2 * ima-evm-utils - IMA/EVM support utilities
4 * Copyright (C) 2011 Nokia Corporation
5 * Copyright (C) 2011,2012,2013 Intel Corporation
6 * Copyright (C) 2013,2014 Samsung Electronics
9 * Dmitry Kasatkin <dmitry.kasatkin@nokia.com>
10 * <dmitry.kasatkin@intel.com>
11 * <d.kasatkin@samsung.com>
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License
15 * version 2 as published by the Free Software Foundation.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
26 /* should we use logger instead for library? */
31 const char *const pkey_hash_algo[PKEY_HASH__LAST] = {
32 [PKEY_HASH_MD4] = "md4",
33 [PKEY_HASH_MD5] = "md5",
34 [PKEY_HASH_SHA1] = "sha1",
35 [PKEY_HASH_RIPE_MD_160] = "rmd160",
36 [PKEY_HASH_SHA256] = "sha256",
37 [PKEY_HASH_SHA384] = "sha384",
38 [PKEY_HASH_SHA512] = "sha512",
39 [PKEY_HASH_SHA224] = "sha224",
43 * Hash algorithm OIDs plus ASN.1 DER wrappings [RFC4880 sec 5.2.2].
45 static const uint8_t RSA_digest_info_MD5[] = {
46 0x30, 0x20, 0x30, 0x0C, 0x06, 0x08,
47 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, /* OID */
48 0x05, 0x00, 0x04, 0x10
51 static const uint8_t RSA_digest_info_SHA1[] = {
52 0x30, 0x21, 0x30, 0x09, 0x06, 0x05,
53 0x2B, 0x0E, 0x03, 0x02, 0x1A,
54 0x05, 0x00, 0x04, 0x14
57 static const uint8_t RSA_digest_info_RIPE_MD_160[] = {
58 0x30, 0x21, 0x30, 0x09, 0x06, 0x05,
59 0x2B, 0x24, 0x03, 0x02, 0x01,
60 0x05, 0x00, 0x04, 0x14
63 static const uint8_t RSA_digest_info_SHA224[] = {
64 0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09,
65 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04,
66 0x05, 0x00, 0x04, 0x1C
69 static const uint8_t RSA_digest_info_SHA256[] = {
70 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09,
71 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
72 0x05, 0x00, 0x04, 0x20
75 static const uint8_t RSA_digest_info_SHA384[] = {
76 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09,
77 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
78 0x05, 0x00, 0x04, 0x30
81 static const uint8_t RSA_digest_info_SHA512[] = {
82 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09,
83 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
84 0x05, 0x00, 0x04, 0x40
87 const struct RSA_ASN1_template RSA_ASN1_templates[PKEY_HASH__LAST] = {
88 #define _(X) { RSA_digest_info_##X, sizeof(RSA_digest_info_##X) }
89 [PKEY_HASH_MD5] = _(MD5),
90 [PKEY_HASH_SHA1] = _(SHA1),
91 [PKEY_HASH_RIPE_MD_160] = _(RIPE_MD_160),
92 [PKEY_HASH_SHA256] = _(SHA256),
93 [PKEY_HASH_SHA384] = _(SHA384),
94 [PKEY_HASH_SHA512] = _(SHA512),
95 [PKEY_HASH_SHA224] = _(SHA224),
99 struct libevm_params params = {
100 .verbose = LOG_INFO - 1,
104 void do_dump(FILE *fp, const void *ptr, int len, bool cr)
107 uint8_t *data = (uint8_t *) ptr;
109 for (i = 0; i < len; i++)
110 fprintf(fp, "%02x", data[i]);
115 void dump(const void *ptr, int len)
117 do_dump(stdout, ptr, len, true);
120 int get_filesize(const char *filename)
123 /* Need to know the file length */
124 stat(filename, &stats);
125 return (int)stats.st_size;
