[mirror_ubuntu-jammy-kernel.git] / security / keys / keyctl_pkey.c

// SPDX-License-Identifier: GPL-2.0-or-later
/* Public-key operation keyctls
 *
 * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 */

#include <linux/slab.h>
#include <linux/err.h>
#include <linux/key.h>
#include <linux/keyctl.h>
#include <linux/parser.h>
#include <linux/uaccess.h>
#include <keys/user-type.h>
#include "internal.h"

static void keyctl_pkey_params_free(struct kernel_pkey_params *params)
{
	kfree(params->info);
	key_put(params->key);
}

enum {
	Opt_err,
	Opt_enc,		/* "enc=<encoding>" eg. "enc=oaep" */
	Opt_hash,		/* "hash=<digest-name>" eg. "hash=sha1" */
};

static const match_table_t param_keys = {
	{ Opt_enc,	"enc=%s" },
	{ Opt_hash,	"hash=%s" },
	{ Opt_err,	NULL }
};

/*
 * Parse the information string which consists of key=val pairs.
 */
static int keyctl_pkey_params_parse(struct kernel_pkey_params *params)
{
	unsigned long token_mask = 0;
	substring_t args[MAX_OPT_ARGS];
	char *c = params->info, *p, *q;
	int token;

	while ((p = strsep(&c, " \t"))) {
		if (*p == '\0' || *p == ' ' || *p == '\t')
			continue;
		token = match_token(p, param_keys, args);
		if (token == Opt_err)
			return -EINVAL;
		if (__test_and_set_bit(token, &token_mask))
			return -EINVAL;
		q = args[0].from;
		if (!q[0])
			return -EINVAL;

		switch (token) {
		case Opt_enc:
			params->encoding = q;
			break;

		case Opt_hash:
			params->hash_algo = q;
			break;

		default:
			return -EINVAL;
		}
	}

	return 0;
}

/*
 * Interpret parameters.  Callers must always call the free function
 * on params, even if an error is returned.
 */
static int keyctl_pkey_params_get(key_serial_t id,
				  const char __user *_info,
				  struct kernel_pkey_params *params)
{
	key_ref_t key_ref;
	void *p;
	int ret;

	memset(params, 0, sizeof(*params));
	params->encoding = "raw";

	p = strndup_user(_info, PAGE_SIZE);
	if (IS_ERR(p))
		return PTR_ERR(p);
	params->info = p;

	ret = keyctl_pkey_params_parse(params);
	if (ret < 0)
		return ret;

	key_ref = lookup_user_key(id, 0, KEY_NEED_SEARCH);
	if (IS_ERR(key_ref))
		return PTR_ERR(key_ref);
	params->key = key_ref_to_ptr(key_ref);

	if (!params->key->type->asym_query)
		return -EOPNOTSUPP;

	return 0;
}

/*
 * Get parameters from userspace.  Callers must always call the free function
 * on params, even if an error is returned.
 */
static int keyctl_pkey_params_get_2(const struct keyctl_pkey_params __user *_params,
				    const char __user *_info,
				    int op,
				    struct kernel_pkey_params *params)
{
	struct keyctl_pkey_params uparams;
	struct kernel_pkey_query info;
	int ret;

	memset(params, 0, sizeof(*params));
	params->encoding = "raw";

	if (copy_from_user(&uparams, _params, sizeof(uparams)) != 0)
		return -EFAULT;

	ret = keyctl_pkey_params_get(uparams.key_id, _info, params);
	if (ret < 0)
		return ret;

	ret = params->key->type->asym_query(params, &info);
	if (ret < 0)
		return ret;

	switch (op) {
	case KEYCTL_PKEY_ENCRYPT:
	case KEYCTL_PKEY_DECRYPT:
		if (uparams.in_len  > info.max_enc_size ||
		    uparams.out_len > info.max_dec_size)
			return -EINVAL;
		break;
	case KEYCTL_PKEY_SIGN:
	case KEYCTL_PKEY_VERIFY:
		if (uparams.in_len  > info.max_sig_size ||
		    uparams.out_len > info.max_data_size)
			return -EINVAL;
		break;
	default:
		BUG();
	}

	params->in_len  = uparams.in_len;
	params->out_len = uparams.out_len;
	return 0;
}

