sign-file.c 9.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369
  1. /* Sign a module file using the given key.
  2. *
  3. * Copyright © 2014-2016 Red Hat, Inc. All Rights Reserved.
  4. * Copyright © 2015 Intel Corporation.
  5. * Copyright © 2016 Hewlett Packard Enterprise Development LP
  6. *
  7. * Authors: David Howells <dhowells@redhat.com>
  8. * David Woodhouse <dwmw2@infradead.org>
  9. * Juerg Haefliger <juerg.haefliger@hpe.com>
  10. *
  11. * This program is free software; you can redistribute it and/or
  12. * modify it under the terms of the GNU Lesser General Public License
  13. * as published by the Free Software Foundation; either version 2.1
  14. * of the licence, or (at your option) any later version.
  15. */
  16. #define _GNU_SOURCE
  17. #include <stdio.h>
  18. #include <stdlib.h>
  19. #include <stdint.h>
  20. #include <stdbool.h>
  21. #include <string.h>
  22. #include <getopt.h>
  23. #include <err.h>
  24. #include <arpa/inet.h>
  25. #include <openssl/opensslv.h>
  26. #include <openssl/bio.h>
  27. #include <openssl/cms.h>
  28. #include <openssl/evp.h>
  29. #include <openssl/pem.h>
  30. #include <openssl/err.h>
  31. #if OPENSSL_VERSION_NUMBER >= 0x30000000L
  32. # define USE_PKCS11_PROVIDER
  33. # include <openssl/provider.h>
  34. # include <openssl/store.h>
  35. #else
  36. # if !defined(OPENSSL_NO_ENGINE) && !defined(OPENSSL_NO_DEPRECATED_3_0)
  37. # define USE_PKCS11_ENGINE
  38. # include <openssl/engine.h>
  39. # endif
  40. #endif
  41. #include "ssl-common.h"
  42. struct module_signature {
  43. uint8_t algo; /* Public-key crypto algorithm [0] */
  44. uint8_t hash; /* Digest algorithm [0] */
  45. uint8_t id_type; /* Key identifier type [PKEY_ID_PKCS7] */
  46. uint8_t signer_len; /* Length of signer's name [0] */
  47. uint8_t key_id_len; /* Length of key identifier [0] */
  48. uint8_t __pad[3];
  49. uint32_t sig_len; /* Length of signature data */
  50. };
  51. #define PKEY_ID_PKCS7 2
  52. static char magic_number[] = "~Module signature appended~\n";
  53. static __attribute__((noreturn))
  54. void format(void)
  55. {
  56. fprintf(stderr,
  57. "Usage: scripts/sign-file [-dp] <hash algo> <key> <x509> <module> [<dest>]\n");
  58. fprintf(stderr,
  59. " scripts/sign-file -s <raw sig> <hash algo> <x509> <module> [<dest>]\n");
  60. exit(2);
  61. }
  62. static const char *key_pass;
  63. static int pem_pw_cb(char *buf, int len, int w, void *v)
  64. {
  65. int pwlen;
  66. if (!key_pass)
  67. return -1;
  68. pwlen = strlen(key_pass);
  69. if (pwlen >= len)
  70. return -1;
  71. strcpy(buf, key_pass);
  72. /* If it's wrong, don't keep trying it. */
  73. key_pass = NULL;
  74. return pwlen;
  75. }
  76. static EVP_PKEY *read_private_key_pkcs11(const char *private_key_name)
  77. {
  78. EVP_PKEY *private_key = NULL;
  79. #ifdef USE_PKCS11_PROVIDER
  80. OSSL_STORE_CTX *store;
  81. if (!OSSL_PROVIDER_try_load(NULL, "pkcs11", true))
  82. ERR(1, "OSSL_PROVIDER_try_load(pkcs11)");
  83. if (!OSSL_PROVIDER_try_load(NULL, "default", true))
  84. ERR(1, "OSSL_PROVIDER_try_load(default)");
  85. store = OSSL_STORE_open(private_key_name, NULL, NULL, NULL, NULL);
  86. ERR(!store, "OSSL_STORE_open");
  87. while (!OSSL_STORE_eof(store)) {
  88. OSSL_STORE_INFO *info = OSSL_STORE_load(store);
  89. if (!info) {
  90. drain_openssl_errors(__LINE__, 0);
  91. continue;
  92. }
  93. if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PKEY) {
  94. private_key = OSSL_STORE_INFO_get1_PKEY(info);
  95. ERR(!private_key, "OSSL_STORE_INFO_get1_PKEY");
  96. }
  97. OSSL_STORE_INFO_free(info);
  98. if (private_key)
  99. break;
  100. }
  101. OSSL_STORE_close(store);
  102. #elif defined(USE_PKCS11_ENGINE)
  103. ENGINE *e;
  104. ENGINE_load_builtin_engines();
  105. drain_openssl_errors(__LINE__, 1);
  106. e = ENGINE_by_id("pkcs11");
  107. ERR(!e, "Load PKCS#11 ENGINE");
  108. if (ENGINE_init(e))
