From: Mimi Zohar <zohar@linux.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.ibm.com>
Subject: [ima-evm-utils PATCH 09/12] Use a local hash algorithm variable when verifying file signatures
Date: Sun, 19 Nov 2023 11:50:40 -0500 [thread overview]
Message-ID: <20231119165043.46960-10-zohar@linux.ibm.com> (raw)
In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com>
Instead of relying on the "imaevm_params.algo" global variable, which
is not concurrency-safe, define and use a local variable.
Update static verify_hash_v2(), verify_hash_v3(), and verify_hash_common()
function definitions to include a hash algorithm argument.
Similarly update ima_verify_signature2() and ima_calc_hash2() to define
and use a local hash algorithm variable.
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
src/libimaevm.c | 40 ++++++++++++++++++++++++----------------
1 file changed, 24 insertions(+), 16 deletions(-)
diff --git a/src/libimaevm.c b/src/libimaevm.c
index 4c9da7a2f06b..18b6a6f27237 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -488,6 +488,7 @@ void init_public_keys(const char *keyfiles)
* (Note: signature_v2_hdr struct does not contain the 'type'.)
*/
static int verify_hash_common(void *public_keys, const char *file,
+ const char *hash_algo,
const unsigned char *hash,
int size, unsigned char *sig, int siglen)
{
@@ -499,7 +500,7 @@ static int verify_hash_common(void *public_keys, const char *file,
const char *st;
if (imaevm_params.verbose > LOG_INFO) {
- log_info("hash(%s): ", imaevm_params.hash_algo);
+ log_info("hash(%s): ", hash_algo);
log_dump(hash, size);
}
@@ -530,7 +531,7 @@ static int verify_hash_common(void *public_keys, const char *file,
if (!EVP_PKEY_verify_init(ctx))
goto err;
st = "EVP_get_digestbyname";
- if (!(md = EVP_get_digestbyname(imaevm_params.hash_algo)))
+ if (!(md = EVP_get_digestbyname(hash_algo)))
goto err;
st = "EVP_PKEY_CTX_set_signature_md";
if (!EVP_PKEY_CTX_set_signature_md(ctx, md))
@@ -566,11 +567,12 @@ err:
* Return: 0 verification good, 1 verification bad, -1 error.
*/
static int verify_hash_v2(void *public_keys, const char *file,
+ const char *hash_algo,
const unsigned char *hash,
int size, unsigned char *sig, int siglen)
{
/* note: signature_v2_hdr does not contain 'type', use sig + 1 */
- return verify_hash_common(public_keys, file, hash, size,
+ return verify_hash_common(public_keys, file, hash_algo, hash, size,
sig + 1, siglen - 1);
}
@@ -581,19 +583,20 @@ static int verify_hash_v2(void *public_keys, const char *file,
* Return: 0 verification good, 1 verification bad, -1 error.
*/
static int verify_hash_v3(void *public_keys, const char *file,
+ const char *hash_algo,
const unsigned char *hash,
int size, unsigned char *sig, int siglen)
{
unsigned char sigv3_hash[MAX_DIGEST_SIZE];
int ret;
- ret = calc_hash_sigv3(sig[0], NULL, hash, sigv3_hash);
+ ret = calc_hash_sigv3(sig[0], hash_algo, hash, sigv3_hash);
if (ret < 0)
return ret;
/* note: signature_v2_hdr does not contain 'type', use sig + 1 */
- return verify_hash_common(public_keys, file, sigv3_hash, size,
- sig + 1, siglen - 1);
+ return verify_hash_common(public_keys, file, hash_algo, sigv3_hash,
+ size, sig + 1, siglen - 1);
}
#define HASH_MAX_DIGESTSIZE 64 /* kernel HASH_MAX_DIGESTSIZE is 64 bytes */
@@ -636,8 +639,10 @@ int calc_hash_sigv3(enum evm_ima_xattr_type type, const char *algo,
return -EINVAL;
}
- if (!algo)
- algo = imaevm_params.hash_algo;
+ if (!algo) {
+ log_err("Hash algorithm unspecified\n");
+ return -EINVAL;
+ }
if ((hash_algo = imaevm_get_hash_algo(algo)) < 0) {
log_err("Hash algorithm %s not supported\n", algo);
@@ -757,10 +762,10 @@ int verify_hash2(void *public_keys, const char *file, const char *hash_algo,
return -1;
#endif
} else if (sig[1] == DIGSIG_VERSION_2) {
- return verify_hash_v2(public_keys, file, hash, size,
+ return verify_hash_v2(public_keys, file, hash_algo, hash, size,
sig, siglen);
} else if (sig[1] == DIGSIG_VERSION_3) {
- return verify_hash_v3(public_keys, file, hash, size,
+ return verify_hash_v3(public_keys, file, hash_algo, hash, size,
sig, siglen);
} else
return -1;
@@ -774,7 +779,8 @@ int verify_hash2(void *public_keys, const char *file, const char *hash_algo,
int verify_hash(const char *file, const unsigned char *hash, int size,
unsigned char *sig, int siglen)
{
- return verify_hash2(g_public_keys, file, NULL, hash, size, sig, siglen);
+ return verify_hash2(g_public_keys, file, imaevm_params.hash_algo,
+ hash, size, sig, siglen);
}
int ima_verify_signature2(void *public_keys, const char *file,
@@ -783,6 +789,7 @@ int ima_verify_signature2(void *public_keys, const char *file,
{
unsigned char hash[MAX_DIGEST_SIZE];
int hashlen, sig_hash_algo;
+ const char *hash_algo;
if (sig[0] != EVM_IMA_XATTR_DIGSIG && sig[0] != IMA_VERITY_DIGSIG) {
log_err("%s: xattr ima has no signature\n", file);
@@ -800,22 +807,23 @@ int ima_verify_signature2(void *public_keys, const char *file,
return -1;
}
/* Use hash algorithm as retrieved from signature */
- imaevm_params.hash_algo = imaevm_hash_algo_by_id(sig_hash_algo);
+ hash_algo = imaevm_hash_algo_by_id(sig_hash_algo);
/*
* Validate the signature based on the digest included in the
* measurement list, not by calculating the local file digest.