/*
 * Query information about an asymmetric key.
 */
long keyctl_pkey_query(key_serial_t id,
		       const char __user *_info,
		       struct keyctl_pkey_query __user *_res)
{
	struct kernel_pkey_params params;
	struct kernel_pkey_query res;
	long ret;

	memset(&params, 0, sizeof(params));

	ret = keyctl_pkey_params_get(id, _info, &params);
	if (ret < 0)
		goto error;

	ret = params.key->type->asym_query(&params, &res);
	if (ret < 0)
		goto error;

	ret = -EFAULT;
	if (copy_to_user(_res, &res, sizeof(res)) == 0 &&
	    clear_user(_res->__spare, sizeof(_res->__spare)) == 0)
		ret = 0;

error:
	keyctl_pkey_params_free(&params);
	return ret;
}

/*
 * Encrypt/decrypt/sign
 *
 * Encrypt data, decrypt data or sign data using a public key.
 *
 * _info is a string of supplementary information in key=val format.  For
 * instance, it might contain:
 *
 *	"enc=pkcs1 hash=sha256"
 *
 * where enc= specifies the encoding and hash= selects the OID to go in that
 * particular encoding if required.  If enc= isn't supplied, it's assumed that
 * the caller is supplying raw values.
 *
 * If successful, the amount of data written into the output buffer is
 * returned.
 */
long keyctl_pkey_e_d_s(int op,
		       const struct keyctl_pkey_params __user *_params,
		       const char __user *_info,
		       const void __user *_in,
		       void __user *_out)
{
	struct kernel_pkey_params params;
	void *in, *out;
	long ret;

	ret = keyctl_pkey_params_get_2(_params, _info, op, &params);
	if (ret < 0)
		goto error_params;

	ret = -EOPNOTSUPP;
	if (!params.key->type->asym_eds_op)
		goto error_params;

	switch (op) {
	case KEYCTL_PKEY_ENCRYPT:
		params.op = kernel_pkey_encrypt;
		break;
	case KEYCTL_PKEY_DECRYPT:
		params.op = kernel_pkey_decrypt;
		break;
	case KEYCTL_PKEY_SIGN:
		params.op = kernel_pkey_sign;
		break;
	default:
		BUG();
	}

	in = memdup_user(_in, params.in_len);
	if (IS_ERR(in)) {
		ret = PTR_ERR(in);
		goto error_params;
	}

	ret = -ENOMEM;
	out = kmalloc(params.out_len, GFP_KERNEL);
	if (!out)
		goto error_in;

	ret = params.key->type->asym_eds_op(&params, in, out);
	if (ret < 0)
		goto error_out;

	if (copy_to_user(_out, out, ret) != 0)
		ret = -EFAULT;

error_out:
	kfree(out);
error_in:
	kfree(in);
error_params:
	keyctl_pkey_params_free(&params);
	return ret;
}

/*
 * Verify a signature.
 *
 * Verify a public key signature using the given key, or if not given, search
 * for a matching key.
 *
 * _info is a string of supplementary information in key=val format.  For
 * instance, it might contain:
 *
 *	"enc=pkcs1 hash=sha256"
 *
 * where enc= specifies the signature blob encoding and hash= selects the OID
 * to go in that particular encoding.  If enc= isn't supplied, it's assumed
 * that the caller is supplying raw values.
 *
 * If successful, 0 is returned.
 */
long keyctl_pkey_verify(const struct keyctl_pkey_params __user *_params,
			const char __user *_info,
			const void __user *_in,
			const void __user *_in2)
{
	struct kernel_pkey_params params;
	void *in, *in2;
	long ret;

	ret = keyctl_pkey_params_get_2(_params, _info, KEYCTL_PKEY_VERIFY,
				       &params);
	if (ret < 0)
		goto error_params;

	ret = -EOPNOTSUPP;
	if (!params.key->type->asym_verify_signature)
		goto error_params;

	in = memdup_user(_in, params.in_len);
	if (IS_ERR(in)) {
		ret = PTR_ERR(in);
		goto error_params;
	}

	in2 = memdup_user(_in2, params.in2_len);
	if (IS_ERR(in2)) {
		ret = PTR_ERR(in2);
		goto error_in;
	}

	params.op = kernel_pkey_verify;
	ret = params.key->type->asym_verify_signature(&params, in, in2);

