X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=lib%2Frsa%2Frsa-sign.c;h=c27a784c4298d7043801052632aeb2cd319773c7;hb=6674edaabfd271471608146806f5b6540bc76a1b;hp=83f5e87838950a7fb63f2de0aac6891cf40e2abd;hpb=304f936aeaab0c3cc9d5af438fd3498ac7682991;p=platform%2Fkernel%2Fu-boot.git diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 83f5e87..c27a784 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -1,23 +1,23 @@ +// SPDX-License-Identifier: GPL-2.0+ /* * Copyright (c) 2013, Google Inc. - * - * SPDX-License-Identifier: GPL-2.0+ */ #include "mkimage.h" +#include #include #include #include #include +#include +#include +#include #include #include #include #include #include - -#if OPENSSL_VERSION_NUMBER >= 0x10000000L -#define HAVE_ERR_REMOVE_THREAD_STATE -#endif +#include static int rsa_err(const char *msg) { @@ -31,23 +31,25 @@ static int rsa_err(const char *msg) } /** - * rsa_get_pub_key() - read a public key from a .crt file + * rsa_pem_get_pub_key() - read a public key from a .crt file * * @keydir: Directory containins the key * @name Name of key file (will have a .crt extension) - * @rsap Returns RSA object, or NULL on failure - * @return 0 if ok, -ve on error (in which case *rsap will be set to NULL) + * @evpp Returns EVP_PKEY object, or NULL on failure + * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL) */ -static int rsa_get_pub_key(const char *keydir, const char *name, RSA **rsap) +static int rsa_pem_get_pub_key(const char *keydir, const char *name, EVP_PKEY **evpp) { char path[1024]; - EVP_PKEY *key; + EVP_PKEY *key = NULL; X509 *cert; - RSA *rsa; FILE *f; int ret; - *rsap = NULL; + if (!evpp) + return -EINVAL; + + *evpp = NULL; snprintf(path, sizeof(path), "%s/%s.crt", keydir, name); f = fopen(path, "r"); if (!f) { @@ -72,21 +74,12 @@ static int rsa_get_pub_key(const char *keydir, const char *name, RSA **rsap) goto err_pubkey; } - /* Convert to a RSA_style key. */ - rsa = EVP_PKEY_get1_RSA(key); - if (!rsa) { - rsa_err("Couldn't convert to a RSA style key"); - goto err_rsa; - } fclose(f); - EVP_PKEY_free(key); + *evpp = key; X509_free(cert); - *rsap = rsa; return 0; -err_rsa: - EVP_PKEY_free(key); err_pubkey: X509_free(cert); err_cert: @@ -95,21 +88,107 @@ err_cert: } /** - * rsa_get_priv_key() - read a private key from a .key file + * rsa_engine_get_pub_key() - read a public key from given engine * - * @keydir: Directory containins the key + * @keydir: Key prefix + * @name Name of key + * @engine Engine to use + * @evpp Returns EVP_PKEY object, or NULL on failure + * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL) + */ +static int rsa_engine_get_pub_key(const char *keydir, const char *name, + ENGINE *engine, EVP_PKEY **evpp) +{ + const char *engine_id; + char key_id[1024]; + EVP_PKEY *key = NULL; + + if (!evpp) + return -EINVAL; + + *evpp = NULL; + + engine_id = ENGINE_get_id(engine); + + if (engine_id && !strcmp(engine_id, "pkcs11")) { + if (keydir) + if (strstr(keydir, "object=")) + snprintf(key_id, sizeof(key_id), + "pkcs11:%s;type=public", + keydir); + else + snprintf(key_id, sizeof(key_id), + "pkcs11:%s;object=%s;type=public", + keydir, name); + else + snprintf(key_id, sizeof(key_id), + "pkcs11:object=%s;type=public", + name); + } else if (engine_id) { + if (keydir) + snprintf(key_id, sizeof(key_id), + "%s%s", + keydir, name); + else + snprintf(key_id, sizeof(key_id), + "%s", + name); + } else { + fprintf(stderr, "Engine not supported\n"); + return -ENOTSUP; + } + + key = ENGINE_load_public_key(engine, key_id, NULL, NULL); + if (!key) + return rsa_err("Failure loading public key from engine"); + + *evpp = key; + + return 0; +} + +/** + * rsa_get_pub_key() - read a public key + * + * @keydir: Directory containing the key (PEM file) or key prefix (engine) + * @name Name of key file (will have a .crt extension) + * @engine Engine to use + * @evpp Returns EVP_PKEY object, or NULL on failure + * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL) + */ +static int rsa_get_pub_key(const char *keydir, const char *name, + ENGINE *engine, EVP_PKEY **evpp) +{ + if (engine) + return rsa_engine_get_pub_key(keydir, name, engine, evpp); + return rsa_pem_get_pub_key(keydir, name, evpp); +} + +/** + * rsa_pem_get_priv_key() - read a private key from a .key file + * + * @keydir: Directory containing the key * @name Name of key file (will have a .key extension) - * @rsap Returns RSA object, or NULL on failure - * @return 0 if ok, -ve on error (in which case *rsap will be set to NULL) + * @evpp Returns EVP_PKEY object, or NULL on failure + * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL) */ -static int rsa_get_priv_key(const char *keydir, const char *name, RSA **rsap) +static int rsa_pem_get_priv_key(const char *keydir, const char *name, + const char *keyfile, EVP_PKEY **evpp) { - char path[1024]; - RSA *rsa; - FILE *f; + char path[1024] = {0}; + FILE *f = NULL; + + if (!evpp) + return -EINVAL; + + *evpp = NULL; + if (keydir && name) + snprintf(path, sizeof(path), "%s/%s.key", keydir, name); + else if (keyfile) + snprintf(path, sizeof(path), "%s", keyfile); + else + return -EINVAL; - *rsap = NULL; - snprintf(path, sizeof(path), "%s/%s.key", keydir, name); f = fopen(path, "r"); if (!f) { fprintf(stderr, "Couldn't open RSA private key: '%s': %s\n", @@ -117,71 +196,186 @@ static int rsa_get_priv_key(const char *keydir, const char *name, RSA **rsap) return -ENOENT; } - rsa = PEM_read_RSAPrivateKey(f, 0, NULL, path); - if (!rsa) { + if (!PEM_read_PrivateKey(f, evpp, NULL, path)) { rsa_err("Failure reading private key"); fclose(f); return -EPROTO; } fclose(f); - *rsap = rsa; return 0; } +/** + * rsa_engine_get_priv_key() - read a private key from given engine + * + * @keydir: Key prefix + * @name Name of key + * @engine Engine to use + * @evpp Returns EVP_PKEY object, or NULL on failure + * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL) + */ +static int rsa_engine_get_priv_key(const char *keydir, const char *name, + const char *keyfile, + ENGINE *engine, EVP_PKEY **evpp) +{ + const char *engine_id; + char key_id[1024]; + EVP_PKEY *key = NULL; + + if (!evpp) + return -EINVAL; + + engine_id = ENGINE_get_id(engine); + + if (engine_id && !strcmp(engine_id, "pkcs11")) { + if (!keydir && !name) { + fprintf(stderr, "Please use 'keydir' with PKCS11\n"); + return -EINVAL; + } + if (keydir) + if (strstr(keydir, "object=")) + snprintf(key_id, sizeof(key_id), + "pkcs11:%s;type=private", + keydir); + else + snprintf(key_id, sizeof(key_id), + "pkcs11:%s;object=%s;type=private", + keydir, name); + else + snprintf(key_id, sizeof(key_id), + "pkcs11:object=%s;type=private", + name); + } else if (engine_id) { + if (keydir && name) + snprintf(key_id, sizeof(key_id), + "%s%s", + keydir, name); + else if (name) + snprintf(key_id, sizeof(key_id), + "%s", + name ? name : ""); + else if (keyfile) + snprintf(key_id, sizeof(key_id), "%s", keyfile); + else + return -EINVAL; + + } else { + fprintf(stderr, "Engine not supported\n"); + return -ENOTSUP; + } + + key = ENGINE_load_private_key(engine, key_id, NULL, NULL); + if (!key) + return