1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00

Merge pull request #14267 from poettering/pkcs11-cryptsetup

just the pkcs11 hookup for classic cryptsetup (/etc/crypttab) split out of the homed PR
This commit is contained in:
Lennart Poettering 2019-12-17 15:30:32 +01:00 committed by GitHub
commit 13b6c4c8de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 1465 additions and 31 deletions

View File

@ -10,7 +10,7 @@
The Red Hat version has been written by Miloslav Trmac <mitr@redhat.com>.
-->
<refentry id="crypttab" conditional='HAVE_LIBCRYPTSETUP'>
<refentry id="crypttab" conditional='HAVE_LIBCRYPTSETUP' xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>crypttab</title>
@ -413,9 +413,22 @@
<varlistentry>
<term><option>verify</option></term>
<listitem><para> If the encryption password is read from
console, it has to be entered twice to prevent
typos.</para></listitem>
<listitem><para>If the encryption password is read from console, it has to be entered twice to
prevent typos.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>pkcs11-uri=</option></term>
<listitem><para>Takes a <ulink url="https://tools.ietf.org/html/rfc7512">RFC7512 PKCS#11 URI</ulink>
pointing to a private RSA key which is used to decrypt the key specified in the third column of the
line. This is useful for unlocking encrypted volumes through security tokens or smartcards. See below
for an example how to set up this mechanism for unlocking a LUKS volume with a YubiKey security
token. The specified URI can refer directly to a private RSA key stored on a token or alternatively
just to a slot or token in which case a suitable private RSA key object is automatically searched on
it. In this case if multiple suitable objects are found the token is refused. The key configured in
the third column is passed as is to RSA decryption. The resulting decrypted key is then base64
encoded before it is used to unlock the LUKS volume.</para></listitem>
</varlistentry>
<varlistentry>
@ -458,7 +471,7 @@
</refsect1>
<refsect1>
<title>Example</title>
<title>Examples</title>
<example>
<title>/etc/crypttab example</title>
<para>Set up four encrypted block devices. One using LUKS for
@ -471,6 +484,27 @@ truecrypt /dev/sda2 /etc/container_password tcrypt
hidden /mnt/tc_hidden /dev/null tcrypt-hidden,tcrypt-keyfile=/etc/keyfile
external /dev/sda3 keyfile:LABEL=keydev keyfile-timeout=10s</programlisting>
</example>
<example>
<title>Yubikey-based Volume Unlocking Example</title>
<para>The PKCS#11 logic allows hooking up any compatible security token that is capable of storing RSA
decryption keys. Here's an example how to set up a Yubikey security token for this purpose:</para>
<programlisting><xi:include href="yubikey-crypttab.sh" parse="text" /></programlisting>
<para>A few notes on the above:</para>
<itemizedlist>
<listitem><para>We use RSA (and not ECC), since Yubikeys support PKCS#11 Decrypt() only for RSA keys</para></listitem>
<listitem><para>We use RSA2048, which is the longest key size current Yubikeys support</para></listitem>
<listitem><para>LUKS key size must be shorter than 2048bit due to RSA padding, hence we use 128 bytes</para></listitem>
<listitem><para>We use Yubikey key slot 9d, since that's apparently the keyslot to use for decryption purposes,
<ulink url="https://developers.yubico.com/PIV/Introduction/Certificate_slots.html">see
documentation</ulink>.</para></listitem>
</itemizedlist>
</example>
</refsect1>
<refsect1>

45
man/yubikey-crypttab.sh Normal file
View File

@ -0,0 +1,45 @@
# Make sure noone can read the files we generate but us
umask 077
# Destroy any old key on the Yubikey (careful!)
ykman piv reset
# Generate a new private/public key pair on the device, store the public key in 'pubkey.pem'.
ykman piv generate-key -a RSA2048 9d pubkey.pem
# Create a self-signed certificate from this public key, and store it on the device.
ykman piv generate-certificate --subject "Knobelei" 9d pubkey.pem
# Check if the newly create key on the Yubikey shows up as token in PKCS#11. Have a look at the output, and
# copy the resulting token URI to the clipboard.
p11tool --list-tokens
# Generate a (secret) random key to use as LUKS decryption key.
dd if=/dev/urandom of=plaintext.bin bs=128 count=1
# Encode the secret key also as base64 text (with all whitespace removed)
base64 &lt; plaintext.bin | tr -d '\n\r\t ' &gt; plaintext.base64
# Encrypt this newly generated (binary) LUKS decryption key using the public key whose private key is on the
# Yubikey, store the result in /etc/encrypted-luks-key.bin, where we'll look for it during boot.
openssl rsautl -encrypt -pubin -inkey pubkey.pem -in plaintext.bin -out /etc/encrypted-luks-key.bin
# Configure the LUKS decryption key on the LUKS device. We use very low pbkdf settings since the key already
# has quite a high quality (it comes directly from /dev/urandom after all), and thus we don't need to do much
# key derivation.
cryptsetup luksAddKey /dev/sda1 plaintext.base64 --pbkdf=pbkdf2 --pbkdf-force-iterations=1000
# Now securely delete the plain text LUKS key, we don't need it anymore, and since it contains secret key
# material it should be removed from disk thoroughly.
shred -u plaintext.bin plaintext.base64
# We don't need the public key anymore either, let's remove it too. Since this one is not security
# sensitive we just do a regular "rm" here.
rm pubkey.pem
# Test: Let's run systemd-cryptsetup to test if this all worked. The option string should contain the full
# PKCS#11 URI we have in the clipboard, it tells the tool how to decypher the encrypted LUKS key.
systemd-cryptsetup attach mytest /dev/sda1 /etc/encrypted-luks-key.bin 'pkcs11-uri=pkcs11:…'
# If that worked, let's now add the same line persistently to /etc/crypttab, for the future.
echo "mytest /dev/sda1 /etc/encrypted-luks-key 'pkcs11-uri=pkcs11:…' >> /etc/crypttab

View File

@ -1104,6 +1104,18 @@ else
endif
conf.set10('HAVE_OPENSSL', have)
want_p11kit = get_option('p11kit')
if want_p11kit != 'false' and not skip_deps
libp11kit = dependency('p11-kit-1',
version : '>= 0.23.3',
required : want_p11kit == 'true')
have = libp11kit.found()
else
have = false
libp11kit = []
endif
conf.set10('HAVE_P11KIT', have)
want_elfutils = get_option('elfutils')
if want_elfutils != 'false' and not skip_deps
libdw = dependency('libdw',
@ -1997,11 +2009,21 @@ executable('systemd-system-update-generator',
install_dir : systemgeneratordir)
if conf.get('HAVE_LIBCRYPTSETUP') == 1
systemd_cryptsetup_sources = files('''
src/cryptsetup/cryptsetup.c
src/cryptsetup/cryptsetup-pkcs11.h
'''.split())
if conf.get('HAVE_P11KIT') == 1
systemd_cryptsetup_sources += files('src/cryptsetup/cryptsetup-pkcs11.c')
endif
executable('systemd-cryptsetup',
'src/cryptsetup/cryptsetup.c',
systemd_cryptsetup_sources,
include_directories : includes,
link_with : [libshared],
dependencies : [libcryptsetup],
dependencies : [libcryptsetup,
libp11kit],
install_rpath : rootlibexecdir,
install : true,
install_dir : rootlibexecdir)
@ -3194,6 +3216,7 @@ missing = []
foreach tuple : [
['libcryptsetup'],
['PAM'],
['p11kit'],
['AUDIT'],
['IMA'],
['AppArmor'],

