[mirror_ubuntu-jammy-kernel.git] / crypto / asymmetric_keys / pkcs7_trust.c

// SPDX-License-Identifier: GPL-2.0-or-later
/* Validate the trust chain of a PKCS#7 message.
 *
 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 */

#define pr_fmt(fmt) "PKCS7: "fmt
#include <linux/kernel.h>
#include <linux/export.h>
#include <linux/slab.h>
#include <linux/err.h>
#include <linux/asn1.h>
#include <linux/key.h>
#include <keys/asymmetric-type.h>
#include <crypto/public_key.h>
#include "pkcs7_parser.h"

/**
 * Check the trust on one PKCS#7 SignedInfo block.
 */
static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7,
				    struct pkcs7_signed_info *sinfo,
				    struct key *trust_keyring)
{
	struct public_key_signature *sig = sinfo->sig;
	struct x509_certificate *x509, *last = NULL, *p;
	struct key *key;
	int ret;

	kenter(",%u,", sinfo->index);

	if (sinfo->unsupported_crypto) {
		kleave(" = -ENOPKG [cached]");
		return -ENOPKG;
	}

	for (x509 = sinfo->signer; x509; x509 = x509->signer) {
		if (x509->seen) {
			if (x509->verified)
				goto verified;
			kleave(" = -ENOKEY [cached]");
			return -ENOKEY;
		}
		x509->seen = true;

		/* Look to see if this certificate is present in the trusted
		 * keys.
		 */
		key = find_asymmetric_key(trust_keyring,
					  x509->id, x509->skid, false);
		if (!IS_ERR(key)) {
			/* One of the X.509 certificates in the PKCS#7 message
			 * is apparently the same as one we already trust.
			 * Verify that the trusted variant can also validate
			 * the signature on the descendant.
			 */
			pr_devel("sinfo %u: Cert %u as key %x\n",
				 sinfo->index, x509->index, key_serial(key));
			goto matched;
		}
		if (key == ERR_PTR(-ENOMEM))
			return -ENOMEM;

		 /* Self-signed certificates form roots of their own, and if we
		  * don't know them, then we can't accept them.
		  */
		if (x509->signer == x509) {
			kleave(" = -ENOKEY [unknown self-signed]");
			return -ENOKEY;
		}

		might_sleep();
		last = x509;
		sig = last->sig;
	}

	/* No match - see if the root certificate has a signer amongst the
	 * trusted keys.
	 */
	if (last && (last->sig->auth_ids[0] || last->sig->auth_ids[1])) {
		key = find_asymmetric_key(trust_keyring,
					  last->sig->auth_ids[0],
					  last->sig->auth_ids[1],
					  false);
		if (!IS_ERR(key)) {
			x509 = last;
			pr_devel("sinfo %u: Root cert %u signer is key %x\n",
				 sinfo->index, x509->index, key_serial(key));
			goto matched;
		}
		if (PTR_ERR(key) != -ENOKEY)
			return PTR_ERR(key);
	}

	/* As a last resort, see if we have a trusted public key that matches
	 * the signed info directly.
	 */
	key = find_asymmetric_key(trust_keyring,
				  sinfo->sig->auth_ids[0], NULL, false);
	if (!IS_ERR(key)) {
		pr_devel("sinfo %u: Direct signer is key %x\n",
			 sinfo->index, key_serial(key));
		x509 = NULL;
		sig = sinfo->sig;
		goto matched;
	}
	if (PTR_ERR(key) != -ENOKEY)
		return PTR_ERR(key);

	kleave(" = -ENOKEY [no backref]");
	return -ENOKEY;

matched:
	ret = verify_signature(key, sig);
	key_put(key);
	if (ret < 0) {
		if (ret == -ENOMEM)
			return ret;
		kleave(" = -EKEYREJECTED [verify %d]", ret);
		return -EKEYREJECTED;
	}

verified:
	if (x509) {
		x509->verified = true;
		for (p = sinfo->signer; p != x509; p = p->signer)
			p->verified = true;
	}
	kleave(" = 0");
	return 0;
}

