1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* Asymmetric public-key cryptography key type
4 * See Documentation/crypto/asymmetric-keys.txt
6 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
7 * Written by David Howells (dhowells@redhat.com)
10 #include <keys/asymmetric-subtype.h>
11 #include <keys/asymmetric-parser.h>
13 #include <crypto/public_key.h>
15 #include <linux/compat.h>
16 #include <linux/ctype.h>
17 #include <linux/string.h>
19 #include <linux/seq_file.h>
20 #include <linux/module.h>
21 #include <linux/slab.h>
22 #include <linux/ctype.h>
25 #include <keys/asymmetric-type.h>
27 #include <keys/system_keyring.h>
28 #include <keys/user-type.h>
29 #include "asymmetric_keys.h"
32 MODULE_LICENSE("GPL");
35 const char *const key_being_used_for[NR__KEY_BEING_USED_FOR] = {
36 [VERIFYING_MODULE_SIGNATURE] = "mod sig",
37 [VERIFYING_FIRMWARE_SIGNATURE] = "firmware sig",
38 [VERIFYING_KEXEC_PE_SIGNATURE] = "kexec PE sig",
39 [VERIFYING_KEY_SIGNATURE] = "key sig",
40 [VERIFYING_KEY_SELF_SIGNATURE] = "key self sig",
41 [VERIFYING_UNSPECIFIED_SIGNATURE] = "unspec sig",
43 EXPORT_SYMBOL_GPL(key_being_used_for);
45 static LIST_HEAD(asymmetric_key_parsers);
46 static DECLARE_RWSEM(asymmetric_key_parsers_sem);
49 * find_asymmetric_key - Find a key by ID.
50 * @keyring: The keys to search.
51 * @id_0: The first ID to look for or NULL.
52 * @id_1: The second ID to look for or NULL.
53 * @partial: Use partial match if true, exact if false.
55 * Find a key in the given keyring by identifier. The preferred identifier is
56 * the id_0 and the fallback identifier is the id_1. If both are given, the
57 * lookup is by the former, but the latter must also match.
59 struct key *find_asymmetric_key(struct key *keyring,
60 const struct asymmetric_key_id *id_0,
61 const struct asymmetric_key_id *id_1,
70 BUG_ON(!id_0 && !id_1);
80 /* Construct an identifier "id:<keyid>". */
81 p = req = kmalloc(2 + 1 + len * 2 + 1, GFP_KERNEL);
83 return ERR_PTR(-ENOMEM);
93 p = bin2hex(p, lookup, len);
96 pr_debug("Look up: \"%s\"\n", req);
98 ref = keyring_search(make_key_ref(keyring, 1),
99 &key_type_asymmetric, req, true);
101 pr_debug("Request for key '%s' err %ld\n", req, PTR_ERR(ref));
105 switch (PTR_ERR(ref)) {
106 /* Hide some search errors */
110 return ERR_PTR(-ENOKEY);
112 return ERR_CAST(ref);
116 key = key_ref_to_ptr(ref);
118 const struct asymmetric_key_ids *kids = asymmetric_key_ids(key);
121 pr_debug("First ID matches, but second is missing\n");
124 if (!asymmetric_key_id_same(id_1, kids->id[1])) {
125 pr_debug("First ID matches, but second does not\n");
130 pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key));
135 return ERR_PTR(-EKEYREJECTED);
137 EXPORT_SYMBOL_GPL(find_asymmetric_key);
138 #endif /* !__UBOOT__ */
141 * asymmetric_key_generate_id: Construct an asymmetric key ID
142 * @val_1: First binary blob
143 * @len_1: Length of first binary blob
144 * @val_2: Second binary blob
145 * @len_2: Length of second binary blob
147 * Construct an asymmetric key ID from a pair of binary blobs.
149 struct asymmetric_key_id *asymmetric_key_generate_id(const void *val_1,
154 struct asymmetric_key_id *kid;
156 kid = kmalloc(sizeof(struct asymmetric_key_id) + len_1 + len_2,
159 return ERR_PTR(-ENOMEM);
160 kid->len = len_1 + len_2;
161 memcpy(kid->data, val_1, len_1);
162 memcpy(kid->data + len_1, val_2, len_2);
165 EXPORT_SYMBOL_GPL(asymmetric_key_generate_id);
168 * asymmetric_key_id_same - Return true if two asymmetric keys IDs are the same.