View File

@ -282,6 +282,8 @@ option('gnutls', type : 'combo', choices : ['auto', 'true', 'false'],
description : 'gnutls support')
option('openssl', type : 'combo', choices : ['auto', 'true', 'false'],
description : 'openssl support')
option('p11kit', type : 'combo', choices : ['auto', 'true', 'false'],
description : 'p11kit support')
option('elfutils', type : 'combo', choices : ['auto', 'true', 'false'],
description : 'elfutils support')
option('zlib', type : 'combo', choices : ['auto', 'true', 'false'],

View File

@ -4,4 +4,10 @@ ACTION=="remove", GOTO="fido_id_end"
SUBSYSTEM=="hidraw", IMPORT{program}="fido_id"
# Tag any form of security token as such
ENV{ID_SECURITY_TOKEN}=="1", TAG+="security-device"
# Tag any CCID device (i.e. Smartcard Reader) as security token
SUBSYSTEM=="usb", ATTR{bInterfaceClass}=="0b", TAG+="security-device"
LABEL="fido_id_end"

View File

@ -0,0 +1,172 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include <fcntl.h>
#include <unistd.h>
#include <sys/stat.h>
#include <p11-kit/p11-kit.h>
#include <p11-kit/uri.h>
#include "alloc-util.h"
#include "ask-password-api.h"
#include "cryptsetup-pkcs11.h"
#include "escape.h"
#include "fd-util.h"
#include "macro.h"
#include "memory-util.h"
#include "pkcs11-util.h"
#include "stat-util.h"
#include "strv.h"
static int load_key_file(
const char *key_file,
size_t key_file_size,
uint64_t key_file_offset,
void **ret_encrypted_key,
size_t *ret_encrypted_key_size) {
_cleanup_(erase_and_freep) char *buffer = NULL;
_cleanup_close_ int fd = -1;
ssize_t n;
int r;
assert(key_file);
assert(ret_encrypted_key);
assert(ret_encrypted_key_size);
fd = open(key_file, O_RDONLY|O_CLOEXEC);
if (fd < 0)
return log_error_errno(errno, "Failed to load encrypted PKCS#11 key: %m");
if (key_file_size == 0) {
struct stat st;
if (fstat(fd, &st) < 0)
return log_error_errno(errno, "Failed to stat key file: %m");
r = stat_verify_regular(&st);
if (r < 0)
return log_error_errno(r, "Key file is not a regular file: %m");
if (st.st_size == 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Key file is empty, refusing.");
if ((uint64_t) st.st_size > SIZE_MAX)
return log_error_errno(SYNTHETIC_ERRNO(ERANGE), "Key file too large, refusing.");
if (key_file_offset >= (uint64_t) st.st_size)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Key file offset too large for file, refusing.");
key_file_size = st.st_size - key_file_offset;
}
buffer = malloc(key_file_size);
if (!buffer)
return log_oom();
if (key_file_offset > 0)
n = pread(fd, buffer, key_file_size, key_file_offset);
else
n = read(fd, buffer, key_file_size);
if (n < 0)
return log_error_errno(errno, "Failed to read PKCS#11 key file: %m");
if (n == 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Empty encrypted key found, refusing.");
*ret_encrypted_key = TAKE_PTR(buffer);
*ret_encrypted_key_size = (size_t) n;
return 0;
}
struct pkcs11_callback_data {
const char *friendly_name;
usec_t until;
void *encrypted_key;
size_t encrypted_key_size;
void *decrypted_key;
size_t decrypted_key_size;
};
static void pkcs11_callback_data_release(struct pkcs11_callback_data *data) {
free(data->decrypted_key);
free(data->encrypted_key);
}
static int pkcs11_callback(
CK_FUNCTION_LIST *m,
CK_SESSION_HANDLE session,
CK_SLOT_ID slot_id,
const CK_SLOT_INFO *slot_info,
const CK_TOKEN_INFO *token_info,
P11KitUri *uri,
void *userdata) {
struct pkcs11_callback_data *data = userdata;
CK_OBJECT_HANDLE object;
int r;
assert(m);
assert(slot_info);
assert(token_info);
assert(uri);
assert(data);
/* Called for every token matching our URI */
r = pkcs11_token_login(m, session, slot_id, token_info, data->friendly_name, "drive-harddisk", "pkcs11-pin", data->until, NULL);
if (r < 0)
return r;
/* We are likely called during early boot, where entropy is scarce. Mix some data from the PKCS#11
* token, if it supports that. It should be cheap, given that we already are talking to it anyway and
* shouldn't hurt. */
(void) pkcs11_token_acquire_rng(m, session);
r = pkcs11_token_find_private_key(m, session, uri, &object);
if (r < 0)
return r;
r = pkcs11_token_decrypt_data(m, session, object, data->encrypted_key, data->encrypted_key_size, &data->decrypted_key, &data->decrypted_key_size);
if (r < 0)
return r;
return 1;
}
int decrypt_pkcs11_key(
const char *friendly_name,
const char *pkcs11_uri,
const char *key_file,
size_t key_file_size,
uint64_t key_file_offset,
usec_t until,
void **ret_decrypted_key,
size_t *ret_decrypted_key_size) {
_cleanup_(pkcs11_callback_data_release) struct pkcs11_callback_data data = {
.friendly_name = friendly_name,
.until = until,
};
int r;
assert(friendly_name);
assert(pkcs11_uri);
assert(key_file);
assert(ret_decrypted_key);
assert(ret_decrypted_key_size);
/* The functions called here log about all errors, except for EAGAIN which means "token not found right now" */
r = load_key_file(key_file, key_file_size, key_file_offset, &data.encrypted_key, &data.encrypted_key_size);
if (r < 0)
return r;
r = pkcs11_find_token(pkcs11_uri, pkcs11_callback, &data);
if (r < 0)
return r;
*ret_decrypted_key = TAKE_PTR(data.decrypted_key);
*ret_decrypted_key_size = data.decrypted_key_size;
return 0;
}

View File

@ -0,0 +1,37 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once
#include <sys/types.h>
#include "log.h"
#include "time-util.h"
#if HAVE_P11KIT
int decrypt_pkcs11_key(
const char *friendly_name,
const char *pkcs11_uri,
const char *key_file,
size_t key_file_size,
uint64_t key_file_offset,
usec_t until,
void **ret_decrypted_key,
size_t *ret_decrypted_key_size);
#else
static inline int decrypt_pkcs11_key(
const char *friendly_name,
const char *pkcs11_uri,
const char *key_file,
size_t key_file_size,
uint64_t key_file_offset,
usec_t until,
void **ret_decrypted_key,
size_t *ret_decrypted_key_size) {
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
"PKCS#11 Token support not available.");
}
#endif

