script to build static evmctl version

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@huawei.com>

.gitignore

@@ -2,6 +2,8 @@
 *~
 
 # Generated by autotools
+.libs
+m4
 .deps
 aclocal.m4
 autom4te.cache
@@ -20,9 +22,12 @@ compile
 libtool
 ltmain.sh
 
+
 # Compiled executables
 *.o
 *.a
+*.lo
+*.la
 src/evmctl
 tests/openclose
 config.h

ChangeLog

@@ -1,3 +1,21 @@
+2014-07-30  Dmitry Kasatkin <dmitry.kasatkin@huawei.com>
+
+	version 1.0
+	* Recursive hashing
+	* Immutable EVM signatures (experimental)
+	* Command 'ima_clear' to remove xattrs
+	* Support for passing password to the library
+	* Support for asking password safely from the user
+
+2014-09-23  Dmitry Kasatkin <d.kasatkin@samsung.com>
+
+	version 0.9
+	* Updated README
+	* man page generated and added to the package
+	* Use additional SMACK xattrs for EVM signature generation
+	* Signing functions moved to libimaevm for external use (RPM)
+	* Fixed setting of correct hash header
+
 2014-05-05  Dmitry Kasatkin <d.kasatkin@samsung.com>
 
 	version 0.8

Makefile.am

@@ -1,6 +1,10 @@
 SUBDIRS = src
+dist_man_MANS = evmctl.1
 
-EXTRA_DIST = autogen.sh
+doc_DATA =  examples/ima-genkey-self.sh examples/ima-genkey.sh examples/ima-gen-local-ca.sh
+EXTRA_DIST = autogen.sh $(doc_DATA)
+
+CLEANFILES = *.html *.xsl
 
 ACLOCAL_AMFLAGS = -I m4
 
@@ -19,4 +23,20 @@ rpm: $(tarname)
 	cp $(tarname) $(SRCS)/
 	rpmbuild -ba --nodeps $(SPEC)
 
+# requires asciidoc, xslproc, docbook-xsl
+MANPAGE_DOCBOOK_XSL = /usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl
+
+evmctl.1.html: README
+	@asciidoc -o $@ $<
+
+evmctl.1:
+	asciidoc -d manpage -b docbook -o evmctl.1.xsl README
+	xsltproc --nonet -o $@ $(MANPAGE_DOCBOOK_XSL) evmctl.1.xsl
+	rm -f evmctl.1.xsl
+
+rmman:
+	rm -f evmctl.1
+
+doc: evmctl.1.html rmman evmctl.1
+
 .PHONY: $(tarname)

README

@@ -1,49 +1,187 @@
-ima-evm-utils - IMA/EVM signing utility
-=========================================
+EVMCTL(1)
+=========
 
-Contents:
+NAME
+----
 
-   1. Key and signature formats
-   2. Key generation
-   3. Initialization
-   4. Signing
+evmctl - IMA/EVM signing utility
+
+
+SYNOPSIS
+--------
+
+evmctl [options] <command> [OPTIONS]
+
+
+DESCRIPTION
+-----------
+
+The evmctl utility can be used for producing and verifying digital signatures,
+which are used by Linux kernel integrity subsystem (IMA/EVM). It can be also
+used to import keys into the kernel keyring.
+
+COMMANDS
+--------
+
+ --version
+ help <command>
+ import [--rsa] pubkey keyring
+ sign [-r] [--imahash | --imasig ] [--key key] [--pass password] file
+ verify file
+ ima_sign [--sigfile] [--key key] [--pass password] file
+ ima_verify file
+ ima_hash file
+ ima_measurement file
+ ima_fix [-t fdsxm] path
+ sign_hash [--key key] [--pass password]
+ hmac [--imahash | --imasig ] file
+
+
+OPTIONS
+-------
+
+  -a, --hashalgo     sha1 (default), sha224, sha256, sha384, sha512
+  -s, --imasig       make IMA signature
+  -d, --imahash      make IMA hash
+  -f, --sigfile      store IMA signature in .sig file instead of xattr
+      --rsa          use RSA key type and signing scheme v1
+  -k, --key          path to signing key (default: /etc/keys/{privkey,pubkey}_evm.pem)
+  -p, --pass         password for encrypted signing key
+  -r, --recursive    recurse into directories (sign)
+  -t, --type         file types to fix 'fdsxm' (f: file, d: directory, s: block/char/symlink)
+                     x - skip fixing if both ima and evm xattrs exist (use with caution)
+                     m - stay on the same filesystem (like 'find -xdev')
+  -n                 print result to stdout instead of setting xattr
+  -u, --uuid         use custom FS UUID for EVM (unspecified: from FS, empty: do not use)
+      --smack        use extra SMACK xattrs for EVM
+      --m32          force EVM hmac/signature for 32 bit target system
+      --m64          force EVM hmac/signature for 64 bit target system
+  -v                 increase verbosity level
+  -h, --help         display this help and exit
+
+
+INTRODUCTION
+------------
+
+Linux kernel integrity subsystem is comprised of a number of different components
+including the Integrity Measurement Architecture (IMA), Extended Verification Module
+(EVM), IMA-appraisal extension, digital signature verification extension and audit
+measurement log support.
+
+The evmctl utility is used for producing and verifying digital signatures, which
+are used by the Linux kernel integrity subsystem. It is also used for importing keys
+into the kernel keyring.
+
+Linux integrity subsystem allows to use IMA and EVM signatures. EVM signature
+protects file metadata, such as file attributes and extended attributes. IMA
+signature protects file content.
+
+For more detailed information about integrity subsystem it is recommended to follow
+resources in RESOURCES section.
+
+
+EVM HMAC and signature metadata
+-------------------------------
+
+EVM protects file metadata by including following attributes into HMAC and signature
+calculation: inode number, inode generation, UID, GID, file mode, security.selinux,
+security.SMACK64, security.ima, security.capability.
+
+EVM HMAC and signature in may also include additional file and file system attributes.
+Currently supported additional attributes are filesystem UUID and extra SMACK
+extended attributes.
+
+Kernel configuration option CONFIG_EVM_ATTR_FSUUID controls whether to include
+filesystem UUID into HMAC and enabled by default. Therefore evmctl also includes
+fsuuid by default. Providing '--uuid' option without parameter allows to disable
+usage of fs uuid. Providing '--uuid=UUID' option with parameter allows to use
+custom UUID.
+
+Kernel configuration option CONFIG_EVM_EXTRA_SMACK_XATTRS controls whether to
+include additional SMACK extended attributes into HMAC. They are following:
+security.SMACK64EXEC, security.SMACK64TRANSMUTE and security.SMACK64MMAP.
+evmctl '--smack' options enables that.
 
