pkcs7_trust.c 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193
  1. /* Validate the trust chain of a PKCS#7 message.
  2. *
  3. * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
  4. * Written by David Howells (dhowells@redhat.com)
  5. *
  6. * This program is free software; you can redistribute it and/or
  7. * modify it under the terms of the GNU General Public Licence
  8. * as published by the Free Software Foundation; either version
  9. * 2 of the Licence, or (at your option) any later version.
  10. */
  11. #define pr_fmt(fmt) "PKCS7: "fmt
  12. #include <linux/kernel.h>
  13. #include <linux/export.h>
  14. #include <linux/slab.h>
  15. #include <linux/err.h>
  16. #include <linux/asn1.h>
  17. #include <linux/key.h>
  18. #include <keys/asymmetric-type.h>
  19. #include <crypto/public_key.h>
  20. #include "pkcs7_parser.h"
  21. /**
  22. * Check the trust on one PKCS#7 SignedInfo block.
  23. */
  24. static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7,
  25. struct pkcs7_signed_info *sinfo,
  26. struct key *trust_keyring)
  27. {
  28. struct public_key_signature *sig = sinfo->sig;
  29. struct x509_certificate *x509, *last = NULL, *p;
  30. struct key *key;
  31. int ret;
  32. kenter(",%u,", sinfo->index);
  33. if (sinfo->unsupported_crypto) {
  34. kleave(" = -ENOPKG [cached]");
  35. return -ENOPKG;
  36. }
  37. for (x509 = sinfo->signer; x509; x509 = x509->signer) {
  38. if (x509->seen) {
  39. if (x509->verified)
  40. goto verified;
  41. kleave(" = -ENOKEY [cached]");
  42. return -ENOKEY;
  43. }
  44. x509->seen = true;
  45. /* Look to see if this certificate is present in the trusted
  46. * keys.
  47. */
  48. key = find_asymmetric_key(trust_keyring,
  49. x509->id, x509->skid, false);
  50. if (!IS_ERR(key)) {
  51. /* One of the X.509 certificates in the PKCS#7 message
  52. * is apparently the same as one we already trust.
  53. * Verify that the trusted variant can also validate
  54. * the signature on the descendant.
  55. */
  56. pr_devel("sinfo %u: Cert %u as key %x\n",
  57. sinfo->index, x509->index, key_serial(key));
  58. goto matched;
  59. }
  60. if (key == ERR_PTR(-ENOMEM))
  61. return -ENOMEM;
  62. /* Self-signed certificates form roots of their own, and if we
  63. * don't know them, then we can't accept them.
  64. */
  65. if (x509->signer == x509) {
  66. kleave(" = -ENOKEY [unknown self-signed]");
  67. return -ENOKEY;
  68. }
  69. might_sleep();
  70. last = x509;
  71. sig = last->sig;
  72. }
  73. /* No match - see if the root certificate has a signer amongst the
  74. * trusted keys.
  75. */
  76. if (last && (last->sig->auth_ids[0] || last->sig->auth_ids[1])) {
  77. key = find_asymmetric_key(trust_keyring,
  78. last->sig->auth_ids[0],
  79. last->sig->auth_ids[1],
  80. false);
  81. if (!IS_ERR(key)) {
  82. x509 = last;
  83. pr_devel("sinfo %u: Root cert %u signer is key %x\n",
  84. sinfo->index, x509->index, key_serial(key));
  85. goto matched;
  86. }
  87. if (PTR_ERR(key) != -ENOKEY)
  88. return PTR_ERR(key);
  89. }
  90. /* As a last resort, see if we have a trusted public key that matches
  91. * the signed info directly.
  92. */
  93. key = find_asymmetric_key(trust_keyring,
  94. sinfo->sig->auth_ids[0], NULL, false);
  95. if (!IS_ERR(key)) {
  96. pr_devel("sinfo %u: Direct signer is key %x\n",
  97. sinfo->index, key_serial(key));
  98. x509 = NULL;
  99. sig = sinfo->sig;
  100. goto matched;
  101. }
  102. if (PTR_ERR(key) != -ENOKEY)
  103. return PTR_ERR(key);
  104. kleave(" = -ENOKEY [no backref]");
  105. return -ENOKEY;
  106. matched:
  107. ret = verify_signature(key, sig);
  108. key_put(key);
  109. if (ret < 0) {
  110. if (ret == -ENOMEM)
  111. return ret;
  112. kleave(" = -EKEYREJECTED [verify %d]", ret);
  113. return -EKEYREJECTED;
  114. }
  115. verified:
  116. if (x509) {
  117. x509->verified = true;
  118. for (p = sinfo->signer; p != x509; p = p->signer)
  119. p->verified = true;
  120. }
  121. kleave(" = 0");
  122. return 0;
  123. }
  124. /**
  125. * pkcs7_validate_trust - Validate PKCS#7 trust chain
  126. * @pkcs7: The PKCS#7 certificate to validate
  127. * @trust_keyring: Signing certificates to use as starting points
  128. *
  129. * Validate that the certificate chain inside the PKCS#7 message intersects
  130. * keys we already know and trust.
  131. *
  132. * Returns, in order of descending priority:
  133. *
  134. * (*) -EKEYREJECTED if a signature failed to match for which we have a valid
  135. * key, or:
  136. *
  137. * (*) 0 if at least one signature chain intersects with the keys in the trust
  138. * keyring, or:
  139. *
  140. * (*) -ENOPKG if a suitable crypto module couldn't be found for a check on a
  141. * chain.
  142. *
  143. * (*) -ENOKEY if we couldn't find a match for any of the signature chains in
  144. * the message.
  145. *
  146. * May also return -ENOMEM.
  147. */
  148. int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
  149. struct key *trust_keyring)
  150. {
  151. struct pkcs7_signed_info *sinfo;
  152. struct x509_certificate *p;
  153. int cached_ret = -ENOKEY;
  154. int ret;
  155. for (p = pkcs7->certs; p; p = p->next)
  156. p->seen = false;
  157. for (sinfo = pkcs7->signed_infos; sinfo; sinfo = sinfo->next) {
  158. ret = pkcs7_validate_trust_one(pkcs7, sinfo, trust_keyring);
  159. switch (ret) {
  160. case -ENOKEY:
  161. continue;
  162. case -ENOPKG:
  163. if (cached_ret == -ENOKEY)
  164. cached_ret = -ENOPKG;
  165. continue;
  166. case 0:
  167. cached_ret = 0;
  168. continue;
  169. default:
  170. return ret;
  171. }
  172. }
  173. return cached_ret;
  174. }
  175. EXPORT_SYMBOL_GPL(pkcs7_validate_trust);