KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]

Provide five keyctl functions that permit userspace to make use of the new key type ops for accessing and driving asymmetric keys. (*) Query an asymmetric key. long keyctl(KEYCTL_PKEY_QUERY, key_serial_t key, unsigned long reserved, struct keyctl_pkey_query *info); Get information about an asymmetric key. The information is returned in the keyctl_pkey_query struct: __u32 supported_ops; A bit mask of flags indicating which ops are supported. This is constructed from a bitwise-OR of: KEYCTL_SUPPORTS_{ENCRYPT,DECRYPT,SIGN,VERIFY} __u32 key_size; The size in bits of the key. __u16 max_data_size; __u16 max_sig_size; __u16 max_enc_size; __u16 max_dec_size; The maximum sizes in bytes of a blob of data to be signed, a signature blob, a blob to be encrypted and a blob to be decrypted. reserved must be set to 0. This is intended for future use to hand over one or more passphrases needed unlock a key. If successful, 0 is returned. If the key is not an asymmetric key, EOPNOTSUPP is returned. (*) Encrypt, decrypt, sign or verify a blob using an asymmetric key. long keyctl(KEYCTL_PKEY_ENCRYPT, const struct keyctl_pkey_params *params, const char *info, const void *in, void *out); long keyctl(KEYCTL_PKEY_DECRYPT, const struct keyctl_pkey_params *params, const char *info, const void *in, void *out); long keyctl(KEYCTL_PKEY_SIGN, const struct keyctl_pkey_params *params, const char *info, const void *in, void *out); long keyctl(KEYCTL_PKEY_VERIFY, const struct keyctl_pkey_params *params, const char *info, const void *in, const void *in2); Use an asymmetric key to perform a public-key cryptographic operation a blob of data. The parameter block pointed to by params contains a number of integer values: __s32 key_id; __u32 in_len; __u32 out_len; __u32 in2_len; For a given operation, the in and out buffers are used as follows: Operation ID in,in_len out,out_len in2,in2_len ======================= =============== =============== =========== KEYCTL_PKEY_ENCRYPT Raw data Encrypted data - KEYCTL_PKEY_DECRYPT Encrypted data Raw data - KEYCTL_PKEY_SIGN Raw data Signature - KEYCTL_PKEY_VERIFY Raw data - Signature info is a string of key=value pairs that supply supplementary information. The __spare space in the parameter block must be set to 0. This is intended, amongst other things, to allow the passing of passphrases required to unlock a key. If successful, encrypt, decrypt and sign all return the amount of data written into the output buffer. Verification returns 0 on success. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Marcel Holtmann <marcel@holtmann.org> Reviewed-by: Marcel Holtmann <marcel@holtmann.org> Reviewed-by: Denis Kenzior <denkenz@gmail.com> Tested-by: Denis Kenzior <denkenz@gmail.com> Signed-off-by: James Morris <james.morris@microsoft.com>
author: David Howells <dhowells@redhat.com> 2018-10-09 12:46:59 -0400
committer: James Morris <james.morris@microsoft.com> 2018-10-26 04:30:46 -0400
commit: 00d60fd3b93219ea854220f0fd264b86398cbc53 (patch)
tree: 785d49e4c21db068d4aa4e1ec95bd8e095a3bd2e /security
parent: 70025f84e5b79627a6739533c4fe7cef5b605886 (diff)
5 files changed, 405 insertions, 0 deletions
diff --git a/security/keys/Makefile b/security/keys/Makefile
index ef1581b337a3..9cef54064f60 100644
--- a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -22,6 +22,7 @@ obj-$(CONFIG_PROC_FS) += proc.o
 obj-$(CONFIG_SYSCTL) += sysctl.o
 obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
 obj-$(CONFIG_KEY_DH_OPERATIONS) += dh.o
+obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += keyctl_pkey.o
 #
 # Key types
diff --git a/security/keys/compat.c b/security/keys/compat.c
index e87c89c0177c..9482df601dc3 100644
--- a/security/keys/compat.c
+++ b/security/keys/compat.c
@@ -141,6 +141,24 @@ COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
                return keyctl_restrict_keyring(arg2, compat_ptr(arg3),
                                               compat_ptr(arg4));
+        case KEYCTL_PKEY_QUERY:
+                if (arg3 != 0)
+                        return -EINVAL;
+                return keyctl_pkey_query(arg2,
+                                         compat_ptr(arg4),
+                                         compat_ptr(arg5));
+        case KEYCTL_PKEY_ENCRYPT:
+        case KEYCTL_PKEY_DECRYPT:
+        case KEYCTL_PKEY_SIGN:
+                return keyctl_pkey_e_d_s(option,
+                                         compat_ptr(arg2), compat_ptr(arg3),
+                                         compat_ptr(arg4), compat_ptr(arg5));
