linux/crypto/asymmetric_keys/pkcs7_parser.h

/* PKCS#7 crypto data parser internal definitions
 *
 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
 * Written by David Howells (dhowells@redhat.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public Licence
 * as published by the Free Software Foundation; either version
 * 2 of the Licence, or (at your option) any later version.
 */

#include <linux/oid_registry.h>
#include <crypto/pkcs7.h>
#include "x509_parser.h"

#define kenter(FMT, ...) \
	pr_devel("==> %s("FMT")\n", __func__, ##__VA_ARGS__)
#define kleave(FMT, ...) \
	pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__)

struct pkcs7_signed_info {
	struct pkcs7_signed_info *next;
	struct x509_certificate *signer; /* Signing certificate (in msg->certs) */
	unsigned index;
	bool trusted;
	bool unsupported_crypto;	/* T if not usable due to missing crypto */

	/* Message digest - the digest of the Content Data (or NULL) */
	const void	*msgdigest;
	unsigned	msgdigest_len;

	/* Authenticated Attribute data (or NULL) */
	unsigned	authattrs_len;
	const void	*authattrs;

	/* Issuing cert serial number and issuer's name */
	struct asymmetric_key_id *signing_cert_id;

	/* Message signature.
	 *
	 * This contains the generated digest of _either_ the Content Data or
	 * the Authenticated Attributes [RFC2315 9.3].  If the latter, one of
	 * the attributes contains the digest of the the Content Data within
	 * it.
	 */
	struct public_key_signature sig;
};

struct pkcs7_message {
	struct x509_certificate *certs;	/* Certificate list */
	struct x509_certificate *crl;	/* Revocation list */
	struct pkcs7_signed_info *signed_infos;

	/* Content Data (or NULL) */
	enum OID	data_type;	/* Type of Data */
	size_t		data_len;	/* Length of Data */
	size_t		data_hdrlen;	/* Length of Data ASN.1 header */
	const void	*data;		/* Content Data (or 0) */
};
PKCS#7: Implement a parser [RFC 2315] Implement a parser for a PKCS#7 signed-data message as described in part of RFC 2315. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> 2014-07-01 16:40:19 +01:00			`/* PKCS#7 crypto data parser internal definitions`
			`*`
			`* Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.`
			`* Written by David Howells (dhowells@redhat.com)`
			`*`
			`* This program is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU General Public Licence`
			`* as published by the Free Software Foundation; either version`
			`* 2 of the Licence, or (at your option) any later version.`
			`*/`

			`#include <linux/oid_registry.h>`
			`#include <crypto/pkcs7.h>`
			`#include "x509_parser.h"`

			`#define kenter(FMT, ...) \`
			`pr_devel("==> %s("FMT")\n", __func__, ##__VA_ARGS__)`
			`#define kleave(FMT, ...) \`
			`pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__)`

			`struct pkcs7_signed_info {`
			`struct pkcs7_signed_info *next;`
			`struct x509_certificate signer; / Signing certificate (in msg->certs) */`
			`unsigned index;`
			`bool trusted;`
PKCS#7: Better handling of unsupported crypto Provide better handling of unsupported crypto when verifying a PKCS#7 message. If we can't bridge the gap between a pair of X.509 certs or between a signed info block and an X.509 cert because it involves some crypto we don't support, that's not necessarily the end of the world as there may be other ways points at which we can intersect with a ring of trusted keys. Instead, only produce ENOPKG immediately if all the signed info blocks in a PKCS#7 message require unsupported crypto to bridge to the first X.509 cert. Otherwise, we defer the generation of ENOPKG until we get ENOKEY during trust validation. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> 2014-09-16 17:36:15 +01:00			`bool unsupported_crypto; /* T if not usable due to missing crypto */`
PKCS#7: Implement a parser [RFC 2315] Implement a parser for a PKCS#7 signed-data message as described in part of RFC 2315. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> 2014-07-01 16:40:19 +01:00
			`/* Message digest - the digest of the Content Data (or NULL) */`
			`const void *msgdigest;`
			`unsigned msgdigest_len;`

			`/* Authenticated Attribute data (or NULL) */`
			`unsigned authattrs_len;`
			`const void *authattrs;`

			`/* Issuing cert serial number and issuer's name */`
KEYS: Overhaul key identification when searching for asymmetric keys Make use of the new match string preparsing to overhaul key identification when searching for asymmetric keys. The following changes are made: (1) Use the previously created asymmetric_key_id struct to hold the following key IDs derived from the X.509 certificate or PKCS#7 message: id: serial number + issuer skid: subjKeyId + subject authority: authKeyId + issuer (2) Replace the hex fingerprint attached to key->type_data[1] with an asymmetric_key_ids struct containing the id and the skid (if present). (3) Make the asymmetric_type match data preparse select one of two searches: (a) An iterative search for the key ID given if prefixed with "id:". The prefix is expected to be followed by a hex string giving the ID to search for. The criterion key ID is checked against all key IDs recorded on the key. (b) A direct search if the key ID is not prefixed with "id:". This will look for an exact match on the key description. (4) Make x509_request_asymmetric_key() take a key ID. This is then converted into "id:<hex>" and passed into keyring_search() where match preparsing will turn it back into a binary ID. (5) X.509 certificate verification then takes the authority key ID and looks up a key that matches it to find the public key for the certificate signature. (6) PKCS#7 certificate verification then takes the id key ID and looks up a key that matches it to find the public key for the signed information block signature. Additional changes: (1) Multiple subjKeyId and authKeyId values on an X.509 certificate cause the cert to be rejected with -EBADMSG. (2) The 'fingerprint' ID is gone. This was primarily intended to convey PGP public key fingerprints. If PGP is supported in future, this should generate a key ID that carries the fingerprint. (3) Th ca_keyid= kernel command line option is now converted to a key ID and used to match the authority key ID. Possibly this should only match the actual authKeyId part and not the issuer as well. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> 2014-09-16 17:36:13 +01:00			`struct asymmetric_key_id *signing_cert_id;`
PKCS#7: Implement a parser [RFC 2315] Implement a parser for a PKCS#7 signed-data message as described in part of RFC 2315. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> 2014-07-01 16:40:19 +01:00
			`/* Message signature.`
			`*`
			`* This contains the generated digest of _either_ the Content Data or`
			`* the Authenticated Attributes [RFC2315 9.3]. If the latter, one of`
			`* the attributes contains the digest of the the Content Data within`
			`* it.`
			`*/`
			`struct public_key_signature sig;`
			`};`

			`struct pkcs7_message {`
			`struct x509_certificate certs; / Certificate list */`
			`struct x509_certificate crl; / Revocation list */`
			`struct pkcs7_signed_info *signed_infos;`

			`/* Content Data (or NULL) */`
			`enum OID data_type; /* Type of Data */`
			`size_t data_len; /* Length of Data */`
			`size_t data_hdrlen; /* Length of Data ASN.1 header */`
			`const void data; / Content Data (or 0) */`
			`};`