rsa_err("Failure loading private key from engine"); + + *evpp = key; + + return 0; +} + +/** + * rsa_get_priv_key() - read a private key + * + * @keydir: Directory containing the key (PEM file) or key prefix (engine) + * @name Name of key + * @engine Engine to use for signing + * @evpp Returns EVP_PKEY object, or NULL on failure + * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL) + */ +static int rsa_get_priv_key(const char *keydir, const char *name, + const char *keyfile, ENGINE *engine, EVP_PKEY **evpp) +{ + if (engine) + return rsa_engine_get_priv_key(keydir, name, keyfile, engine, + evpp); + return rsa_pem_get_priv_key(keydir, name, keyfile, evpp); +} + static int rsa_init(void) { int ret; - ret = SSL_library_init(); + ret = OPENSSL_init_ssl(0, NULL); if (!ret) { fprintf(stderr, "Failure to init SSL library\n"); return -1; } - SSL_load_error_strings(); - OpenSSL_add_all_algorithms(); - OpenSSL_add_all_digests(); - OpenSSL_add_all_ciphers(); + return 0; +} + +static int rsa_engine_init(const char *engine_id, ENGINE **pe) +{ + const char *key_pass; + ENGINE *e; + int ret; + + ENGINE_load_builtin_engines(); + + e = ENGINE_by_id(engine_id); + if (!e) { + fprintf(stderr, "Engine isn't available\n"); + return -1; + } + + if (!ENGINE_init(e)) { + fprintf(stderr, "Couldn't initialize engine\n"); + ret = -1; + goto err_engine_init; + } + + if (!ENGINE_set_default_RSA(e)) { + fprintf(stderr, "Couldn't set engine as default for RSA\n"); + ret = -1; + goto err_set_rsa; + } + + key_pass = getenv("MKIMAGE_SIGN_PIN"); + if (key_pass) { + if (!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0)) { + fprintf(stderr, "Couldn't set PIN\n"); + ret = -1; + goto err_set_pin; + } + } + + *pe = e; return 0; + +err_set_pin: +err_set_rsa: + ENGINE_finish(e); +err_engine_init: + ENGINE_free(e); + return ret; } -static void rsa_remove(void) +static void rsa_engine_remove(ENGINE *e) { - CRYPTO_cleanup_all_ex_data(); - ERR_free_strings(); -#ifdef HAVE_ERR_REMOVE_THREAD_STATE - ERR_remove_thread_state(NULL); -#else - ERR_remove_state(0); -#endif - EVP_cleanup(); + if (e) { + ENGINE_finish(e); + ENGINE_free(e); + } } -static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, +static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo, + struct checksum_algo *checksum_algo, const struct image_region region[], int region_count, uint8_t **sigp, uint *sig_size) { - EVP_PKEY *key; + EVP_PKEY_CTX *ckey; EVP_MD_CTX *context; - int size, ret = 0; + int ret = 0; + size_t size; uint8_t *sig; int i; - key = EVP_PKEY_new(); - if (!key) - return rsa_err("EVP_PKEY object creation failed"); - - if (!EVP_PKEY_set1_RSA(key, rsa)) { - ret = rsa_err("EVP key setup failed"); - goto err_set; - } - - size = EVP_PKEY_size(key); + size = EVP_PKEY_size(pkey); sig = malloc(size); if (!sig) { - fprintf(stderr, "Out of memory for signature (%d bytes)\n", + fprintf(stderr, "Out of memory for signature (%zu bytes)\n", size); ret = -ENOMEM; goto err_alloc; @@ -193,27 +387,47 @@ static int rsa_sign_with_key(RSA *rsa, struct checksum_algo *checksum_algo, goto err_create; } EVP_MD_CTX_init(context); - if (!EVP_SignInit(context, checksum_algo->calculate_sign())) { + + ckey = EVP_PKEY_CTX_new(pkey, NULL); + if (!ckey) { + ret = rsa_err("EVP key context creation failed"); + goto err_create; + } + + if (EVP_DigestSignInit(context, &ckey, + checksum_algo->calculate_sign(), + NULL, pkey) <= 0) { ret = rsa_err("Signer setup failed"); goto err_sign; } +#ifdef CONFIG_FIT_RSASSA_PSS + if (padding_algo && !strcmp(padding_algo->name, "pss")) { + if (EVP_PKEY_CTX_set_rsa_padding(ckey, + RSA_PKCS1_PSS_PADDING) <= 0) { + ret = rsa_err("Signer padding setup failed"); + goto err_sign; + } + } +#endif /* CONFIG_FIT_RSASSA_PSS */ + for (i = 0; i < region_count; i++) { - if (!EVP_SignUpdate(context, region[i].data, region[i].size)) { + if (!EVP_DigestSignUpdate(context, region[i].data, + region[i].size)) { ret = rsa_err("Signing data failed"); goto err_sign; } } - if (!EVP_SignFinal(context, sig, sig_size, key)) { + if (!EVP_DigestSignFinal(context, sig, &size)) { ret = rsa_err("Could not obtain signature"); goto err_sign; } - EVP_MD_CTX_cleanup(context); + + EVP_MD_CTX_reset(context); EVP_MD_CTX_destroy(context); - EVP_PKEY_free(key); - debug("Got signature: %d bytes, expected %d\n", *sig_size, size); + debug("Got signature: %zu bytes, expected %d\n", size, EVP_PKEY_size(pkey)); *sigp = sig; *sig_size = size; @@ -224,8 +438,6 @@ err_sign: err_create: free(sig); err_alloc: -err_set: - EVP_PKEY_free(key); return ret; } @@ -233,41 +445,101 @@ int rsa_sign(struct image_sign_info *info, const struct image_region region[], int region_count, uint8_t **sigp, uint *sig_len) { - RSA *rsa; + EVP_PKEY *pkey = NULL; + ENGINE *e = NULL; int ret; ret = rsa_init(); if (ret) return ret; - ret = rsa_get_priv_key(info->keydir, info->keyname, &rsa); + if (info->engine_id) { + ret = rsa_engine_init(info->engine_id, &e); + if (ret) + return ret; + } + + ret = rsa_get_priv_key(info->keydir, info->keyname, info->keyfile, + e, &pkey); if (ret) goto err_priv; - ret = rsa_sign_with_key(rsa, info->algo->checksum, region, + ret = rsa_sign_with_key(pkey, info->padding, info->checksum, region, region_count, sigp, sig_len); if (ret) goto err_sign; - RSA_free(rsa); - rsa_remove(); + EVP_PKEY_free(pkey); + if (info->engine_id) + rsa_engine_remove(e); return ret; err_sign: - RSA_free(rsa); + EVP_PKEY_free(pkey); err_priv: - rsa_remove(); + if (info->engine_id) + rsa_engine_remove(e); + return ret; +} + +/* + * rsa_get_exponent(): - Get the public exponent from an RSA key + */ +static int rsa_get_exponent(RSA *key, uint64_t *e) +{ + int ret; + BIGNUM *bn_te; + const BIGNUM *key_e; + uint64_t te; + + ret = -EINVAL; + bn_te = NULL; + + if (!e) + goto cleanup; + + RSA_get0_key(key, NULL, &key_e, NULL); + if (BN_num_bits(key_e) > 64) + goto cleanup; + + *e = BN_get_word(key_e); + + if (BN_num_bits(key_e) < 33) { + ret = 0; + goto cleanup; + } + + bn_te = BN_dup(key_e); + if (!bn_te) + goto cleanup; + + if (!BN_rshift(bn_te, bn_te, 32)) + goto cleanup; + + if (!BN_mask_bits(bn_te, 32)) + goto cleanup; + + te = BN_get_word(bn_te); + te <<= 32; + *e |= te; + ret = 0; + +cleanup: + if (bn_te) + BN_free(bn_te); + return ret; } /* * rsa_get_params(): - Get the important parameters of an RSA public key */ -int rsa_get_params(RSA *key, uint32_t *n0_invp, BIGNUM **modulusp, - BIGNUM **r_squaredp) +int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp, + BIGNUM **modulusp, BIGNUM **r_squaredp) { BIGNUM *big1, *big2, *big32, *big2_32; BIGNUM *n, *r, *r_squared, *tmp; + const BIGNUM *key_n; BN_CTX *bn_ctx = BN_CTX_new(); int ret = 0; @@ -286,7 +558,11 @@ int rsa_get_params(RSA *key, uint32_t *n0_invp, BIGNUM **modulusp, return -ENOMEM; } - if (!BN_copy(n, key->n) || !BN_set_word(big1, 1L) || + if (0 != rsa_get_exponent(key, exponent)) + ret = -1; + + RSA_get0_key(key, &key_n, NULL, NULL); + if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) || !