[1/3] libimaevm: Implement imaevm_create_ima_signature

Message ID	20210420183015.861644-2-stefanb@linux.ibm.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-integrity-owner@kernel.org> From: Stefan Berger <stefanb@linux.ibm.com> To: linux-integrity@vger.kernel.org Cc: zohar@linux.ibm.com, dmitry.kasatkin@gmail.com, Stefan Berger <stefanb@linux.ibm.com> Subject: [PATCH 1/3] libimaevm: Implement imaevm_create_ima_signature Date: Tue, 20 Apr 2021 14:30:13 -0400 Message-Id: <20210420183015.861644-2-stefanb@linux.ibm.com> In-Reply-To: <20210420183015.861644-1-stefanb@linux.ibm.com> References: <20210420183015.861644-1-stefanb@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	ima-evm-utils: Implement function to only create IMA signature \| expand [0/3] ima-evm-utils: Implement function to only create IMA signature [1/3] libimaevm: Implement imaevm_create_ima_signature [2/3] tests: Add program to create IMA signature with new API call [3/3] libimaevm: Have sign_hash_v2 call sign_hash_v2_pkey after reading key file

Message ID

20210420183015.861644-2-stefanb@linux.ibm.com (mailing list archive)

State

New, archived

Headers

From: Stefan Berger <stefanb@linux.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: zohar@linux.ibm.com, dmitry.kasatkin@gmail.com,
        Stefan Berger <stefanb@linux.ibm.com>
Subject: [PATCH 1/3] libimaevm: Implement imaevm_create_ima_signature
Date: Tue, 20 Apr 2021 14:30:13 -0400
Message-Id: <20210420183015.861644-2-stefanb@linux.ibm.com>
In-Reply-To: <20210420183015.861644-1-stefanb@linux.ibm.com>
References: <20210420183015.861644-1-stefanb@linux.ibm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

ima-evm-utils: Implement function to only create IMA signature | expand

Commit Message

Stefan Berger April 20, 2021, 6:30 p.m. UTC

Implement imaevm_create_ima_signature that creates an IMA V2 signature
with a given private key and without writing the signature into an
extended attribute. This allows a caller to provide a single key for
creating a signature on multiple files without having to read the key
every time. It also allows the caller to store the signature wherever
it wants, which may not necessarily be an extended attribute.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 src/imaevm.h    |   2 +
 src/libimaevm.c | 186 ++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 188 insertions(+)

Comments

Colin Walters April 27, 2021, 12:02 a.m. UTC | #1

On Tue, Apr 20, 2021, at 2:30 PM, Stefan Berger wrote:

> + fd = open(filename, O_RDONLY);

Missing O_CLOEXEC.

> +int imaevm_create_ima_signature(const char *filename, EVP_PKEY *pkey, 

It'd maximize flexibility for the caller to pass a file descriptor, and not a file name.

> +	if (statbuf.st_size > 0) {
> +		addr = mmap(NULL, statbuf.st_size, PROT_READ, MAP_SHARED, fd, 0);
> +		if (addr == MAP_FAILED) {
> +			asprintf(error, "Failed to mmap file: %s", strerror(errno));
> +			goto err_close;
> +		}
> +	}

Tangentially related to this, I think we should consider doing the same optimization here:
https://github.com/ostreedev/ostree/blob/36693f064c63dad550ebcfed33bf9b95806ddef9/src/libotutil/ot-fs-utils.c#L171

Or alternatively, just have the caller provide a (mmap'd or copied-via-read()) buffer?

Though clearly the most flexible is a streaming API.  But eh, I am not really concerned about that level of performance.

Stefan Berger April 27, 2021, 5:47 p.m. UTC | #2

On 4/26/21 8:02 PM, Colin Walters wrote:
>
> On Tue, Apr 20, 2021, at 2:30 PM, Stefan Berger wrote:
>
>> + fd = open(filename, O_RDONLY);
> Missing O_CLOEXEC.


Will do.

>
>> +int imaevm_create_ima_signature(const char *filename, EVP_PKEY *pkey,
> It'd maximize flexibility for the caller to pass a file descriptor, and not a file name.


We could do this with a callback where the user implements the callback 
function and providers buffer, size of buffer, and eof indicator, and 
gets called for providing the data to hash. That would maybe be even 
more flexible..


>
>> +	if (statbuf.st_size > 0) {
>> +		addr = mmap(NULL, statbuf.st_size, PROT_READ, MAP_SHARED, fd, 0);
>> +		if (addr == MAP_FAILED) {
>> +			asprintf(error, "Failed to mmap file: %s", strerror(errno));
>> +			goto err_close;
>> +		}
>> +	}
> Tangentially related to this, I think we should consider doing the same optimization here:
> https://github.com/ostreedev/ostree/blob/36693f064c63dad550ebcfed33bf9b95806ddef9/src/libotutil/ot-fs-utils.c#L171
>
> Or alternatively, just have the caller provide a (mmap'd or copied-via-read()) buffer?
>
> Though clearly the most flexible is a streaming API.  But eh, I am not really concerned about that level of performance.


