[v4,03/14] crypto: Fix the logic to calculate hash with authattributes set

Message ID 20201230135712.5289-4-sughosh.ganu@linaro.org
State Accepted
Commit 4366a2440ae141c44d2041c92f3662016c6869e6
Headers show
Series
  • qemu: arm64: Add support for uefi capsule update on qemu arm platform
Related show

Commit Message

Sughosh Ganu Dec. 30, 2020, 1:57 p.m.
RFC 2315 Section 9.3 describes the message digesting process. The
digest calculated depends on whether the authenticated attributes are
present. In case of a scenario where the authenticated attributes are
present, the message digest that gets signed and is part of the pkcs7
message is computed from the auth attributes rather than the contents
field.

Check if the auth attributes are present, and if set, use the auth
attributes to compute the hash that would be compared with the
encrypted hash on the pkcs7 message.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>

---

Changes since V3: None

 lib/crypto/pkcs7_verify.c | 37 ++++++++++++++++++++++++++-----------
 1 file changed, 26 insertions(+), 11 deletions(-)

-- 
2.17.1

Patch

diff --git a/lib/crypto/pkcs7_verify.c b/lib/crypto/pkcs7_verify.c
index 320ba49f79..58683ef614 100644
--- a/lib/crypto/pkcs7_verify.c
+++ b/lib/crypto/pkcs7_verify.c
@@ -50,8 +50,15 @@  static int pkcs7_digest(struct pkcs7_message *pkcs7,
 	struct image_region regions[2];
 	int ret = 0;
 
-	/* The digest was calculated already. */
-	if (sig->digest)
+	/*
+	 * [RFC2315 9.3]
+	 * If the authenticated attributes are present,
+	 * the message-digest is calculated on the
+	 * attributes present in the
+	 * authenticatedAttributes field and not just
+	 * the contents field
+	 */
+	if (!sinfo->authattrs && sig->digest)
 		return 0;
 
 	if (!sinfo->sig->hash_algo)
@@ -63,17 +70,25 @@  static int pkcs7_digest(struct pkcs7_message *pkcs7,
 	else
 		return -ENOPKG;
 
-	sig->digest = calloc(1, sig->digest_size);
-	if (!sig->digest) {
-		pr_warn("Sig %u: Out of memory\n", sinfo->index);
-		return -ENOMEM;
-	}
+	/*
+	 * Calculate the hash only if the data is present.
+	 * In case of authenticated variable and capsule,
+	 * the hash has already been calculated on the
+	 * efi_image_regions and populated
+	 */
+	if (pkcs7->data) {
+		sig->digest = calloc(1, sig->digest_size);
+		if (!sig->digest) {
+			pr_warn("Sig %u: Out of memory\n", sinfo->index);
+			return -ENOMEM;
+		}
 
-	regions[0].data = pkcs7->data;
-	regions[0].size = pkcs7->data_len;
+		regions[0].data = pkcs7->data;
+		regions[0].size = pkcs7->data_len;
 
-	/* Digest the message [RFC2315 9.3] */
-	hash_calculate(sinfo->sig->hash_algo, regions, 1, sig->digest);
+		/* Digest the message [RFC2315 9.3] */
+		hash_calculate(sinfo->sig->hash_algo, regions, 1, sig->digest);
+	}
 
 	/* However, if there are authenticated attributes, there must be a
 	 * message digest attribute amongst them which corresponds to the