 
 Key and signature formats
 -------------------------
 
-EVM support (v2) in latest version of the kernel adds the file system UUID to
-the HMAC calculation. It is controlled by the CONFIG_EVM_HMAC_VERSION and
-version 2 is enabled by default. In this version default UUID is included by
-default. Custom value can be supplied via '--uuid=UUID' or '-uUUID' parameter
-to the 'sign' command. To use old format HMAC format use '-' as a parameter.
+Linux integrity subsystem supports two type of signature and respectively two
+key formats.
 
-Latest kernel got IMA/EVM support for using X509 certificates and asymmetric key
-support for verifying digital signatures. This version uses x509 format by default.
-Use '--rsa' or '-1' parameter to use old signature format and API.
+First key format (v1) is pure RSA key encoded in PEM a format and uses own signature
+format. It is now non-default format and requires to provide evmctl '--rsa' option
+for signing and importing the key.
+
+Second key format uses X509 DER encoded public key certificates and uses asymmetric key support
+in the kernel (since kernel 3.9). CONFIG_INTEGRITY_ASYMMETRIC_KEYS must be enabled (default).
 
 
-Key generation
---------------
+Integrity keyrings
+----------------
 
-Generate private key in plain text format
+Integrity subsystem uses dedicated IMA/EVM keyrings to search for signature verification
+keys - '_ima' and '_evm' respectively.
 
-    $ openssl genrsa -out privkey_evm.pem 1024
+Since 3.13 IMA allows to declare IMA keyring as trusted. It allows only to load keys,
+signed by a key from the system keyring (.system). It means self-signed keys are not
+allowed. This is a default behavior unless CONFIG_IMA_TRUSTED_KEYRING is undefined.
+IMA trusted keyring is has different name '.ima'. Trusted keyring requires X509
+public key certificates. Old version RSA public keys are not compatible with trusted
+keyring.
 
-Generate encrypted private key
 
-    $ openssl genrsa -des3 -out privkey_evm.pem 1024
+Generate EVM encrypted keys
+---------------------------
 
-Make encrypted private key from unencrypted
+EVM encrypted key is used for EVM HMAC calculation:
 
-    $ openssl rsa -in /etc/keys/privkey_evm.pem -out privkey_evm_enc.pem -des3
+    # create and save the key kernel master key (user type)
+    # LMK is used to encrypt encrypted keys
+    keyctl add user kmk "`dd if=/dev/urandom bs=1 count=32 2>/dev/null`" @u
+    keyctl pipe `keyctl search @u user kmk` > /etc/keys/kmk
 
-Generate self-signed X509 certificate and private key for using kernel asymmetric
-keys support
+    # create the EVM encrypted key
+    keyctl add encrypted evm-key "new user:kmk 64" @u
+    keyctl pipe `keyctl search @u encrypted evm-key` >/etc/keys/evm-key
 