View File

@ -12,16 +12,19 @@
#include "alloc-util.h"
#include "ask-password-api.h"
#include "crypt-util.h"
#include "cryptsetup-pkcs11.h"
#include "device-util.h"
#include "escape.h"
#include "fileio.h"
#include "fstab-util.h"
#include "hexdecoct.h"
#include "log.h"
#include "main-func.h"
#include "mount-util.h"
#include "nulstr-util.h"
#include "parse-util.h"
#include "path-util.h"
#include "pkcs11-util.h"
#include "pretty-print.h"
#include "string-util.h"
#include "strv.h"
@ -54,11 +57,13 @@ static char **arg_tcrypt_keyfiles = NULL;
static uint64_t arg_offset = 0;
static uint64_t arg_skip = 0;
static usec_t arg_timeout = USEC_INFINITY;
static char *arg_pkcs11_uri = NULL;
STATIC_DESTRUCTOR_REGISTER(arg_cipher, freep);
STATIC_DESTRUCTOR_REGISTER(arg_hash, freep);
STATIC_DESTRUCTOR_REGISTER(arg_header, freep);
STATIC_DESTRUCTOR_REGISTER(arg_tcrypt_keyfiles, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_pkcs11_uri, freep);
/* Options Debian's crypttab knows we don't:
@ -228,6 +233,15 @@ static int parse_one_option(const char *option) {
if (r < 0)
return log_error_errno(r, "Failed to parse %s: %m", option);
} else if ((val = startswith(option, "pkcs11-uri="))) {
if (!pkcs11_uri_valid(val))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "pkcs11-uri= parameter expects a PKCS#11 URI, refusing");
r = free_and_strdup(&arg_pkcs11_uri, val);
if (r < 0)
return log_oom();
} else if (!streq(option, "x-initrd.attach"))
log_warning("Encountered unknown /etc/crypttab option '%s', ignoring.", option);
@ -314,28 +328,19 @@ static char *disk_mount_point(const char *label) {
return NULL;
}
static int get_password(const char *vol, const char *src, usec_t until, bool accept_cached, char ***ret) {
_cleanup_free_ char *description = NULL, *name_buffer = NULL, *mount_point = NULL, *text = NULL, *disk_path = NULL;
_cleanup_strv_free_erase_ char **passwords = NULL;
const char *name = NULL;
char **p, *id;
int r = 0;
static char *friendly_disk_name(const char *src, const char *vol) {
_cleanup_free_ char *description = NULL, *mount_point = NULL;
char *name_buffer = NULL;
int r;
assert(vol);
assert(src);
assert(ret);
assert(vol);
description = disk_description(src);
mount_point = disk_mount_point(vol);
disk_path = cescape(src);
if (!disk_path)
return log_oom();
/* If the description string is simply the volume name, then let's not show this twice */
if (description && streq(vol, description))
/* If the description string is simply the
* volume name, then let's not show this
* twice */
description = mfree(description);
if (mount_point && description)
@ -344,13 +349,39 @@ static int get_password(const char *vol, const char *src, usec_t until, bool acc
r = asprintf(&name_buffer, "%s on %s", vol, mount_point);
else if (description)
r = asprintf(&name_buffer, "%s (%s)", description, vol);
else
return strdup(vol);
if (r < 0)
return NULL;
return name_buffer;
}
static int get_password(
const char *vol,
const char *src,
usec_t until,
bool accept_cached,
char ***ret) {
_cleanup_free_ char *friendly = NULL, *text = NULL, *disk_path = NULL;
_cleanup_strv_free_erase_ char **passwords = NULL;
char **p, *id;
int r = 0;
assert(vol);
assert(src);
assert(ret);
friendly = friendly_disk_name(src, vol);
if (!friendly)
return log_oom();
name = name_buffer ? name_buffer : vol;
if (asprintf(&text, "Please enter passphrase for disk %s:", friendly) < 0)
return log_oom();
if (asprintf(&text, "Please enter passphrase for disk %s:", name) < 0)
disk_path = cescape(src);
if (!disk_path)
return log_oom();
id = strjoina("cryptsetup:", disk_path);
@ -366,7 +397,7 @@ static int get_password(const char *vol, const char *src, usec_t until, bool acc
assert(strv_length(passwords) == 1);
if (asprintf(&text, "Please enter passphrase for disk %s (verification):", name) < 0)
if (asprintf(&text, "Please enter passphrase for disk %s (verification):", friendly) < 0)
return log_oom();
id = strjoina("cryptsetup-verification:", disk_path);
@ -424,6 +455,11 @@ static int attach_tcrypt(
assert(name);
assert(key_file || (passwords && passwords[0]));
if (arg_pkcs11_uri) {
log_error("Sorry, but tcrypt devices are currently not supported in conjunction with pkcs11 support.");
return -EAGAIN; /* Ask for a regular password */
}
if (arg_tcrypt_hidden)
params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;
@ -467,14 +503,14 @@ static int attach_luks_or_plain(
const char *name,
const char *key_file,
char **passwords,
uint32_t flags) {
uint32_t flags,
usec_t until) {
int r = 0;
bool pass_volume_key = false;
assert(cd);
assert(name);
assert(key_file || passwords);
if ((!arg_type && !crypt_get_type(cd)) || streq_ptr(arg_type, CRYPT_PLAIN)) {
struct crypt_params_plain params = {
@ -528,7 +564,111 @@ static int attach_luks_or_plain(
crypt_get_volume_key_size(cd)*8,
crypt_get_device_name(cd));
if (key_file) {
if (arg_pkcs11_uri) {
_cleanup_(sd_device_monitor_unrefp) sd_device_monitor *monitor = NULL;
_cleanup_(sd_event_unrefp) sd_event *event = NULL;
_cleanup_free_ void *decrypted_key = NULL;
_cleanup_free_ char *friendly = NULL;
size_t decrypted_key_size = 0;
if (!key_file)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "PKCS#11 mode selected but no key file specified, refusing.");
friendly = friendly_disk_name(crypt_get_device_name(cd), name);
if (!friendly)
return log_oom();
for (;;) {
bool processed = false;
r = decrypt_pkcs11_key(
friendly,
arg_pkcs11_uri,
key_file,
arg_keyfile_size, arg_keyfile_offset,
until,
&decrypted_key, &decrypted_key_size);
if (r >= 0)
break;
if (r != -EAGAIN) /* EAGAIN means: token not found */
return r;
if (!monitor) {
/* We didn't find the token. In this case, watch for it via udev. Let's
* create an event loop and monitor first. */
assert(!event);
r = sd_event_default(&event);
if (r < 0)
return log_error_errno(r, "Failed to allocate event loop: %m");
r = sd_device_monitor_new(&monitor);
if (r < 0)
return log_error_errno(r, "Failed to allocate device monitor: %m");
r = sd_device_monitor_filter_add_match_tag(monitor, "security-device");
if (r < 0)
return log_error_errno(r, "Failed to configure device monitor: %m");
r = sd_device_monitor_attach_event(monitor, event);
if (r < 0)
return log_error_errno(r, "Failed to attach device monitor: %m");
r = sd_device_monitor_start(monitor, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to start device monitor: %m");
log_notice("Security token %s not present for unlocking volume %s, please plug it in.",
arg_pkcs11_uri, friendly);
/* Let's immediately rescan in case the token appeared in the time we needed
* to create and configure the monitor */
continue;
}
for (;;) {
/* Wait for one event, and then eat all subsequent events until there are no
* further ones */
r = sd_event_run(event, processed ? 0 : UINT64_MAX);
if (r < 0)
return log_error_errno(r, "Failed to run event loop: %m");
if (r == 0)
break;
processed = true;
}
log_debug("Got one or more potentially relevant udev events, rescanning PKCS#11...");
}
if (pass_volume_key)
r = crypt_activate_by_volume_key(cd, name, decrypted_key, decrypted_key_size, flags);
else {
_cleanup_free_ char *base64_encoded = NULL;
/* Before using this key as passphrase we base64 encode it. Why? For compatibility
* with homed's PKCS#11 hookup: there we want to use the key we acquired through
* PKCS#11 for other authentication/decryption mechanisms too, and some of them do
* not not take arbitrary binary blobs, but require NUL-terminated strings most
* importantly UNIX password hashes. Hence, for compatibility we want to use a string
* without embedded NUL here too, and that's easiest to generate from a binary blob
* via base64 encoding. */
r = base64mem(decrypted_key, decrypted_key_size, &base64_encoded);
if (r < 0)
return log_oom();
r = crypt_activate_by_passphrase(cd, name, arg_key_slot, base64_encoded, strlen(base64_encoded), flags);
}
if (r == -EPERM) {
log_error_errno(r, "Failed to activate with PKCS#11 decrypted key. (Key incorrect?)");
return -EAGAIN; /* log actual error, but return EAGAIN */
}
if (r < 0)
return log_error_errno(r, "Failed to activate with PKCS#11 acquired key: %m");
} else if (key_file) {
r = crypt_activate_by_keyfile_device_offset(cd, name, arg_key_slot, key_file, arg_keyfile_size, arg_keyfile_offset, flags);
if (r == -EPERM) {
log_error_errno(r, "Failed to activate with key file '%s'. (Key data incorrect?)", key_file);
@ -717,7 +857,7 @@ static int run(int argc, char *argv[]) {
for (tries = 0; arg_tries == 0 || tries < arg_tries; tries++) {
_cleanup_strv_free_erase_ char **passwords = NULL;
if (!key_file) {
if (!key_file && !arg_pkcs11_uri) {
r = get_password(argv[2], argv[3], until, tries == 0 && !arg_verify, &passwords);
if (r == -EAGAIN)
continue;
@ -728,7 +868,7 @@ static int run(int argc, char *argv[]) {
if (streq_ptr(arg_type, CRYPT_TCRYPT))
r = attach_tcrypt(cd, argv[2], key_file, passwords, flags);
else
r = attach_luks_or_plain(cd, argv[2], key_file, passwords, flags);
r = attach_luks_or_plain(cd, argv[2], key_file, passwords, flags, until);
if (r >= 0)
break;
if (r != -EAGAIN)
@ -736,6 +876,7 @@ static int run(int argc, char *argv[]) {
/* Passphrase not correct? Let's try again! */
key_file = NULL;
arg_pkcs11_uri = NULL;
}
if (arg_tries != 0 && tries >= arg_tries)