I think using a callback would allow for the streaming as well...

    Stefan

Stefan Berger April 27, 2021, 7:13 p.m. UTC | #3

On 4/27/21 1:47 PM, Stefan Berger wrote:
>
> On 4/26/21 8:02 PM, Colin Walters wrote:
>>
>> On Tue, Apr 20, 2021, at 2:30 PM, Stefan Berger wrote:
>>
>>> + fd = open(filename, O_RDONLY);
>> Missing O_CLOEXEC.
>
>
> Will do.
>
>>
>>> +int imaevm_create_ima_signature(const char *filename, EVP_PKEY *pkey,
>> It'd maximize flexibility for the caller to pass a file descriptor, 
>> and not a file name.
>
>
> We could do this with a callback where the user implements the 
> callback function and providers buffer, size of buffer, and eof 
> indicator, and gets called for providing the data to hash. That would 
> maybe be even more flexible..


Actually, I cannot do this. For this function we have to call 
ima_calc_hash, which hashes, files, links, directories etc.


     Stefan

diff --git a/src/imaevm.h b/src/imaevm.h
index 4503919..fc4536b 100644
--- a/src/imaevm.h
+++ b/src/imaevm.h
@@ -225,5 +225,7 @@  int ima_verify_signature(const char *file, unsigned char *sig, int siglen, unsig
 void init_public_keys(const char *keyfiles);
 int imaevm_hash_algo_from_sig(unsigned char *sig);
 const char *imaevm_hash_algo_by_id(int algo);
+int imaevm_create_ima_signature(const char *filename, EVP_PKEY *pkey, const char *algo,
+                                unsigned char *sig, size_t siglen, char **error);
 
 #endif
diff --git a/src/libimaevm.c b/src/libimaevm.c
index fa6c278..bb425af 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -44,9 +44,11 @@ 
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/stat.h>
+#include <sys/mman.h>
 #include <asm/byteorder.h>
 #include <unistd.h>
 #include <dirent.h>
+#include <fcntl.h>
 #include <string.h>
 #include <stdio.h>
 #include <assert.h>
@@ -879,6 +881,109 @@  out:
 	return len;
 }
 
+/* Sign a hash with the given private key.
+ *
+ * @algo: Name of the algorithm that was used to compute the hash, e.g. "sha256"
+ * @hash: The hash
+ * @size: Size of the hash
+ * @pkey: Private key to use for signing
+ * @sig: Buffer for the signature; it is assumed to be of (MAX_SIGNATURE_SIZE - 1) size
+ * @siglen: Length of the signature buffer; it must be at least (MAX_SIGNATURE_SIZE - 1)
+ *          to be accepted
+ * @error: Pointer where a buffer with the error to report can be returned
+ *
+ * Returns -1 on error, the length of the signature, including header, otherwise
+ */
+static int sign_hash_v2_pkey(const char *algo, const unsigned char *hash,
+			     int size, EVP_PKEY *pkey, unsigned char *sig, size_t siglen,
+			     char **error)
+{
+	struct signature_v2_hdr *hdr;
+	EVP_PKEY_CTX *ctx = NULL;
+	const char *st = NULL;
+	const EVP_MD *md;
+	size_t sigsize;
+	uint32_t keyid;
+	char name[20];
+	int len = -1;
+
+	if (!hash) {
+		asprintf(error, "sign_hash_v2_pkey: hash is null");
+		return -1;
+	}
+
+	if (size < 0) {
+		asprintf(error, "sign_hash_v2_pkey: size is negative: %d", size);
+		return -1;
+	}
+
+	if (!pkey) {
+		asprintf(error, "sign_hash_v2_pkey: pkey is null");
+		return -1;
+	}
+
+	if (!sig) {
+		asprintf(error, "sign_hash_v2_pkey: sig is null");
+		return -1;
+	}
+
+	if (siglen < MAX_SIGNATURE_SIZE - 1) {
+		asprintf(error, "sign_hash_v2_pkey: siglen must be at least %d bytes\n",
+		         MAX_SIGNATURE_SIZE - 1);
+		return -1;
+	}
+
+	if (!algo) {
+		asprintf(error, "sign_hash_v2_pkey: algo is null");
+		return -1;
+	}
+
+	hdr = (struct signature_v2_hdr *)sig;
+	hdr->version = (uint8_t) DIGSIG_VERSION_2;
+
+	hdr->hash_algo = imaevm_get_hash_algo(algo);
+	if (hdr->hash_algo == (uint8_t)-1) {
+		asprintf(error, "sign_hash_v2_pkey: hash algo is unknown: %s", algo);
+		return -1;
+	}
+
+	calc_keyid_v2(&keyid, name, pkey);
+	hdr->keyid = keyid;
+
+	st = "EVP_PKEY_CTX_new";
+	if (!(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
+		goto err;
+	st = "EVP_PKEY_sign_init";
+	if (!EVP_PKEY_sign_init(ctx))
+		goto err;
+	st = "EVP_get_digestbyname";
+	if (!(md = EVP_get_digestbyname(algo)))
+		goto err;
+	st = "EVP_PKEY_CTX_set_signature_md";
+	if (!EVP_PKEY_CTX_set_signature_md(ctx, md))
+		goto err;
+	st = "EVP_PKEY_sign";
+	sigsize = MAX_SIGNATURE_SIZE - sizeof(struct signature_v2_hdr) - 1;
+	if (!EVP_PKEY_sign(ctx, hdr->sig, &sigsize, hash, size))
+		goto err;
+	st = NULL;
+
+	len = (int)sigsize;
+
+	/* we add bit length of the signature to make it gnupg compatible */
+	hdr->sig_size = __cpu_to_be16(len);
+	len += sizeof(*hdr);
+
+err:
+	if (len == -1 && st != NULL) {
+		asprintf(error, "sign_hash_v2_pkey: signing failed: (%s) in %s",
+			ERR_reason_error_string(ERR_peek_error()), st);
+	}
+	EVP_PKEY_CTX_free(ctx);
+
+	return len;
+}
+
 /*
  * @sig is assumed to be of (MAX_SIGNATURE_SIZE - 1) size
  * Return: -1 signing error, >0 length of signature
@@ -980,6 +1085,87 @@  int sign_hash(const char *hashalgo, const unsigned char *hash, int size, const c
 		sign_hash_v1(hashalgo, hash, size, keyfile, sig);
 }
 
