Merge tag 'docs-5.12-2' of git://git.lwn.net/linux
[sfrench/cifs-2.6.git] / security / integrity / digsig_asymmetric.c
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Copyright (C) 2013 Intel Corporation
4  *
5  * Author:
6  * Dmitry Kasatkin <dmitry.kasatkin@intel.com>
7  */
8
9 #include <linux/err.h>
10 #include <linux/ratelimit.h>
11 #include <linux/key-type.h>
12 #include <crypto/public_key.h>
13 #include <crypto/hash_info.h>
14 #include <keys/asymmetric-type.h>
15 #include <keys/system_keyring.h>
16
17 #include "integrity.h"
18
19 /*
20  * Request an asymmetric key.
21  */
22 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
23 {
24         struct key *key;
25         char name[12];
26
27         sprintf(name, "id:%08x", keyid);
28
29         pr_debug("key search: \"%s\"\n", name);
30
31         key = get_ima_blacklist_keyring();
32         if (key) {
33                 key_ref_t kref;
34
35                 kref = keyring_search(make_key_ref(key, 1),
36                                       &key_type_asymmetric, name, true);
37                 if (!IS_ERR(kref)) {
38                         pr_err("Key '%s' is in ima_blacklist_keyring\n", name);
39                         return ERR_PTR(-EKEYREJECTED);
40                 }
41         }
42
43         if (keyring) {
44                 /* search in specific keyring */
45                 key_ref_t kref;
46
47                 kref = keyring_search(make_key_ref(keyring, 1),
48                                       &key_type_asymmetric, name, true);
49                 if (IS_ERR(kref))
50                         key = ERR_CAST(kref);
51                 else
52                         key = key_ref_to_ptr(kref);
53         } else {
54                 key = request_key(&key_type_asymmetric, name, NULL);
55         }
56
57         if (IS_ERR(key)) {
58                 if (keyring)
59                         pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n",
60                                            name, keyring->description,
61                                            PTR_ERR(key));
62                 else
63                         pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
64                                            name, PTR_ERR(key));
65
66                 switch (PTR_ERR(key)) {
67                         /* Hide some search errors */
68                 case -EACCES:
69                 case -ENOTDIR:
70                 case -EAGAIN:
71                         return ERR_PTR(-ENOKEY);
72                 default:
73                         return key;
74                 }
75         }
76
77         pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key));
78
79         return key;
80 }
81
82 int asymmetric_verify(struct key *keyring, const char *sig,
83                       int siglen, const char *data, int datalen)
84 {
85         struct public_key_signature pks;
86         struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
87         struct key *key;
88         int ret;
89
90         if (siglen <= sizeof(*hdr))
91                 return -EBADMSG;
92
93         siglen -= sizeof(*hdr);
94
95         if (siglen != be16_to_cpu(hdr->sig_size))
96                 return -EBADMSG;
97
98         if (hdr->hash_algo >= HASH_ALGO__LAST)
99                 return -ENOPKG;
100
101         key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid));
102         if (IS_ERR(key))
103                 return PTR_ERR(key);
104
105         memset(&pks, 0, sizeof(pks));
106
107         pks.hash_algo = hash_algo_name[hdr->hash_algo];
108         switch (hdr->hash_algo) {
109         case HASH_ALGO_STREEBOG_256:
110         case HASH_ALGO_STREEBOG_512:
111                 /* EC-RDSA and Streebog should go together. */
112                 pks.pkey_algo = "ecrdsa";
113                 pks.encoding = "raw";
114                 break;
115         case HASH_ALGO_SM3_256:
116                 /* SM2 and SM3 should go together. */
117                 pks.pkey_algo = "sm2";
118                 pks.encoding = "raw";
119                 break;
120         default:
121                 pks.pkey_algo = "rsa";
122                 pks.encoding = "pkcs1";
123                 break;
124         }
125         pks.digest = (u8 *)data;
126         pks.digest_size = datalen;
127         pks.s = hdr->sig;
128         pks.s_size = siglen;
129         ret = verify_signature(key, &pks);
130         key_put(key);
131         pr_debug("%s() = %d\n", __func__, ret);
132         return ret;
133 }
134
135 /**
136  * integrity_kernel_module_request - prevent crypto-pkcs1pad(rsa,*) requests
137  * @kmod_name: kernel module name
138  *
139  * We have situation, when public_key_verify_signature() in case of RSA
140  * algorithm use alg_name to store internal information in order to
141  * construct an algorithm on the fly, but crypto_larval_lookup() will try
142  * to use alg_name in order to load kernel module with same name.
143  * Since we don't have any real "crypto-pkcs1pad(rsa,*)" kernel modules,
144  * we are safe to fail such module request from crypto_larval_lookup().
145  *
146  * In this way we prevent modprobe execution during digsig verification
147  * and avoid possible deadlock if modprobe and/or it's dependencies
148  * also signed with digsig.
149  */
150 int integrity_kernel_module_request(char *kmod_name)
151 {
152         if (strncmp(kmod_name, "crypto-pkcs1pad(rsa,", 20) == 0)
153                 return -EINVAL;
154
155         return 0;
156 }