View File

@ -132,6 +132,7 @@ shared_sources = files('''
nscd-flush.h
nsflags.c
nsflags.h
openssl-util.h
os-util.c
os-util.h
output-mode.c
@ -141,6 +142,8 @@ shared_sources = files('''
path-lookup.c
path-lookup.h
pe-header.h
pkcs11-util.c
pkcs11-util.h
pretty-print.c
pretty-print.h
ptyfwd.c
@ -277,6 +280,8 @@ libshared_deps = [threads,
libkmod,
liblz4,
libmount,
libopenssl,
libp11kit,
librt,
libseccomp,
libselinux,

View File

@ -0,0 +1,9 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once
#include <openssl/pem.h>
DEFINE_TRIVIAL_CLEANUP_FUNC(X509*, X509_free);
DEFINE_TRIVIAL_CLEANUP_FUNC(X509_NAME*, X509_NAME_free);
DEFINE_TRIVIAL_CLEANUP_FUNC(EVP_PKEY_CTX*, EVP_PKEY_CTX_free);
DEFINE_TRIVIAL_CLEANUP_FUNC(EVP_CIPHER_CTX*, EVP_CIPHER_CTX_free);

912
src/shared/pkcs11-util.c Normal file
View File

@ -0,0 +1,912 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include <fcntl.h>
#include "ask-password-api.h"
#include "escape.h"
#include "fd-util.h"
#include "io-util.h"
#include "memory-util.h"
#if HAVE_OPENSSL
#include "openssl-util.h"
#endif
#include "pkcs11-util.h"
#include "random-util.h"
#include "string-util.h"
#include "strv.h"
bool pkcs11_uri_valid(const char *uri) {
const char *p;
/* A very superficial checker for RFC7512 PKCS#11 URI syntax */
if (isempty(uri))
return false;
p = startswith(uri, "pkcs11:");
if (!p)
return false;
if (isempty(p))
return false;
if (!in_charset(p, ALPHANUMERICAL "-_?;&%="))
return false;
return true;
}
#if HAVE_P11KIT
int uri_from_string(const char *p, P11KitUri **ret) {
_cleanup_(p11_kit_uri_freep) P11KitUri *uri = NULL;
assert(p);
assert(ret);
uri = p11_kit_uri_new();
if (!uri)
return -ENOMEM;
if (p11_kit_uri_parse(p, P11_KIT_URI_FOR_ANY, uri) != P11_KIT_URI_OK)
return -EINVAL;
*ret = TAKE_PTR(uri);
return 0;
}
P11KitUri *uri_from_module_info(const CK_INFO *info) {
P11KitUri *uri;
assert(info);
uri = p11_kit_uri_new();
if (!uri)
return NULL;
*p11_kit_uri_get_module_info(uri) = *info;
return uri;
}
P11KitUri *uri_from_slot_info(const CK_SLOT_INFO *slot_info) {
P11KitUri *uri;
assert(slot_info);
uri = p11_kit_uri_new();
if (!uri)
return NULL;
*p11_kit_uri_get_slot_info(uri) = *slot_info;
return uri;
}
P11KitUri *uri_from_token_info(const CK_TOKEN_INFO *token_info) {
P11KitUri *uri;
assert(token_info);
uri = p11_kit_uri_new();
if (!uri)
return NULL;
*p11_kit_uri_get_token_info(uri) = *token_info;
return uri;
}
CK_RV pkcs11_get_slot_list_malloc(
CK_FUNCTION_LIST *m,
CK_SLOT_ID **ret_slotids,
CK_ULONG *ret_n_slotids) {
CK_RV rv;
assert(m);
assert(ret_slotids);
assert(ret_n_slotids);
for (unsigned tries = 0; tries < 16; tries++) {
_cleanup_free_ CK_SLOT_ID *slotids = NULL;
CK_ULONG n_slotids = 0;
rv = m->C_GetSlotList(0, NULL, &n_slotids);
if (rv != CKR_OK)
return rv;
if (n_slotids == 0) {
*ret_slotids = NULL;
*ret_n_slotids = 0;
return CKR_OK;
}
slotids = new(CK_SLOT_ID, n_slotids);
if (!slotids)
return CKR_HOST_MEMORY;
rv = m->C_GetSlotList(0, slotids, &n_slotids);
if (rv == CKR_OK) {
*ret_slotids = TAKE_PTR(slotids);
*ret_n_slotids = n_slotids;
return CKR_OK;
}
if (rv != CKR_BUFFER_TOO_SMALL)
return rv;
/* Hu? Maybe somebody plugged something in and things changed? Let's try again */
}
return CKR_BUFFER_TOO_SMALL;
}
char *pkcs11_token_label(const CK_TOKEN_INFO *token_info) {
char *t;
/* The label is not NUL terminated and likely padded with spaces, let's make a copy here, so that we
* can strip that. */
t = strndup((char*) token_info->label, sizeof(token_info->label));
if (!t)
return NULL;
strstrip(t);
return t;
}
int pkcs11_token_login(
CK_FUNCTION_LIST *m,
CK_SESSION_HANDLE session,
CK_SLOT_ID slotid,
const CK_TOKEN_INFO *token_info,
const char *friendly_name,
const char *icon_name,
const char *keyname,
usec_t until,
char **ret_used_pin) {
_cleanup_free_ char *token_uri_string = NULL, *token_uri_escaped = NULL, *id = NULL, *token_label = NULL;
_cleanup_(p11_kit_uri_freep) P11KitUri *token_uri = NULL;
CK_TOKEN_INFO updated_token_info;
int uri_result;
CK_RV rv;
int r;
assert(m);
assert(token_info);
token_label = pkcs11_token_label(token_info);
if (!token_label)
return log_oom();
token_uri = uri_from_token_info(token_info);
if (!token_uri)
return log_oom();
uri_result = p11_kit_uri_format(token_uri, P11_KIT_URI_FOR_ANY, &token_uri_string);
if (uri_result != P11_KIT_URI_OK)
return log_warning_errno(SYNTHETIC_ERRNO(EAGAIN), "Failed to format slot URI: %s", p11_kit_uri_message(uri_result));
if (FLAGS_SET(token_info->flags, CKF_PROTECTED_AUTHENTICATION_PATH)) {
rv = m->C_Login(session, CKU_USER, NULL, 0);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to log into security token '%s': %s", token_label, p11_kit_strerror(rv));
log_info("Successully logged into security token '%s' via protected authentication path.", token_label);
*ret_used_pin = NULL;
return 0;
}
if (!FLAGS_SET(token_info->flags, CKF_LOGIN_REQUIRED)) {
log_info("No login into security token '%s' required.", token_label);
*ret_used_pin = NULL;
return 0;
}
token_uri_escaped = cescape(token_uri_string);
if (!token_uri_escaped)
return log_oom();
id = strjoin("pkcs11:", token_uri_escaped);
if (!id)
return log_oom();
for (unsigned tries = 0; tries < 3; tries++) {
_cleanup_strv_free_erase_ char **passwords = NULL;
_cleanup_free_ char *text = NULL;
char **i, *e;
if (FLAGS_SET(token_info->flags, CKF_USER_PIN_FINAL_TRY))
r = asprintf(&text,
"Please enter correct PIN for security token '%s' in order to unlock %s (final try):",
token_label, friendly_name);
if (FLAGS_SET(token_info->flags, CKF_USER_PIN_COUNT_LOW))
r = asprintf(&text,
"PIN has been entered incorrectly previously, please enter correct PIN for security token '%s' in order to unlock %s:",
token_label, friendly_name);
else if (tries == 0)
r = asprintf(&text,
"Please enter PIN for security token '%s' in order to unlock %s:",
token_label, friendly_name);
else
r = asprintf(&text,
"Please enter PIN for security token '%s' in order to unlock %s (try #%u):",
token_label, friendly_name, tries+1);
if (r < 0)
return log_oom();
e = getenv("PIN");
if (e) {
passwords = strv_new(e);
if (!passwords)
return log_oom();
string_erase(e);
if (unsetenv("PIN") < 0)