  109. drain_openssl_errors(__LINE__, 1);
  110. else
  111. ERR(1, "ENGINE_init");
  112. if (key_pass)
  113. ERR(!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0), "Set PKCS#11 PIN");
  114. private_key = ENGINE_load_private_key(e, private_key_name, NULL, NULL);
  115. ERR(!private_key, "%s", private_key_name);
  116. #else
  117. fprintf(stderr, "no pkcs11 engine/provider available\n");
  118. exit(1);
  119. #endif
  120. return private_key;
  121. }
  122. static EVP_PKEY *read_private_key(const char *private_key_name)
  123. {
  124. if (!strncmp(private_key_name, "pkcs11:", 7)) {
  125. return read_private_key_pkcs11(private_key_name);
  126. } else {
  127. EVP_PKEY *private_key;
  128. BIO *b;
  129. b = BIO_new_file(private_key_name, "rb");
  130. ERR(!b, "%s", private_key_name);
  131. private_key = PEM_read_bio_PrivateKey(b, NULL, pem_pw_cb,
  132. NULL);
  133. ERR(!private_key, "%s", private_key_name);
  134. BIO_free(b);
  135. return private_key;
  136. }
  137. }
  138. static X509 *read_x509(const char *x509_name)
  139. {
  140. unsigned char buf[2];
  141. X509 *x509;
  142. BIO *b;
  143. int n;
  144. b = BIO_new_file(x509_name, "rb");
  145. ERR(!b, "%s", x509_name);
  146. /* Look at the first two bytes of the file to determine the encoding */
  147. n = BIO_read(b, buf, 2);
  148. if (n != 2) {
  149. if (BIO_should_retry(b)) {
  150. fprintf(stderr, "%s: Read wanted retry\n", x509_name);
  151. exit(1);
  152. }
  153. if (n >= 0) {
  154. fprintf(stderr, "%s: Short read\n", x509_name);
  155. exit(1);
  156. }
  157. ERR(1, "%s", x509_name);
  158. }
  159. ERR(BIO_reset(b) != 0, "%s", x509_name);
  160. if (buf[0] == 0x30 && buf[1] >= 0x81 && buf[1] <= 0x84)
  161. /* Assume raw DER encoded X.509 */
  162. x509 = d2i_X509_bio(b, NULL);
  163. else
  164. /* Assume PEM encoded X.509 */
  165. x509 = PEM_read_bio_X509(b, NULL, NULL, NULL);
  166. BIO_free(b);
  167. ERR(!x509, "%s", x509_name);
  168. return x509;
  169. }
  170. int main(int argc, char **argv)
  171. {
  172. struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 };
  173. char *hash_algo = NULL;
  174. char *private_key_name = NULL, *raw_sig_name = NULL;
  175. char *x509_name, *module_name, *dest_name;
  176. bool save_sig = false, replace_orig;
  177. bool sign_only = false;
  178. bool raw_sig = false;
  179. unsigned char buf[4096];
  180. unsigned long module_size, sig_size;
  181. const EVP_MD *digest_algo;
  182. EVP_PKEY *private_key;
  183. CMS_ContentInfo *cms = NULL;
  184. unsigned int use_keyid = 0;
  185. X509 *x509;
  186. BIO *bd, *bm;
  187. int opt, n;
  188. OpenSSL_add_all_algorithms();
  189. ERR_load_crypto_strings();
  190. ERR_clear_error();
  191. key_pass = getenv("KBUILD_SIGN_PIN");
  192. do {
  193. opt = getopt(argc, argv, "sdpk");
  194. switch (opt) {
  195. case 's': raw_sig = true; break;
  196. case 'p': save_sig = true; break;
  197. case 'd': sign_only = true; save_sig = true; break;
  198. case 'k': use_keyid = CMS_USE_KEYID; break;
  199. case -1: break;
  200. default: format();
  201. }
  202. } while (opt != -1);
  203. argc -= optind;
  204. argv += optind;
  205. if (argc < 4 || argc > 5)
  206. format();
  207. if (raw_sig) {
  208. raw_sig_name = argv[0];
  209. hash_algo = argv[1];
  210. } else {
  211. hash_algo = argv[0];
  212. private_key_name = argv[1];
  213. }
  214. x509_name = argv[2];
  215. module_name = argv[3];
  216. if (argc == 5 && strcmp(argv[3], argv[4]) != 0) {
  217. dest_name = argv[4];
  218. replace_orig = false;
  219. } else {
  220. ERR(asprintf(&dest_name, "%s.~signed~", module_name) < 0,
  221. "asprintf");
  222. replace_orig = true;
  223. }
  224. /* Open the module file */
  225. bm = BIO_new_file(module_name, "rb");
  226. ERR(!bm, "%s", module_name);
  227. if (!raw_sig) {
  228. /* Read the private key and the X.509 cert the PKCS#7 message
  229. * will point to.