-	$ openssl req -new -nodes -utf8 -sha1 -days 36500 -batch \
-	      -x509 -config x509_evm.genkey \
-	      -outform DER -out x509_evm.der -keyout privkey_evm.pem
+
+Generate EVM trusted keys (TPM based)
+-------------------------------------
+
+Trusted EVM keys are keys which a generate with the help of TPM.
+They are not related to integrity trusted keys.
+
+    # create and save the key kernel master key (user type)
+    keyctl add trusted kmk "new 32" @u
+    keyctl pipe `keyctl search @u trusted kmk` >kmk
+
+    # create the EVM trusted key
+    keyctl add encrypted evm-key "new trusted:kmk 32" @u
+    keyctl pipe `keyctl search @u encrypted evm-key` >evm-key
+
+
+Generate signing and verification keys
+--------------------------------------
+
+Generate private key in plain text format:
+
+    openssl genrsa -out privkey_evm.pem 1024
+
+Generate encrypted private key:
+
+    openssl genrsa -des3 -out privkey_evm.pem 1024
+
+Make encrypted private key from unencrypted:
+
+    openssl rsa -in /etc/keys/privkey_evm.pem -out privkey_evm_enc.pem -des3
+
+Generate self-signed X509 public key certificate and private key for using kernel
+asymmetric keys support:
+
+    openssl req -new -nodes -utf8 -sha1 -days 36500 -batch \
+    	        -x509 -config x509_evm.genkey \
+	        -outform DER -out x509_evm.der -keyout privkey_evm.pem
 
 Configuration file x509_evm.genkey:
 
@@ -68,88 +206,232 @@ Configuration file x509_evm.genkey:
 	# EOF
 
 
-Get public key
+Generate public key for using RSA key format:
 
-    $ openssl rsa -pubout -in privkey_evm.pem -out pubkey_evm.pem
-
-Copy keys to /etc/keys
-
-    $ cp pubkey_evm.pem /etc/keys
-    $ scp pubkey_evm.pem target:/etc/keys
-
-or
-    $ cp x509_evm.pem /etc/keys
-    $ scp x509_evm.pem target:/etc/keys
+    openssl rsa -pubout -in privkey_evm.pem -out pubkey_evm.pem
 
 
-Generation of EVM keys
+Copy keys to /etc/keys:
 
-    $ # create and save the kernel master key (user type)
-    $ keyctl add user kmk "`dd if=/dev/urandom bs=1 count=32 2>/dev/null`" @u
-    $ keyctl pipe `keyctl search @u user kmk` > /etc/keys/kmk
-    $ # create the EVM encrypted key
-    $ keyctl add encrypted evm-key "new user:kmk 32" @u
-    $ keyctl pipe `keyctl search @u encrypted evm-key` >/etc/keys/evm-key
+    cp pubkey_evm.pem /etc/keys
+    scp pubkey_evm.pem target:/etc/keys
+ or
+    cp x509_evm.pem /etc/keys
+    scp x509_evm.pem target:/etc/keys
 
