mirror of https://gitlab.com/qemu-project/qemu
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
437 lines
12 KiB
C
437 lines
12 KiB
C
/*
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
|
*
|
|
* uefi vars device - pkcs7 verification
|
|
*/
|
|
#include "qemu/osdep.h"
|
|
#include "qemu/error-report.h"
|
|
#include "system/dma.h"
|
|
|
|
#include <gnutls/gnutls.h>
|
|
#include <gnutls/pkcs7.h>
|
|
#include <gnutls/crypto.h>
|
|
|
|
#include "hw/uefi/var-service.h"
|
|
|
|
#define AUTHVAR_DIGEST_ALGO GNUTLS_DIG_SHA256
|
|
#define AUTHVAR_DIGEST_SIZE 32
|
|
|
|
/*
|
|
* Replicate the signed data for signature verification.
|
|
*/
|
|
static gnutls_datum_t *build_signed_data(mm_variable_access *va, void *data)
|
|
{
|
|
variable_auth_2 *auth = data;
|
|
uint64_t data_offset = sizeof(efi_time) + auth->hdr_length;
|
|
uint16_t *name = (void *)va + sizeof(mm_variable_access);
|
|
gnutls_datum_t *sdata;
|
|
uint64_t pos = 0;
|
|
|
|
sdata = g_new(gnutls_datum_t, 1);
|
|
sdata->size = (va->name_size - 2
|
|
+ sizeof(QemuUUID)
|
|
+ sizeof(va->attributes)
|
|
+ sizeof(auth->timestamp)
|
|
+ va->data_size - data_offset);
|
|
sdata->data = g_malloc(sdata->size);
|
|
|
|
/* Variable Name (without terminating \0) */
|
|
memcpy(sdata->data + pos, name, va->name_size - 2);
|
|
pos += va->name_size - 2;
|
|
|
|
/* Variable Namespace Guid */
|
|
memcpy(sdata->data + pos, &va->guid, sizeof(va->guid));
|
|
pos += sizeof(va->guid);
|
|
|
|
/* Attributes */
|
|
memcpy(sdata->data + pos, &va->attributes, sizeof(va->attributes));
|
|
pos += sizeof(va->attributes);
|
|
|
|
/* TimeStamp */
|
|
memcpy(sdata->data + pos, &auth->timestamp, sizeof(auth->timestamp));
|
|
pos += sizeof(auth->timestamp);
|
|
|
|
/* Variable Content */
|
|
memcpy(sdata->data + pos, data + data_offset, va->data_size - data_offset);
|
|
pos += va->data_size - data_offset;
|
|
|
|
assert(pos == sdata->size);
|
|
return sdata;
|
|
}
|
|
|
|
/*
|
|
* See WrapPkcs7Data() in edk2.
|
|
*
|
|
* UEFI spec allows pkcs7 signatures being used without the envelope which
|
|
* identifies them as pkcs7 signatures. openssl and gnutls will not parse them
|
|
* without the envelope though. So add it if needed.
|
|
*/
|
|
static void wrap_pkcs7(gnutls_datum_t *pkcs7)
|
|
{
|
|
static uint8_t signed_data_oid[9] = {
|
|
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02
|
|
};
|
|
gnutls_datum_t wrap;
|
|
|
|
if (pkcs7->data[4] == 0x06 &&
|
|
pkcs7->data[5] == 0x09 &&
|
|
memcmp(pkcs7->data + 6, signed_data_oid, sizeof(signed_data_oid)) == 0 &&
|
|
pkcs7->data[15] == 0x0a &&
|
|
pkcs7->data[16] == 0x82) {
|
|
return;
|
|
}
|
|
|
|
wrap.size = pkcs7->size + 19;
|
|
wrap.data = g_malloc(wrap.size);
|
|
|
|
wrap.data[0] = 0x30;
|
|
wrap.data[1] = 0x82;
|
|
wrap.data[2] = (wrap.size - 4) >> 8;
|
|
wrap.data[3] = (wrap.size - 4) & 0xff;
|
|
wrap.data[4] = 0x06;
|
|
wrap.data[5] = 0x09;
|
|
memcpy(wrap.data + 6, signed_data_oid, sizeof(signed_data_oid));
|
|
|
|
wrap.data[15] = 0xa0;
|
|
wrap.data[16] = 0x82;
|
|
wrap.data[17] = pkcs7->size >> 8;
|
|
wrap.data[18] = pkcs7->size & 0xff;
|
|
memcpy(wrap.data + 19, pkcs7->data, pkcs7->size);
|
|
|
|
g_free(pkcs7->data);
|
|
*pkcs7 = wrap;
|
|
}
|
|
|
|
static gnutls_datum_t *build_pkcs7(void *data)
|
|
{
|
|
variable_auth_2 *auth = data;
|
|
gnutls_datum_t *pkcs7;
|
|
|
|
pkcs7 = g_new(gnutls_datum_t, 1);
|
|
pkcs7->size = auth->hdr_length - 24;
|
|
pkcs7->data = g_malloc(pkcs7->size);
|
|
memcpy(pkcs7->data, data + 16 + 24, pkcs7->size);
|
|
|
|
wrap_pkcs7(pkcs7);
|
|
|
|
return pkcs7;
|
|
}
|
|
|
|
/*
|
|
* Read UEFI signature database, store x509 all certificates found in
|
|
* gnutls_x509_trust_list_t.
