificate has a signer amongst the

	 * trusted keys.

	 */

	if (!last || !last->issuer || !last->authority) {

		kleave(" = -ENOKEY [no backref]");

		return -ENOKEY;

	}

	key = pkcs7_request_asymmetric_key(

		trust_keyring,

		last->issuer, strlen(last->issuer),

		last->authority, strlen(last->authority));

	if (IS_ERR(key))

		return PTR_ERR(key) == -ENOMEM ? -ENOMEM : -ENOKEY;

	x509 = last;

matched:

	ret = verify_signature(key, sig);

	trusted = test_bit(KEY_FLAG_TRUSTED, &key->flags);

	key_put(key);

	if (ret < 0) {

		if (ret == -ENOMEM)

			return ret;

		kleave(" = -EKEYREJECTED [verify %d]", ret);

		return -EKEYREJECTED;

	}

verified:

	x509->verified = true;

	for (p = sinfo->signer; p != x509; p = p->signer) {

		p->verified = true;

		p->trusted = trusted;

	}

	sinfo->trusted = trusted;

	kleave(" = 0");

	return 0;

}

/**

 * pkcs7_validate_trust - Validate PKCS#7 trust chain

 * @pkcs7: The PKCS#7 certificate to validate

 * @trust_keyring: Signing certificates to use as starting points

 * @_trusted: Set to true if trustworth, false otherwise

 *

 * Validate that the certificate chain inside the PKCS#7 message intersects

 * keys we already know and trust.

 *

 * Returns, in order of descending priority:

 *

 *  (*) -EKEYREJECTED if a signature failed to match for which we have a valid

 *	key, or:

 *

 *  (*) 0 if at least one signature chain intersects with the keys in the trust

 *	keyring, or:

 *

 *  (*) -ENOPKG if a suitable crypto module couldn't be found for a check on a

 *	chain.

 *

 *  (*) -ENOKEY if we couldn't find a match for any of the signature chains in

 *	the message.

 *

 * May also return -ENOMEM.

 */

int pkcs7_validate_trust(struct pkcs7_message *pkcs7,

			 struct key *trust_keyring,

			 bool *_trusted)

{

	struct pkcs7_signed_info *sinfo;

	struct x509_certificate *p;

	int cached_ret = 0, ret;

	for (p = pkcs7->certs; p; p = p->next)

		p->seen = false;

	for (sinfo = pkcs7->signed_infos; sinfo; sinfo = sinfo->next) {

		ret = pkcs7_validate_trust_one(pkcs7, sinfo, trust_keyring);

		if (ret < 0) {

			if (ret == -ENOPKG) {

				cached_ret = -ENOPKG;

			} else if (ret == -ENOKEY) {

				if (cached_ret == 0)

					cached_ret = -ENOKEY;

			} else {

				return ret;

			}

		}

		*_trusted |= sinfo->trusted;

	}

	return cached_ret;

}

EXPORT_SYMBOL_GPL(pkcs7_validate_trust);

 * 2 of the Licence, or (at your option) any later version.

 */

struct key;

struct pkcs7_message;

/*

				  const void **_data, size_t *_datalen,

				  bool want_wrapper);

/*

 * pkcs7_trust.c

 */

extern int pkcs7_validate_trust(struct pkcs7_message *pkcs7,

				struct key *trust_keyring,

				bool *_trusted);

/*

 * pkcs7_verify.c

 */