	kfree(in2);
error_in:
	kfree(in);
error_params:
	keyctl_pkey_params_free(&params);
	return ret;
}
Commit	Line	Data
b4d0d230	1	// SPDX-License-Identifier: GPL-2.0-or-later
00d60fd3 DH	2	/* Public-key operation keyctls
	3	*
	4	* Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
	5	* Written by David Howells (dhowells@redhat.com)
00d60fd3 DH	6	*/
	7
	8	#include <linux/slab.h>
	9	#include <linux/err.h>
	10	#include <linux/key.h>
	11	#include <linux/keyctl.h>
	12	#include <linux/parser.h>
	13	#include <linux/uaccess.h>
	14	#include <keys/user-type.h>
	15	#include "internal.h"
	16
	17	static void keyctl_pkey_params_free(struct kernel_pkey_params *params)
	18	{
	19	kfree(params->info);
	20	key_put(params->key);
	21	}
	22
	23	enum {
94c13f66	24	Opt_err,
00d60fd3 DH	25	Opt_enc, /* "enc=<encoding>" eg. "enc=oaep" */
	26	Opt_hash, /* "hash=<digest-name>" eg. "hash=sha1" */
	27	};
	28
	29	static const match_table_t param_keys = {
	30	{ Opt_enc, "enc=%s" },
	31	{ Opt_hash, "hash=%s" },
	32	{ Opt_err, NULL }
	33	};
	34
	35	/*
	36	* Parse the information string which consists of key=val pairs.
	37	*/
	38	static int keyctl_pkey_params_parse(struct kernel_pkey_params *params)
	39	{
	40	unsigned long token_mask = 0;
	41	substring_t args[MAX_OPT_ARGS];
	42	char c = params->info, p, *q;
	43	int token;
	44
	45	while ((p = strsep(&c, " \t"))) {
	46	if (p == '\0' \|\| p == ' ' \|\| *p == '\t')
	47	continue;
	48	token = match_token(p, param_keys, args);
57b0e314 EB	49	if (token == Opt_err)
57b0e314 EB	50	return -EINVAL;
00d60fd3 DH	51	if (__test_and_set_bit(token, &token_mask))
	52	return -EINVAL;
	53	q = args[0].from;
	54	if (!q[0])
	55	return -EINVAL;
	56
	57	switch (token) {
	58	case Opt_enc:
	59	params->encoding = q;
	60	break;
	61
	62	case Opt_hash:
	63	params->hash_algo = q;
	64	break;
	65
	66	default:
	67	return -EINVAL;
	68	}
	69	}
	70
	71	return 0;
	72	}
	73
	74	/*
	75	* Interpret parameters. Callers must always call the free function
	76	* on params, even if an error is returned.
	77	*/
	78	static int keyctl_pkey_params_get(key_serial_t id,
	79	const char __user *_info,
	80	struct kernel_pkey_params *params)
	81	{
	82	key_ref_t key_ref;
	83	void *p;
	84	int ret;
	85
	86	memset(params, 0, sizeof(*params));
	87	params->encoding = "raw";
	88
	89	p = strndup_user(_info, PAGE_SIZE);
	90	if (IS_ERR(p))
	91	return PTR_ERR(p);
	92	params->info = p;
	93
	94	ret = keyctl_pkey_params_parse(params);
	95	if (ret < 0)
	96	return ret;
	97
	98	key_ref = lookup_user_key(id, 0, KEY_NEED_SEARCH);
	99	if (IS_ERR(key_ref))
	100	return PTR_ERR(key_ref);
	101	params->key = key_ref_to_ptr(key_ref);
	102
	103	if (!params->key->type->asym_query)
	104	return -EOPNOTSUPP;
	105
	106	return 0;
	107	}
	108
	109	/*
	110	* Get parameters from userspace. Callers must always call the free function
	111	* on params, even if an error is returned.
	112	*/
	113	static int keyctl_pkey_params_get_2(const struct keyctl_pkey_params __user *_params,
	114	const char __user *_info,
115	int op,
116	struct kernel_pkey_params *params)
117	{
118	struct keyctl_pkey_params uparams;
119	struct kernel_pkey_query info;
120	int ret;
121
122	memset(params, 0, sizeof(*params));
123	params->encoding = "raw";
124
125	if (copy_from_user(&uparams, _params, sizeof(uparams)) != 0)
126	return -EFAULT;
127
128	ret = keyctl_pkey_params_get(uparams.key_id, _info, params);
129	if (ret < 0)
130	return ret;
131
132	ret = params->key->type->asym_query(params, &info);
133	if (ret < 0)
134	return ret;
135
136	switch (op) {
137	case KEYCTL_PKEY_ENCRYPT:
138	case KEYCTL_PKEY_DECRYPT:
139	if (uparams.in_len > info.max_enc_size \|\|
140	uparams.out_len > info.max_dec_size)
141	return -EINVAL;
142	break;
143	case KEYCTL_PKEY_SIGN:
144	case KEYCTL_PKEY_VERIFY:
145	if (uparams.in_len > info.max_sig_size \|\|
146	uparams.out_len > info.max_data_size)
147	return -EINVAL;
148	break;
149	default:
150	BUG();
151	}
152
153	params->in_len = uparams.in_len;
154	params->out_len = uparams.out_len;
155	return 0;
156	}
157
158	/*
159	* Query information about an asymmetric key.