 
-Initialization
---------------
+Generate trusted keys
+---------------------
+
+Generation of trusted keys is a bit more complicated process and involves
+following steps:
+
+* Creation of local IMA certification authority (CA).
+  It consist of private and public key certificate which are used
+  to sign and verify other keys.
+* Build Linux kernel with embedded local IMA CA X509 certificate.
+  It is used to verify other keys added to the '.ima' trusted keyring
+* Generate IMA private signing key and verification public key certificate,
+  which is signed using local IMA CA private key.
+
+Configuration file ima-local-ca.genkey:
+
+	# Begining of the file
+	[ req ]
+	default_bits = 2048
+	distinguished_name = req_distinguished_name
+	prompt = no
+	string_mask = utf8only
+	x509_extensions = v3_ca
+
+	[ req_distinguished_name ]
+	O = IMA-CA
+	CN = IMA/EVM certificate signing key
+	emailAddress = ca@ima-ca
+
+	[ v3_ca ]
+	basicConstraints=CA:TRUE
+	subjectKeyIdentifier=hash
+	authorityKeyIdentifier=keyid:always,issuer
+	# keyUsage = cRLSign, keyCertSign
+	# EOF
+
+Generate private key and X509 public key certificate:
+
+ openssl req -new -x509 -utf8 -sha1 -days 3650 -batch -config $GENKEY \
+             -outform DER -out ima-local-ca.x509 -keyout ima-local-ca.priv
+
+Produce X509 in DER format for using while building the kernel:
+
+ openssl x509 -inform DER -in ima-local-ca.x509 -out ima-local-ca.pem
+
+Configuration file ima.genkey:
+
+	# Begining of the file
+	[ req ]
+	default_bits = 1024
+	distinguished_name = req_distinguished_name
+	prompt = no
+	string_mask = utf8only
+	x509_extensions = v3_usr
+
+	[ req_distinguished_name ]
+	O = `hostname`
+	CN = `whoami` signing key
+	emailAddress = `whoami`@`hostname`
+
+	[ v3_usr ]
+	basicConstraints=critical,CA:FALSE
+	#basicConstraints=CA:FALSE
+	keyUsage=digitalSignature
+	#keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+	subjectKeyIdentifier=hash
+	authorityKeyIdentifier=keyid
+	#authorityKeyIdentifier=keyid,issuer
+	# EOF
+
+
+Generate private key and X509 public key certificate signing request:
+
+ openssl req -new -nodes -utf8 -sha1 -days 365 -batch -config $GENKEY \
+             -out csr_ima.pem -keyout privkey_ima.pem
+
+Sign X509 public key certificate signing request with local IMA CA private key:
+
+ openssl x509 -req -in csr_ima.pem -days 365 -extfile $GENKEY -extensions v3_usr \
+              -CA ima-local-ca.pem -CAkey ima-local-ca.priv -CAcreateserial \
+              -outform DER -out x509_ima.der
+
+
+Sign file data and metadata
+---------------------------
+
+Default key locations:
+
+ Private RSA key: /etc/keys/privkey_evm.pem
+ Public RSA key: /etc/keys/pubkey_evm.pem
+ X509 certificate: /etc/keys/x509_evm.der
+
+Options to remember: '-k', '-r', '--rsa', '--uuid', '--smack'.
+
+Sign file with EVM signature and calculate hash value for IMA:
+
+    evmctl sign --imahash test.txt
+
+Sign file with both IMA and EVM signatures:
+
+    evmctl sign --imasig test.txt:
+
+Sign file with IMA signature:
+
+    evmctl ima_sign test.txt
+
+Sign recursively whole filesystem:
+
+    evmctl -r sign --imahash /
+
+Fix recursively whole filesystem:
+
+    evmctl -r ima_fix /
+
+Sign filesystem selectively using 'find' command:
+
+    find / \( -fstype rootfs -o -fstype ext4 \) -exec evmctl sign --imahash '{}' \;
+
+Fix filesystem selectively using 'find' command:
+
+    find / \( -fstype rootfs -o -fstype ext4 \) -exec sh -c "< '{}'" \;
+
+
+Initialize IMA/EVM at early boot
+--------------------------------
 
 IMA/EVM initialization should be normally done from initial RAM file system
 before mounting root filesystem.
 
-Here is an example script /etc/initramfs-tools/scripts/local-top/ima.sh
+Here is Ubuntu initramfs example script (/etc/initramfs-tools/scripts/local-top/ima.sh)
 
-    # import EVM HMAC key
-    keyctl clear @u
+    # mount securityfs if not mounted
+    SECFS=/sys/kernel/security
+    grep -q  $SECFS /proc/mounts || mount -n -t securityfs securityfs $SECFS
+
+    # search for IMA trusted keyring, then for untrusted
+    ima_id="`awk '/\.ima/ { printf "%d", "0x"$1; }' /proc/keys`"
+    if [ -z "$ima_id" ]; then
+        ima_id=`keyctl search @u keyring _ima 2>/dev/null`
+        if [ -z "$ima_id" ]; then
+	    ima_id=`keyctl newring _ima @u`
+        fi
+    fi
+    # import IMA X509 certificate
+    evmctl import /etc/keys/x509_ima.der $ima_id
+
+    # search for EVM keyring
+    evm_id=`keyctl search @u keyring _evm 2>/dev/null`
+    if [ -z "$evm_id" ]; then
+        evm_id=`keyctl newring _evm @u`
+    fi
+    # import EVM X509 certificate
+    evmctl import /etc/keys/x509_evm.der $evm_id
+
+    # a) import EVM encrypted key
     cat /etc/keys/kmk | keyctl padd user kmk @u
     keyctl add encrypted evm-key "load `cat /etc/keys/evm-key`" @u
-
-    # import IMA public key
-    ima_id=`keyctl newring _ima @u`
-    evmctl --rsa import /etc/keys/pubkey_evm.pem $ima_id
-
-    # import EVM public key
-    evm_id=`keyctl newring _evm @u`
-    evmctl --rsa import /etc/keys/pubkey_evm.pem $evm_id
+    # OR
+    # b) import EVM trusted key
+    keyctl add trusted kmk "load `cat /etc/keys/kmk`" @u
+    keyctl add encrypted evm-key "load `cat /etc/keys/evm-key`" @u
 
     # enable EVM
     echo "1" > /sys/kernel/security/evm
 
+Optionally it is possible also to forbid adding, removing of new public keys
+and certificates into keyrings and revoking keys using 'keyctl setperm' command:
 
-Import X509 certificate into the kernel keyring (since kernel 3.9?)
-
-    $ evmctl import /etc/keys/x509_evm.der `keyctl search @u keyring _ima`
-    $ evmctl import /etc/keys/x509_evm.der `keyctl search @u keyring _evm`
+    # protect EVM keyring
+    keyctl setperm $evm_id 0x0b0b0000
+    # protect IMA keyring
+    keyctl setperm $ima_id 0x0b0b0000
+    # protecting IMA key from revoking (against DoS)
+    ima_key=`evmctl import /etc/keys/x509_ima.der $ima_id`
+    keyctl setperm $ima_key 0x0b0b0000
 