/**
 * pkcs7_validate_trust - Validate PKCS#7 trust chain
 * @pkcs7: The PKCS#7 certificate to validate
 * @trust_keyring: Signing certificates to use as starting points
 *
 * Validate that the certificate chain inside the PKCS#7 message intersects
 * keys we already know and trust.
 *
 * Returns, in order of descending priority:
 *
 *  (*) -EKEYREJECTED if a signature failed to match for which we have a valid
 *	key, or:
 *
 *  (*) 0 if at least one signature chain intersects with the keys in the trust
 *	keyring, or:
 *
 *  (*) -ENOPKG if a suitable crypto module couldn't be found for a check on a
 *	chain.
 *
 *  (*) -ENOKEY if we couldn't find a match for any of the signature chains in
 *	the message.
 *
 * May also return -ENOMEM.
 */
int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
			 struct key *trust_keyring)
{
	struct pkcs7_signed_info *sinfo;
	struct x509_certificate *p;
	int cached_ret = -ENOKEY;
	int ret;

	for (p = pkcs7->certs; p; p = p->next)
		p->seen = false;

	for (sinfo = pkcs7->signed_infos; sinfo; sinfo = sinfo->next) {
		ret = pkcs7_validate_trust_one(pkcs7, sinfo, trust_keyring);
		switch (ret) {
		case -ENOKEY:
			continue;
		case -ENOPKG:
			if (cached_ret == -ENOKEY)
				cached_ret = -ENOPKG;
			continue;
		case 0:
			cached_ret = 0;
			continue;
		default:
			return ret;
		}
	}

