From patchwork Tue Jul 5 05:48:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 587431 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:1ec:0:0:0:0 with SMTP id 12csp1446603map; Mon, 4 Jul 2022 22:49:19 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sZo+VDBQkJjcgayLU0nvqNkmfpQfNsrIyr9E7d/hXz1WqOd/L6R6AeGvj2V56Xqn/stu6c X-Received: by 2002:a05:6512:3b09:b0:483:7ec3:cba1 with SMTP id f9-20020a0565123b0900b004837ec3cba1mr1113695lfv.113.1657000159043; Mon, 04 Jul 2022 22:49:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657000159; cv=none; d=google.com; s=arc-20160816; b=p5SuS8XaWSQ9XByzJ8K0Ogipps6b5uX4r8udm2/Mgik/GuaY+rkhnZasCXR6fEi4XN bLS1cYZ6cRmc+fDbKUW+wiWoyYbKl7UYBJG1z7MhBv0DGb/VnnQ1jMUcGmn3JM+1OP0d 6ghK40s1jy0wyXatiDCZje3NuWcw6ES/OGJMueyhYTdtm4gA47GQqkSUKsJlllapvYI8 FRfvDJYtz/vXQ6ZuzdVA1gToFcin+HHU/0OGbau0VaJzepGG7SB0cIHi+XQord69qBBN NmDOkWaAipEo0mEEjYRA/3jIwxlia33518qNyYFWxpQkJcIUqHY9AwKe+3vdc2emF+xd TFwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=aEcAnmHh6ljtJqaZr1tnJhonpKpBFRfyfO/h7+HnFqQ=; b=McJtQLIM7mWD0nSrlQhsb5j3emUyE4LWeQHp9DQ7y8WuaXkFjtn3dlZVSTXQXM/4OK f9UvLyXz2+yjeC+3sPbhEJLCagGef9MNjmg6/BwPAIkdUapKEtAjj0dPyHGqUt9YO4FF hNy6arFxC1MEvRVBmcrPzyAfDABdrYpxR4+PHh5rVQqpFUXPHGvTSmd8opnixBjr9xo7 NiaWkdRI3SQuwmmBLmTdSqJr7zRCyPFzT86lbAWdjGh7xdPlsGHbwrQ06cLm3bgXfh7o SBdYaHd0NsIpQ5JXvAfcIxaKsaTT5Nf30VuZpiz9YOXJREEVrVlu1sfJ/m5purHuUW+l k/6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=u0NXsfaw; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id cf26-20020a056512281a00b0047fa39244e7si37491228lfb.495.2022.07.04.22.49.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:19 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=u0NXsfaw; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id B4B118451B; Tue, 5 Jul 2022 07:49:09 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="u0NXsfaw"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 9BFEF8451A; Tue, 5 Jul 2022 07:49:07 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 3702684510 for ; Tue, 5 Jul 2022 07:49:03 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pj1-x1030.google.com with SMTP id s21so6591380pjq.4 for ; Mon, 04 Jul 2022 22:49:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=aEcAnmHh6ljtJqaZr1tnJhonpKpBFRfyfO/h7+HnFqQ=; b=u0NXsfawK+/kkUfty1F1OX4okBQK5/YPss4bRxracCRt7pDRkJRjbZlsUWMRzaWesG ANJT/RTpXVyw5b66qeNy9Ob/0TVpR3rc43/9Ua+uYNcaWRWWikks5mlnrv613GCpIwN7 IXsj7N2PTFw5cX7NmQIhHbAFr/pKZYhdoa7uJ4Kc8f4chlNxmTNaImwrkJHro9EaZSty k2loAmQBOIIQYsYD4knfz3jxHFCu0tw+z5htxBsNsxPVjikgGhhjfa7j1DLatXxVyKiC DVUhyBN6RegHEqbA+FO2194dEHvPcP+y8BWkNnApQnR78MoFCJEZPD+kfVqdxt2dek9p Yilg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aEcAnmHh6ljtJqaZr1tnJhonpKpBFRfyfO/h7+HnFqQ=; b=MM1ksFYya7PA2r5OJLwOydFKrzofhn5Gh05D5yKQm24qGLStJcc603vYQ01Lp+eoDA zfoutN9gpppySoeGweOK5GtUZeiu3IAzRLUp9jcIekMDaWMtTxSZ7/hx/wumbIHDuetM PVManmw6Cgw6kMZ2jmghU0z8bWvcppqK9t2tjC+0bvF02u9Y6b8RDsdgEE98ehMmZwLv iRgnxYJ+lO4RhCeabD/WEMXEV97DWUekMOJmGmYobxbl9TqvsDqdcnFc65CmZSZYvbnY h14JfuxYHk1aGt4YUt5GR0pe88GRaYfPq6H3yhufBSNJBFfNlZlazuq8L2HBW3FkBo2k JieA== X-Gm-Message-State: AJIora9RSI89n0jtc6WWrjxg7OmIuHTVZfsCQfGigVsqbluqmm88wyni xyPJgGUhFefzcyRDj35U+mJyH/bMjpwOmQ== X-Received: by 2002:a17:903:11c9:b0:16b:8293:c599 with SMTP id q9-20020a17090311c900b0016b8293c599mr39171709plh.136.1657000141453; Mon, 04 Jul 2022 22:49:01 -0700 (PDT) Received: from localhost.localdomain ([2400:4050:c3e1:100:8c42:b67b:3e2f:7653]) by smtp.gmail.com with ESMTPSA id a5-20020a1709027e4500b0016784c93f23sm22149390pln.197.2022.07.04.22.48.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:00 -0700 (PDT) From: AKASHI Takahiro To: xypron.glpk@gmx.de Cc: ilias.apalodimas@linaro.org, baocheng.su@siemens.com, jan.kiszka@siemens.com, u-boot@lists.denx.de, AKASHI Takahiro Subject: [PATCH 1/5] lib: crypto: add mscode_parser Date: Tue, 5 Jul 2022 14:48:11 +0900 Message-Id: <20220705054815.30318-2-takahiro.akashi@linaro.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220705054815.30318-1-takahiro.akashi@linaro.org> References: <20220705054815.30318-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean In MS authenticode, pkcs7 should have data in its contentInfo field. This data is tagged with SpcIndirectData type and, for a signed PE image, provides a image's message digest as SpcPeImageData. This parser is used in image authentication to parse the field and retrieve a message digest. Imported from linux v5.19-rc, crypto/asymmetric_keys/mscode*. Checkpatch.pl generates tones of warnings, but those are not fixed for the sake of maintainability (importing from another source). Signed-off-by: AKASHI Takahiro --- include/crypto/mscode.h | 43 ++++++++++++ lib/crypto/Kconfig | 9 +++ lib/crypto/Makefile | 12 ++++ lib/crypto/mscode.asn1 | 28 ++++++++ lib/crypto/mscode_parser.c | 135 +++++++++++++++++++++++++++++++++++++ 5 files changed, 227 insertions(+) create mode 100644 include/crypto/mscode.h create mode 100644 lib/crypto/mscode.asn1 create mode 100644 lib/crypto/mscode_parser.c diff --git a/include/crypto/mscode.h b/include/crypto/mscode.h new file mode 100644 index 000000000000..551058b96e60 --- /dev/null +++ b/include/crypto/mscode.h @@ -0,0 +1,43 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* PE Binary parser bits + * + * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + */ + +#include +#ifndef __UBOOT__ +#include +#endif + +struct pefile_context { +#ifndef __UBOOT__ + unsigned header_size; + unsigned image_checksum_offset; + unsigned cert_dirent_offset; + unsigned n_data_dirents; + unsigned n_sections; + unsigned certs_size; + unsigned sig_offset; + unsigned sig_len; + const struct section_header *secs; +#endif + + /* PKCS#7 MS Individual Code Signing content */ + const void *digest; /* Digest */ + unsigned digest_len; /* Digest length */ + const char *digest_algo; /* Digest algorithm */ +}; + +#ifndef __UBOOT__ +#define kenter(FMT, ...) \ + pr_devel("==> %s("FMT")\n", __func__, ##__VA_ARGS__) +#define kleave(FMT, ...) \ + pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__) +#endif + +/* + * mscode_parser.c + */ +extern int mscode_parse(void *_ctx, const void *content_data, size_t data_len, + size_t asn1hdrlen); diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig index 1c04a7ec5f48..c3f563b2e174 100644 --- a/lib/crypto/Kconfig +++ b/lib/crypto/Kconfig @@ -82,4 +82,13 @@ config PKCS7_MESSAGE_PARSER config PKCS7_VERIFY bool +config MSCODE_PARSER + bool "MS authenticode parser" + select ASN1_DECODER + select ASN1_COMPILER + select OID_REGISTRY + help + This option provides support for parsing MicroSoft's Authenticode + in pkcs7 message. + endif # ASYMMETRIC_KEY_TYPE diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index 6792b1d4f007..bec1bc95a658 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -55,3 +55,15 @@ obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o $(obj)/pkcs7_parser.o: $(obj)/pkcs7.asn1.h $(obj)/pkcs7.asn1.o: $(obj)/pkcs7.asn1.c $(obj)/pkcs7.asn1.h + +# +# Signed PE binary-wrapped key handling +# +obj-$(CONFIG_$(SPL_)MSCODE_PARSER) += mscode.o + +mscode-y := \ + mscode_parser.o \ + mscode.asn1.o + +$(obj)/mscode_parser.o: $(obj)/mscode.asn1.h $(obj)/mscode.asn1.h +$(obj)/mscode.asn1.o: $(obj)/mscode.asn1.c $(obj)/mscode.asn1.h diff --git a/lib/crypto/mscode.asn1 b/lib/crypto/mscode.asn1 new file mode 100644 index 000000000000..6d09ba48c41c --- /dev/null +++ b/lib/crypto/mscode.asn1 @@ -0,0 +1,28 @@ +--- Microsoft individual code signing data blob parser +--- +--- Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. +--- Written by David Howells (dhowells@redhat.com) +--- +--- This program is free software; you can redistribute it and/or +--- modify it under the terms of the GNU General Public Licence +--- as published by the Free Software Foundation; either version +--- 2 of the Licence, or (at your option) any later version. +--- + +MSCode ::= SEQUENCE { + type SEQUENCE { + contentType ContentType, + parameters ANY + }, + content SEQUENCE { + digestAlgorithm DigestAlgorithmIdentifier, + digest OCTET STRING ({ mscode_note_digest }) + } +} + +ContentType ::= OBJECT IDENTIFIER ({ mscode_note_content_type }) + +DigestAlgorithmIdentifier ::= SEQUENCE { + algorithm OBJECT IDENTIFIER ({ mscode_note_digest_algo }), + parameters ANY OPTIONAL +} diff --git a/lib/crypto/mscode_parser.c b/lib/crypto/mscode_parser.c new file mode 100644 index 000000000000..90d5b37a6cf2 --- /dev/null +++ b/lib/crypto/mscode_parser.c @@ -0,0 +1,135 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* Parse a Microsoft Individual Code Signing blob + * + * Copyright (C) 2014 Red Hat, Inc. All Rights Reserved. + * Written by David Howells (dhowells@redhat.com) + */ + +#define pr_fmt(fmt) "MSCODE: "fmt +#include +#ifndef __UBOOT__ +#include +#endif +#include +#include +#include +#ifdef __UBOOT__ +#include +#else +#include "verify_pefile.h" +#endif +#include "mscode.asn1.h" + +/* + * Parse a Microsoft Individual Code Signing blob + */ +int mscode_parse(void *_ctx, const void *content_data, size_t data_len, + size_t asn1hdrlen) +{ + struct pefile_context *ctx = _ctx; + + content_data -= asn1hdrlen; + data_len += asn1hdrlen; + pr_devel("Data: %zu [%*ph]\n", data_len, (unsigned)(data_len), + content_data); + + return asn1_ber_decoder(&mscode_decoder, ctx, content_data, data_len); +} + +/* + * Check the content type OID + */ +int mscode_note_content_type(void *context, size_t hdrlen, + unsigned char tag, + const void *value, size_t vlen) +{ + enum OID oid; + + oid = look_up_OID(value, vlen); + if (oid == OID__NR) { + char buffer[50]; + + sprint_oid(value, vlen, buffer, sizeof(buffer)); + pr_err("Unknown OID: %s\n", buffer); + return -EBADMSG; + } + + /* + * pesign utility had a bug where it was putting + * OID_msIndividualSPKeyPurpose instead of OID_msPeImageDataObjId + * So allow both OIDs. + */ + if (oid != OID_msPeImageDataObjId && + oid != OID_msIndividualSPKeyPurpose) { + pr_err("Unexpected content type OID %u\n", oid); + return -EBADMSG; + } + + return 0; +} + +/* + * Note the digest algorithm OID + */ +int mscode_note_digest_algo(void *context, size_t hdrlen, + unsigned char tag, + const void *value, size_t vlen) +{ + struct pefile_context *ctx = context; + char buffer[50]; + enum OID oid; + + oid = look_up_OID(value, vlen); + switch (oid) { + case OID_md4: + ctx->digest_algo = "md4"; + break; + case OID_md5: + ctx->digest_algo = "md5"; + break; + case OID_sha1: + ctx->digest_algo = "sha1"; + break; + case OID_sha256: + ctx->digest_algo = "sha256"; + break; + case OID_sha384: + ctx->digest_algo = "sha384"; + break; + case OID_sha512: + ctx->digest_algo = "sha512"; + break; + case OID_sha224: + ctx->digest_algo = "sha224"; + break; + + case OID__NR: + sprint_oid(value, vlen, buffer, sizeof(buffer)); + pr_err("Unknown OID: %s\n", buffer); + return -EBADMSG; + + default: + pr_err("Unsupported content type: %u\n", oid); + return -ENOPKG; + } + + return 0; +} + +/* + * Note the digest we're guaranteeing with this certificate + */ +int mscode_note_digest(void *context, size_t hdrlen, + unsigned char tag, + const void *value, size_t vlen) +{ + struct pefile_context *ctx = context; + + ctx->digest = kmemdup(value, vlen, GFP_KERNEL); + if (!ctx->digest) + return -ENOMEM; + + ctx->digest_len = vlen; + + return 0; +} From patchwork Tue Jul 5 05:48:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 587432 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:1ec:0:0:0:0 with SMTP id 12csp1446706map; Mon, 4 Jul 2022 22:49:30 -0700 (PDT) X-Google-Smtp-Source: AGRyM1suWsQfwaWkfLp5g6xds9OaYsS5GXCqabAuDpJ0PvkeoJHSdlCy0PKVOWNspn3rTwtmL9F0 X-Received: by 2002:a05:6512:3b98:b0:47f:9660:9a9a with SMTP id g24-20020a0565123b9800b0047f96609a9amr20807384lfv.528.1657000169936; Mon, 04 Jul 2022 22:49:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657000169; cv=none; d=google.com; s=arc-20160816; b=xA45+bec+U5y4adOD5lpo4K0oJzQ7xbP3/skmWw7N7nI7wLk4wefcHcyRgQhm0f4Pe 18A9Tlnq65BPernH0vlqHAHJJSIlma03G3aB6hQkvkOAHPzdavLhKhmvyXSkEwh8paEd 35JmLBnlCPcK/Ks3VUglBuUKQ0viLIcCU4iB5CV29O3VY6bBZJIwRPCr0HzMNdYPcErC PDrXDiCOO2BnmXwk4rBOWDfpyTiS97A2ykUzEhSnzmqVwVqejciZeUci91awypYAqeE4 5yYUtu8lgc2ABJfA0tY/rSEq+KtMJxl7T9sR8KnG6cz8EP8wzEDEtfgplcbwtR1PeBER 5F9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=+KSH3zrucvGH8AyzxveQg5uge2mEfgO1NqvLyBLW37c=; b=EsV5Tb+b+FsDZDRtBwNH6kBaVBkpCq2atbCE+ZaxxI1GqCho0emlyF/KX79tAgMl23 cQYYtlfFl4xjWxlYIUnIwnK/ZvYewjnBJZ9xtkSOuuItYt+g9dHrP9hxMmCMplptdHvL ag5+YMcNk2ET/hcK2/qVh2gayIl9wJaInOTT/OMjThegLnBj2+jJ6zMcX4dr79TLn89n 1Bht/YCXMeSlYLmwjmwEHApQuiP8GDFM3H68Z1iUtr5Dm5s+V4qaHFBddOweIlukyGBY TEHVgHhcQfqe/chSz3Ok0fjWcDrSzM58Mxl+okjNcTD0sEHz2jrBm/bwK+eYq1wHQB/8 A9qg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=f17xTMVo; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id r17-20020a2eb891000000b002558b4cffedsi37101337ljp.327.2022.07.04.22.49.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:29 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=f17xTMVo; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 2EE4D84512; Tue, 5 Jul 2022 07:49:13 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="f17xTMVo"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 9E2E98451A; Tue, 5 Jul 2022 07:49:08 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id EF83584512 for ; Tue, 5 Jul 2022 07:49:05 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pf1-x42c.google.com with SMTP id y141so10564771pfb.7 for ; Mon, 04 Jul 2022 22:49:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=+KSH3zrucvGH8AyzxveQg5uge2mEfgO1NqvLyBLW37c=; b=f17xTMVobHY8UQ/Knmt5qTxgwHHVrHGTqjgvwOob8hS+1rK2CdM4iwtDvvsqOn42Uz xboAqdA8QQsSUx3vRmeVV5N1tDw6dZIYgGgbT/3gWsR2YkCMhu4RdwqIIAPqe7ofLFA8 oXGbWQyhI7NgrAq+guj+l/aAECypaCpLYGyJNCfv5ne4oJuCgsnp8bb4Jk6hTKmX9IWg gCsuHDdMdsKnJ7b2NSftP3comDZUft/7Gb7FfezyjtuHGYUQSl6MtZNqQqQL+Spi/Ura 9a2jxtQdCuukEzAn6gDNLQhxLAm9A32+XA4inEifAdTfLZgl2IC14lKNroiInyWdUSgd UE6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+KSH3zrucvGH8AyzxveQg5uge2mEfgO1NqvLyBLW37c=; b=pT5MXO7lJmJzm14UQtln+nZ5fJHgKd854zfZxKLSRXuGKErJ4tVsIQ+LqaFoZMfa6o u75UkoNQWvN4DkPh1/gbSZCFAMW6mNJdG+/DGDdVmyq/HFJYRnf4zxlLmFAAaVRQVhYj E4TF4qwCsv4Gfk7GOhLck4JF+5s1s6uodBkBhcKEhSTIesVIyf+7fTt8kNvTTayAuqI/ 1kKnDooH0QBXrRBphsycC2CQKcsMxTLnxNd4sLW7JnbS/FHPWpg/OurZQP4mpUy5R13u RNEpcKvthDqRc13JbnnS0xYCbaI6hgEMi0nRWfPVDWBbMcFlKOkXZByS0W0RVcTa+g4g Gd4w== X-Gm-Message-State: AJIora/1en0WAusGZxXdNHg1oxuzjSjdl6hSsOUwutjp2RB/zQMXdDY1 TTL98BACTWDqEGDpL3YJSyhiHw== X-Received: by 2002:a05:6a00:c92:b0:525:8782:71f2 with SMTP id a18-20020a056a000c9200b00525878271f2mr39579459pfv.50.1657000144274; Mon, 04 Jul 2022 22:49:04 -0700 (PDT) Received: from localhost.localdomain ([2400:4050:c3e1:100:8c42:b67b:3e2f:7653]) by smtp.gmail.com with ESMTPSA id a5-20020a1709027e4500b0016784c93f23sm22149390pln.197.2022.07.04.22.49.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:03 -0700 (PDT) From: AKASHI Takahiro To: xypron.glpk@gmx.de Cc: ilias.apalodimas@linaro.org, baocheng.su@siemens.com, jan.kiszka@siemens.com, u-boot@lists.denx.de, AKASHI Takahiro Subject: [PATCH 2/5] efi_loader: signature: export efi_hash_regions() Date: Tue, 5 Jul 2022 14:48:12 +0900 Message-Id: <20220705054815.30318-3-takahiro.akashi@linaro.