return log_error_errno(errno, "Failed to unset $PIN: %m");
} else {
/* We never cache PINs, simply because it's fatal if we use wrong PINs, since usually there are only 3 tries */
r = ask_password_auto(text, icon_name, id, keyname, until, 0, &passwords);
if (r < 0)
return log_error_errno(r, "Failed to query PIN for security token '%s': %m", token_label);
}
STRV_FOREACH(i, passwords) {
rv = m->C_Login(session, CKU_USER, (CK_UTF8CHAR*) *i, strlen(*i));
if (rv == CKR_OK) {
if (ret_used_pin) {
char *c;
c = strdup(*i);
if (!c)
return log_oom();
*ret_used_pin = c;
}
log_info("Successfully logged into security token '%s'.", token_label);
return 0;
}
if (rv == CKR_PIN_LOCKED)
return log_error_errno(SYNTHETIC_ERRNO(EPERM),
"PIN has been locked, please reset PIN of security token '%s'.", token_label);
if (!IN_SET(rv, CKR_PIN_INCORRECT, CKR_PIN_LEN_RANGE))
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to log into security token '%s': %s", token_label, p11_kit_strerror(rv));
/* Referesh the token info, so that we can prompt knowing the new flags if they changed. */
rv = m->C_GetTokenInfo(slotid, &updated_token_info);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to acquire updated security token information for slot %lu: %s",
slotid, p11_kit_strerror(rv));
token_info = &updated_token_info;
log_notice("PIN for token '%s' is incorrect, please try again.", token_label);
}
}
return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Too many attempts to log into token '%s'.", token_label);
}
int pkcs11_token_find_x509_certificate(
CK_FUNCTION_LIST *m,
CK_SESSION_HANDLE session,
P11KitUri *search_uri,
CK_OBJECT_HANDLE *ret_object) {
bool found_class = false, found_certificate_type = false;
_cleanup_free_ CK_ATTRIBUTE *attributes_buffer = NULL;
CK_ULONG n_attributes, a, n_objects;
CK_ATTRIBUTE *attributes = NULL;
CK_OBJECT_HANDLE objects[2];
CK_RV rv, rv2;
assert(m);
assert(search_uri);
assert(ret_object);
attributes = p11_kit_uri_get_attributes(search_uri, &n_attributes);
for (a = 0; a < n_attributes; a++) {
/* We use the URI's included match attributes, but make them more strict. This allows users
* to specify a token URL instead of an object URL and the right thing should happen if
* there's only one suitable key on the token. */
switch (attributes[a].type) {
case CKA_CLASS: {
CK_OBJECT_CLASS c;
if (attributes[a].ulValueLen != sizeof(c))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid PKCS#11 CKA_CLASS attribute size.");
memcpy(&c, attributes[a].pValue, sizeof(c));
if (c != CKO_CERTIFICATE)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Selected PKCS#11 object is not an X.509 certificate, refusing.");
found_class = true;
break;
}
case CKA_CERTIFICATE_TYPE: {
CK_CERTIFICATE_TYPE t;
if (attributes[a].ulValueLen != sizeof(t))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid PKCS#11 CKA_CERTIFICATE_TYPE attribute size.");
memcpy(&t, attributes[a].pValue, sizeof(t));
if (t != CKC_X_509)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Selected PKCS#11 object is not an X.509 certificate, refusing.");
found_certificate_type = true;
break;
}}
}
if (!found_class || !found_certificate_type) {
/* Hmm, let's slightly extend the attribute list we search for */
attributes_buffer = new(CK_ATTRIBUTE, n_attributes + !found_class + !found_certificate_type);
if (!attributes_buffer)
return log_oom();
memcpy(attributes_buffer, attributes, sizeof(CK_ATTRIBUTE) * n_attributes);
if (!found_class) {
static const CK_OBJECT_CLASS class = CKO_CERTIFICATE;
attributes_buffer[n_attributes++] = (CK_ATTRIBUTE) {
.type = CKA_CLASS,
.pValue = (CK_OBJECT_CLASS*) &class,
.ulValueLen = sizeof(class),
};
}
if (!found_certificate_type) {
static const CK_CERTIFICATE_TYPE type = CKC_X_509;
attributes_buffer[n_attributes++] = (CK_ATTRIBUTE) {
.type = CKA_CERTIFICATE_TYPE,
.pValue = (CK_CERTIFICATE_TYPE*) &type,
.ulValueLen = sizeof(type),
};
}
attributes = attributes_buffer;
}
rv = m->C_FindObjectsInit(session, attributes, n_attributes);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to initialize object find call: %s", p11_kit_strerror(rv));
rv = m->C_FindObjects(session, objects, ELEMENTSOF(objects), &n_objects);
rv2 = m->C_FindObjectsFinal(session);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to find objects: %s", p11_kit_strerror(rv));
if (rv2 != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to finalize object find call: %s", p11_kit_strerror(rv));
if (n_objects == 0)
return log_error_errno(SYNTHETIC_ERRNO(ENOENT),
"Failed to find selected X509 certificate on token.");
if (n_objects > 1)
return log_error_errno(SYNTHETIC_ERRNO(ENOTUNIQ),
"Configured URI matches multiple certificates, refusing.");
*ret_object = objects[0];
return 0;
}
#if HAVE_OPENSSL
int pkcs11_token_read_x509_certificate(
CK_FUNCTION_LIST *m,
CK_SESSION_HANDLE session,
CK_OBJECT_HANDLE object,
X509 **ret_cert) {
_cleanup_free_ void *buffer = NULL;
_cleanup_free_ char *t = NULL;
CK_ATTRIBUTE attribute = {
.type = CKA_VALUE
};
CK_RV rv;
_cleanup_(X509_freep) X509 *x509 = NULL;
X509_NAME *name = NULL;
const unsigned char *p;
rv = m->C_GetAttributeValue(session, object, &attribute, 1);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to read X.509 certificate size off token: %s", p11_kit_strerror(rv));
buffer = malloc(attribute.ulValueLen);
if (!buffer)
return log_oom();
attribute.pValue = buffer;
rv = m->C_GetAttributeValue(session, object, &attribute, 1);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to read X.509 certificate data off token: %s", p11_kit_strerror(rv));
p = attribute.pValue;
x509 = d2i_X509(NULL, &p, attribute.ulValueLen);
if (!x509)
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Failed parse X.509 certificate.");
name = X509_get_subject_name(x509);
if (!name)
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Failed to acquire X.509 subject name.");
t = X509_NAME_oneline(name, NULL, 0);
if (!t)
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to format X.509 subject name as string.");
log_debug("Using X.509 certificate issued for '%s'.", t);
*ret_cert = TAKE_PTR(x509);
return 0;
}
#endif
int pkcs11_token_find_private_key(
CK_FUNCTION_LIST *m,