169 * @kid_1, @kid_2: The key IDs to compare
171 bool asymmetric_key_id_same(const struct asymmetric_key_id *kid1,
172 const struct asymmetric_key_id *kid2)
176 if (kid1->len != kid2->len)
178 return memcmp(kid1->data, kid2->data, kid1->len) == 0;
180 EXPORT_SYMBOL_GPL(asymmetric_key_id_same);
183 * asymmetric_key_id_partial - Return true if two asymmetric keys IDs
185 * @kid_1, @kid_2: The key IDs to compare
187 bool asymmetric_key_id_partial(const struct asymmetric_key_id *kid1,
188 const struct asymmetric_key_id *kid2)
192 if (kid1->len < kid2->len)
194 return memcmp(kid1->data + (kid1->len - kid2->len),
195 kid2->data, kid2->len) == 0;
197 EXPORT_SYMBOL_GPL(asymmetric_key_id_partial);
201 * asymmetric_match_key_ids - Search asymmetric key IDs
202 * @kids: The list of key IDs to check
203 * @match_id: The key ID we're looking for
204 * @match: The match function to use
206 static bool asymmetric_match_key_ids(
207 const struct asymmetric_key_ids *kids,
208 const struct asymmetric_key_id *match_id,
209 bool (*match)(const struct asymmetric_key_id *kid1,
210 const struct asymmetric_key_id *kid2))
214 if (!kids || !match_id)
216 for (i = 0; i < ARRAY_SIZE(kids->id); i++)
217 if (match(kids->id[i], match_id))
222 /* helper function can be called directly with pre-allocated memory */
223 inline int __asymmetric_key_hex_to_key_id(const char *id,
224 struct asymmetric_key_id *match_id,
227 match_id->len = hexlen;
228 return hex2bin(match_id->data, id, hexlen);
232 * asymmetric_key_hex_to_key_id - Convert a hex string into a key ID.
233 * @id: The ID as a hex string.
235 struct asymmetric_key_id *asymmetric_key_hex_to_key_id(const char *id)
237 struct asymmetric_key_id *match_id;
242 return ERR_PTR(-EINVAL);
243 asciihexlen = strlen(id);
245 return ERR_PTR(-EINVAL);
247 match_id = kmalloc(sizeof(struct asymmetric_key_id) + asciihexlen / 2,
250 return ERR_PTR(-ENOMEM);
251 ret = __asymmetric_key_hex_to_key_id(id, match_id, asciihexlen / 2);
254 return ERR_PTR(-EINVAL);
260 * Match asymmetric keys by an exact match on an ID.
262 static bool asymmetric_key_cmp(const struct key *key,
263 const struct key_match_data *match_data)
265 const struct asymmetric_key_ids *kids = asymmetric_key_ids(key);
266 const struct asymmetric_key_id *match_id = match_data->preparsed;
268 return asymmetric_match_key_ids(kids, match_id,
269 asymmetric_key_id_same);
273 * Match asymmetric keys by a partial match on an IDs.
275 static bool asymmetric_key_cmp_partial(const struct key *key,
276 const struct key_match_data *match_data)
278 const struct asymmetric_key_ids *kids = asymmetric_key_ids(key);
279 const struct asymmetric_key_id *match_id = match_data->preparsed;
281 return asymmetric_match_key_ids(kids, match_id,
282 asymmetric_key_id_partial);
286 * Preparse the match criterion. If we don't set lookup_type and cmp,
287 * the default will be an exact match on the key description.
289 * There are some specifiers for matching key IDs rather than by the key
292 * "id:<id>" - find a key by partial match on any available ID
293 * "ex:<id>" - find a key by exact match on any available ID
295 * These have to be searched by iteration rather than by direct lookup because
296 * the key is hashed according to its description.
298 static int asymmetric_key_match_preparse(struct key_match_data *match_data)
300 struct asymmetric_key_id *match_id;
301 const char *spec = match_data->raw_data;
303 bool (*cmp)(const struct key *, const struct key_match_data *) =
308 if (spec[0] == 'i' &&
312 cmp = asymmetric_key_cmp_partial;
313 } else if (spec[0] == 'e' &&
321 match_id = asymmetric_key_hex_to_key_id(id);
322 if (IS_ERR(match_id))
323 return PTR_ERR(match_id);
325 match_data->preparsed = match_id;
326 match_data->cmp = cmp;
327 match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE;
335 * Free the preparsed the match criterion.