 
-Signing
+When using plain RSA public keys in PEM format, use 'evmctl import --rsa' for importing keys:
+
+    evmctl import --rsa /etc/keys/pubkey_evm.pem $evm_id
+
+Latest version of keyctl allows to import X509 public key certificates:
+
+    cat /etc/keys/x509_ima.der | keyctl padd asymmetric '' $ima_id
+
+
+FILES
+-----
+
+Examples of scripts to generate X509 public key certificates:
+
+ /usr/share/doc/ima-evm-utils/ima-genkey-self.sh
+ /usr/share/doc/ima-evm-utils/ima-genkey.sh
+ /usr/share/doc/ima-evm-utils/ima-gen-local-ca.sh
+
+
+AUTHOR
+------
+
+Written by Dmitry Kasatkin, <dmitry.kasatkin at gmail.com> and others.
+
+
+RESOURCES
+---------
+
+ http://sourceforge.net/p/linux-ima/wiki/Home
+ http://sourceforge.net/p/linux-ima/ima-evm-utils
+
+
+COPYING
 -------
 
-Default public key: /etc/keys/pubkey_evm.pem
-Default private key: /etc/keys/privkey_evm.pem
-Default X509 certificate: /etc/keys/x509_evm.der
-
-Signing for using old RSA format is done using '-1' or '--rsa' parameter.
-Signing for using old EVM HMAC format is done using '-u-' or '--uuid=-' parameter.
-
-Sign file with EVM signature and use hash value for IMA - common case
-
-    $ evmctl sign [-u] [-1] --imahash test.txt
-
-Sign file with both IMA and EVM signatures - for immutable files
-
-    $ evmctl sign [-u] [-1] --imasig test.txt
-
-Sign file with IMA signature - for immutable files
-
-    $ evmctl ima_sign [-1] test.txt
-
-Label whole filesystem with EVM signatures
-
-    $ find / \( -fstype rootfs -o -fstype ext4 \) -exec evmctl sign [-u] [-1] --imahash '{}' \;
-
-Label filesystem in fix mode - kernel sets correct values to IMA and EVM xattrs
-
-    $ find / \( -fstype rootfs -o -fstype ext4 \) -exec sh -c "< '{}'" \;
+Copyright \(C) 2012 - 2014 Linux Integrity Project. Free use of this software is granted under
+the terms of the GNU Public License (GPL).
 

build-static.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+
+gcc -static -o evmctl.static -include config.h src/evmctl.c src/libimaevm.c -lcrypto -lkeyutils -ldl
+

configure.ac

@@ -1,7 +1,7 @@
 # autoconf script
 
 AC_PREREQ([2.65])
-AC_INIT(ima-evm-utils, 0.8, d.kasatkin@samsung.com)
+AC_INIT(ima-evm-utils, 1.0, dmitry.kasatkin@huawei.com)
 AM_INIT_AUTOMAKE
 AC_CONFIG_HEADERS([config.h])
 AC_CONFIG_MACRO_DIR([m4])

packaging/ima-evm-utils.spec

@@ -1,5 +1,5 @@
 Name:		ima-evm-utils
-Version:	0.8
+Version:	1.0
 Release:	1%{?dist}
 Summary:	ima-evm-utils - IMA/EVM control utility
 Group:		System/Libraries

src/imaevm.h

@@ -41,6 +41,7 @@
 #ifndef _LIBIMAEVM_H
 #define _LIBIMAEVM_H
 
+#include <linux/fs.h>
 #include <stdint.h>
 #include <syslog.h>
 #include <stdbool.h>
@@ -74,16 +75,15 @@
 #define	DATA_SIZE	4096
 #define SHA1_HASH_LEN   20
 
-#define	EXT2_IOC_GETVERSION	_IOR('v', 1, long)
-#define	EXT34_IOC_GETVERSION	_IOR('f', 3, long)
-
-#define	FS_IOC_GETFLAGS		_IOR('f', 1, long)
-#define	FS_IOC_SETFLAGS		_IOW('f', 2, long)
-#define FS_IOC32_GETFLAGS	_IOR('f', 1, int)
-#define FS_IOC32_SETFLAGS	_IOW('f', 2, int)
-
 #define __packed __attribute__((packed))
 
+enum evm_ima_xattr_type {
+	IMA_XATTR_DIGEST = 0x01,
+	EVM_XATTR_HMAC,
+	EVM_IMA_XATTR_DIGSIG,
+	IMA_XATTR_DIGEST_NG,
+};
+
 struct h_misc {
 	unsigned long ino;
 	uint32_t generation;
@@ -108,6 +108,12 @@ struct h_misc_64 {
 	unsigned short mode;
 };
 