+        case KEYCTL_PKEY_VERIFY:
+                return keyctl_pkey_verify(compat_ptr(arg2), compat_ptr(arg3),
+                                          compat_ptr(arg4), compat_ptr(arg5));
        default:
                return -EOPNOTSUPP;
        }
diff --git a/security/keys/internal.h b/security/keys/internal.h
index 9f8208dc0e55..74cb0ff42fed 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -298,6 +298,45 @@ static inline long compat_keyctl_dh_compute(
 #endif
 #endif
+#ifdef CONFIG_ASYMMETRIC_KEY_TYPE
+extern long keyctl_pkey_query(key_serial_t,
+                              const char __user *,
+                              struct keyctl_pkey_query __user *);
+extern long keyctl_pkey_verify(const struct keyctl_pkey_params __user *,
+                               const char __user *,
+                               const void __user *, const void __user *);
+extern long keyctl_pkey_e_d_s(int,
+                              const struct keyctl_pkey_params __user *,
+                              const char __user *,
+                              const void __user *, void __user *);
+#else
+static inline long keyctl_pkey_query(key_serial_t id,
+                                     const char __user *_info,
+                                     struct keyctl_pkey_query __user *_res)
+{
+        return -EOPNOTSUPP;
+}
+static inline long keyctl_pkey_verify(const struct keyctl_pkey_params __user *params,
+                                      const char __user *_info,
+                                      const void __user *_in,
+                                      const void __user *_in2)
+{
+        return -EOPNOTSUPP;
+}
+static inline long keyctl_pkey_e_d_s(int op,
+                                     const struct keyctl_pkey_params __user *params,
+                                     const char __user *_info,
+                                     const void __user *_in,
+                                     void __user *_out)
+{
+        return -EOPNOTSUPP;
+}
+#endif
 /*
 * Debugging key validation
 */
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 1ffe60bb2845..18619690ce77 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -1747,6 +1747,30 @@ SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3,
                                               (const char __user *) arg3,
                                               (const char __user *) arg4);
+        case KEYCTL_PKEY_QUERY:
+                if (arg3 != 0)
+                        return -EINVAL;
+                return keyctl_pkey_query((key_serial_t)arg2,
+                                         (const char __user *)arg4,
+                                         (struct keyctl_pkey_query *)arg5);
+        case KEYCTL_PKEY_ENCRYPT:
+        case KEYCTL_PKEY_DECRYPT:
+        case KEYCTL_PKEY_SIGN:
+                return keyctl_pkey_e_d_s(
+                        option,
+                        (const struct keyctl_pkey_params __user *)arg2,
+                        (const char __user *)arg3,
+                        (const void __user *)arg4,
+                        (void __user *)arg5);
+        case KEYCTL_PKEY_VERIFY:
+                return keyctl_pkey_verify(
+                        (const struct keyctl_pkey_params __user *)arg2,
+                        (const char __user *)arg3,
+                        (const void __user *)arg4,
+                        (const void __user *)arg5);
        default:
                return -EOPNOTSUPP;
        }
diff --git a/security/keys/keyctl_pkey.c b/security/keys/keyctl_pkey.c
new file mode 100644
index 000000000000..783978842f13
--- /dev/null
+++ b/security/keys/keyctl_pkey.c
@@ -0,0 +1,323 @@
+/* Public-key operation keyctls
+ *
+ * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+#include <linux/slab.h>
+#include <linux/err.h>
+#include <linux/key.h>
+#include <linux/keyctl.h>
+#include <linux/parser.h>
+#include <linux/uaccess.h>
+#include <keys/user-type.h>
+#include "internal.h"
+static void keyctl_pkey_params_free(struct kernel_pkey_params *params)
+{
+        kfree(params->info);
+        key_put(params->key);
+}
+enum {
+        Opt_err = -1,
+        Opt_enc,                /* "enc=<encoding>" eg. "enc=oaep" */
+        Opt_hash,               /* "hash=<digest-name>" eg. "hash=sha1" */
+};
+static const match_table_t param_keys = {
+        { Opt_enc,      "enc=%s" },
+        { Opt_hash,     "hash=%s" },
+        { Opt_err,      NULL }
+};
+/*
+ * Parse the information string which consists of key=val pairs.