CK_SESSION_HANDLE session,
P11KitUri *search_uri,
CK_OBJECT_HANDLE *ret_object) {
bool found_decrypt = false, found_class = false, found_key_type = false;
_cleanup_free_ CK_ATTRIBUTE *attributes_buffer = NULL;
CK_ULONG n_attributes, a, n_objects;
CK_ATTRIBUTE *attributes = NULL;
CK_OBJECT_HANDLE objects[2];
CK_RV rv, rv2;
assert(m);
assert(search_uri);
assert(ret_object);
attributes = p11_kit_uri_get_attributes(search_uri, &n_attributes);
for (a = 0; a < n_attributes; a++) {
/* We use the URI's included match attributes, but make them more strict. This allows users
* to specify a token URL instead of an object URL and the right thing should happen if
* there's only one suitable key on the token. */
switch (attributes[a].type) {
case CKA_CLASS: {
CK_OBJECT_CLASS c;
if (attributes[a].ulValueLen != sizeof(c))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid PKCS#11 CKA_CLASS attribute size.");
memcpy(&c, attributes[a].pValue, sizeof(c));
if (c != CKO_PRIVATE_KEY)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Selected PKCS#11 object is not a private key, refusing.");
found_class = true;
break;
}
case CKA_DECRYPT: {
CK_BBOOL b;
if (attributes[a].ulValueLen != sizeof(b))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid PKCS#11 CKA_DECRYPT attribute size.");
memcpy(&b, attributes[a].pValue, sizeof(b));
if (!b)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Selected PKCS#11 object is not suitable for decryption, refusing.");
found_decrypt = true;
break;
}
case CKA_KEY_TYPE: {
CK_KEY_TYPE t;
if (attributes[a].ulValueLen != sizeof(t))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid PKCS#11 CKA_KEY_TYPE attribute size.");
memcpy(&t, attributes[a].pValue, sizeof(t));
if (t != CKK_RSA)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Selected PKCS#11 object is not an RSA key, refusing.");
found_key_type = true;
break;
}}
}
if (!found_decrypt || !found_class || !found_key_type) {
/* Hmm, let's slightly extend the attribute list we search for */
attributes_buffer = new(CK_ATTRIBUTE, n_attributes + !found_decrypt + !found_class + !found_key_type);
if (!attributes_buffer)
return log_oom();
memcpy(attributes_buffer, attributes, sizeof(CK_ATTRIBUTE) * n_attributes);
if (!found_decrypt) {
static const CK_BBOOL yes = true;
attributes_buffer[n_attributes++] = (CK_ATTRIBUTE) {
.type = CKA_DECRYPT,
.pValue = (CK_BBOOL*) &yes,
.ulValueLen = sizeof(yes),
};
}
if (!found_class) {
static const CK_OBJECT_CLASS class = CKO_PRIVATE_KEY;
attributes_buffer[n_attributes++] = (CK_ATTRIBUTE) {
.type = CKA_CLASS,
.pValue = (CK_OBJECT_CLASS*) &class,
.ulValueLen = sizeof(class),
};
}
if (!found_key_type) {
static const CK_KEY_TYPE type = CKK_RSA;
attributes_buffer[n_attributes++] = (CK_ATTRIBUTE) {
.type = CKA_KEY_TYPE,
.pValue = (CK_KEY_TYPE*) &type,
.ulValueLen = sizeof(type),
};
}
attributes = attributes_buffer;
}
rv = m->C_FindObjectsInit(session, attributes, n_attributes);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to initialize object find call: %s", p11_kit_strerror(rv));
rv = m->C_FindObjects(session, objects, ELEMENTSOF(objects), &n_objects);
rv2 = m->C_FindObjectsFinal(session);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to find objects: %s", p11_kit_strerror(rv));
if (rv2 != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to finalize object find call: %s", p11_kit_strerror(rv));
if (n_objects == 0)
return log_error_errno(SYNTHETIC_ERRNO(ENOENT),
"Failed to find selected private key suitable for decryption on token.");
if (n_objects > 1)
return log_error_errno(SYNTHETIC_ERRNO(ENOTUNIQ),
"Configured private key URI matches multiple keys, refusing.");
*ret_object = objects[0];
return 0;
}
int pkcs11_token_decrypt_data(
CK_FUNCTION_LIST *m,
CK_SESSION_HANDLE session,
CK_OBJECT_HANDLE object,
const void *encrypted_data,
size_t encrypted_data_size,
void **ret_decrypted_data,
size_t *ret_decrypted_data_size) {
static const CK_MECHANISM mechanism = {
.mechanism = CKM_RSA_PKCS
};
_cleanup_(erase_and_freep) CK_BYTE *dbuffer = NULL;
CK_ULONG dbuffer_size = 0;
CK_RV rv;
assert(m);
assert(encrypted_data);
assert(encrypted_data_size > 0);
assert(ret_decrypted_data);
assert(ret_decrypted_data_size);
rv = m->C_DecryptInit(session, (CK_MECHANISM*) &mechanism, object);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to initialize decryption on security token: %s", p11_kit_strerror(rv));
dbuffer_size = encrypted_data_size; /* Start with something reasonable */
dbuffer = malloc(dbuffer_size);
if (!dbuffer)
return log_oom();
rv = m->C_Decrypt(session, (CK_BYTE*) encrypted_data, encrypted_data_size, dbuffer, &dbuffer_size);
if (rv == CKR_BUFFER_TOO_SMALL) {
erase_and_free(dbuffer);
dbuffer = malloc(dbuffer_size);
if (!dbuffer)
return log_oom();
rv = m->C_Decrypt(session, (CK_BYTE*) encrypted_data, encrypted_data_size, dbuffer, &dbuffer_size);
}
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to decrypt key on security token: %s", p11_kit_strerror(rv));
log_info("Successfully decrypted key with security token.");
*ret_decrypted_data = TAKE_PTR(dbuffer);
*ret_decrypted_data_size = dbuffer_size;
return 0;
}
int pkcs11_token_acquire_rng(
CK_FUNCTION_LIST *m,
CK_SESSION_HANDLE session) {
_cleanup_free_ void *buffer = NULL;
_cleanup_close_ int fd = -1;
size_t rps;
CK_RV rv;
int r;
assert(m);
/* While we are at it, let's read some RNG data from the PKCS#11 token and pass it to the kernel
* random pool. This should be cheap if we are talking to the device already. Note that we don't
* credit any entropy, since we don't know about the quality of the pkcs#11 token's RNG. Why bother
* at all? There are two sides to the argument whether to generate private keys on tokens or on the
* host. By crediting some data from the token RNG to the host's pool we at least can say that any
* key generated from it is at least as good as both sources individually. */
rps = random_pool_size();
buffer = malloc(rps);
if (!buffer)
return log_oom();
rv = m->C_GenerateRandom(session, buffer, rps);
if (rv != CKR_OK)
return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
"Failed to generate RNG data on security token: %s", p11_kit_strerror(rv));