+/*
+ * Create an IMA signature for a given file using a given private key for signing
+ *
+ * @filename: Name of the file to sign
+ * @pkey: Private key to use for signing
+ * @algo: Name of the algorithm to use to compute the hash, e.g. "sha256"
+ * @sig: Buffer for the signature; it is assumed to be of (MAX_SIGNATURE_SIZE - 1) size
+ * @siglen: Length of the signature buffer; it must be at least (MAX_SIGNATURE_SIZE - 1)
+ *          to be accepted
+ * @error: Pointer where a buffer with the error to report can be returned
+ *
+ * Returns -1 on error, the length of the signature, including header, otherwise
+ */
+int imaevm_create_ima_signature(const char *filename, EVP_PKEY *pkey, const char *algo,
+                                unsigned char *sig, size_t siglen, char **error)
+{
+	unsigned char hashbuf[EVP_MAX_MD_SIZE];
+	unsigned int hashbuf_size = sizeof(hashbuf);
+	struct stat statbuf;
+	EVP_MD_CTX *md_ctx;
+	const EVP_MD *md;
+	const char *st = NULL;
+	int len = -1;
+	void *addr = NULL;
+	int fd;
+	int n;
+
+	fd = open(filename, O_RDONLY);
+	if (!fd) {
+		asprintf(error, "Failed to open %s: %s", filename, strerror(errno));
+		return -1;
+	}
+
+	n = fstat(fd, &statbuf);
+	if (n != 0) {
+		asprintf(error, "Failed to stat %s: %s", filename, strerror(errno));
+		goto err_close;
+	}
+
+	if (statbuf.st_size > 0) {
+		addr = mmap(NULL, statbuf.st_size, PROT_READ, MAP_SHARED, fd, 0);
+		if (addr == MAP_FAILED) {
+			asprintf(error, "Failed to mmap file: %s", strerror(errno));
+			goto err_close;
+		}
+	}
+
+	st = "EVP_MD_CTX_new";
+	if (!(md_ctx = EVP_MD_CTX_new()))
+		goto err;
+	st = "EVP_get_digestbyname";
+	if (!(md = EVP_get_digestbyname(algo)))
+		goto err;
+	st = "EVP_DigestInit_ex";
+	if (EVP_DigestInit_ex(md_ctx, md, NULL) != 1)
+		goto err;
+	st = "EVP_DigestUpdate";
+	if (statbuf.st_size > 0 && EVP_DigestUpdate(md_ctx, addr, statbuf.st_size) != 1)
+		goto err;
+	st = "EVP_DigestFinal_ex";
+	if (EVP_DigestFinal_ex(md_ctx, hashbuf, &hashbuf_size) != 1)
+		goto err;
+	st = NULL;
+
+	len = sign_hash_v2_pkey(algo, hashbuf, hashbuf_size, pkey, sig, siglen, error);
+
+err:
+	if (len < 0 && st != NULL) {
+		asprintf(error,
+			 "%s: signing failed: (%s) in %s\n",
+			 __func__, ERR_reason_error_string(ERR_peek_error()), st);
+	}
+
+	EVP_MD_CTX_free(md_ctx);
+	munmap(addr, statbuf.st_size);
+err_close:
+	close(fd);
+
+	return len;
+}
+
 static void libinit()
 {

[1/3] libimaevm: Implement imaevm_create_ima_signature

Commit Message

Comments

Patch