*/
if (digest && digestlen > 0)
- return verify_hash2(public_keys, file, NULL, digest, digestlen,
- sig, siglen);
+ return verify_hash2(public_keys, file,
+ hash_algo, digest, digestlen,
+ sig, siglen);
- hashlen = ima_calc_hash(file, hash);
+ hashlen = ima_calc_hash2(file, hash_algo, hash);
if (hashlen <= 1)
return hashlen;
assert(hashlen <= sizeof(hash));
- return verify_hash2(public_keys, file, NULL, hash, hashlen,
+ return verify_hash2(public_keys, file, hash_algo, hash, hashlen,
sig, siglen);
}
--
2.39.3
next prev parent reply other threads:[~2023-11-19 16:51 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-19 16:50 [ima-evm-utils PATCH 00/12] Address non concurrency-safe libimaevm global variables Mimi Zohar
2023-11-19 16:50 ` [ima-evm-utils PATCH 01/12] Rename "public_keys" to "g_public_keys" Mimi Zohar
2023-11-22 12:44 ` Stefan Berger
2023-11-19 16:50 ` [ima-evm-utils PATCH 02/12] Free public keys list Mimi Zohar
2023-11-22 12:52 ` Stefan Berger
2023-11-19 16:50 ` [ima-evm-utils PATCH 03/12] Update library function definitions to include a "public_keys" parameter Mimi Zohar
2023-11-22 13:07 ` Stefan Berger
2023-11-19 16:50 ` [ima-evm-utils PATCH 04/12] Update a library function definition to include a "hash_algo" parameter Mimi Zohar
2023-11-22 13:14 ` Stefan Berger
2023-11-19 16:50 ` [ima-evm-utils PATCH 05/12] Update cmd_verify_ima() to define and use a local list of public keys Mimi Zohar
2023-11-22 13:16 ` Stefan Berger
2023-11-19 16:50 ` [ima-evm-utils PATCH 06/12] Update cmd_verify_evm " Mimi Zohar
2023-11-19 16:50 ` [ima-evm-utils PATCH 07/12] Update ima_measurements " Mimi Zohar
2023-11-22 13:24 ` Stefan Berger
2023-11-19 16:50 ` [ima-evm-utils PATCH 08/12] Define library ima_calc_hash2() function with a hash algorithm parameter Mimi Zohar
2023-11-22 13:26 ` Stefan Berger
2023-11-19 16:50 ` Mimi Zohar [this message]
2023-11-22 13:37 ` [ima-evm-utils PATCH 09/12] Use a local hash algorithm variable when verifying file signatures Stefan Berger
2023-11-22 14:14 ` Mimi Zohar
2023-11-22 14:33 ` Stefan Berger
2023-11-29 16:08 ` Mimi Zohar
2023-11-19 16:50 ` [ima-evm-utils PATCH 10/12] Update EVM signature verification to use a local hash algorithm variable Mimi Zohar
2023-11-22 13:55 ` Stefan Berger
2023-11-19 16:50 ` [ima-evm-utils PATCH 11/12] Use a file specific hash algorithm variable for signing files Mimi Zohar
2023-11-22 14:09 ` Stefan Berger
2023-11-19 16:50 ` [ima-evm-utils PATCH 12/12] Define and use a file specific "keypass" variable Mimi Zohar
2023-11-22 14:22 ` Stefan Berger
2023-11-29 16:07 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231119165043.46960-10-zohar@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=linux-integrity@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.