[mirror_ubuntu-artful-kernel.git] / crypto / asymmetric_keys / restrict.c

/* Instantiate a public key crypto key from an X.509 Certificate
 *
 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public Licence
 * as published by the Free Software Foundation; either version
 * 2 of the Licence, or (at your option) any later version.
 */

#define pr_fmt(fmt) "X.509: "fmt
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/slab.h>
#include <linux/err.h>
#include <linux/mpi.h>
#include <linux/asn1_decoder.h>
#include <keys/asymmetric-subtype.h>
#include <keys/asymmetric-parser.h>
#include <keys/system_keyring.h>
#include <crypto/hash.h>
#include <crypto/public_key.h>
#include "asymmetric_keys.h"
#include "x509_parser.h"

static bool use_builtin_keys;
static struct asymmetric_key_id *ca_keyid;

#ifndef MODULE
static struct {
	struct asymmetric_key_id id;
	unsigned char data[10];
} cakey;

static int __init ca_keys_setup(char *str)
{
	if (!str)		/* default system keyring */
		return 1;

	if (strncmp(str, "id:", 3) == 0) {
		struct asymmetric_key_id *p = &cakey.id;
		size_t hexlen = (strlen(str) - 3) / 2;
		int ret;

		if (hexlen == 0 || hexlen > sizeof(cakey.data)) {
			pr_err("Missing or invalid ca_keys id\n");
			return 1;
		}

		ret = __asymmetric_key_hex_to_key_id(str + 3, p, hexlen);
		if (ret < 0)
			pr_err("Unparsable ca_keys id hex string\n");
		else
			ca_keyid = p;	/* owner key 'id:xxxxxx' */
	} else if (strcmp(str, "builtin") == 0) {
		use_builtin_keys = true;
	}

	return 1;
}
__setup("ca_keys=", ca_keys_setup);
#endif

/*
 * Check the new certificate against the ones in the trust keyring.  If one of
 * those is the signing key and validates the new certificate, then mark the
 * new certificate as being trusted.
 *
 * Return 0 if the new certificate was successfully validated, 1 if we couldn't
 * find a matching parent certificate in the trusted list and an error if there
 * is a matching certificate but the signature check fails.
 */
int x509_validate_trust(struct x509_certificate *cert,
			struct key *trust_keyring)
{
	struct public_key_signature *sig = cert->sig;
	struct key *key;
	int ret = 1;

	if (!sig->auth_ids[0] && !sig->auth_ids[1])
		return 1;

	if (!trust_keyring)
		return -EOPNOTSUPP;
	if (ca_keyid && !asymmetric_key_id_partial(sig->auth_ids[1], ca_keyid))
		return -EPERM;
	if (cert->unsupported_sig)
		return -ENOPKG;

	key = find_asymmetric_key(trust_keyring,
				  sig->auth_ids[0], sig->auth_ids[1],
				  false);
	if (IS_ERR(key))
		return PTR_ERR(key);

	if (!use_builtin_keys ||
	    test_bit(KEY_FLAG_BUILTIN, &key->flags)) {
		ret = verify_signature(key, cert->sig);
		if (ret == -ENOPKG)
			cert->unsupported_sig = true;
	}
	key_put(key);
	return ret;
}
EXPORT_SYMBOL_GPL(x509_validate_trust);
Commit	Line	Data
cfb664ff DH	1	/* Instantiate a public key crypto key from an X.509 Certificate
	2	*
	3	* Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
	4	* Written by David Howells (dhowells@redhat.com)
	5	*
	6	* This program is free software; you can redistribute it and/or
	7	* modify it under the terms of the GNU General Public Licence
	8	* as published by the Free Software Foundation; either version
	9	* 2 of the Licence, or (at your option) any later version.
	10	*/
	11
	12	#define pr_fmt(fmt) "X.509: "fmt
	13	#include <linux/module.h>
	14	#include <linux/kernel.h>
	15	#include <linux/slab.h>
	16	#include <linux/err.h>
	17	#include <linux/mpi.h>
	18	#include <linux/asn1_decoder.h>
	19	#include <keys/asymmetric-subtype.h>
	20	#include <keys/asymmetric-parser.h>
	21	#include <keys/system_keyring.h>
	22	#include <crypto/hash.h>
	23	#include <crypto/public_key.h>
	24	#include "asymmetric_keys.h"
	25	#include "x509_parser.h"
	26
	27	static bool use_builtin_keys;
	28	static struct asymmetric_key_id *ca_keyid;
	29
	30	#ifndef MODULE
	31	static struct {
	32	struct asymmetric_key_id id;
	33	unsigned char data[10];
	34	} cakey;
	35
	36	static int __init ca_keys_setup(char *str)
	37	{
	38	if (!str) /* default system keyring */
	39	return 1;
	40
	41	if (strncmp(str, "id:", 3) == 0) {
	42	struct asymmetric_key_id *p = &cakey.id;
	43	size_t hexlen = (strlen(str) - 3) / 2;
	44	int ret;
	45
	46	if (hexlen == 0 \|\| hexlen > sizeof(cakey.data)) {
	47	pr_err("Missing or invalid ca_keys id\n");
	48	return 1;
	49	}
	50
	51	ret = __asymmetric_key_hex_to_key_id(str + 3, p, hexlen);
	52	if (ret < 0)
	53	pr_err("Unparsable ca_keys id hex string\n");
	54	else
	55	ca_keyid = p; /* owner key 'id:xxxxxx' */
	56	} else if (strcmp(str, "builtin") == 0) {
	57	use_builtin_keys = true;
	58	}
	59
	60	return 1;
	61	}
	62	__setup("ca_keys=", ca_keys_setup);
	63	#endif
	64
65	/*
66	* Check the new certificate against the ones in the trust keyring. If one of
67	* those is the signing key and validates the new certificate, then mark the
68	* new certificate as being trusted.
69	*
70	* Return 0 if the new certificate was successfully validated, 1 if we couldn't
71	* find a matching parent certificate in the trusted list and an error if there
72	* is a matching certificate but the signature check fails.
73	*/
74	int x509_validate_trust(struct x509_certificate *cert,
75	struct key *trust_keyring)
76	{
77	struct public_key_signature *sig = cert->sig;
78	struct key *key;
79	int ret = 1;
80
81	if (!sig->auth_ids[0] && !sig->auth_ids[1])
82	return 1;
83
84	if (!trust_keyring)
85	return -EOPNOTSUPP;
86	if (ca_keyid && !asymmetric_key_id_partial(sig->auth_ids[1], ca_keyid))
87	return -EPERM;
88	if (cert->unsupported_sig)
89	return -ENOPKG;
90
91	key = find_asymmetric_key(trust_keyring,
92	sig->auth_ids[0], sig->auth_ids[1],
93	false);
94	if (IS_ERR(key))
95	return PTR_ERR(key);
96
97	if (!use_builtin_keys \|\|
98	test_bit(KEY_FLAG_BUILTIN, &key->flags)) {
99	ret = verify_signature(key, cert->sig);
100	if (ret == -ENOPKG)
101	cert->unsupported_sig = true;
102	}
103	key_put(key);
104	return ret;
105	}
106	EXPORT_SYMBOL_GPL(x509_validate_trust);