sign-file.c 9.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400
  1. /* Sign a module file using the given key.
  2. *
  3. * Copyright © 2014-2016 Red Hat, Inc. All Rights Reserved.
  4. * Copyright © 2015 Intel Corporation.
  5. * Copyright © 2016 Hewlett Packard Enterprise Development LP
  6. *
  7. * Authors: David Howells <dhowells@redhat.com>
  8. * David Woodhouse <dwmw2@infradead.org>
  9. * Juerg Haefliger <juerg.haefliger@hpe.com>
  10. *
  11. * This program is free software; you can redistribute it and/or
  12. * modify it under the terms of the GNU Lesser General Public License
  13. * as published by the Free Software Foundation; either version 2.1
  14. * of the licence, or (at your option) any later version.
  15. */
  16. #define _GNU_SOURCE
  17. #include <stdio.h>
  18. #include <stdlib.h>
  19. #include <stdint.h>
  20. #include <stdbool.h>
  21. #include <string.h>
  22. #include <getopt.h>
  23. #include <err.h>
  24. #include <arpa/inet.h>
  25. #include <openssl/opensslv.h>
  26. #include <openssl/bio.h>
  27. #include <openssl/evp.h>
  28. #include <openssl/pem.h>
  29. #include <openssl/err.h>
  30. #include <openssl/engine.h>
  31. /*
  32. * Use CMS if we have openssl-1.0.0 or newer available - otherwise we have to
  33. * assume that it's not available and its header file is missing and that we
  34. * should use PKCS#7 instead. Switching to the older PKCS#7 format restricts
  35. * the options we have on specifying the X.509 certificate we want.
  36. *
  37. * Further, older versions of OpenSSL don't support manually adding signers to
  38. * the PKCS#7 message so have to accept that we get a certificate included in
  39. * the signature message. Nor do such older versions of OpenSSL support
  40. * signing with anything other than SHA1 - so we're stuck with that if such is
  41. * the case.
  42. */
  43. #if defined(LIBRESSL_VERSION_NUMBER) || \
  44. OPENSSL_VERSION_NUMBER < 0x10000000L || \
  45. defined(OPENSSL_NO_CMS)
  46. #define USE_PKCS7
  47. #endif
  48. #ifndef USE_PKCS7
  49. #include <openssl/cms.h>
  50. #else
  51. #include <openssl/pkcs7.h>
  52. #endif
  53. struct module_signature {
  54. uint8_t algo; /* Public-key crypto algorithm [0] */
  55. uint8_t hash; /* Digest algorithm [0] */
  56. uint8_t id_type; /* Key identifier type [PKEY_ID_PKCS7] */
  57. uint8_t signer_len; /* Length of signer's name [0] */
  58. uint8_t key_id_len; /* Length of key identifier [0] */
  59. uint8_t __pad[3];
  60. uint32_t sig_len; /* Length of signature data */
  61. };
  62. #define PKEY_ID_PKCS7 2
  63. static char magic_number[] = "~Module signature appended~\n";
  64. static __attribute__((noreturn))
  65. void format(void)
  66. {
  67. fprintf(stderr,
  68. "Usage: scripts/sign-file [-dp] <hash algo> <key> <x509> <module> [<dest>]\n");
  69. fprintf(stderr,
  70. " scripts/sign-file -s <raw sig> <hash algo> <x509> <module> [<dest>]\n");
  71. exit(2);
  72. }
  73. static void display_openssl_errors(int l)
  74. {
  75. const char *file;
  76. char buf[120];
  77. int e, line;
  78. if (ERR_peek_error() == 0)
  79. return;
  80. fprintf(stderr, "At main.c:%d:\n", l);
  81. while ((e = ERR_get_error_line(&file, &line))) {
  82. ERR_error_string(e, buf);
  83. fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line);
  84. }
  85. }
  86. static void drain_openssl_errors(void)
  87. {
  88. const char *file;
  89. int line;
  90. if (ERR_peek_error() == 0)
  91. return;
  92. while (ERR_get_error_line(&file, &line)) {}
  93. }
  94. #define ERR(cond, fmt, ...) \
  95. do { \
  96. bool __cond = (cond); \
  97. display_openssl_errors(__LINE__); \
  98. if (__cond) { \
  99. err(1, fmt, ## __VA_ARGS__); \
  100. } \
  101. } while(0)
  102. static const char *key_pass;
  103. static int pem_pw_cb(char *buf, int len, int w, void *v)
  104. {
  105. int pwlen;
  106. if (!key_pass)
  107. return -1;
  108. pwlen = strlen(key_pass);
  109. if (pwlen >= len)
  110. return -1;
  111. strcpy(buf, key_pass);
  112. /* If it's wrong, don't keep trying it. */
  113. key_pass = NULL;
  114. return pwlen;
  115. }
  116. static EVP_PKEY *read_private_key(const char *private_key_name)
  117. {
  118. EVP_PKEY *private_key;
  119. if (!strncmp(private_key_name, "pkcs11:", 7)) {