+ */
+static int keyctl_pkey_params_parse(struct kernel_pkey_params *params)
+{
+        unsigned long token_mask = 0;
+        substring_t args[MAX_OPT_ARGS];
+        char *c = params->info, *p, *q;
+        int token;
+        while ((p = strsep(&c, " \t"))) {
+                if (*p == '\0' || *p == ' ' || *p == '\t')
+                        continue;
+                token = match_token(p, param_keys, args);
+                if (__test_and_set_bit(token, &token_mask))
+                        return -EINVAL;
+                q = args[0].from;
+                if (!q[0])
+                        return -EINVAL;
+                switch (token) {
+                case Opt_enc:
+                        params->encoding = q;
+                        break;
+                case Opt_hash:
+                        params->hash_algo = q;
+                        break;
+                default:
+                        return -EINVAL;
+                }
+        }
+        return 0;
+}
+/*
+ * Interpret parameters.  Callers must always call the free function
+ * on params, even if an error is returned.
+ */
+static int keyctl_pkey_params_get(key_serial_t id,
+                                  const char __user *_info,
+                                  struct kernel_pkey_params *params)
+{
+        key_ref_t key_ref;
+        void *p;
+        int ret;
+        memset(params, 0, sizeof(*params));
+        params->encoding = "raw";
+        p = strndup_user(_info, PAGE_SIZE);
+        if (IS_ERR(p))
+                return PTR_ERR(p);
+        params->info = p;
+        ret = keyctl_pkey_params_parse(params);
+        if (ret < 0)
+                return ret;
+        key_ref = lookup_user_key(id, 0, KEY_NEED_SEARCH);
+        if (IS_ERR(key_ref))
+                return PTR_ERR(key_ref);
+        params->key = key_ref_to_ptr(key_ref);
+        if (!params->key->type->asym_query)
+                return -EOPNOTSUPP;
+        return 0;
+}
+/*
+ * Get parameters from userspace.  Callers must always call the free function
+ * on params, even if an error is returned.
+ */
+static int keyctl_pkey_params_get_2(const struct keyctl_pkey_params __user *_params,
+                                    const char __user *_info,
+                                    int op,
+                                    struct kernel_pkey_params *params)
+{
+        struct keyctl_pkey_params uparams;
+        struct kernel_pkey_query info;
+        int ret;
+        memset(params, 0, sizeof(*params));
+        params->encoding = "raw";
+        if (copy_from_user(&uparams, _params, sizeof(uparams)) != 0)
+                return -EFAULT;
+        ret = keyctl_pkey_params_get(uparams.key_id, _info, params);
+        if (ret < 0)
+                return ret;
+        ret = params->key->type->asym_query(params, &info);
+        if (ret < 0)
+                return ret;
+        switch (op) {
+        case KEYCTL_PKEY_ENCRYPT:
+        case KEYCTL_PKEY_DECRYPT:
+                if (uparams.in_len  > info.max_enc_size ||
+                    uparams.out_len > info.max_dec_size)
+                        return -EINVAL;
+                break;
+        case KEYCTL_PKEY_SIGN:
+        case KEYCTL_PKEY_VERIFY:
+                if (uparams.in_len  > info.max_sig_size ||
+                    uparams.out_len > info.max_data_size)
+                        return -EINVAL;
+                break;
+        default:
+                BUG();
+        }
+        params->in_len  = uparams.in_len;
+        params->out_len = uparams.out_len;
+        return 0;
+}
+/*
+ * Query information about an asymmetric key.