+struct h_misc_digsig {
+	uid_t uid;
+	gid_t gid;
+	unsigned short mode;
+};
+
 enum pubkey_algo {
 	PUBKEY_ALGO_RSA,
 	PUBKEY_ALGO_MAX,
@@ -170,8 +176,10 @@ typedef int (*verify_hash_fn_t)(const unsigned char *hash, int size, unsigned ch
 
 struct libevm_params {
 	int verbose;
+	int x509;
 	const char *hash_algo;
-	char *keyfile;
+	const char *keyfile;
+	const char *keypass;
 };
 
 struct RSA_ASN1_template {
@@ -189,6 +197,11 @@ int ima_calc_hash(const char *file, uint8_t *hash);
 int get_hash_algo(const char *algo);
 RSA *read_pub_key(const char *keyfile, int x509);
 
+void calc_keyid_v1(uint8_t *keyid, char *str, const unsigned char *pkey, int len);
+void calc_keyid_v2(uint32_t *keyid, char *str, RSA *key);
+int key2bin(RSA *key, unsigned char *pub);
+
+int sign_hash(const char *algo, const unsigned char *hash, int size, const char *keyfile, const char *keypass, unsigned char *sig);
 int verify_hash(const unsigned char *hash, int size, unsigned char *sig, int siglen);
 int ima_verify_signature(const char *file, unsigned char *sig, int siglen);
 

src/libimaevm.c

@@ -44,6 +44,7 @@
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/stat.h>
+#include <asm/byteorder.h>
 #include <unistd.h>
 #include <dirent.h>
 #include <string.h>
@@ -52,6 +53,7 @@
 #include <openssl/pem.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
+#include <openssl/err.h>
 
 #include "imaevm.h"
 
@@ -125,9 +127,12 @@ const struct RSA_ASN1_template RSA_ASN1_templates[PKEY_HASH__LAST] = {
 
 struct libevm_params params = {
 	.verbose = LOG_INFO - 1,
+	.x509 = 1,
 	.hash_algo = "sha1",
 };
 
+static void __attribute__ ((constructor)) libinit(void);
+
 void do_dump(FILE *fp, const void *ptr, int len, bool cr)
 {
 	int i;
@@ -152,54 +157,54 @@ int get_filesize(const char *filename)
 	return (int)stats.st_size;
 }
 
-static inline int get_fdsize(int fd)
+static inline off_t get_fdsize(int fd)
 {
 	struct stat stats;
 	/*  Need to know the file length */
 	fstat(fd, &stats);
-	return (int)stats.st_size;
+	return stats.st_size;
 }
 
 static int add_file_hash(const char *file, EVP_MD_CTX *ctx)
 {
 	uint8_t *data;
-	int err, size, bs = DATA_SIZE;
-	size_t len;
+	int err = -1, bs = DATA_SIZE;
+	off_t size, len;
 	FILE *fp;
 
+	fp = fopen(file, "r");
+	if (!fp) {
+		log_err("Failed to open: %s\n", file);
+		return -1;
+	}
+
 	data = malloc(bs);
 	if (!data) {
 		log_err("malloc failed\n");
-		return -1;
-	}
-
-	fp = fopen(file, "r");
-	if (!fp) {
-		log_err("Unable to open %s\n", file);
-		return -1;
+		goto out;
 	}
 
 	for (size = get_fdsize(fileno(fp)); size; size -= len) {
 		len = MIN(size, bs);
-		err = fread(data, len, 1, fp);
-		if (!err) {
+		if (!fread(data, len, 1, fp)) {
 			if (ferror(fp)) {
-				log_err("fread() error\n\n");
-				return -1;
+				log_err("fread() failed\n\n");
+				goto out;
 			}
 			break;
 		}
-		err = EVP_DigestUpdate(ctx, data, len);
-		if (!err) {
+		if (!EVP_DigestUpdate(ctx, data, len)) {
 			log_err("EVP_DigestUpdate() failed\n");
-			return 1;
+			err = 1;
+			goto out;
 		}
 	}
-
+	err = 0;
+out:
 	fclose(fp);
 	free(data);
 
-	return 0;
+	return err;
 }
 
 static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
@@ -209,10 +214,11 @@ static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
 	DIR *dir;
 	unsigned long long ino, off;
 	unsigned int type;
+	int result = 0;
 
 	dir = opendir(file);
 	if (!dir) {
-		log_err("Unable to open %s\n", file);
+		log_err("Failed to open: %s\n", file);
 		return -1;
 	}
 
@@ -228,13 +234,14 @@ static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
 		err |= EVP_DigestUpdate(ctx, &type, sizeof(type));
 		if (!err) {
 			log_err("EVP_DigestUpdate() failed\n");
-			return 1;
+			result = 1;
+			break;
 		}
 	}
 
 	closedir(dir);
 