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220705054815.30318-1-takahiro.akashi@linaro.org> References: <20220705054815.30318-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean This function is used to calculate a message digest as part of authentication process in a later patch. Signed-off-by: AKASHI Takahiro --- include/efi_loader.h | 2 ++ lib/efi_loader/efi_signature.c | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/include/efi_loader.h b/include/efi_loader.h index c1e00ebac398..11930fbea838 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -931,6 +931,8 @@ struct efi_signature_store { struct x509_certificate; struct pkcs7_message; +bool efi_hash_regions(struct image_region *regs, int count, + void **hash, const char *hash_algo, int *len); bool efi_signature_lookup_digest(struct efi_image_regions *regs, struct efi_signature_store *db, bool dbx); diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c index ddac751d128e..742d8919402c 100644 --- a/lib/efi_loader/efi_signature.c +++ b/lib/efi_loader/efi_signature.c @@ -125,8 +125,8 @@ struct pkcs7_message *efi_parse_pkcs7_header(const void *buf, * * Return: true on success, false on error */ -static bool efi_hash_regions(struct image_region *regs, int count, - void **hash, const char *hash_algo, int *len) +bool efi_hash_regions(struct image_region *regs, int count, + void **hash, const char *hash_algo, int *len) { int ret, hash_len; From patchwork Tue Jul 5 05:48:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 587433 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:1ec:0:0:0:0 with SMTP id 12csp1446794map; Mon, 4 Jul 2022 22:49:39 -0700 (PDT) X-Google-Smtp-Source: AGRyM1s6VfMZSwuqzMkmZrPRUR71SXmgc+sgxyn8nelCXqz3TgtAk5om+CaZ05n6d9usxSITKxWC X-Received: by 2002:a05:6512:2524:b0:47f:b0d9:d096 with SMTP id be36-20020a056512252400b0047fb0d9d096mr20757040lfb.243.1657000179264; Mon, 04 Jul 2022 22:49:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657000179; cv=none; d=google.com; s=arc-20160816; b=N2DxLCTpWBCBRCOS2V9twg2iaRmaD1tjtWOJrPKmqi6M+svfrHbb8WwthPU+7wePeH 6SQXzOrXcG/n28ZAZQZLmz93xcVpmFLaU3cotOZGMFZMLMDBrvv45ZQbYQYPZE8ndKEJ EgbgJkVcJPUwMQWSIT/iJAaPoeURJKGtPvhWrZM30J1Cz9fRCfSy5chc2F7rG/WOwSgR cA15/x66ADrxbrmhi1qCW3dkmRHEcWBNNF8y/toBOpF61kJoyAdwu89A5EDlQ3jD/uvX poDhZuwVT2svCDsOrz97PrExX+8U7qN+JkckYpQwNEUfOBZML2gDXWNKYJCBas38NBJi sVPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=gn37kIi0eLNlo9l4VQMoB8+bXD/KJElKNvzFUvdQC68=; b=drTVGpT9CI8LNkuR+PgyQjcjGD+UcQVsF5/ftl3Ydene+2bP9142SicXhQx6xAYpTa PfF+xZT785igjAqSmASDCmhsrrDV+TWz+qVHnmXO1HDoGZJn7LLYoqMIXYKHJULPcnve fWvlN8HIW0y5yrKn+SXjm4NzTgPYwqnF0kxbSUEgt8ioZyiF/LXHTmZoJgP3Kc8HswK3 whZhkLJ2WI0PrZqEAANBLX4cdh5JfCqtHHgOF/fIPPrhl592G7mHZHzwfbeoiEfw7D4N BrZ08oG+aMl0N8B0bjmV9LSAbG5bpG49UnMnVBncKaYtrfXpHiQpk7nBt1EQqGXYw5pt YZQw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=K56u1gVP; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id o5-20020a05651c050500b0025aa01eb94csi5272862ljp.391.2022.07.04.22.49.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:39 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=K56u1gVP; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id A0D078451D; Tue, 5 Jul 2022 07:49:15 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="K56u1gVP"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 2F40E84516; Tue, 5 Jul 2022 07:49:12 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x52f.google.com (mail-pg1-x52f.google.com [IPv6:2607:f8b0:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id D255C84512 for ; Tue, 5 Jul 2022 07:49:08 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pg1-x52f.google.com with SMTP id o18so9317559pgu.9 for ; Mon, 04 Jul 2022 22:49:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=gn37kIi0eLNlo9l4VQMoB8+bXD/KJElKNvzFUvdQC68=; b=K56u1gVPDXfKQCSOhbM5l9zUWg7BhE+2/r1EfNc4OTyjb0Hpa0FkIlt6+v5eMS1YSr Tl8NI+MPROcbZ0Zpmuiq4xanat9jJpikPLuXWdXsMhwS+tZeFxE3SzoLOtJjSKbk1Hif xgyQ+XlR1y46aSV+YpXz+uImragxtIdXb1vrb1ywuIDoNtFj3/DZB4SIpuXbg69hb7On //q9K3XqSgB/nJVZrFYXf8n0C5kWAHFYXn4SoBnX0zUTQC8CmWhevZ/Tpm7OU6oAJWOC rLR9KP6/rTy+OTIz/DxFigjc2pmLmuvlDPDUuu79ocTO1yIDofjuc1ypZmkKGjXifLDE +cbg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=gn37kIi0eLNlo9l4VQMoB8+bXD/KJElKNvzFUvdQC68=; b=qjqHcbXGnk5mohLo/SRCNRoHhh/vR427yjghtO3DhD1IM+Xd65b+gKx9tlMtYEgp+H HfWm2wUrifCp58OeM2nxSlVEKKCKHApZX7BKTY5uOK13QbvydsOPlaa260AdiRR1oiIx YJYmyaOhUKKxbuU9DEkbSkSg2SOZomb9AY4IEAOhl99uYNlZ6a6H2ZiaauhZ8sSJIH1N 1lsvKJcSIWUYEyr4SfnZfMvNAccTtd1+GYmkotL3RxSPiLzBFM2So5vMlgEmPKagnKFY wL1Syw3ZCTse9/AwnZXfhUPIzRxa/eMEC9cGqmLiFR3FKd4nDm/xOkwnRsCQNT2+moQ/ g2Sg== X-Gm-Message-State: AJIora+PhMQo+ceUNqAhK20zZ5DPxxz7C0QDk4uv1DRgx4U9TfUhDiHr 3L9lsFuGoeTZrWq+tfKQeHmzjg== X-Received: by 2002:a05:6a00:1a16:b0:528:692e:6637 with SMTP id g22-20020a056a001a1600b00528692e6637mr9159344pfv.69.1657000147060; Mon, 04 Jul 2022 22:49:07 -0700 (PDT) Received: from localhost.localdomain ([2400:4050:c3e1:100:8c42:b67b:3e2f:7653]) by smtp.gmail.com with ESMTPSA id a5-20020a1709027e4500b0016784c93f23sm22149390pln.197.2022.07.04.22.49.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:06 -0700 (PDT) From: AKASHI Takahiro To: xypron.glpk@gmx.de Cc: ilias.apalodimas@linaro.org, baocheng.su@siemens.com, jan.kiszka@siemens.com, u-boot@lists.denx.de, AKASHI Takahiro Subject: [PATCH 3/5] efi_loader: image_loader: replace EFI_PRINT with log macros Date: Tue, 5 Jul 2022 14:48:13 +0900 Message-Id: <20220705054815.30318-4-takahiro.akashi@linaro.