+ */
+long keyctl_pkey_query(key_serial_t id,
+                       const char __user *_info,
+                       struct keyctl_pkey_query __user *_res)
+{
+        struct kernel_pkey_params params;
+        struct kernel_pkey_query res;
+        long ret;
+        memset(&params, 0, sizeof(params));
+        ret = keyctl_pkey_params_get(id, _info, &params);
+        if (ret < 0)
+                goto error;
+        ret = params.key->type->asym_query(&params, &res);
+        if (ret < 0)
+                goto error;
+        ret = -EFAULT;
+        if (copy_to_user(_res, &res, sizeof(res)) == 0 &&
+            clear_user(_res->__spare, sizeof(_res->__spare)) == 0)
+                ret = 0;
+error:
+        keyctl_pkey_params_free(&params);
+        return ret;
+}
+/*
+ * Encrypt/decrypt/sign
+ *
+ * Encrypt data, decrypt data or sign data using a public key.
+ *
+ * _info is a string of supplementary information in key=val format.  For
+ * instance, it might contain:
+ *
+ *      "enc=pkcs1 hash=sha256"
+ *
+ * where enc= specifies the encoding and hash= selects the OID to go in that
+ * particular encoding if required.  If enc= isn't supplied, it's assumed that
+ * the caller is supplying raw values.
+ *
+ * If successful, the amount of data written into the output buffer is
+ * returned.
+ */
+long keyctl_pkey_e_d_s(int op,
+                       const struct keyctl_pkey_params __user *_params,
+                       const char __user *_info,
+                       const void __user *_in,
+                       void __user *_out)
+{
+        struct kernel_pkey_params params;
+        void *in, *out;
+        long ret;
+        ret = keyctl_pkey_params_get_2(_params, _info, op, &params);
+        if (ret < 0)
+                goto error_params;
+        ret = -EOPNOTSUPP;
+        if (!params.key->type->asym_eds_op)
+                goto error_params;
+        switch (op) {
+        case KEYCTL_PKEY_ENCRYPT:
+                params.op = kernel_pkey_encrypt;
+                break;
+        case KEYCTL_PKEY_DECRYPT:
+                params.op = kernel_pkey_decrypt;
+                break;
+        case KEYCTL_PKEY_SIGN:
+                params.op = kernel_pkey_sign;
+                break;
+        default:
+                BUG();
+        }
+        in = memdup_user(_in, params.in_len);
+        if (IS_ERR(in)) {
+                ret = PTR_ERR(in);
+                goto error_params;
+        }
+        ret = -ENOMEM;
+        out = kmalloc(params.out_len, GFP_KERNEL);
+        if (!out)
+                goto error_in;
+        ret = params.key->type->asym_eds_op(&params, in, out);
+        if (ret < 0)
+                goto error_out;
+        if (copy_to_user(_out, out, ret) != 0)
+                ret = -EFAULT;
+error_out:
+        kfree(out);
+error_in:
+        kfree(in);
+error_params:
+        keyctl_pkey_params_free(&params);
+        return ret;
+}
+/*
+ * Verify a signature.
+ *
+ * Verify a public key signature using the given key, or if not given, search
+ * for a matching key.
+ *
+ * _info is a string of supplementary information in key=val format.  For
+ * instance, it might contain:
+ *
+ *      "enc=pkcs1 hash=sha256"
+ *
+ * where enc= specifies the signature blob encoding and hash= selects the OID
+ * to go in that particular encoding.  If enc= isn't supplied, it's assumed
+ * that the caller is supplying raw values.
+ *
+ * If successful, 0 is returned.