128 static inline int get_fdsize(int fd)
131 /* Need to know the file length */
133 return (int)stats.st_size;
136 static int add_file_hash(const char *file, EVP_MD_CTX *ctx)
139 int err, size, bs = DATA_SIZE;
145 log_err("malloc failed\n");
149 fp = fopen(file, "r");
151 log_err("Unable to open %s\n", file);
155 for (size = get_fdsize(fileno(fp)); size; size -= len) {
157 err = fread(data, len, 1, fp);
160 log_err("fread() error\n\n");
165 err = EVP_DigestUpdate(ctx, data, len);
167 log_err("EVP_DigestUpdate() failed\n");
178 static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
183 unsigned long long ino, off;
188 log_err("Unable to open %s\n", file);
192 while ((de = readdir(dir))) {
196 log_debug("entry: %s, ino: %llu, type: %u, off: %llu, reclen: %hu\n",
197 de->d_name, ino, type, off, de->d_reclen);
198 err = EVP_DigestUpdate(ctx, de->d_name, strlen(de->d_name));
199 /*err |= EVP_DigestUpdate(ctx, &off, sizeof(off));*/
200 err |= EVP_DigestUpdate(ctx, &ino, sizeof(ino));
201 err |= EVP_DigestUpdate(ctx, &type, sizeof(type));
203 log_err("EVP_DigestUpdate() failed\n");
213 static int add_link_hash(const char *path, EVP_MD_CTX *ctx)
218 err = readlink(path, buf, sizeof(buf));
222 log_info("link: %s -> %.*s\n", path, err, buf);
223 return !EVP_DigestUpdate(ctx, buf, err);
226 static int add_dev_hash(struct stat *st, EVP_MD_CTX *ctx)
228 uint32_t dev = st->st_rdev;
229 unsigned major = (dev & 0xfff00) >> 8;
230 unsigned minor = (dev & 0xff) | ((dev >> 12) & 0xfff00);
231 log_info("device: %u:%u\n", major, minor);
232 return !EVP_DigestUpdate(ctx, &dev, sizeof(dev));
235 int ima_calc_hash(const char *file, uint8_t *hash)
243 /* Need to know the file length */
244 err = lstat(file, &st);
246 log_err("stat() failed\n");
250 md = EVP_get_digestbyname(params.hash_algo);
252 log_err("EVP_get_digestbyname() failed\n");
256 err = EVP_DigestInit(&ctx, md);
258 log_err("EVP_DigestInit() failed\n");
262 switch (st.st_mode & S_IFMT) {
264 err = add_file_hash(file, &ctx);
267 err = add_dir_hash(file, &ctx);
270 err = add_link_hash(file, &ctx);
272 case S_IFIFO: case S_IFSOCK:
273 case S_IFCHR: case S_IFBLK:
274 err = add_dev_hash(&st, &ctx);
277 log_errno("Unsupported file type");
284 err = EVP_DigestFinal(&ctx, hash, &mdlen);
286 log_err("EVP_DigestFinal() failed\n");
293 RSA *read_pub_key(const char *keyfile, int x509)
298 EVP_PKEY *pkey = NULL;
300 fp = fopen(keyfile, "r");
302 log_err("Unable to open keyfile %s\n", keyfile);
307 crt = d2i_X509_fp(fp, NULL);
309 log_err("d2i_X509_fp() failed\n");
312 pkey = X509_extract_key(crt);
314 log_err("X509_extract_key() failed\n");
317 key = EVP_PKEY_get1_RSA(pkey);
319 key = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
323 log_err("PEM_read_RSA_PUBKEY() failed\n");
334 int verify_hash_v1(const unsigned char *hash, int size, unsigned char *sig, int siglen, const char *keyfile)
338 unsigned char out[1024];
340 unsigned char sighash[20];
341 struct signature_hdr *hdr = (struct signature_hdr *)sig;
344 log_dump(hash, size);
346 key = read_pub_key(keyfile, 0);