|
|
*/
|
|
static gnutls_x509_trust_list_t build_trust_list_sb(uefi_variable *var)
|
|
{
|
|
gnutls_x509_trust_list_t tlist;
|
|
gnutls_datum_t cert_data;
|
|
gnutls_x509_crt_t cert;
|
|
uefi_vars_siglist siglist;
|
|
uefi_vars_cert *c;
|
|
int rc;
|
|
|
|
rc = gnutls_x509_trust_list_init(&tlist, 0);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_trust_list_init error: %s",
|
|
gnutls_strerror(rc));
|
|
return NULL;
|
|
}
|
|
|
|
uefi_vars_siglist_init(&siglist);
|
|
uefi_vars_siglist_parse(&siglist, var->data, var->data_size);
|
|
|
|
QTAILQ_FOREACH(c, &siglist.x509, next) {
|
|
cert_data.size = c->size;
|
|
cert_data.data = c->data;
|
|
|
|
rc = gnutls_x509_crt_init(&cert);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_init error: %s", gnutls_strerror(rc));
|
|
break;
|
|
}
|
|
rc = gnutls_x509_crt_import(cert, &cert_data, GNUTLS_X509_FMT_DER);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_import error: %s",
|
|
gnutls_strerror(rc));
|
|
gnutls_x509_crt_deinit(cert);
|
|
break;
|
|
}
|
|
rc = gnutls_x509_trust_list_add_cas(tlist, &cert, 1, 0);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_import error: %s",
|
|
gnutls_strerror(rc));
|
|
gnutls_x509_crt_deinit(cert);
|
|
break;
|
|
}
|
|
}
|
|
|
|
uefi_vars_siglist_free(&siglist);
|
|
|
|
return tlist;
|
|
}
|
|
|
|
static int build_digest_authvar(gnutls_x509_crt_t signer,
|
|
gnutls_x509_crt_t root,
|
|
uint8_t *hash_digest)
|
|
{
|
|
char *cn;
|
|
size_t cn_size = 0;
|
|
uint8_t fp[AUTHVAR_DIGEST_SIZE];
|
|
size_t fp_size = sizeof(fp);
|
|
gnutls_hash_hd_t hash;
|
|
int rc;
|
|
|
|
/* get signer CN */
|
|
rc = gnutls_x509_crt_get_dn_by_oid(signer, GNUTLS_OID_X520_COMMON_NAME,
|
|
0, 0, NULL, &cn_size);
|
|
if (rc != GNUTLS_E_SHORT_MEMORY_BUFFER) {
|
|
warn_report("gnutls_x509_crt_get_dn_by_oid error #1: %s",
|
|
gnutls_strerror(rc));
|
|
return rc;
|
|
}
|
|
|
|
cn = g_malloc(cn_size);
|
|
rc = gnutls_x509_crt_get_dn_by_oid(signer, GNUTLS_OID_X520_COMMON_NAME,
|
|
0, 0, cn, &cn_size);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_get_dn_by_oid error #2: %s",
|
|
gnutls_strerror(rc));
|
|
goto err;
|
|
}
|
|
|
|
/* get root certificate fingerprint */
|
|
rc = gnutls_x509_crt_get_fingerprint(root, AUTHVAR_DIGEST_ALGO,
|
|
fp, &fp_size);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_get_fingerprint error: %s",
|
|
gnutls_strerror(rc));
|
|
goto err;
|
|
}
|
|
|
|
/* digest both items */
|
|
rc = gnutls_hash_init(&hash, AUTHVAR_DIGEST_ALGO);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_hash_init error: %s",
|
|
gnutls_strerror(rc));
|
|
goto err;
|
|
}
|
|
rc = gnutls_hash(hash, cn, cn_size);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_hash error: %s",
|
|
gnutls_strerror(rc));
|
|
goto err;
|
|
}
|
|
rc = gnutls_hash(hash, fp, fp_size);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_hash error: %s",