+ */
+long keyctl_pkey_verify(const struct keyctl_pkey_params __user *_params,
+                        const char __user *_info,
+                        const void __user *_in,
+                        const void __user *_in2)
+{
+        struct kernel_pkey_params params;
+        void *in, *in2;
+        long ret;
+        ret = keyctl_pkey_params_get_2(_params, _info, KEYCTL_PKEY_VERIFY,
+                                       &params);
+        if (ret < 0)
+                goto error_params;
+        ret = -EOPNOTSUPP;
+        if (!params.key->type->asym_verify_signature)
+                goto error_params;
+        in = memdup_user(_in, params.in_len);
+        if (IS_ERR(in)) {
+                ret = PTR_ERR(in);
+                goto error_params;
+        }
+        in2 = memdup_user(_in2, params.in2_len);
+        if (IS_ERR(in2)) {
+                ret = PTR_ERR(in2);
+                goto error_in;
+        }
+        params.op = kernel_pkey_verify;
+        ret = params.key->type->asym_verify_signature(&params, in, in2);
+        kfree(in2);
+error_in:
+        kfree(in);
+error_params:
+        keyctl_pkey_params_free(&params);
+        return ret;
+}
author	David Howells <dhowells@redhat.com>	2018-10-09 12:46:59 -0400
committer	James Morris <james.morris@microsoft.com>	2018-10-26 04:30:46 -0400
commit	00d60fd3b93219ea854220f0fd264b86398cbc53 (patch)
tree	785d49e4c21db068d4aa4e1ec95bd8e095a3bd2e /security
parent	70025f84e5b79627a6739533c4fe7cef5b605886 (diff)

diff --git a/security/keys/Makefile b/security/keys/Makefile index ef1581b337a3..9cef54064f60 100644 --- a/security/keys/Makefile +++ b/security/keys/Makefile
@@ -22,6 +22,7 @@ obj-$(CONFIG_PROC_FS) += proc.o
22	obj-$(CONFIG_SYSCTL) += sysctl.o	22	obj-$(CONFIG_SYSCTL) += sysctl.o
23	obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o	23	obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o
24	obj-$(CONFIG_KEY_DH_OPERATIONS) += dh.o	24	obj-$(CONFIG_KEY_DH_OPERATIONS) += dh.o
		25	obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += keyctl_pkey.o
25		26
26	#	27	#
27	# Key types	28	# Key types


diff --git a/security/keys/compat.c b/security/keys/compat.c index e87c89c0177c..9482df601dc3 100644 --- a/security/keys/compat.c +++ b/security/keys/compat.c
@@ -141,6 +141,24 @@ COMPAT_SYSCALL_DEFINE5(keyctl, u32, option,
141	return keyctl_restrict_keyring(arg2, compat_ptr(arg3),	141	return keyctl_restrict_keyring(arg2, compat_ptr(arg3),
142	compat_ptr(arg4));	142	compat_ptr(arg4));
143		143
		144	case KEYCTL_PKEY_QUERY:
		145	if (arg3 != 0)
		146	return -EINVAL;
		147	return keyctl_pkey_query(arg2,
		148	compat_ptr(arg4),
		149	compat_ptr(arg5));
		150
		151	case KEYCTL_PKEY_ENCRYPT:
		152	case KEYCTL_PKEY_DECRYPT:
		153	case KEYCTL_PKEY_SIGN:
		154	return keyctl_pkey_e_d_s(option,
		155	compat_ptr(arg2), compat_ptr(arg3),
		156	compat_ptr(arg4), compat_ptr(arg5));
		157
		158	case KEYCTL_PKEY_VERIFY:
		159	return keyctl_pkey_verify(compat_ptr(arg2), compat_ptr(arg3),
		160	compat_ptr(arg4), compat_ptr(arg5));
		161
144	default:	162	default:
145	return -EOPNOTSUPP;	163	return -EOPNOTSUPP;
146	}	164	}


diff --git a/security/keys/internal.h b/security/keys/internal.h index 9f8208dc0e55..74cb0ff42fed 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h
@@ -298,6 +298,45 @@ static inline long compat_keyctl_dh_compute(
298	#endif	298	#endif
299	#endif	299	#endif
300		300
		301	#ifdef CONFIG_ASYMMETRIC_KEY_TYPE
		302	extern long keyctl_pkey_query(key_serial_t,
		303	const char __user *,
		304	struct keyctl_pkey_query __user *);
		305
		306	extern long keyctl_pkey_verify(const struct keyctl_pkey_params __user *,
		307	const char __user *,
		308	const void __user , const void __user );
		309
		310	extern long keyctl_pkey_e_d_s(int,
		311	const struct keyctl_pkey_params __user *,
		312	const char __user *,
		313	const void __user , void __user );
		314	#else
		315	static inline long keyctl_pkey_query(key_serial_t id,
		316	const char __user *_info,
		317	struct keyctl_pkey_query __user *_res)
		318	{
		319	return -EOPNOTSUPP;