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) ret = -1; @@ -328,78 +604,33 @@ int rsa_get_params(RSA *key, uint32_t *n0_invp, BIGNUM **modulusp, return ret; } -static int fdt_add_bignum(void *blob, int noffset, const char *prop_name, - BIGNUM *num, int num_bits) -{ - int nwords = num_bits / 32; - int size; - uint32_t *buf, *ptr; - BIGNUM *tmp, *big2, *big32, *big2_32; - BN_CTX *ctx; - int ret; - - tmp = BN_new(); - big2 = BN_new(); - big32 = BN_new(); - big2_32 = BN_new(); - if (!tmp || !big2 || !big32 || !big2_32) { - fprintf(stderr, "Out of memory (bignum)\n"); - return -ENOMEM; - } - ctx = BN_CTX_new(); - if (!tmp) { - fprintf(stderr, "Out of memory (bignum context)\n"); - return -ENOMEM; - } - BN_set_word(big2, 2L); - BN_set_word(big32, 32L); - BN_exp(big2_32, big2, big32, ctx); /* B = 2^32 */ - - size = nwords * sizeof(uint32_t); - buf = malloc(size); - if (!buf) { - fprintf(stderr, "Out of memory (%d bytes)\n", size); - return -ENOMEM; - } - - /* Write out modulus as big endian array of integers */ - for (ptr = buf + nwords - 1; ptr >= buf; ptr--) { - BN_mod(tmp, num, big2_32, ctx); /* n = N mod B */ - *ptr = cpu_to_fdt32(BN_get_word(tmp)); - BN_rshift(num, num, 32); /* N = N/B */ - } - - ret = fdt_setprop(blob, noffset, prop_name, buf, size); - if (ret) { - fprintf(stderr, "Failed to write public key to FIT\n"); - return -ENOSPC; - } - free(buf); - BN_free(tmp); - BN_free(big2); - BN_free(big32); - BN_free(big2_32); - - return ret; -} - int rsa_add_verify_data(struct image_sign_info *info, void *keydest) { BIGNUM *modulus, *r_squared; + uint64_t exponent; uint32_t n0_inv; int parent, node; char name[100]; int ret; int bits; RSA *rsa; + EVP_PKEY *pkey = NULL; + ENGINE *e = NULL; debug("%s: Getting verification data\n", __func__); - ret = rsa_get_pub_key(info->keydir, info->keyname, &rsa); + if (info->engine_id) { + ret = rsa_engine_init(info->engine_id, &e); + if (ret) + return ret; + } + ret = rsa_get_pub_key(info->keydir, info->keyname, e, &pkey); if (ret) - return ret; - ret = rsa_get_params(rsa, &n0_inv, &modulus, &r_squared); + goto err_get_pub_key; + + rsa = EVP_PKEY_get0_RSA(pkey); + ret = rsa_get_params(rsa, &exponent, &n0_inv, &modulus, &r_squared); if (ret) - return ret; + goto err_get_params; bits = BN_num_bits(modulus); parent = fdt_subnode_offset(keydest, 0, FIT_SIG_NODENAME); if (parent == -FDT_ERR_NOTFOUND) { @@ -434,14 +665,17 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) } if (!ret) { - ret = fdt_setprop_string(keydest, node, "key-name-hint", - info->keyname); + ret = fdt_setprop_string(keydest, node, FIT_KEY_HINT, + info->keyname); } if (!ret) ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); if (!ret) ret = fdt_setprop_u32(keydest, node, "rsa,n0-inverse", n0_inv); if (!ret) { + ret = fdt_setprop_u64(keydest, node, "rsa,exponent", exponent); + } + if (!ret) { ret = fdt_add_bignum(keydest, node, "rsa,modulus", modulus, bits); } @@ -451,17 +685,22 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) } if (!ret) { ret = fdt_setprop_string(keydest, node, FIT_ALGO_PROP, - info->algo->name); + info->name); } - if (info->require_keys) { - ret = fdt_setprop_string(keydest, node, "required", + if (!ret && info->require_keys) { + ret = fdt_setprop_string(keydest, node, FIT_KEY_REQUIRED, info->require_keys); } done: BN_free(modulus); BN_free(r_squared); if (ret) - return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO; + ret = ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO; +err_get_params: + EVP_PKEY_free(pkey); +err_get_pub_key: + if (info->engine_id) + rsa_engine_remove(e); - return 0; + return ret; }