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220705054815.30318-1-takahiro.akashi@linaro.org> References: <20220705054815.30318-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Now We are migrating from EFI_PRINT() to log macro's. Signed-off-by: AKASHI Takahiro --- lib/efi_loader/efi_image_loader.c | 54 +++++++++++++++---------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c index 961139888504..fe8e4a89082c 100644 --- a/lib/efi_loader/efi_image_loader.c +++ b/lib/efi_loader/efi_image_loader.c @@ -238,7 +238,7 @@ efi_status_t efi_image_region_add(struct efi_image_regions *regs, int i, j; if (regs->num >= regs->max) { - EFI_PRINT("%s: no more room for regions\n", __func__); + log_err("%s: no more room for regions\n", __func__); return EFI_OUT_OF_RESOURCES; } @@ -263,7 +263,7 @@ efi_status_t efi_image_region_add(struct efi_image_regions *regs, } /* new data overlapping registered region */ - EFI_PRINT("%s: new region already part of another\n", __func__); + log_err("%s: new region already part of another\n", __func__); return EFI_INVALID_PARAMETER; } @@ -434,8 +434,8 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp, bytes_hashed = opt->SizeOfHeaders; align = opt->FileAlignment; } else { - EFI_PRINT("%s: Invalid optional header magic %x\n", __func__, - nt->OptionalHeader.Magic); + log_err("%s: Invalid optional header magic %x\n", __func__, + nt->OptionalHeader.Magic); goto err; } @@ -445,7 +445,7 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp, nt->FileHeader.SizeOfOptionalHeader); sorted = calloc(sizeof(IMAGE_SECTION_HEADER *), num_sections); if (!sorted) { - EFI_PRINT("%s: Out of memory\n", __func__); + log_err("%s: Out of memory\n", __func__); goto err; } @@ -464,7 +464,7 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp, efi_image_region_add(regs, efi + sorted[i]->PointerToRawData, efi + sorted[i]->PointerToRawData + size, 0); - EFI_PRINT("section[%d](%s): raw: 0x%x-0x%x, virt: %x-%x\n", + log_debug("section[%d](%s): raw: 0x%x-0x%x, virt: %x-%x\n", i, sorted[i]->Name, sorted[i]->PointerToRawData, sorted[i]->PointerToRawData + size, @@ -478,7 +478,7 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp, /* 3. Extra data excluding Certificates Table */ if (bytes_hashed + authsz < len) { - EFI_PRINT("extra data for hash: %zu\n", + log_debug("extra data for hash: %zu\n", len - (bytes_hashed + authsz)); efi_image_region_add(regs, efi + bytes_hashed, efi + len - authsz, 0); @@ -487,18 +487,18 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp, /* Return Certificates Table */ if (authsz) { if (len < authoff + authsz) { - EFI_PRINT("%s: Size for auth too large: %u >= %zu\n", - __func__, authsz, len - authoff); + log_err("%s: Size for auth too large: %u >= %zu\n", + __func__, authsz, len - authoff); goto err; } if (authsz < sizeof(*auth)) { - EFI_PRINT("%s: Size for auth too small: %u < %zu\n", - __func__, authsz, sizeof(*auth)); + log_err("%s: Size for auth too small: %u < %zu\n", + __func__, authsz, sizeof(*auth)); goto err; } *auth = efi + authoff; *auth_len = authsz; - EFI_PRINT("WIN_CERTIFICATE: 0x%x, size: 0x%x\n", authoff, + log_debug("WIN_CERTIFICATE: 0x%x, size: 0x%x\n", authoff, authsz); } else { *auth = NULL; @@ -549,7 +549,7 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) size_t auth_size; bool ret = false; - EFI_PRINT("%s: Enter, %d\n", __func__, ret); + log_debug("%s: Enter, %d\n", __func__, ret); if (!efi_secure_boot_enabled()) return true; @@ -560,7 +560,7 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) if (!efi_image_parse(new_efi, efi_size, ®s, &wincerts, &wincerts_len)) { - EFI_PRINT("Parsing PE executable image failed\n"); + log_err("Parsing PE executable image failed\n"); goto out; } @@ -569,18 +569,18 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) */ db = efi_sigstore_parse_sigdb(u"db"); if (!db) { - EFI_PRINT("Getting signature database(db) failed\n"); + log_err("Getting signature database(db) failed\n"); goto out; } dbx = efi_sigstore_parse_sigdb(u"dbx"); if (!dbx) { - EFI_PRINT("Getting signature database(dbx) failed\n"); + log_err("Getting signature database(dbx) failed\n"); goto out; } if (efi_signature_lookup_digest(regs, dbx, true)) { - EFI_PRINT("Image's digest was found in \"dbx\"\n"); + log_debug("Image's digest was found in \"dbx\"\n"); goto out; } @@ -602,12 +602,12 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) break; if (wincert->dwLength <= sizeof(*wincert)) { - EFI_PRINT("dwLength too small: %u < %zu\n", + log_debug("dwLength too small: %u < %zu\n", wincert->dwLength, sizeof(*wincert)); continue; } - EFI_PRINT("WIN_CERTIFICATE_TYPE: 0x%x\n", + log_debug("WIN_CERTIFICATE_TYPE: 0x%x\n", wincert->wCertificateType); auth = (u8 *)wincert + sizeof(*wincert); @@ -617,12 +617,12 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) break; if (auth_size <= sizeof(efi_guid_t)) { - EFI_PRINT("dwLength too small: %u < %zu\n", + log_debug("dwLength too small: %u < %zu\n", wincert->dwLength, sizeof(*wincert)); continue; } if (guidcmp(auth, &efi_guid_cert_type_pkcs7)) { - EFI_PRINT("Certificate type not supported: %pUs\n", + log_debug("Certificate type not supported: %pUs\n", auth); ret = false; goto out; @@ -632,14 +632,14 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) auth_size -= sizeof(efi_guid_t); } else if (wincert->wCertificateType != WIN_CERT_TYPE_PKCS_SIGNED_DATA) { - EFI_PRINT("Certificate type not supported\n"); + log_debug("Certificate type not supported\n"); ret = false; goto out; } msg = pkcs7_parse_message(auth, auth_size); if (IS_ERR(msg)) { - EFI_PRINT("Parsing image's signature failed\n"); + log_err("Parsing image's signature failed\n"); msg = NULL; continue; } @@ -666,13 +666,13 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) /* try black-list first */ if (efi_signature_verify_one(regs, msg, dbx)) { ret = false; - EFI_PRINT("Signature was rejected