fd = open("/dev/urandom", O_WRONLY|O_CLOEXEC|O_NOCTTY);
if (fd < 0)
return log_debug_errno(errno, "Failed to open /dev/urandom for writing: %m");
r = loop_write(fd, buffer, rps, false);
if (r < 0)
return log_debug_errno(r, "Failed to write PKCS#11 acquired random data to /dev/urandom: %m");
log_debug("Successfully written %zu bytes random data acquired via PKCS#11 to kernel random pool.", rps);
return 0;
}
static int token_process(
CK_FUNCTION_LIST *m,
CK_SLOT_ID slotid,
const CK_SLOT_INFO *slot_info,
const CK_TOKEN_INFO *token_info,
P11KitUri *search_uri,
pkcs11_find_token_callback_t callback,
void *userdata) {
_cleanup_free_ char *token_label = NULL;
CK_SESSION_HANDLE session;
CK_RV rv;
int r;
assert(m);
assert(slot_info);
assert(token_info);
assert(search_uri);
token_label = pkcs11_token_label(token_info);
if (!token_label)
return log_oom();
rv = m->C_OpenSession(slotid, CKF_SERIAL_SESSION, NULL, NULL, &session);
if (rv != CKR_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to create session for security token '%s': %s", token_label, p11_kit_strerror(rv));
if (callback)
r = callback(m, session, slotid, slot_info, token_info, search_uri, userdata);
else
r = 1; /* if not callback was specified, just say we found what we were looking for */
rv = m->C_CloseSession(session);
if (rv != CKR_OK)
log_warning("Failed to close session on PKCS#11 token, ignoring: %s", p11_kit_strerror(rv));
return r;
}
static int slot_process(
CK_FUNCTION_LIST *m,
CK_SLOT_ID slotid,
P11KitUri *search_uri,
pkcs11_find_token_callback_t callback,
void *userdata) {
_cleanup_(p11_kit_uri_freep) P11KitUri* slot_uri = NULL, *token_uri = NULL;
_cleanup_free_ char *token_uri_string = NULL;
CK_TOKEN_INFO token_info;
CK_SLOT_INFO slot_info;
int uri_result;
CK_RV rv;
assert(m);
assert(search_uri);
/* We return -EAGAIN for all failures we can attribute to a specific slot in some way, so that the
* caller might try other slots before giving up. */
rv = m->C_GetSlotInfo(slotid, &slot_info);
if (rv != CKR_OK) {
log_warning("Failed to acquire slot info for slot %lu, ignoring slot: %s", slotid, p11_kit_strerror(rv));
return -EAGAIN;
}
slot_uri = uri_from_slot_info(&slot_info);
if (!slot_uri)
return log_oom();
if (DEBUG_LOGGING) {
_cleanup_free_ char *slot_uri_string = NULL;
uri_result = p11_kit_uri_format(slot_uri, P11_KIT_URI_FOR_ANY, &slot_uri_string);
if (uri_result != P11_KIT_URI_OK) {
log_warning("Failed to format slot URI, ignoring slot: %s", p11_kit_uri_message(uri_result));
return -EAGAIN;
}
log_debug("Found slot with URI %s", slot_uri_string);
}
rv = m->C_GetTokenInfo(slotid, &token_info);
if (rv == CKR_TOKEN_NOT_PRESENT) {
log_debug("Token not present in slot, ignoring.");
return -EAGAIN;
} else if (rv != CKR_OK) {
log_warning("Failed to acquire token info for slot %lu, ignoring slot: %s", slotid, p11_kit_strerror(rv));
return -EAGAIN;
}
token_uri = uri_from_token_info(&token_info);
if (!token_uri)
return log_oom();
uri_result = p11_kit_uri_format(token_uri, P11_KIT_URI_FOR_ANY, &token_uri_string);
if (uri_result != P11_KIT_URI_OK) {
log_warning("Failed to format slot URI: %s", p11_kit_uri_message(uri_result));
return -EAGAIN;
}
if (!p11_kit_uri_match_token_info(search_uri, &token_info)) {
log_debug("Found non-matching token with URI %s.", token_uri_string);
return -EAGAIN;
}
log_debug("Found matching token with URI %s.", token_uri_string);
return token_process(
m,
slotid,
&slot_info,
&token_info,
search_uri,
callback,
userdata);
}
static int module_process(
CK_FUNCTION_LIST *m,
P11KitUri *search_uri,
pkcs11_find_token_callback_t callback,
void *userdata) {
_cleanup_free_ char *name = NULL, *module_uri_string = NULL;
_cleanup_(p11_kit_uri_freep) P11KitUri* module_uri = NULL;
_cleanup_free_ CK_SLOT_ID *slotids = NULL;
CK_ULONG n_slotids = 0;
int uri_result;
CK_INFO info;
size_t k;
CK_RV rv;
int r;
assert(m);
assert(search_uri);
/* We ignore most errors from modules here, in order to skip over faulty modules: one faulty module
* should not have the effect that we don't try the others anymore. We indicate such per-module
* failures with -EAGAIN, which let's the caller try the next module. */
name = p11_kit_module_get_name(m);
if (!name)
return log_oom();
log_debug("Trying PKCS#11 module %s.", name);
rv = m->C_GetInfo(&info);
if (rv != CKR_OK) {
log_warning("Failed to get info on PKCS#11 module, ignoring module: %s", p11_kit_strerror(rv));
return -EAGAIN;
}
module_uri = uri_from_module_info(&info);
if (!module_uri)
return log_oom();
uri_result = p11_kit_uri_format(module_uri, P11_KIT_URI_FOR_ANY, &module_uri_string);
if (uri_result != P11_KIT_URI_OK) {
log_warning("Failed to format module URI, ignoring module: %s", p11_kit_uri_message(uri_result));
return -EAGAIN;
}
log_debug("Found module with URI %s", module_uri_string);
rv = pkcs11_get_slot_list_malloc(m, &slotids, &n_slotids);
if (rv != CKR_OK) {
log_warning("Failed to get slot list, ignoring module: %s", p11_kit_strerror(rv));
return -EAGAIN;
}
if (n_slotids == 0) {
log_debug("This module has no slots? Ignoring module.");
return -EAGAIN;
}
for (k = 0; k < n_slotids; k++) {
r = slot_process(
m,
slotids[k],
search_uri,
callback,
userdata);
if (r != -EAGAIN)
return r;
}
return -EAGAIN;
}
int pkcs11_find_token(
const char *pkcs11_uri,
pkcs11_find_token_callback_t callback,
void *userdata) {
_cleanup_(p11_kit_modules_finalize_and_releasep) CK_FUNCTION_LIST **modules = NULL;
_cleanup_(p11_kit_uri_freep) P11KitUri *search_uri = NULL;
int r;
assert(pkcs11_uri);
/* Execute the specified callback for each matching token found. If nothing is found returns
* -EAGAIN. Logs about all errors, except for EAGAIN, which the caller has to log about. */
r = uri_from_string(pkcs11_uri, &search_uri);
if (r < 0)
return log_error_errno(r, "Failed to parse PKCS#11 URI '%s': %m", pkcs11_uri);
modules = p11_kit_modules_load_and_initialize(0);
if (!modules)
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to initialize pkcs11 modules");
for (CK_FUNCTION_LIST **i = modules; *i; i++) {
r = module_process(
*i,
search_uri,
callback,
userdata);
if (r != -EAGAIN)
return r;
}
return -EAGAIN;
}
#endif