|
|
gnutls_strerror(rc));
|
|
goto err;
|
|
}
|
|
gnutls_hash_deinit(hash, hash_digest);
|
|
|
|
return 0;
|
|
|
|
err:
|
|
g_free(cn);
|
|
return rc;
|
|
}
|
|
|
|
/*
|
|
* uefi spec 2.9, section 8.2.2
|
|
*
|
|
* For EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS variables which are
|
|
* NOT secure boot variables we should track the root certificate of the trust
|
|
* chain, and the subject CN of the signer certificate.
|
|
*
|
|
* So we'll go store a digest of these two items so we can verify this. Also
|
|
* create a gnutls_x509_trust_list_t with the root certificate, so
|
|
* gnutls_pkcs7_verify() will pass (assuming the signature is otherwise
|
|
* correct).
|
|
*/
|
|
static gnutls_x509_trust_list_t build_trust_list_authvar(gnutls_pkcs7_t pkcs7,
|
|
uint8_t *hash_digest)
|
|
{
|
|
gnutls_datum_t signer_data = { 0 };
|
|
gnutls_datum_t root_data = { 0 };
|
|
gnutls_x509_crt_t signer = NULL;
|
|
gnutls_x509_crt_t root = NULL;
|
|
gnutls_x509_trust_list_t tlist = NULL;
|
|
int n, rc;
|
|
|
|
n = gnutls_pkcs7_get_crt_count(pkcs7);
|
|
|
|
/* first is signer certificate */
|
|
rc = gnutls_pkcs7_get_crt_raw2(pkcs7, 0, &signer_data);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_pkcs7_get_crt_raw2(0) error: %s",
|
|
gnutls_strerror(rc));
|
|
goto done;
|
|
}
|
|
rc = gnutls_x509_crt_init(&signer);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_init error: %s", gnutls_strerror(rc));
|
|
goto done;
|
|
}
|
|
rc = gnutls_x509_crt_import(signer, &signer_data, GNUTLS_X509_FMT_DER);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_import error: %s",
|
|
gnutls_strerror(rc));
|
|
gnutls_x509_crt_deinit(signer);
|
|
goto done;
|
|
}
|
|
|
|
/* last is root-of-trust certificate (can be identical to signer) */
|
|
rc = gnutls_pkcs7_get_crt_raw2(pkcs7, n - 1, &root_data);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_pkcs7_get_crt_raw2(%d) error: %s",
|
|
n - 1, gnutls_strerror(rc));
|
|
goto done;
|
|
}
|
|
rc = gnutls_x509_crt_init(&root);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_init error: %s", gnutls_strerror(rc));
|
|
goto done;
|
|
}
|
|
rc = gnutls_x509_crt_import(root, &root_data, GNUTLS_X509_FMT_DER);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_import error: %s",
|
|
gnutls_strerror(rc));
|
|
goto done;
|
|
}
|
|
|
|
/* calc digest for signer CN + root cert */
|
|
rc = build_digest_authvar(signer, root, hash_digest);
|
|
if (rc < 0) {
|
|
goto done;
|
|
}
|
|
|
|
/* add root to trust list */
|
|
rc = gnutls_x509_trust_list_init(&tlist, 0);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_trust_list_init error: %s",
|
|
gnutls_strerror(rc));
|
|
goto done;
|
|
}
|
|
rc = gnutls_x509_trust_list_add_cas(tlist, &root, 1, 0);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_x509_crt_import error: %s",