337 static void asymmetric_key_match_free(struct key_match_data *match_data)
339 kfree(match_data->preparsed);
343 * Describe the asymmetric key
345 static void asymmetric_key_describe(const struct key *key, struct seq_file *m)
347 const struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
348 const struct asymmetric_key_ids *kids = asymmetric_key_ids(key);
349 const struct asymmetric_key_id *kid;
350 const unsigned char *p;
353 seq_puts(m, key->description);
357 subtype->describe(key, m);
359 if (kids && kids->id[1]) {
368 seq_printf(m, "%*phN", n, p);
372 /* put something here to indicate the key's capabilities */
378 * Preparse a asymmetric payload to get format the contents appropriately for the
379 * internal payload to cut down on the number of scans of the data performed.
381 * We also generate a proposed description from the contents of the key that
382 * can be used to name the key if the user doesn't want to provide one.
384 static int asymmetric_key_preparse(struct key_preparsed_payload *prep)
386 struct asymmetric_key_parser *parser;
389 pr_devel("==>%s()\n", __func__);
391 if (prep->datalen == 0)
394 down_read(&asymmetric_key_parsers_sem);
397 list_for_each_entry(parser, &asymmetric_key_parsers, link) {
398 pr_debug("Trying parser '%s'\n", parser->name);
400 ret = parser->parse(prep);
401 if (ret != -EBADMSG) {
402 pr_debug("Parser recognised the format (ret %d)\n",
408 up_read(&asymmetric_key_parsers_sem);
409 pr_devel("<==%s() = %d\n", __func__, ret);
414 * Clean up the key ID list
416 static void asymmetric_key_free_kids(struct asymmetric_key_ids *kids)
421 for (i = 0; i < ARRAY_SIZE(kids->id); i++)
428 * Clean up the preparse data
430 static void asymmetric_key_free_preparse(struct key_preparsed_payload *prep)
432 struct asymmetric_key_subtype *subtype = prep->payload.data[asym_subtype];
433 struct asymmetric_key_ids *kids = prep->payload.data[asym_key_ids];
435 pr_devel("==>%s()\n", __func__);
438 subtype->destroy(prep->payload.data[asym_crypto],
439 prep->payload.data[asym_auth]);
440 module_put(subtype->owner);
442 asymmetric_key_free_kids(kids);
443 kfree(prep->description);
447 * dispose of the data dangling from the corpse of a asymmetric key
449 static void asymmetric_key_destroy(struct key *key)
451 struct asymmetric_key_subtype *subtype = asymmetric_key_subtype(key);
452 struct asymmetric_key_ids *kids = key->payload.data[asym_key_ids];
453 void *data = key->payload.data[asym_crypto];
454 void *auth = key->payload.data[asym_auth];
456 key->payload.data[asym_crypto] = NULL;
457 key->payload.data[asym_subtype] = NULL;
458 key->payload.data[asym_key_ids] = NULL;
459 key->payload.data[asym_auth] = NULL;
462 subtype->destroy(data, auth);
463 module_put(subtype->owner);
466 asymmetric_key_free_kids(kids);
469 static struct key_restriction *asymmetric_restriction_alloc(
470 key_restrict_link_func_t check,
473 struct key_restriction *keyres =
474 kzalloc(sizeof(struct key_restriction), GFP_KERNEL);
477 return ERR_PTR(-ENOMEM);
479 keyres->check = check;
481 keyres->keytype = &key_type_asymmetric;
487 * look up keyring restrict functions for asymmetric keys
489 static struct key_restriction *asymmetric_lookup_restriction(
490 const char *restriction)
492 char *restrict_method;
495 struct key_restriction *ret = ERR_PTR(-EINVAL);
497 if (strcmp("builtin_trusted", restriction) == 0)
498 return asymmetric_restriction_alloc(
499 restrict_link_by_builtin_trusted, NULL);
501 if (strcmp("builtin_and_secondary_trusted", restriction) == 0)
502 return asymmetric_restriction_alloc(