48
src/shared/pkcs11-util.h Normal file
View File

@ -0,0 +1,48 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once
#include <stdbool.h>
#if HAVE_P11KIT
#include <p11-kit/p11-kit.h>
#include <p11-kit/uri.h>
#if HAVE_OPENSSL
#include <openssl/pem.h>
#endif
#endif
#include "macro.h"
#include "time-util.h"
bool pkcs11_uri_valid(const char *uri);
#if HAVE_P11KIT
int uri_from_string(const char *p, P11KitUri **ret);
P11KitUri *uri_from_module_info(const CK_INFO *info);
P11KitUri *uri_from_slot_info(const CK_SLOT_INFO *slot_info);
P11KitUri *uri_from_token_info(const CK_TOKEN_INFO *token_info);
DEFINE_TRIVIAL_CLEANUP_FUNC(P11KitUri*, p11_kit_uri_free);
DEFINE_TRIVIAL_CLEANUP_FUNC(CK_FUNCTION_LIST**, p11_kit_modules_finalize_and_release);
CK_RV pkcs11_get_slot_list_malloc(CK_FUNCTION_LIST *m, CK_SLOT_ID **ret_slotids, CK_ULONG *ret_n_slotids);
char *pkcs11_token_label(const CK_TOKEN_INFO *token_info);
int pkcs11_token_login(CK_FUNCTION_LIST *m, CK_SESSION_HANDLE session, CK_SLOT_ID slotid, const CK_TOKEN_INFO *token_info, const char *friendly_name, const char *icon_name, const char *keyname, usec_t until, char **ret_used_pin);
int pkcs11_token_find_x509_certificate(CK_FUNCTION_LIST *m, CK_SESSION_HANDLE session, P11KitUri *search_uri, CK_OBJECT_HANDLE *ret_object);
#if HAVE_OPENSSL
int pkcs11_token_read_x509_certificate(CK_FUNCTION_LIST *m, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, X509 **ret_cert);
#endif
int pkcs11_token_find_private_key(CK_FUNCTION_LIST *m, CK_SESSION_HANDLE session, P11KitUri *search_uri, CK_OBJECT_HANDLE *ret_object);
int pkcs11_token_decrypt_data(CK_FUNCTION_LIST *m, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, const void *encrypted_data, size_t encrypted_data_size, void **ret_decrypted_data, size_t *ret_decrypted_data_size);
int pkcs11_token_acquire_rng(CK_FUNCTION_LIST *m, CK_SESSION_HANDLE session);
typedef int (*pkcs11_find_token_callback_t)(CK_FUNCTION_LIST *m, CK_SESSION_HANDLE session, CK_SLOT_ID slotid, const CK_SLOT_INFO *slot_info, const CK_TOKEN_INFO *token_info, P11KitUri *uri, void *userdata);
int pkcs11_find_token(const char *pkcs11_uri, pkcs11_find_token_callback_t callback, void *userdata);
#endif