by \"dbx\"\n"); + log_debug("Signature was rejected by \"dbx\"\n"); goto out; } if (!efi_signature_check_signers(msg, dbx)) { ret = false; - EFI_PRINT("Signer(s) in \"dbx\"\n"); + log_debug("Signer(s) in \"dbx\"\n"); goto out; } @@ -682,7 +682,7 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) continue; } - EFI_PRINT("Signature was not verified by \"db\"\n"); + log_debug("Signature was not verified by \"db\"\n"); } @@ -698,7 +698,7 @@ out: if (new_efi != efi) free(new_efi); - EFI_PRINT("%s: Exit, %d\n", __func__, ret); + log_debug("%s: Exit, %d\n", __func__, ret); return ret; } #else From patchwork Tue Jul 5 05:48:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 587434 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:1ec:0:0:0:0 with SMTP id 12csp1446892map; Mon, 4 Jul 2022 22:49:54 -0700 (PDT) X-Google-Smtp-Source: AGRyM1v1s5jOcJu2A87xg8MB2yLLjKRbgpqgkNQzsYMUjRyxLN8AksBwpWwq8LevBTOJj1TYnjlo X-Received: by 2002:a2e:3014:0:b0:25d:ff3:7ceb with SMTP id w20-20020a2e3014000000b0025d0ff37cebmr9149084ljw.174.1657000189983; Mon, 04 Jul 2022 22:49:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657000189; cv=none; d=google.com; s=arc-20160816; b=qeHQOeE42+H6i5Ez8BcKUYZpGkvnYlmBvHdv0uiWqZV9RHJeZNVopz4SV5MUM4gjqI fiGV2CjUHnmCjmPKxgifoiJWjbSHHvKKmzdAKAFDL43Ot+/gOQXZ0mEmKKJ3EKRZpBes FNliLoZ19W8pSEf8qfgYM/MG6derviYGFEoTLqVsnEx8z7MAS7/1ZFgORovIWu/UqjSt 08bMXLseKnNb4NsrcE7fpLdO3hOVimNERleatS98YwhlPyhhpALpnge9OuOE+p3yilMt QWINnUBc7WGF54WnR2x1Bf9Lh3943n+eS/NlOM5VzGGg365yWsEFVmMlMso5bp4UQ39w ATHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=qlnhglNwfMVc9WuLCqFMjz3KZDLJI+URgVQfGqOt6Ts=; b=uJncUfxVE7OyiLCyA2mRZ+FgPyx0KlsJreGHlBQftyL8ErxxTuqZHLoaEHEe3wWKF/ 8LyTOsEsJdN71orDtwJslpM9BlURNyT7EH/ws/8NJhGFo3hBoxYTSzZ8qoqDubRUT8ny 29o+ch3C+99wccKOrwgDDhELvnl2XMcMUZKfotPG0mVq11BHX+iqCjzvi6O78soXJKne FQfxGN4sxXcenSfCR7rN7iaDK6D0SxbEBiOhcVmPVTdsFvw+XtbR504ZE/cdf4o927YO lbgAuDtI68Z0zCwfMX1yAc0SKCXDHRKn4um+tcUmFV//v5XbTbx0RrxPne8TMxsiorOd tv+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="y9dl/zPR"; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id bj20-20020a2eaa94000000b0025d164777casi7574919ljb.545.2022.07.04.22.49.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:49 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="y9dl/zPR"; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id BE8FD84517; Tue, 5 Jul 2022 07:49:17 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="y9dl/zPR"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 7CF3984510; Tue, 5 Jul 2022 07:49:14 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x532.google.com (mail-pg1-x532.google.com [IPv6:2607:f8b0:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 57C0284510 for ; Tue, 5 Jul 2022 07:49:11 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pg1-x532.google.com with SMTP id g4so10521529pgc.1 for ; Mon, 04 Jul 2022 22:49:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=qlnhglNwfMVc9WuLCqFMjz3KZDLJI+URgVQfGqOt6Ts=; b=y9dl/zPRpCeB6CRLhkm5msaif5hTLxKSZJUbqfYMaJlIZMZHowD7nup1mmOkW0HuBr phKI1hIdLWieAA4gwXYojaCks/vA89qkwl/Z5WXd90SSafCk4shnpYnIOfcTQFo8V62Q FnSj9OFNUlfumOpeApN72+Vyolsxg1BK0ocEVMsOaVcTyAdTJJgPESoPOprUSy3FwSu0 G1pRXCEekA61xZ5YQVilftTVHnS3kbSByeS92cy2cqpkrPFOdHzyWVWJ4QF5g7b+sSHT v5v4/3aW7TPqlW1Q7yhdh7pOZ3TJClpreo6BAXRFBYRMoTDfSOFXpvoYyUiqI7Wo8iK7 guSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=qlnhglNwfMVc9WuLCqFMjz3KZDLJI+URgVQfGqOt6Ts=; b=yvXKg1KqT++RdC75KBUhuEo9iuFPs+SO6eL0UBdFP4Qr8TI1zY8qOR1Kl34+SZ50K5 86C39X+KNCBKu5mcS6TLhscM99CBXE4Gmo1JIweruHkDDqAdVRwVn2mdzVbnWyP9Xc/H MLYHGCmK13CetjIZ2MlK8REShWRwMuaboyE2xIjf73l8QvfqX6aHSSVHgNxWpXs+2i9E 9tHuHvIuCTI9Wt3CDMZMeBpjL/vxhboyaPYSBeAUKfrEsgzr+3QsfmD/y5muSaM2/eBC jwj7cXRx+ruO0o8F684m2u2OhVQFbRQ29yobsmFv7iDLdyDrStkYGOMTQWW/PrSAmJal IDyA== X-Gm-Message-State: AJIora9zhqJohjv53xt72PauaDZX4M1rqnz6scNDjHH3tb/i5yjeDy6U wfvKfSaPrvLyfzH2CvozG/FlAg== X-Received: by 2002:a63:371a:0:b0:40c:9a2e:7799 with SMTP id e26-20020a63371a000000b0040c9a2e7799mr29369633pga.113.1657000149709; Mon, 04 Jul 2022 22:49:09 -0700 (PDT) Received: from localhost.localdomain ([2400:4050:c3e1:100:8c42:b67b:3e2f:7653]) by smtp.gmail.com with ESMTPSA id a5-20020a1709027e4500b0016784c93f23sm22149390pln.197.2022.07.04.22.49.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:09 -0700 (PDT) From: AKASHI Takahiro To: xypron.glpk@gmx.de Cc: ilias.apalodimas@linaro.org, baocheng.su@siemens.com, jan.kiszka@siemens.com, u-boot@lists.denx.de, AKASHI Takahiro Subject: [PATCH 4/5] efi_loader: image_loader: add a missing digest verification for signed PE image Date: Tue, 5 Jul 2022 14:48:14 +0900 Message-Id: <20220705054815.30318-5-takahiro.akashi@linaro.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220705054815.30318-1-takahiro.akashi@linaro.org> References: <20220705054815.30318-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean At the last step of PE image authentication, an image's hash value must be compared with a message digest stored as the content (of SpcPeImageData type) of pkcs7's contentInfo. Fixes: commit 4540dabdcaca ("efi_loader: image_loader: support image authentication") Signed-off-by: AKASHI Takahiro --- lib/efi_loader/Kconfig | 1 + lib/efi_loader/efi_image_loader.c | 62 ++++++++++++++++++++++++++++++- 2 files changed, 61 insertions(+), 2 deletions(-) diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index e2a1a5a69a24..e3f2402d0e8e 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -366,6 +366,7 @@ config EFI_SECURE_BOOT select X509_CERTIFICATE_PARSER select PKCS7_MESSAGE_PARSER select PKCS7_VERIFY + select MSCODE_PARSER select EFI_SIGNATURE_SUPPORT help Select this option to enable EFI secure boot support. diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c index fe8e4a89082c..eaf75a5803d4 100644 --- a/lib/efi_loader/efi_image_loader.c +++ b/lib/efi_loader/efi_image_loader.