		320	}
		321
		322	static inline long keyctl_pkey_verify(const struct keyctl_pkey_params __user *params,
		323	const char __user *_info,
		324	const void __user *_in,
		325	const void __user *_in2)
		326	{
		327	return -EOPNOTSUPP;
		328	}
		329
		330	static inline long keyctl_pkey_e_d_s(int op,
		331	const struct keyctl_pkey_params __user *params,
		332	const char __user *_info,
		333	const void __user *_in,
		334	void __user *_out)
		335	{
		336	return -EOPNOTSUPP;
		337	}
		338	#endif
		339
301	/*	340	/*
302	* Debugging key validation	341	* Debugging key validation
303	*/	342	*/


diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 1ffe60bb2845..18619690ce77 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c
@@ -1747,6 +1747,30 @@ SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3,
1747	(const char __user *) arg3,	1747	(const char __user *) arg3,
1748	(const char __user *) arg4);	1748	(const char __user *) arg4);
1749		1749
		1750	case KEYCTL_PKEY_QUERY:
		1751	if (arg3 != 0)
		1752	return -EINVAL;
		1753	return keyctl_pkey_query((key_serial_t)arg2,
		1754	(const char __user *)arg4,
		1755	(struct keyctl_pkey_query *)arg5);
		1756
		1757	case KEYCTL_PKEY_ENCRYPT:
		1758	case KEYCTL_PKEY_DECRYPT:
		1759	case KEYCTL_PKEY_SIGN:
		1760	return keyctl_pkey_e_d_s(
		1761	option,
		1762	(const struct keyctl_pkey_params __user *)arg2,
		1763	(const char __user *)arg3,
		1764	(const void __user *)arg4,
		1765	(void __user *)arg5);
		1766
		1767	case KEYCTL_PKEY_VERIFY:
		1768	return keyctl_pkey_verify(
		1769	(const struct keyctl_pkey_params __user *)arg2,
		1770	(const char __user *)arg3,
		1771	(const void __user *)arg4,
		1772	(const void __user *)arg5);
		1773
1750	default:	1774	default:
1751	return -EOPNOTSUPP;	1775	return -EOPNOTSUPP;
1752	}	1776	}


diff --git a/security/keys/keyctl_pkey.c b/security/keys/keyctl_pkey.c new file mode 100644 index 000000000000..783978842f13 --- /dev/null +++ b/security/keys/keyctl_pkey.c
@@ -0,0 +1,323 @@
		1	/* Public-key operation keyctls
		2	*
		3	* Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
		4	* Written by David Howells (dhowells@redhat.com)
		5	*
		6	* This program is free software; you can redistribute it and/or
		7	* modify it under the terms of the GNU General Public Licence
		8	* as published by the Free Software Foundation; either version
		9	* 2 of the Licence, or (at your option) any later version.
		10	*/
		11
		12	#include <linux/slab.h>
		13	#include <linux/err.h>
		14	#include <linux/key.h>
		15	#include <linux/keyctl.h>
		16	#include <linux/parser.h>
		17	#include <linux/uaccess.h>
		18	#include <keys/user-type.h>
		19	#include "internal.h"
		20
		21	static void keyctl_pkey_params_free(struct kernel_pkey_params *params)
		22	{
		23	kfree(params->info);
		24	key_put(params->key);
		25	}
		26
		27	enum {
		28	Opt_err = -1,
		29	Opt_enc, /* "enc=<encoding>" eg. "enc=oaep" */
		30	Opt_hash, /* "hash=<digest-name>" eg. "hash=sha1" */
		31	};
		32
		33	static const match_table_t param_keys = {
		34	{ Opt_enc, "enc=%s" },
		35	{ Opt_hash, "hash=%s" },
		36	{ Opt_err, NULL }
		37	};
		38
		39	/*
		40	* Parse the information string which consists of key=val pairs.
		41	*/
		42	static int keyctl_pkey_params_parse(struct kernel_pkey_params *params)
		43	{
		44	unsigned long token_mask = 0;
		45	substring_t args[MAX_OPT_ARGS];
		46	char c = params->info, p, *q;
		47	int token;
		48
		49	while ((p = strsep(&c, " \t"))) {
		50	if (p == '\0' \|\| p == ' ' \|\| *p == '\t')
		51	continue;
		52	token = match_token(p, param_keys, args);
		53	if (__test_and_set_bit(token, &token_mask))
		54	return -EINVAL;
		55	q = args[0].from;
		56	if (!q[0])
		57	return -EINVAL;
		58
		59	switch (token) {
		60	case Opt_enc:
		61	params->encoding = q;
		62	break;
		63
		64	case Opt_hash:
		65	params->hash_algo = q;
		66	break;
		67
		68	default:
		69	return -EINVAL;
		70	}
		71	}
		72
		73	return 0;
		74	}
		75
		76	/*
		77	* Interpret parameters. Callers must always call the free function
		78	* on params, even if an error is returned.