  230. */
  231. private_key = read_private_key(private_key_name);
  232. x509 = read_x509(x509_name);
  233. /* Digest the module data. */
  234. OpenSSL_add_all_digests();
  235. drain_openssl_errors(__LINE__, 0);
  236. digest_algo = EVP_get_digestbyname(hash_algo);
  237. ERR(!digest_algo, "EVP_get_digestbyname");
  238. unsigned int flags =
  239. CMS_NOCERTS |
  240. CMS_NOATTR |
  241. CMS_PARTIAL |
  242. CMS_BINARY |
  243. CMS_DETACHED |
  244. CMS_STREAM |
  245. CMS_NOSMIMECAP |
  246. #ifdef CMS_NO_SIGNING_TIME
  247. CMS_NO_SIGNING_TIME |
  248. #endif
  249. use_keyid;
  250. #if OPENSSL_VERSION_NUMBER >= 0x30000000L && OPENSSL_VERSION_NUMBER < 0x40000000L
  251. if (EVP_PKEY_is_a(private_key, "ML-DSA-44") ||
  252. EVP_PKEY_is_a(private_key, "ML-DSA-65") ||
  253. EVP_PKEY_is_a(private_key, "ML-DSA-87")) {
  254. /* ML-DSA + CMS_NOATTR is not supported in openssl-3.5
  255. * and before.
  256. */
  257. flags &= ~CMS_NOATTR;
  258. }
  259. #endif
  260. /* Load the signature message from the digest buffer. */
  261. cms = CMS_sign(NULL, NULL, NULL, NULL, flags);
  262. ERR(!cms, "CMS_sign");
  263. ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo, flags),
  264. "CMS_add1_signer");
  265. ERR(CMS_final(cms, bm, NULL, flags) != 1,
  266. "CMS_final");
  267. if (save_sig) {
  268. char *sig_file_name;
  269. BIO *b;
  270. ERR(asprintf(&sig_file_name, "%s.p7s", module_name) < 0,
  271. "asprintf");
  272. b = BIO_new_file(sig_file_name, "wb");
  273. ERR(!b, "%s", sig_file_name);
  274. ERR(i2d_CMS_bio_stream(b, cms, NULL, 0) != 1,
  275. "%s", sig_file_name);
  276. BIO_free(b);
  277. }
  278. if (sign_only) {
  279. BIO_free(bm);
  280. return 0;
  281. }
  282. }
  283. /* Open the destination file now so that we can shovel the module data
  284. * across as we read it.
  285. */
  286. bd = BIO_new_file(dest_name, "wb");
  287. ERR(!bd, "%s", dest_name);
  288. /* Append the marker and the PKCS#7 message to the destination file */
  289. ERR(BIO_reset(bm) < 0, "%s", module_name);
  290. while ((n = BIO_read(bm, buf, sizeof(buf))),
  291. n > 0) {
  292. ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name);
  293. }
  294. BIO_free(bm);
  295. ERR(n < 0, "%s", module_name);
  296. module_size = BIO_number_written(bd);
  297. if (!raw_sig) {
  298. ERR(i2d_CMS_bio_stream(bd, cms, NULL, 0) != 1, "%s", dest_name);
  299. } else {
  300. BIO *b;
  301. /* Read the raw signature file and write the data to the
  302. * destination file
  303. */
  304. b = BIO_new_file(raw_sig_name, "rb");
  305. ERR(!b, "%s", raw_sig_name);
  306. while ((n = BIO_read(b, buf, sizeof(buf))), n > 0)
  307. ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name);
  308. BIO_free(b);
  309. }
  310. sig_size = BIO_number_written(bd) - module_size;
  311. sig_info.sig_len = htonl(sig_size);
  312. ERR(BIO_write(bd, &sig_info, sizeof(sig_info)) < 0, "%s", dest_name);
  313. ERR(BIO_write(bd, magic_number, sizeof(magic_number) - 1) < 0, "%s", dest_name);
  314. ERR(BIO_free(bd) != 1, "%s", dest_name);
  315. /* Finally, if we're signing in place, replace the original. */
  316. if (replace_orig)
  317. ERR(rename(dest_name, module_name) < 0, "%s", dest_name);
  318. return 0;
  319. }