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #include @@ -516,6 +517,51 @@ err: } #ifdef CONFIG_EFI_SECURE_BOOT +/** + * efi_image_verify_digest - verify image's message digest + * @regs: Array of memory regions to digest + * @msg: Signature in pkcs7 structure + * + * @regs contains all the data in a PE image to digest. Calculate + * a hash value based on @regs and compare it with a messaged digest + * in the content (SpcPeImageData) of @msg's contentInfo. + * + * Return: true if verified, false if not + */ +static bool efi_image_verify_digest(struct efi_image_regions *regs, + struct pkcs7_message *msg) +{ + struct pefile_context ctx; + void *hash; + int hash_len, ret; + + const void *data; + size_t data_len; + size_t asn1hdrlen; + + /* get pkcs7's contentInfo */ + ret = pkcs7_get_content_data(msg, &data, &data_len, &asn1hdrlen); + if (ret < 0 || !data) + return false; + + /* parse data and retrieve a message digest into ctx */ + ret = mscode_parse(&ctx, data, data_len, asn1hdrlen); + if (ret < 0) + return false; + + /* calculate a hash value of PE image */ + hash = NULL; + if (!efi_hash_regions(regs->reg, regs->num, &hash, ctx.digest_algo, + &hash_len)) + return false; + + /* match the digest */ + if (ctx.digest_len != hash_len || memcmp(ctx.digest, hash, hash_len)) + return false; + + return true; +} + /** * efi_image_authenticate() - verify a signature of signed image * @efi: Pointer to image @@ -645,6 +691,9 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) } /* + * verify signatures in pkcs7's signedInfos which are + * to authenticate the integrity of pkcs7's contentInfo. + * * NOTE: * UEFI specification defines two signature types possible * in signature database: @@ -677,12 +726,21 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) } /* try white-list */ - if (efi_signature_verify(regs, msg, db, dbx)) { + if (!efi_signature_verify(regs, msg, db, dbx)) { + log_debug("Signature was not verified by \"db\"\n"); + continue; + } + + /* + * now calculate an image's hash value and compare it with + * a messaged digest embedded in pkcs7's contentInfo + */ + if (efi_image_verify_digest(regs, msg)) { ret = true; continue; } - log_debug("Signature was not verified by \"db\"\n"); + log_debug("Message digest doesn't match\n"); } From patchwork Tue Jul 5 05:48:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 587435 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:1ec:0:0:0:0 with SMTP id 12csp1446934map; Mon, 4 Jul 2022 22:50:00 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tg6HHH8xZ5KMjSCA3H5yht0nVODolQ4WBviloFJ9ui4T5mGr67ZodQb0sJwfQlUbeebiDp X-Received: by 2002:a2e:b94e:0:b0:25b:b99f:4f58 with SMTP id 14-20020a2eb94e000000b0025bb99f4f58mr17960379ljs.263.1657000199818; Mon, 04 Jul 2022 22:49:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657000199; cv=none; d=google.com; s=arc-20160816; b=xltgk3ZiO5sNoSD3dAGRFlHRKElDjsjS4wFKy1tfWNer7ou5RUB79NBw1KwAZJWVmT XFiFnrEKRU0AiAhcsjbivwNCNPWN2Z8v3WJt21loaR6Jf3IIZoAr7gP4yonEM6cKmEcQ yXo3Z6kwnjw1EX7qgjwN6KQoTj8kX7sx8fIcF1rkdxQtmD10ZvgxH9ye1wdWtabCQ9Xr NDhB1ZeaAhmB0ol/+e6P3Qd1gSqPM5D2xhJaBF13envcek35O74pEtq4MgCDDcQmaCZF aoOLdKch7bjCHosUhC1p+keri7RXzQUfgm5LHD2bKrtfpOGKMy++y4StSmJusQwpawsy 0ONg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=NCg1AMihsM2R/Y+Kq21gIqbZp1SpZmfFCFb+hOya/k0=; b=kpC5FsQ/xW2nhItqSMLCSoBbDel38vr6Kn+awWe4M7Fr7XsbLlhFu/AWMfvxRLLcyb FucQodRGBrUQjGQCSckzJXQAyQnqPPHhwcw3GNaLyQa27aeDprzX8mNQJ3CBIm/1fLhV DnOeGHUPcCFO41vgmL/81gP9n6JEXYUajH0cwCc0iuPMdnpOhfxHmwvMdoJq83ob/qav 2GAY1BfOMAJwhVzmnX+DjxjnEwfEQyXNh9ZGcYkR9M812eZM4E33V/3HPvzLNzD9l7qW vxZ4MyZzLJH3+4fMC6JdUbFfccG3efcLw233Wayb6FkRm895uygVhojYGuUla+UXdTGa a48w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=rs0FwX6X; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id j6-20020a2e3c06000000b0025bdea31706si9865245lja.608.2022.07.04.22.49.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:59 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=rs0FwX6X; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id AE68E8452B; Tue, 5 Jul 2022 07:49:19 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="rs0FwX6X"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 57B1F84525; Tue, 5 Jul 2022 07:49:17 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 359E984517 for ; Tue, 5 Jul 2022 07:49:14 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pg1-x536.google.com with SMTP id 68so10490708pgb.10 for ; Mon, 04 Jul 2022 22:49:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=NCg1AMihsM2R/Y+Kq21gIqbZp1SpZmfFCFb+hOya/k0=; b=rs0FwX6XrR5+at04Yuv05f7mStt8bJfGwRpGGofTXGcr6KQUplbpi8Vyaa4/tQYhU/ 51RhKiGIr0ei1rZTcnVcG6Jd/KM/6jNsSWr27RJeEP+18liUmSahPLU+lLHQ1WGPzPgX e5o97e8Tt13Ah0WUo+6yz6piuyHRljLA199GI0CSLFq1iW553EQn0bCA7CVeEaZmx1V8 +qKuX72P0vD35oFPlI3aE60DdgLsGVPNTx19+IqW8N/Pzcb7TYJgX0F1HRUeS5QHn47U VhJQQ059y1DBSsHEkWRb0mgh20xCEp79bgcmEM3r9vohlcdy6Sc/HJG+IDnViJz0NumD aCGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=NCg1AMihsM2R/Y+Kq21gIqbZp1SpZmfFCFb+hOya/k0=; b=1cYc60KWPspsp1Gs6IMQamg+AAE/S/rrI/KOYTxCy8FA2V/ogy1Xhmh0WPtA03Uw9b 58WWQ+pFccznj+GObFi+XiUYgZW01GCNuQKeHYSeQa9KvEbmI/UxIH30hblVnmtV9CNc pSQ/xJbp6eqbwMmk0sWx9CDsXQe2G1Qyx0YI3rBEhyk+bH6yCbfj1Ojm7QNW7lYbe6+w 9aCfh0d65Y3kTvd6w1iBmCqXPl5Tps71fFqwL2RuAwB7JOnUF52wHCm1efkfeX969F75 d5UOpSSQbtErMNP5NRSz1Ok2LrVewTF5nlat2ekw7cNx9Os+C93Y+PjCzYNYbwlsoGY6 cPug== X-Gm-Message-State: AJIora94WuEXKY89DnzLMdwZwoLAtLIRM0VdB76Z26bee7Fac5iq8G4I ZIqv7CxyLBunlDrefaicH1OX9g== X-Received: by 2002:a05:6a00:114f:b0:528:2c7a:634c with SMTP id b15-20020a056a00114f00b005282c7a634cmr23181683pfm.41.1657000152493; Mon, 04 Jul 2022 22:49:12 -0700 (PDT) Received: from localhost.localdomain ([2400:4050:c3e1:100:8c42:b67b:3e2f:7653]) by smtp.gmail.com with ESMTPSA id a5-20020a1709027e4500b0016784c93f23sm22149390pln.197.2022.07.04.22.49.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jul 2022 22:49:11 -0700 (PDT) From: AKASHI Takahiro To: xypron.glpk@gmx.de Cc: ilias.apalodimas@linaro.org, baocheng.su@siemens.com, jan.kiszka@siemens.com, u-boot@lists.denx.de, AKASHI Takahiro Subject: [PATCH 5/5] test/py: efi_secboot: add a test for a forged signed image Date: Tue, 5 Jul 2022 14:48:15 +0900 Message-Id: <20220705054815.30318-6-takahiro.akashi@linaro.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220705054815.30318-1-takahiro.akashi@linaro.org> References: <20220705054815.30318-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean In this test case, a image binary, helloworld.efi.signed, is willfully modified to print a corrupted message while the signature itself is unchanged. This binary must be rejected under secure boot mode. Signed-off-by: AKASHI Takahiro --- test/py/tests/test_efi_secboot/conftest.py | 3 ++ test/py/tests/test_efi_secboot/forge_image.sh | 5 +++ test/py/tests/test_efi_secboot/test_signed.py | 35 +++++++++++++++++++ 3 files changed, 43 insertions(+) create mode 100644 test/py/tests/test_efi_secboot/forge_image.sh diff --git a/test/py/tests/test_efi_secboot/conftest.py b/test/py/tests/test_efi_secboot/conftest.py index 8a53dabe5414..db6b8d301f85 100644 --- a/test/py/tests/test_efi_secboot/conftest.py +++ b/test/py/tests/test_efi_secboot/conftest.py @@ -105,6 +105,9 @@ def efi_boot_env(request, u_boot_config): # Sign already-signed image with another key check_call('cd %s; sbsign --key db1.key --cert db1.crt --output helloworld.efi.signed_2sigs helloworld.efi.signed' % mnt_point, shell=True) + # Create a corrupted signed image + check_call('cd %s; sh %s/test/py/tests/test_efi_secboot/forge_image.sh helloworld.efi.signed helloworld_forged.efi.signed' + % (mnt_point, u_boot_config.source_dir), shell=True) # Digest image check_call('cd %s; %shash-to-efi-sig-list helloworld.efi db_hello.hash; %ssign-efi-sig-list -t "2020-04-07" -c KEK.crt -k KEK.key db db_hello.hash db_hello.auth' % (mnt_point, EFITOOLS_PATH, EFITOOLS_PATH), diff --git a/test/py/tests/test_efi_secboot/forge_image.sh b/test/py/tests/test_efi_secboot/forge_image.sh new file mode 100644 index 000000000000..2465d10fa7b8 --- /dev/null +++ b/test/py/tests/test_efi_secboot/forge_image.sh @@ -0,0 +1,5 @@ +# SPDX-License-Identifier: GPL-2.0-or-later +#!/bin/sh + +replace_exp="s/H\0e\0l\0l\0o\0/h\0E\0L\0L\0O\0/g" +perl -p -e ${replace_exp} < $1 > $2 diff --git a/test/py/tests/test_efi_secboot/test_signed.py b/test/py/tests/test_efi_secboot/test_signed.py index 30b3fa4e701e..ca52e853d8f8 100644 --- a/test/py/tests/test_efi_secboot/test_signed.py +++ b/test/py/tests/test_efi_secboot/test_signed.py @@ -334,3 +334,38 @@ class TestEfiSignedImage(object): 'efidebug test bootmgr']) assert '\'HELLO\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output) + + def test_efi_signed_image_auth8(self, u_boot_console, efi_boot_env): + """ + Test Case 8 - Secure boot is in force, + Same as Test Case 2 but the image binary to be loaded + was willfully modified (forged) + Must be rejected. + """ + u_boot_console.restart_uboot() + disk_img = efi_boot_env + with u_boot_console.log.section('Test Case 8a'): + # Test Case 8a, Secure boot is not yet forced + output = u_boot_console.run_command_list([ + 'host bind 0 %s' % disk_img, + 'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld_forged.efi.signed -s ""', + 'efidebug boot next 1', + 'efidebug test bootmgr']) + assert('hELLO, world!' in ''.join(output)) + + with u_boot_console.log.section('Test Case 8b'): + # Test Case 8b, Install signature database and verify the image + output = u_boot_console.run_command_list([ + 'fatload host 0:1 4000000 db.auth', + 'setenv -e -nv -bs -rt -at -i 4000000:$filesize db', + 'fatload host 0:1 4000000 KEK.auth', + 'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK', + 'fatload host 0:1 4000000 PK.auth', + 'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK']) + assert 'Failed to set EFI variable' not in ''.join(output) + output = u_boot_console.run_command_list([ + 'efidebug boot next 1', + 'efidebug test bootmgr']) + assert(not 'hELLO, world!' in ''.join(output)) + assert('\'HELLO1\' failed' in ''.join(output)) + assert('efi_start_image() returned: 26' in ''.join(output))