-	return 0;
+	return result;
 }
 
 static int add_link_hash(const char *path, EVP_MD_CTX *ctx)
@@ -255,22 +262,23 @@ static int add_dev_hash(struct stat *st, EVP_MD_CTX *ctx)
 	uint32_t dev = st->st_rdev;
 	unsigned major = (dev & 0xfff00) >> 8;
 	unsigned minor = (dev & 0xff) | ((dev >> 12) & 0xfff00);
+
 	log_info("device: %u:%u\n", major, minor);
 	return !EVP_DigestUpdate(ctx, &dev, sizeof(dev));
 }
 
 int ima_calc_hash(const char *file, uint8_t *hash)
 {
+	const EVP_MD *md;
 	struct stat st;
 	EVP_MD_CTX ctx;
-	const EVP_MD *md;
 	unsigned int mdlen;
 	int err;
 
 	/*  Need to know the file length */
 	err = lstat(file, &st);
 	if (err < 0) {
-		log_err("stat() failed\n");
+		log_err("Failed to stat: %s\n", file);
 		return err;
 	}
 
@@ -326,7 +334,7 @@ RSA *read_pub_key(const char *keyfile, int x509)
 
 	fp = fopen(keyfile, "r");
 	if (!fp) {
-		log_err("Unable to open keyfile %s\n", keyfile);
+		log_err("Failed to open keyfile: %s\n", keyfile);
 		return NULL;
 	}
 
@@ -367,7 +375,7 @@ int verify_hash_v1(const unsigned char *hash, int size, unsigned char *sig, int
 	unsigned char sighash[20];
 	struct signature_hdr *hdr = (struct signature_hdr *)sig;
 
-	log_info("hash: ");
+	log_info("hash-v1: ");
 	log_dump(hash, size);
 
 	key = read_pub_key(keyfile, 0);
@@ -485,7 +493,7 @@ static int get_hash_algo_from_sig(unsigned char *sig)
 
 int verify_hash(const unsigned char *hash, int size, unsigned char *sig, int siglen)
 {
-	char *key;
+	const char *key;
 	int x509;
 	verify_hash_fn_t verify_hash;
 
@@ -533,3 +541,273 @@ int ima_verify_signature(const char *file, unsigned char *sig, int siglen)
 