		79	*/
		80	static int keyctl_pkey_params_get(key_serial_t id,
		81	const char __user *_info,
		82	struct kernel_pkey_params *params)
		83	{
		84	key_ref_t key_ref;
		85	void *p;
		86	int ret;
		87
		88	memset(params, 0, sizeof(*params));
		89	params->encoding = "raw";
		90
		91	p = strndup_user(_info, PAGE_SIZE);
		92	if (IS_ERR(p))
		93	return PTR_ERR(p);
		94	params->info = p;
		95
		96	ret = keyctl_pkey_params_parse(params);
		97	if (ret < 0)
		98	return ret;
		99
		100	key_ref = lookup_user_key(id, 0, KEY_NEED_SEARCH);
		101	if (IS_ERR(key_ref))
		102	return PTR_ERR(key_ref);
		103	params->key = key_ref_to_ptr(key_ref);
		104
		105	if (!params->key->type->asym_query)
		106	return -EOPNOTSUPP;
		107
		108	return 0;
		109	}
		110
		111	/*
		112	* Get parameters from userspace. Callers must always call the free function
		113	* on params, even if an error is returned.
		114	*/
		115	static int keyctl_pkey_params_get_2(const struct keyctl_pkey_params __user *_params,
		116	const char __user *_info,
		117	int op,
		118	struct kernel_pkey_params *params)
		119	{
		120	struct keyctl_pkey_params uparams;
		121	struct kernel_pkey_query info;
		122	int ret;
		123
		124	memset(params, 0, sizeof(*params));
		125	params->encoding = "raw";
		126
		127	if (copy_from_user(&uparams, _params, sizeof(uparams)) != 0)
		128	return -EFAULT;
		129
		130	ret = keyctl_pkey_params_get(uparams.key_id, _info, params);
		131	if (ret < 0)
		132	return ret;
		133
		134	ret = params->key->type->asym_query(params, &info);
		135	if (ret < 0)
		136	return ret;
		137
		138	switch (op) {
		139	case KEYCTL_PKEY_ENCRYPT:
		140	case KEYCTL_PKEY_DECRYPT:
		141	if (uparams.in_len > info.max_enc_size \|\|
		142	uparams.out_len > info.max_dec_size)
		143	return -EINVAL;
		144	break;
		145	case KEYCTL_PKEY_SIGN:
		146	case KEYCTL_PKEY_VERIFY:
		147	if (uparams.in_len > info.max_sig_size \|\|
		148	uparams.out_len > info.max_data_size)
		149	return -EINVAL;
		150	break;
		151	default:
		152	BUG();
		153	}
		154
		155	params->in_len = uparams.in_len;
		156	params->out_len = uparams.out_len;
		157	return 0;
		158	}
		159
		160	/*
		161	* Query information about an asymmetric key.
		162	*/
		163	long keyctl_pkey_query(key_serial_t id,
		164	const char __user *_info,
		165	struct keyctl_pkey_query __user *_res)
		166	{
		167	struct kernel_pkey_params params;
		168	struct kernel_pkey_query res;
		169	long ret;
		170
		171	memset(&params, 0, sizeof(params));
		172
		173	ret = keyctl_pkey_params_get(id, _info, &params);
		174	if (ret < 0)
		175	goto error;
		176
		177	ret = params.key->type->asym_query(&params, &res);
		178	if (ret < 0)
		179	goto error;
		180
		181	ret = -EFAULT;
		182	if (copy_to_user(_res, &res, sizeof(res)) == 0 &&
		183	clear_user(_res->__spare, sizeof(_res->__spare)) == 0)
		184	ret = 0;
		185
		186	error:
		187	keyctl_pkey_params_free(&params);
		188	return ret;
		189	}
		190
		191	/*
		192	* Encrypt/decrypt/sign
		193	*
		194	* Encrypt data, decrypt data or sign data using a public key.