503 restrict_link_by_builtin_and_secondary_trusted, NULL);
505 parse_buf = kstrndup(restriction, PAGE_SIZE, GFP_KERNEL);
507 return ERR_PTR(-ENOMEM);
510 restrict_method = strsep(&next, ":");
512 if ((strcmp(restrict_method, "key_or_keyring") == 0) && next) {
516 key_restrict_link_func_t link_fn =
517 restrict_link_by_key_or_keyring;
518 bool allow_null_key = false;
520 key_text = strsep(&next, ":");
523 if (strcmp(next, "chain") != 0)
526 link_fn = restrict_link_by_key_or_keyring_chain;
527 allow_null_key = true;
530 if (kstrtos32(key_text, 0, &serial) < 0)
533 if ((serial == 0) && allow_null_key) {
536 key = key_lookup(serial);
543 ret = asymmetric_restriction_alloc(link_fn, key);
553 int asymmetric_key_eds_op(struct kernel_pkey_params *params,
554 const void *in, void *out)
556 const struct asymmetric_key_subtype *subtype;
557 struct key *key = params->key;
560 pr_devel("==>%s()\n", __func__);
562 if (key->type != &key_type_asymmetric)
564 subtype = asymmetric_key_subtype(key);
566 !key->payload.data[0])
568 if (!subtype->eds_op)
571 ret = subtype->eds_op(params, in, out);
573 pr_devel("<==%s() = %d\n", __func__, ret);
577 static int asymmetric_key_verify_signature(struct kernel_pkey_params *params,
578 const void *in, const void *in2)
580 struct public_key_signature sig = {
581 .s_size = params->in2_len,
582 .digest_size = params->in_len,
583 .encoding = params->encoding,
584 .hash_algo = params->hash_algo,
585 .digest = (void *)in,
589 return verify_signature(params->key, &sig);
592 struct key_type key_type_asymmetric = {
593 .name = "asymmetric",
594 .preparse = asymmetric_key_preparse,
595 .free_preparse = asymmetric_key_free_preparse,
596 .instantiate = generic_key_instantiate,
597 .match_preparse = asymmetric_key_match_preparse,
598 .match_free = asymmetric_key_match_free,
599 .destroy = asymmetric_key_destroy,
600 .describe = asymmetric_key_describe,
601 .lookup_restriction = asymmetric_lookup_restriction,
602 .asym_query = query_asymmetric_key,
603 .asym_eds_op = asymmetric_key_eds_op,
604 .asym_verify_signature = asymmetric_key_verify_signature,
606 EXPORT_SYMBOL_GPL(key_type_asymmetric);
609 * register_asymmetric_key_parser - Register a asymmetric key blob parser
610 * @parser: The parser to register
612 int register_asymmetric_key_parser(struct asymmetric_key_parser *parser)
614 struct asymmetric_key_parser *cursor;
617 down_write(&asymmetric_key_parsers_sem);
619 list_for_each_entry(cursor, &asymmetric_key_parsers, link) {
620 if (strcmp(cursor->name, parser->name) == 0) {
621 pr_err("Asymmetric key parser '%s' already registered\n",
628 list_add_tail(&parser->link, &asymmetric_key_parsers);
630 pr_notice("Asymmetric key parser '%s' registered\n", parser->name);
634 up_write(&asymmetric_key_parsers_sem);
637 EXPORT_SYMBOL_GPL(register_asymmetric_key_parser);
640 * unregister_asymmetric_key_parser - Unregister a asymmetric key blob parser
641 * @parser: The parser to unregister
643 void unregister_asymmetric_key_parser(struct asymmetric_key_parser *parser)
645 down_write(&asymmetric_key_parsers_sem);
646 list_del(&parser->link);
647 up_write(&asymmetric_key_parsers_sem);
649 pr_notice("Asymmetric key parser '%s' unregistered\n", parser->name);
651 EXPORT_SYMBOL_GPL(unregister_asymmetric_key_parser);
656 static int __init asymmetric_key_init(void)
658 return register_key_type(&key_type_asymmetric);
661 static void __exit asymmetric_key_cleanup(void)
663 unregister_key_type(&key_type_asymmetric);
666 module_init(asymmetric_key_init);
667 module_exit(asymmetric_key_cleanup);
668 #endif /* !__UBOOT__ */