  120. ENGINE *e;
  121. ENGINE_load_builtin_engines();
  122. drain_openssl_errors();
  123. e = ENGINE_by_id("pkcs11");
  124. ERR(!e, "Load PKCS#11 ENGINE");
  125. if (ENGINE_init(e))
  126. drain_openssl_errors();
  127. else
  128. ERR(1, "ENGINE_init");
  129. if (key_pass)
  130. ERR(!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0),
  131. "Set PKCS#11 PIN");
  132. private_key = ENGINE_load_private_key(e, private_key_name,
  133. NULL, NULL);
  134. ERR(!private_key, "%s", private_key_name);
  135. } else {
  136. BIO *b;
  137. b = BIO_new_file(private_key_name, "rb");
  138. ERR(!b, "%s", private_key_name);
  139. private_key = PEM_read_bio_PrivateKey(b, NULL, pem_pw_cb,
  140. NULL);
  141. ERR(!private_key, "%s", private_key_name);
  142. BIO_free(b);
  143. }
  144. return private_key;
  145. }
  146. static X509 *read_x509(const char *x509_name)
  147. {
  148. unsigned char buf[2];
  149. X509 *x509;
  150. BIO *b;
  151. int n;
  152. b = BIO_new_file(x509_name, "rb");
  153. ERR(!b, "%s", x509_name);
  154. /* Look at the first two bytes of the file to determine the encoding */
  155. n = BIO_read(b, buf, 2);
  156. if (n != 2) {
  157. if (BIO_should_retry(b)) {
  158. fprintf(stderr, "%s: Read wanted retry\n", x509_name);
  159. exit(1);
  160. }
  161. if (n >= 0) {
  162. fprintf(stderr, "%s: Short read\n", x509_name);
  163. exit(1);
  164. }
  165. ERR(1, "%s", x509_name);
  166. }
  167. ERR(BIO_reset(b) != 0, "%s", x509_name);
  168. if (buf[0] == 0x30 && buf[1] >= 0x81 && buf[1] <= 0x84)
  169. /* Assume raw DER encoded X.509 */
  170. x509 = d2i_X509_bio(b, NULL);
  171. else
  172. /* Assume PEM encoded X.509 */
  173. x509 = PEM_read_bio_X509(b, NULL, NULL, NULL);
  174. BIO_free(b);
  175. ERR(!x509, "%s", x509_name);
  176. return x509;
  177. }
  178. int main(int argc, char **argv)
  179. {
  180. struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 };
  181. char *hash_algo = NULL;
  182. char *private_key_name = NULL, *raw_sig_name = NULL;
  183. char *x509_name, *module_name, *dest_name;
  184. bool save_sig = false, replace_orig;
  185. bool sign_only = false;
  186. bool raw_sig = false;
  187. unsigned char buf[4096];
  188. unsigned long module_size, sig_size;
  189. unsigned int use_signed_attrs;
  190. const EVP_MD *digest_algo;
  191. EVP_PKEY *private_key;
  192. #ifndef USE_PKCS7
  193. CMS_ContentInfo *cms = NULL;
  194. unsigned int use_keyid = 0;
  195. #else
  196. PKCS7 *pkcs7 = NULL;
  197. #endif
  198. X509 *x509;
  199. BIO *bd, *bm;
  200. int opt, n;
  201. OpenSSL_add_all_algorithms();
  202. ERR_load_crypto_strings();
  203. ERR_clear_error();
  204. key_pass = getenv("KBUILD_SIGN_PIN");
  205. #ifndef USE_PKCS7
  206. use_signed_attrs = CMS_NOATTR;
  207. #else
  208. use_signed_attrs = PKCS7_NOATTR;
  209. #endif
  210. do {
  211. opt = getopt(argc, argv, "sdpk");
  212. switch (opt) {
  213. case 's': raw_sig = true; break;
  214. case 'p': save_sig = true; break;
  215. case 'd': sign_only = true; save_sig = true; break;
  216. #ifndef USE_PKCS7
  217. case 'k': use_keyid = CMS_USE_KEYID; break;
  218. #endif
  219. case -1: break;
  220. default: format();
  221. }
  222. } while (opt != -1);
  223. argc -= optind;
  224. argv += optind;
  225. if (argc < 4 || argc > 5)
  226. format();
  227. if (raw_sig) {
  228. raw_sig_name = argv[0];
  229. hash_algo = argv[1];
  230. } else {
  231. hash_algo = argv[0];
  232. private_key_name = argv[1];
  233. }
  234. x509_name = argv[2];
  235. module_name = argv[3];
  236. if (argc == 5 && strcmp(argv[3], argv[4]) != 0) {
  237. dest_name = argv[4];
  238. replace_orig = false;
  239. } else {
  240. ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0,
  241. "asprintf");
  242. replace_orig = true;
  243. }
  244. #ifdef USE_PKCS7
  245. if (strcmp(hash_algo, "sha1") != 0) {
  246. fprintf(stderr, "sign-file: %s only supports SHA1 signing\n",
  247. OPENSSL_VERSION_TEXT);
  248. exit(3);
  249. }
  250. #endif
  251. /* Open the module file */
  252. bm = BIO_new_file(module_name, "rb");
  253. ERR(!bm, "%s", module_name);
  254. if (!raw_sig) {
  255. /* Read the private key and the X.509 cert the PKCS#7 message
  256. * will point to.
