1 /* ksign.c: signature checker
3 * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
12 #include <linux/kernel.h>
13 #include <asm/errno.h>
17 #define _debug(FMT, ...) printk(KERN_DEBUG FMT, ##__VA_ARGS__)
19 #define _debug(FMT, ...) do { ; } while (0)
23 * check the signature which is contained in SIG.
25 static int ksign_signature_check(const struct ksign_signature *sig,
26 struct crypto_hash *sha1_tfm)
28 struct ksign_public_key *pk;
29 struct hash_desc sha1_d;
30 uint8_t sha1[SHA1_DIGEST_SIZE];
34 pk = ksign_get_public_key(sig->keyid);
36 printk("ksign: module signed with unknown public key\n");
37 printk("- signature keyid: %08x%08x ver=%u\n",
38 sig->keyid[0], sig->keyid[1], sig->version);
42 if (pk->timestamp > sig->timestamp)
44 " public key is %lu seconds newer than the signature\n",
45 pk->timestamp - sig->timestamp);
47 sha1_d.tfm = sha1_tfm;
50 /* complete the digest */
51 if (sig->version >= 4)
52 SHA1_putc(&sha1_d, sig->version);
53 SHA1_putc(&sha1_d, sig->sig_class);
55 if (sig->version < 4) {
56 u32 a = sig->timestamp;
57 SHA1_putc(&sha1_d, (a >> 24) & 0xff);
58 SHA1_putc(&sha1_d, (a >> 16) & 0xff);
59 SHA1_putc(&sha1_d, (a >> 8) & 0xff);
60 SHA1_putc(&sha1_d, (a >> 0) & 0xff);
65 SHA1_putc(&sha1_d, PUBKEY_ALGO_DSA);
66 SHA1_putc(&sha1_d, DIGEST_ALGO_SHA1);
67 if (sig->hashed_data) {
68 n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
69 SHA1_write(&sha1_d, sig->hashed_data, n + 2);
77 buf[0] = sig->version;
83 SHA1_write(&sha1_d, buf, 6);
86 crypto_hash_final(&sha1_d, sha1);
87 crypto_free_hash(sha1_tfm);
90 result = mpi_alloc((SHA1_DIGEST_SIZE + BYTES_PER_MPI_LIMB - 1) /
95 rc = mpi_set_buffer(result, sha1, SHA1_DIGEST_SIZE, 0);
99 rc = DSA_verify(result, sig->data, pk->pkey);
103 ksign_put_public_key(pk);
109 * examine the signatures that are parsed out of the signature data - we keep
110 * the first one that's appropriate and ignore the rest
111 * - return 0 if signature of interest (sig not freed by caller)
112 * - return 1 if no interest (caller frees)
114 static int ksign_grab_signature(struct ksign_signature *sig, void *fnxdata)
116 struct ksign_signature **_sig = fnxdata;
118 if (sig->sig_class != 0x00) {
119 _debug("ksign: standalone signature of class 0x%02x\n",
132 * verify the signature of some data with one of the kernel's known public keys
133 * - the SHA1 context should be currently open with the signed data digested
134 * into it so that more data can be appended
135 * - the SHA1 context is finalised and freed before returning
137 int ksign_verify_signature(const char *sigdata, unsigned sig_size,
138 struct crypto_hash *sha1)
140 struct ksign_signature *sig = NULL;
143 /* parse the signature data to get the actual signature */
144 retval = ksign_parse_packets(sigdata, sig_size,
145 &ksign_grab_signature, NULL, NULL,
152 "Couldn't find valid DSA signature in module\n");
156 _debug("signature keyid: %08x%08x ver=%u\n",
157 sig->keyid[0], sig->keyid[1], sig->version);
159 /* check the data SHA1 transformation against the public key */
160 retval = ksign_signature_check(sig, sha1);
163 _debug("ksign: Signature check succeeded\n");
166 _debug("ksign: Signature check ENOMEM\n");
169 _debug("ksign: Signature check failed\n");
170 if (retval != -ENOKEY)
171 retval = -EKEYREJECTED;
177 ksign_free_signature(sig);