160	*/
161	long keyctl_pkey_query(key_serial_t id,
162	const char __user *_info,
163	struct keyctl_pkey_query __user *_res)
164	{
165	struct kernel_pkey_params params;
166	struct kernel_pkey_query res;
167	long ret;
168
169	memset(&params, 0, sizeof(params));
170
171	ret = keyctl_pkey_params_get(id, _info, &params);
172	if (ret < 0)
173	goto error;
174
175	ret = params.key->type->asym_query(&params, &res);
176	if (ret < 0)
177	goto error;
178
179	ret = -EFAULT;
180	if (copy_to_user(_res, &res, sizeof(res)) == 0 &&
181	clear_user(_res->__spare, sizeof(_res->__spare)) == 0)
182	ret = 0;
183
184	error:
185	keyctl_pkey_params_free(&params);
186	return ret;
187	}
188
189	/*
190	* Encrypt/decrypt/sign
191	*
192	* Encrypt data, decrypt data or sign data using a public key.
193	*
194	* _info is a string of supplementary information in key=val format. For
195	* instance, it might contain:
196	*
197	* "enc=pkcs1 hash=sha256"
198	*
199	* where enc= specifies the encoding and hash= selects the OID to go in that
200	* particular encoding if required. If enc= isn't supplied, it's assumed that
201	* the caller is supplying raw values.
202	*
203	* If successful, the amount of data written into the output buffer is
204	* returned.
205	*/
206	long keyctl_pkey_e_d_s(int op,
207	const struct keyctl_pkey_params __user *_params,
208	const char __user *_info,
209	const void __user *_in,
210	void __user *_out)
211	{
212	struct kernel_pkey_params params;
213	void in, out;
214	long ret;
215
216	ret = keyctl_pkey_params_get_2(_params, _info, op, &params);
217	if (ret < 0)
218	goto error_params;
219
220	ret = -EOPNOTSUPP;
221	if (!params.key->type->asym_eds_op)
222	goto error_params;
223
224	switch (op) {
225	case KEYCTL_PKEY_ENCRYPT:
226	params.op = kernel_pkey_encrypt;
227	break;
228	case KEYCTL_PKEY_DECRYPT:
229	params.op = kernel_pkey_decrypt;
230	break;
231	case KEYCTL_PKEY_SIGN:
232	params.op = kernel_pkey_sign;
233	break;
234	default:
235	BUG();
236	}
237
238	in = memdup_user(_in, params.in_len);
239	if (IS_ERR(in)) {
240	ret = PTR_ERR(in);
241	goto error_params;
242	}
243
244	ret = -ENOMEM;
245	out = kmalloc(params.out_len, GFP_KERNEL);
246	if (!out)
247	goto error_in;
248
249	ret = params.key->type->asym_eds_op(&params, in, out);
250	if (ret < 0)
251	goto error_out;
252
253	if (copy_to_user(_out, out, ret) != 0)
254	ret = -EFAULT;
255
256	error_out:
257	kfree(out);
258	error_in:
259	kfree(in);
260	error_params:
261	keyctl_pkey_params_free(&params);
262	return ret;
263	}
264
265	/*
266	* Verify a signature.
267	*
268	* Verify a public key signature using the given key, or if not given, search
269	* for a matching key.
270	*
271	* _info is a string of supplementary information in key=val format. For
272	* instance, it might contain:
273	*
274	* "enc=pkcs1 hash=sha256"
275	*
276	* where enc= specifies the signature blob encoding and hash= selects the OID
277	* to go in that particular encoding. If enc= isn't supplied, it's assumed
278	* that the caller is supplying raw values.
279	*
280	* If successful, 0 is returned.
281	*/
282	long keyctl_pkey_verify(const struct keyctl_pkey_params __user *_params,
283	const char __user *_info,
284	const void __user *_in,
285	const void __user *_in2)
286	{
287	struct kernel_pkey_params params;
288	void in, in2;
289	long ret;
290
291	ret = keyctl_pkey_params_get_2(_params, _info, KEYCTL_PKEY_VERIFY,
292	&params);
293	if (ret < 0)
294	goto error_params;
295
296	ret = -EOPNOTSUPP;
297	if (!params.key->type->asym_verify_signature)
298	goto error_params;
299
300	in = memdup_user(_in, params.in_len);
301	if (IS_ERR(in)) {
302	ret = PTR_ERR(in);
303	goto error_params;
304	}
305
306	in2 = memdup_user(_in2, params.in2_len);
307	if (IS_ERR(in2)) {
308	ret = PTR_ERR(in2);
309	goto error_in;
310	}
311
312	params.op = kernel_pkey_verify;
313	ret = params.key->type->asym_verify_signature(&params, in, in2);
314
315	kfree(in2);
316	error_in:
317	kfree(in);
318	error_params:
319	keyctl_pkey_params_free(&params);
320	return ret;
321	}