  257. */
  258. private_key = read_private_key(private_key_name);
  259. x509 = read_x509(x509_name);
  260. /* Digest the module data. */
  261. OpenSSL_add_all_digests();
  262. display_openssl_errors(__LINE__);
  263. digest_algo = EVP_get_digestbyname(hash_algo);
  264. ERR(!digest_algo, "EVP_get_digestbyname");
  265. #ifndef USE_PKCS7
  266. /* Load the signature message from the digest buffer. */
  267. cms = CMS_sign(NULL, NULL, NULL, NULL,
  268. CMS_NOCERTS | CMS_PARTIAL | CMS_BINARY |
  269. CMS_DETACHED | CMS_STREAM);
  270. ERR(!cms, "CMS_sign");
  271. ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo,
  272. CMS_NOCERTS | CMS_BINARY |
  273. CMS_NOSMIMECAP | use_keyid |
  274. use_signed_attrs),
  275. "CMS_add1_signer");
  276. ERR(CMS_final(cms, bm, NULL, CMS_NOCERTS | CMS_BINARY) < 0,
  277. "CMS_final");
  278. #else
  279. pkcs7 = PKCS7_sign(x509, private_key, NULL, bm,
  280. PKCS7_NOCERTS | PKCS7_BINARY |
  281. PKCS7_DETACHED | use_signed_attrs);
  282. ERR(!pkcs7, "PKCS7_sign");
  283. #endif
  284. if (save_sig) {
  285. char *sig_file_name;
  286. BIO *b;
  287. ERR(asprintf(&sig_file_name, "%s.p7s", module_name) < 0,
  288. "asprintf");
  289. b = BIO_new_file(sig_file_name, "wb");
  290. ERR(!b, "%s", sig_file_name);
  291. #ifndef USE_PKCS7
  292. ERR(i2d_CMS_bio_stream(b, cms, NULL, 0) < 0,
  293. "%s", sig_file_name);
  294. #else
  295. ERR(i2d_PKCS7_bio(b, pkcs7) < 0,
  296. "%s", sig_file_name);
  297. #endif
  298. BIO_free(b);
  299. }
  300. if (sign_only) {
  301. BIO_free(bm);
  302. return 0;
  303. }
  304. }
  305. /* Open the destination file now so that we can shovel the module data
  306. * across as we read it.
  307. */
  308. bd = BIO_new_file(dest_name, "wb");
  309. ERR(!bd, "%s", dest_name);
  310. /* Append the marker and the PKCS#7 message to the destination file */
  311. ERR(BIO_reset(bm) < 0, "%s", module_name);
  312. while ((n = BIO_read(bm, buf, sizeof(buf))),
  313. n > 0) {
  314. ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name);
  315. }
  316. BIO_free(bm);
  317. ERR(n < 0, "%s", module_name);
  318. module_size = BIO_number_written(bd);
  319. if (!raw_sig) {
  320. #ifndef USE_PKCS7
  321. ERR(i2d_CMS_bio_stream(bd, cms, NULL, 0) < 0, "%s", dest_name);
  322. #else
  323. ERR(i2d_PKCS7_bio(bd, pkcs7) < 0, "%s", dest_name);
  324. #endif
  325. } else {
  326. BIO *b;
  327. /* Read the raw signature file and write the data to the
  328. * destination file
  329. */
  330. b = BIO_new_file(raw_sig_name, "rb");
  331. ERR(!b, "%s", raw_sig_name);
  332. while ((n = BIO_read(b, buf, sizeof(buf))), n > 0)
  333. ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name);
  334. BIO_free(b);
  335. }
  336. sig_size = BIO_number_written(bd) - module_size;
  337. sig_info.sig_len = htonl(sig_size);
  338. ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", dest_name);
  339. ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", dest_name);
  340. ERR(BIO_free(bd) < 0, "%s", dest_name);
  341. /* Finally, if we're signing in place, replace the original. */
  342. if (replace_orig)
  343. ERR(rename(dest_name, module_name) < 0, "%s", dest_name);
  344. return 0;
  345. }