		195	*
		196	* _info is a string of supplementary information in key=val format. For
		197	* instance, it might contain:
		198	*
		199	* "enc=pkcs1 hash=sha256"
		200	*
		201	* where enc= specifies the encoding and hash= selects the OID to go in that
		202	* particular encoding if required. If enc= isn't supplied, it's assumed that
		203	* the caller is supplying raw values.
		204	*
		205	* If successful, the amount of data written into the output buffer is
		206	* returned.
		207	*/
		208	long keyctl_pkey_e_d_s(int op,
		209	const struct keyctl_pkey_params __user *_params,
		210	const char __user *_info,
		211	const void __user *_in,
		212	void __user *_out)
		213	{
		214	struct kernel_pkey_params params;
		215	void in, out;
		216	long ret;
		217
		218	ret = keyctl_pkey_params_get_2(_params, _info, op, &params);
		219	if (ret < 0)
		220	goto error_params;
		221
		222	ret = -EOPNOTSUPP;
		223	if (!params.key->type->asym_eds_op)
		224	goto error_params;
		225
		226	switch (op) {
		227	case KEYCTL_PKEY_ENCRYPT:
		228	params.op = kernel_pkey_encrypt;
		229	break;
		230	case KEYCTL_PKEY_DECRYPT:
		231	params.op = kernel_pkey_decrypt;
		232	break;
		233	case KEYCTL_PKEY_SIGN:
		234	params.op = kernel_pkey_sign;
		235	break;
		236	default:
		237	BUG();
		238	}
		239
		240	in = memdup_user(_in, params.in_len);
		241	if (IS_ERR(in)) {
		242	ret = PTR_ERR(in);
		243	goto error_params;
		244	}
		245
		246	ret = -ENOMEM;
		247	out = kmalloc(params.out_len, GFP_KERNEL);
		248	if (!out)
		249	goto error_in;
		250
		251	ret = params.key->type->asym_eds_op(&params, in, out);
		252	if (ret < 0)
		253	goto error_out;
		254
		255	if (copy_to_user(_out, out, ret) != 0)
		256	ret = -EFAULT;
		257
		258	error_out:
		259	kfree(out);
		260	error_in:
		261	kfree(in);
		262	error_params:
		263	keyctl_pkey_params_free(&params);
		264	return ret;
		265	}
		266
		267	/*
		268	* Verify a signature.
		269	*
		270	* Verify a public key signature using the given key, or if not given, search
		271	* for a matching key.
		272	*
		273	* _info is a string of supplementary information in key=val format. For
		274	* instance, it might contain:
		275	*
		276	* "enc=pkcs1 hash=sha256"
		277	*
		278	* where enc= specifies the signature blob encoding and hash= selects the OID
		279	* to go in that particular encoding. If enc= isn't supplied, it's assumed
		280	* that the caller is supplying raw values.
		281	*
		282	* If successful, 0 is returned.
		283	*/
		284	long keyctl_pkey_verify(const struct keyctl_pkey_params __user *_params,
		285	const char __user *_info,
		286	const void __user *_in,
		287	const void __user *_in2)
		288	{
		289	struct kernel_pkey_params params;
		290	void in, in2;
		291	long ret;
		292
		293	ret = keyctl_pkey_params_get_2(_params, _info, KEYCTL_PKEY_VERIFY,
		294	&params);
		295	if (ret < 0)
		296	goto error_params;
		297
		298	ret = -EOPNOTSUPP;
		299	if (!params.key->type->asym_verify_signature)
		300	goto error_params;
		301
		302	in = memdup_user(_in, params.in_len);
		303	if (IS_ERR(in)) {
		304	ret = PTR_ERR(in);
		305	goto error_params;
		306	}
		307
		308	in2 = memdup_user(_in2, params.in2_len);
		309	if (IS_ERR(in2)) {
		310	ret = PTR_ERR(in2);
		311	goto error_in;
		312	}
		313
		314	params.op = kernel_pkey_verify;
		315	ret = params.key->type->asym_verify_signature(&params, in, in2);
		316
		317	kfree(in2);
		318	error_in:
		319	kfree(in);
		320	error_params:
		321	keyctl_pkey_params_free(&params);
		322	return ret;
		323	}