Commit | Line | Data |
---|---|---|
08815b62 DH |
1 | /* Validate the trust chain of a PKCS#7 message. |
2 | * | |
3 | * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. | |
4 | * Written by David Howells (dhowells@redhat.com) | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU General Public Licence | |
8 | * as published by the Free Software Foundation; either version | |
9 | * 2 of the Licence, or (at your option) any later version. | |
10 | */ | |
11 | ||
12 | #define pr_fmt(fmt) "PKCS7: "fmt | |
13 | #include <linux/kernel.h> | |
14 | #include <linux/export.h> | |
15 | #include <linux/slab.h> | |
16 | #include <linux/err.h> | |
17 | #include <linux/asn1.h> | |
18 | #include <linux/key.h> | |
19 | #include <keys/asymmetric-type.h> | |
20 | #include "public_key.h" | |
21 | #include "pkcs7_parser.h" | |
22 | ||
08815b62 DH |
23 | /** |
24 | * Check the trust on one PKCS#7 SignedInfo block. | |
25 | */ | |
15155b9a DH |
26 | static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, |
27 | struct pkcs7_signed_info *sinfo, | |
28 | struct key *trust_keyring) | |
08815b62 DH |
29 | { |
30 | struct public_key_signature *sig = &sinfo->sig; | |
31 | struct x509_certificate *x509, *last = NULL, *p; | |
32 | struct key *key; | |
33 | bool trusted; | |
34 | int ret; | |
35 | ||
36 | kenter(",%u,", sinfo->index); | |
37 | ||
41559420 DH |
38 | if (sinfo->unsupported_crypto) { |
39 | kleave(" = -ENOPKG [cached]"); | |
40 | return -ENOPKG; | |
41 | } | |
42 | ||
08815b62 DH |
43 | for (x509 = sinfo->signer; x509; x509 = x509->signer) { |
44 | if (x509->seen) { | |
45 | if (x509->verified) { | |
46 | trusted = x509->trusted; | |
47 | goto verified; | |
48 | } | |
49 | kleave(" = -ENOKEY [cached]"); | |
50 | return -ENOKEY; | |
51 | } | |
52 | x509->seen = true; | |
53 | ||
54 | /* Look to see if this certificate is present in the trusted | |
55 | * keys. | |
56 | */ | |
46963b77 | 57 | key = x509_request_asymmetric_key(trust_keyring, x509->id); |
08815b62 DH |
58 | if (!IS_ERR(key)) |
59 | /* One of the X.509 certificates in the PKCS#7 message | |
60 | * is apparently the same as one we already trust. | |
61 | * Verify that the trusted variant can also validate | |
62 | * the signature on the descendant. | |
63 | */ | |
64 | goto matched; | |
65 | if (key == ERR_PTR(-ENOMEM)) | |
66 | return -ENOMEM; | |
67 | ||
68 | /* Self-signed certificates form roots of their own, and if we | |
69 | * don't know them, then we can't accept them. | |
70 | */ | |
71 | if (x509->next == x509) { | |
72 | kleave(" = -ENOKEY [unknown self-signed]"); | |
73 | return -ENOKEY; | |
74 | } | |
75 | ||
76 | might_sleep(); | |
77 | last = x509; | |
78 | sig = &last->sig; | |
79 | } | |
80 | ||
81 | /* No match - see if the root certificate has a signer amongst the | |
82 | * trusted keys. | |
83 | */ | |
84 | if (!last || !last->issuer || !last->authority) { | |
85 | kleave(" = -ENOKEY [no backref]"); | |
86 | return -ENOKEY; | |
87 | } | |
88 | ||
46963b77 | 89 | key = x509_request_asymmetric_key(trust_keyring, last->authority); |
08815b62 DH |
90 | if (IS_ERR(key)) |
91 | return PTR_ERR(key) == -ENOMEM ? -ENOMEM : -ENOKEY; | |
92 | x509 = last; | |
93 | ||
94 | matched: | |
95 | ret = verify_signature(key, sig); | |
96 | trusted = test_bit(KEY_FLAG_TRUSTED, &key->flags); | |
97 | key_put(key); | |
98 | if (ret < 0) { | |
99 | if (ret == -ENOMEM) | |
100 | return ret; | |
101 | kleave(" = -EKEYREJECTED [verify %d]", ret); | |
102 | return -EKEYREJECTED; | |
103 | } | |
104 | ||
105 | verified: | |
106 | x509->verified = true; | |
107 | for (p = sinfo->signer; p != x509; p = p->signer) { | |
108 | p->verified = true; | |
109 | p->trusted = trusted; | |
110 | } | |
111 | sinfo->trusted = trusted; | |
112 | kleave(" = 0"); | |
113 | return 0; | |
114 | } | |
115 | ||
116 | /** | |
117 | * pkcs7_validate_trust - Validate PKCS#7 trust chain | |
118 | * @pkcs7: The PKCS#7 certificate to validate | |
119 | * @trust_keyring: Signing certificates to use as starting points | |
120 | * @_trusted: Set to true if trustworth, false otherwise | |
121 | * | |
122 | * Validate that the certificate chain inside the PKCS#7 message intersects | |
123 | * keys we already know and trust. | |
124 | * | |
125 | * Returns, in order of descending priority: | |
126 | * | |
127 | * (*) -EKEYREJECTED if a signature failed to match for which we have a valid | |
128 | * key, or: | |
129 | * | |
130 | * (*) 0 if at least one signature chain intersects with the keys in the trust | |
131 | * keyring, or: | |
132 | * | |
133 | * (*) -ENOPKG if a suitable crypto module couldn't be found for a check on a | |
134 | * chain. | |
135 | * | |
136 | * (*) -ENOKEY if we couldn't find a match for any of the signature chains in | |
137 | * the message. | |
138 | * | |
139 | * May also return -ENOMEM. | |
140 | */ | |
141 | int pkcs7_validate_trust(struct pkcs7_message *pkcs7, | |
142 | struct key *trust_keyring, | |
143 | bool *_trusted) | |
144 | { | |
145 | struct pkcs7_signed_info *sinfo; | |
146 | struct x509_certificate *p; | |
41559420 DH |
147 | int cached_ret = -ENOKEY; |
148 | int ret; | |
08815b62 DH |
149 | |
150 | for (p = pkcs7->certs; p; p = p->next) | |
151 | p->seen = false; | |
152 | ||
153 | for (sinfo = pkcs7->signed_infos; sinfo; sinfo = sinfo->next) { | |
154 | ret = pkcs7_validate_trust_one(pkcs7, sinfo, trust_keyring); | |
41559420 DH |
155 | switch (ret) { |
156 | case -ENOKEY: | |
157 | continue; | |
158 | case -ENOPKG: | |
159 | if (cached_ret == -ENOKEY) | |
08815b62 | 160 | cached_ret = -ENOPKG; |
41559420 DH |
161 | continue; |
162 | case 0: | |
163 | *_trusted |= sinfo->trusted; | |
164 | cached_ret = 0; | |
165 | continue; | |
166 | default: | |
167 | return ret; | |
08815b62 | 168 | } |
08815b62 DH |
169 | } |
170 | ||
171 | return cached_ret; | |
172 | } | |
173 | EXPORT_SYMBOL_GPL(pkcs7_validate_trust); |