	return cached_ret;
}
EXPORT_SYMBOL_GPL(pkcs7_validate_trust);
Commit	Line	Data
b4d0d230	1	// SPDX-License-Identifier: GPL-2.0-or-later
08815b62 DH	2	/* Validate the trust chain of a PKCS#7 message.
	3	*
	4	* Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
	5	* Written by David Howells (dhowells@redhat.com)
08815b62 DH	6	*/
	7
	8	#define pr_fmt(fmt) "PKCS7: "fmt
	9	#include <linux/kernel.h>
	10	#include <linux/export.h>
	11	#include <linux/slab.h>
	12	#include <linux/err.h>
	13	#include <linux/asn1.h>
	14	#include <linux/key.h>
	15	#include <keys/asymmetric-type.h>
db6c43bd	16	#include <crypto/public_key.h>
08815b62 DH	17	#include "pkcs7_parser.h"
08815b62 DH	18
08815b62 DH	19	/**
	20	* Check the trust on one PKCS#7 SignedInfo block.
	21	*/
15155b9a DH	22	static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7,
	23	struct pkcs7_signed_info *sinfo,
	24	struct key *trust_keyring)
08815b62	25	{
566a117a	26	struct public_key_signature *sig = sinfo->sig;
08815b62 DH	27	struct x509_certificate x509, last = NULL, *p;
08815b62 DH	28	struct key *key;
08815b62 DH	29	int ret;
	30
	31	kenter(",%u,", sinfo->index);
	32
41559420 DH	33	if (sinfo->unsupported_crypto) {
	34	kleave(" = -ENOPKG [cached]");
	35	return -ENOPKG;
	36	}
	37
08815b62 DH	38	for (x509 = sinfo->signer; x509; x509 = x509->signer) {
08815b62 DH	39	if (x509->seen) {
bda850cd	40	if (x509->verified)
08815b62	41	goto verified;
08815b62 DH	42	kleave(" = -ENOKEY [cached]");
	43	return -ENOKEY;
	44	}
	45	x509->seen = true;
	46
	47	/* Look to see if this certificate is present in the trusted
	48	* keys.
	49	*/
9eb02989 DH	50	key = find_asymmetric_key(trust_keyring,
9eb02989 DH	51	x509->id, x509->skid, false);
757932e6	52	if (!IS_ERR(key)) {
08815b62 DH	53	/* One of the X.509 certificates in the PKCS#7 message
	54	* is apparently the same as one we already trust.
	55	* Verify that the trusted variant can also validate
	56	* the signature on the descendant.
	57	*/
757932e6 DH	58	pr_devel("sinfo %u: Cert %u as key %x\n",
757932e6 DH	59	sinfo->index, x509->index, key_serial(key));
08815b62	60	goto matched;
757932e6	61	}
08815b62 DH	62	if (key == ERR_PTR(-ENOMEM))
	63	return -ENOMEM;
	64
	65	/* Self-signed certificates form roots of their own, and if we
	66	* don't know them, then we can't accept them.
	67	*/
7204eb85	68	if (x509->signer == x509) {
08815b62 DH	69	kleave(" = -ENOKEY [unknown self-signed]");
	70	return -ENOKEY;
	71	}
	72
	73	might_sleep();
	74	last = x509;
77d0910d	75	sig = last->sig;
08815b62 DH	76	}
	77
	78	/* No match - see if the root certificate has a signer amongst the
	79	* trusted keys.
	80	*/
77d0910d	81	if (last && (last->sig->auth_ids[0] \|\| last->sig->auth_ids[1])) {
9eb02989 DH	82	key = find_asymmetric_key(trust_keyring,
	83	last->sig->auth_ids[0],
	84	last->sig->auth_ids[1],
	85	false);
757932e6 DH	86	if (!IS_ERR(key)) {
	87	x509 = last;
	88	pr_devel("sinfo %u: Root cert %u signer is key %x\n",
	89	sinfo->index, x509->index, key_serial(key));
	90	goto matched;
	91	}
	92	if (PTR_ERR(key) != -ENOKEY)
	93	return PTR_ERR(key);
08815b62 DH	94	}
08815b62 DH	95
757932e6 DH	96	/* As a last resort, see if we have a trusted public key that matches
	97	* the signed info directly.
	98	*/
9eb02989 DH	99	key = find_asymmetric_key(trust_keyring,
9eb02989 DH	100	sinfo->sig->auth_ids[0], NULL, false);
757932e6 DH	101	if (!IS_ERR(key)) {
	102	pr_devel("sinfo %u: Direct signer is key %x\n",
	103	sinfo->index, key_serial(key));
	104	x509 = NULL;
6459ae38	105	sig = sinfo->sig;
757932e6 DH	106	goto matched;
	107	}
	108	if (PTR_ERR(key) != -ENOKEY)
	109	return PTR_ERR(key);
	110
	111	kleave(" = -ENOKEY [no backref]");
	112	return -ENOKEY;
08815b62 DH	113
	114	matched:
	115	ret = verify_signature(key, sig);
08815b62 DH	116	key_put(key);
	117	if (ret < 0) {
	118	if (ret == -ENOMEM)
	119	return ret;
	120	kleave(" = -EKEYREJECTED [verify %d]", ret);
	121	return -EKEYREJECTED;
	122	}
	123
	124	verified:
757932e6 DH	125	if (x509) {
757932e6 DH	126	x509->verified = true;
bda850cd	127	for (p = sinfo->signer; p != x509; p = p->signer)
757932e6	128	p->verified = true;
08815b62	129	}
08815b62 DH	130	kleave(" = 0");
	131	return 0;
	132	}
	133
	134	/**
	135	* pkcs7_validate_trust - Validate PKCS#7 trust chain
	136	* @pkcs7: The PKCS#7 certificate to validate
	137	* @trust_keyring: Signing certificates to use as starting points
08815b62 DH	138	*
	139	* Validate that the certificate chain inside the PKCS#7 message intersects
	140	* keys we already know and trust.
	141	*
	142	* Returns, in order of descending priority:
	143	*
	144	* (*) -EKEYREJECTED if a signature failed to match for which we have a valid
	145	* key, or:
	146	*
	147	* (*) 0 if at least one signature chain intersects with the keys in the trust
	148	* keyring, or:
	149	*
	150	* (*) -ENOPKG if a suitable crypto module couldn't be found for a check on a
	151	* chain.
	152	*
	153	* (*) -ENOKEY if we couldn't find a match for any of the signature chains in
	154	* the message.
	155	*
	156	* May also return -ENOMEM.
	157	*/
	158	int pkcs7_validate_trust(struct pkcs7_message *pkcs7,
bda850cd	159	struct key *trust_keyring)
08815b62 DH	160	{
	161	struct pkcs7_signed_info *sinfo;
	162	struct x509_certificate *p;
41559420 DH	163	int cached_ret = -ENOKEY;
41559420 DH	164	int ret;
08815b62 DH	165
	166	for (p = pkcs7->certs; p; p = p->next)
	167	p->seen = false;
	168
	169	for (sinfo = pkcs7->signed_infos; sinfo; sinfo = sinfo->next) {
	170	ret = pkcs7_validate_trust_one(pkcs7, sinfo, trust_keyring);
41559420 DH	171	switch (ret) {
	172	case -ENOKEY:
	173	continue;
	174	case -ENOPKG:
	175	if (cached_ret == -ENOKEY)
08815b62	176	cached_ret = -ENOPKG;
41559420 DH	177	continue;
41559420 DH	178	case 0:
41559420 DH	179	cached_ret = 0;
	180	continue;
	181	default:
	182	return ret;
08815b62	183	}
08815b62 DH	184	}
	185
	186	return cached_ret;
	187	}
	188	EXPORT_SYMBOL_GPL(pkcs7_validate_trust);