351 SHA1_Update(&ctx, hash, size);
352 SHA1_Update(&ctx, hdr, sizeof(*hdr));
353 SHA1_Final(sighash, &ctx);
354 log_info("sighash: ");
355 log_dump(sighash, sizeof(sighash));
357 err = RSA_public_decrypt(siglen - sizeof(*hdr) - 2, sig + sizeof(*hdr) + 2, out, key, RSA_PKCS1_PADDING);
360 log_err("RSA_public_decrypt() failed: %d\n", err);
366 if (len != sizeof(sighash) || memcmp(out, sighash, len) != 0) {
367 log_err("Verification failed: %d\n", err);
370 /*log_info("Verification is OK\n");*/
371 printf("Verification is OK\n");
377 int verify_hash_v2(const unsigned char *hash, int size, unsigned char *sig, int siglen, const char *keyfile)
380 unsigned char out[1024];
382 struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
383 const struct RSA_ASN1_template *asn1;
386 log_dump(hash, size);
388 key = read_pub_key(keyfile, 1);
392 err = RSA_public_decrypt(siglen - sizeof(*hdr), sig + sizeof(*hdr), out, key, RSA_PKCS1_PADDING);
395 log_err("RSA_public_decrypt() failed: %d\n", err);
401 asn1 = &RSA_ASN1_templates[hdr->hash_algo];
403 if (len < asn1->size || memcmp(out, asn1->data, asn1->size)) {
404 log_err("Verification failed: %d\n", err);
410 if (len != size || memcmp(out + asn1->size, hash, len)) {
411 log_err("Verification failed: %d\n", err);
415 /*log_info("Verification is OK\n");*/
416 printf("Verification is OK\n");
421 int get_hash_algo(const char *algo)
425 for (i = 0; i < PKEY_HASH__LAST; i++)
426 if (!strcmp(algo, pkey_hash_algo[i]))
429 return PKEY_HASH_SHA1;
432 static int get_hash_algo_from_sig(unsigned char *sig)
437 hashalgo = ((struct signature_hdr *)sig)->hash;
439 if (hashalgo >= DIGEST_ALGO_MAX)
443 case DIGEST_ALGO_SHA1:
444 return PKEY_HASH_SHA1;
445 case DIGEST_ALGO_SHA256:
446 return PKEY_HASH_SHA256;
450 } else if (sig[0] == 2) {
451 hashalgo = ((struct signature_v2_hdr *)sig)->hash_algo;
452 if (hashalgo >= PKEY_HASH__LAST)
459 int verify_hash(const unsigned char *hash, int size, unsigned char *sig, int siglen)
463 verify_hash_fn_t verify_hash;
465 /* Get signature type from sig header */
466 if (sig[0] == DIGSIG_VERSION_1) {
467 verify_hash = verify_hash_v1;
468 /* Read pubkey from RSA key */
470 } else if (sig[0] == DIGSIG_VERSION_2) {
471 verify_hash = verify_hash_v2;
472 /* Read pubkey from x509 cert */
477 /* Determine what key to use for verification*/
478 key = params.keyfile ? : x509 ?
479 "/etc/keys/x509_evm.der" :
480 "/etc/keys/pubkey_evm.pem";
482 return verify_hash(hash, size, sig, siglen, key);
485 int ima_verify_signature(const char *file, unsigned char *sig, int siglen)
487 unsigned char hash[64];
488 int hashlen, sig_hash_algo;
490 if (sig[0] != 0x03) {
491 log_err("security.ima has no signature\n");
495 sig_hash_algo = get_hash_algo_from_sig(sig + 1);
496 if (sig_hash_algo < 0) {
497 log_err("Invalid signature\n");
500 /* Use hash algorithm as retrieved from signature */
501 params.hash_algo = pkey_hash_algo[sig_hash_algo];
503 hashlen = ima_calc_hash(file, hash);
507 return verify_hash(hash, hashlen, sig + 1, siglen - 1);