|
|
gnutls_strerror(rc));
|
|
gnutls_x509_trust_list_deinit(tlist, 1);
|
|
tlist = NULL;
|
|
goto done;
|
|
} else {
|
|
/* ownership passed to tlist */
|
|
root = NULL;
|
|
}
|
|
|
|
done:
|
|
if (signer_data.data) {
|
|
gnutls_free(signer_data.data);
|
|
}
|
|
if (root_data.data) {
|
|
gnutls_free(root_data.data);
|
|
}
|
|
if (signer) {
|
|
gnutls_x509_crt_deinit(signer);
|
|
}
|
|
if (root) {
|
|
gnutls_x509_crt_deinit(root);
|
|
}
|
|
return tlist;
|
|
}
|
|
|
|
static void free_datum(gnutls_datum_t *ptr)
|
|
{
|
|
if (!ptr) {
|
|
return;
|
|
}
|
|
g_free(ptr->data);
|
|
g_free(ptr);
|
|
}
|
|
|
|
static void gnutls_log_stderr(int level, const char *msg)
|
|
{
|
|
if (strncmp(msg, "ASSERT:", 7) == 0) {
|
|
return;
|
|
}
|
|
fprintf(stderr, " %d: %s", level, msg);
|
|
}
|
|
|
|
/*
|
|
* pkcs7 signature verification (EFI_VARIABLE_AUTHENTICATION_2).
|
|
*/
|
|
efi_status uefi_vars_check_pkcs7_2(uefi_variable *siglist,
|
|
void **digest, uint32_t *digest_size,
|
|
mm_variable_access *va, void *data)
|
|
{
|
|
gnutls_x509_trust_list_t tlist = NULL;
|
|
gnutls_datum_t *signed_data = NULL;
|
|
gnutls_datum_t *pkcs7_data = NULL;
|
|
gnutls_pkcs7_t pkcs7 = NULL;
|
|
efi_status status = EFI_SECURITY_VIOLATION;
|
|
int rc;
|
|
|
|
if (0) {
|
|
/* gnutls debug logging */
|
|
static bool first = true;
|
|
|
|
if (first) {
|
|
first = false;
|
|
gnutls_global_set_log_function(gnutls_log_stderr);
|
|
gnutls_global_set_log_level(99);
|
|
}
|
|
}
|
|
|
|
signed_data = build_signed_data(va, data);
|
|
pkcs7_data = build_pkcs7(data);
|
|
|
|
rc = gnutls_pkcs7_init(&pkcs7);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_pkcs7_init error: %s", gnutls_strerror(rc));
|
|
goto out;
|
|
}
|
|
|
|
rc = gnutls_pkcs7_import(pkcs7, pkcs7_data, GNUTLS_X509_FMT_DER);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_pkcs7_import error: %s", gnutls_strerror(rc));
|
|
goto out;
|
|
}
|
|
|
|
if (siglist) {
|
|
/* secure boot variables */
|
|
tlist = build_trust_list_sb(siglist);
|
|
} else if (digest && digest_size) {
|
|
/* other authenticated variables */
|
|
*digest_size = AUTHVAR_DIGEST_SIZE;
|
|
*digest = g_malloc(*digest_size);
|
|
tlist = build_trust_list_authvar(pkcs7, *digest);
|
|
} else {
|
|
/* should not happen */
|
|
goto out;
|
|
}
|
|
|
|
rc = gnutls_pkcs7_verify(pkcs7, tlist,
|
|
NULL, 0,
|
|
0, signed_data,
|
|
GNUTLS_VERIFY_DISABLE_TIME_CHECKS |
|
|
GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS);
|
|
if (rc < 0) {
|
|
warn_report("gnutls_pkcs7_verify error: %s", gnutls_strerror(rc));
|
|
goto out;
|
|
}
|
|
|
|
/* check passed */
|
|
status = EFI_SUCCESS;
|
|
|
|
out:
|
|
free_datum(signed_data);
|
|
free_datum(pkcs7_data);
|
|
if (tlist) {
|
|
gnutls_x509_trust_list_deinit(tlist, 1);
|
|
}
|
|
if (pkcs7) {
|
|
gnutls_pkcs7_deinit(pkcs7);
|
|
}
|
|
return status;
|
|
}
|