 	return verify_hash(hash, hashlen, sig + 1, siglen - 1);
 }
+
+/*
+ * Create binary key representation suitable for kernel
+ */
+int key2bin(RSA *key, unsigned char *pub)
+{
+	int len, b, offset = 0;
+	struct pubkey_hdr *pkh = (struct pubkey_hdr *)pub;
+
+	/* add key header */
+	pkh->version = 1;
+	pkh->timestamp = 0;	/* PEM has no timestamp?? */
+	pkh->algo = PUBKEY_ALGO_RSA;
+	pkh->nmpi = 2;
+
+	offset += sizeof(*pkh);
+
+	len = BN_num_bytes(key->n);
+	b = BN_num_bits(key->n);
+	pub[offset++] = b >> 8;
+	pub[offset++] = b & 0xff;
+	BN_bn2bin(key->n, &pub[offset]);
+	offset += len;
+
+	len = BN_num_bytes(key->e);
+	b = BN_num_bits(key->e);
+	pub[offset++] = b >> 8;
+	pub[offset++] = b & 0xff;
+	BN_bn2bin(key->e, &pub[offset]);
+	offset += len;
+
+	return offset;
+}
+
+void calc_keyid_v1(uint8_t *keyid, char *str, const unsigned char *pkey, int len)
+{
+	uint8_t sha1[SHA_DIGEST_LENGTH];
+	uint64_t id;
+
+	SHA1(pkey, len, sha1);
+
+	/* sha1[12 - 19] is exactly keyid from gpg file */
+	memcpy(keyid, sha1 + 12, 8);
+	log_debug("keyid: ");
+	log_debug_dump(keyid, 8);
+
+	id = __be64_to_cpup((__be64 *) keyid);
+	sprintf(str, "%llX", (unsigned long long)id);
+	log_info("keyid-v1: %s\n", str);
+}
+
+void calc_keyid_v2(uint32_t *keyid, char *str, RSA *key)
+{
+	uint8_t sha1[SHA_DIGEST_LENGTH];
+	unsigned char *pkey = NULL;
+	int len;
+
+	len = i2d_RSAPublicKey(key, &pkey);
+
+	SHA1(pkey, len, sha1);
+
+	/* sha1[12 - 19] is exactly keyid from gpg file */
+	memcpy(keyid, sha1 + 16, 4);
+	log_debug("keyid: ");
+	log_debug_dump(keyid, 4);
+
+	sprintf(str, "%x", __be32_to_cpup(keyid));
+	log_info("keyid: %s\n", str);
+
+	free(pkey);
+}
+
+static RSA *read_priv_key(const char *keyfile, const char *keypass)
+{
+	FILE *fp;
+	RSA *key;
+
+	fp = fopen(keyfile, "r");
+	if (!fp) {
+		log_err("Failed to open keyfile: %s\n", keyfile);
+		return NULL;
+	}
+	ERR_load_crypto_strings();
+	key = PEM_read_RSAPrivateKey(fp, NULL, NULL, (void *)keypass);
+	if (!key) {
+		char str[256];
+
+		ERR_error_string(ERR_get_error(), str);
+		log_err("PEM_read_RSAPrivateKey() failed: %s\n", str);
+	}
+
+	fclose(fp);
+	return key;
+}
+
+static int get_hash_algo_v1(const char *algo)
+{
+
+	if (!strcmp(algo, "sha1"))
+		return DIGEST_ALGO_SHA1;
+	else if (!strcmp(algo, "sha256"))
+		return DIGEST_ALGO_SHA256;
+
+	return -1;
+}
+
+int sign_hash_v1(const char *hashalgo, const unsigned char *hash, int size, const char *keyfile, unsigned char *sig)
+{
+	int len = -1, hashalgo_idx;
+	SHA_CTX ctx;
+	unsigned char pub[1024];
+	RSA *key;
+	char name[20];
+	unsigned char sighash[20];
+	struct signature_hdr *hdr;
+	uint16_t *blen;
+
+	if (!hash) {
+		log_err("sign_hash_v1: hash is null\n");
+		return -1;
+	}
+
+	if (size < 0) {
+		log_err("sign_hash_v1: size is negative: %d\n", size);
+		return -1;
+	}
+
+	if (!hashalgo) {
+		log_err("sign_hash_v1: hashalgo is null\n");
+		return -1;
+	}
+
+	if (!sig) {
+		log_err("sign_hash_v1: sig is null\n");
+		return -1;
+	}
+
+	log_info("hash: ");
+	log_dump(hash, size);
+
+	key = read_priv_key(keyfile, params.keypass);
+	if (!key)
+		return -1;
+
+	hdr = (struct signature_hdr *)sig;
+
+	/* now create a new hash */
+	hdr->version = (uint8_t) DIGSIG_VERSION_1;
+	hdr->timestamp = time(NULL);
+	hdr->algo = PUBKEY_ALGO_RSA;
+	hashalgo_idx = get_hash_algo_v1(hashalgo);
+	if (hashalgo_idx < 0) {
+		log_err("Signature version 1 does not support hash algo %s\n",
+			hashalgo);
+		goto out;
+	}
+	hdr->hash = (uint8_t) hashalgo_idx;
+
+	len = key2bin(key, pub);
+	calc_keyid_v1(hdr->keyid, name, pub, len);
+
+	hdr->nmpi = 1;
+
+	SHA1_Init(&ctx);
+	SHA1_Update(&ctx, hash, size);
+	SHA1_Update(&ctx, hdr, sizeof(*hdr));
+	SHA1_Final(sighash, &ctx);
+	log_info("sighash: ");
+	log_dump(sighash, sizeof(sighash));
+
+	len = RSA_private_encrypt(sizeof(sighash), sighash, sig + sizeof(*hdr) + 2, key, RSA_PKCS1_PADDING);
+	if (len < 0) {
+		log_err("RSA_private_encrypt() failed: %d\n", len);
+		goto out;
+	}
+
+	/* we add bit length of the signature to make it gnupg compatible */
+	blen = (uint16_t *) (sig + sizeof(*hdr));
+	*blen = __cpu_to_be16(len << 3);
+	len += sizeof(*hdr) + 2;
+	log_info("evm/ima signature-v1: %d bytes\n", len);
+out:
+	RSA_free(key);
+	return len;
+}
+
+int sign_hash_v2(const char *algo, const unsigned char *hash, int size, const char *keyfile, unsigned char *sig)
+{
+	struct signature_v2_hdr *hdr;
+	int len = -1;
+	RSA *key;
+	char name[20];
+	unsigned char *buf;
+	const struct RSA_ASN1_template *asn1;
+
+	if (!hash) {
+		log_err("sign_hash_v2: hash is null\n");
+		return -1;
+	}
+
+	if (size < 0) {
+		log_err("sign_hash_v2: size is negative: %d\n", size);
+		return -1;
+	}
+
+	if (!sig) {
+		log_err("sign_hash_v2: sig is null\n");
+		return -1;
+	}
+
+	if (!algo) {
+		log_err("sign_hash_v2: algo is null\n");
+		return -1;
+	}
+
+	log_info("hash: ");
+	log_dump(hash, size);
+
+	key = read_priv_key(keyfile, params.keypass);
+	if (!key)
+		return -1;
+
+	hdr = (struct signature_v2_hdr *)sig;
+	hdr->version = (uint8_t) DIGSIG_VERSION_2;
+
+	hdr->hash_algo = get_hash_algo(algo);
+
+	calc_keyid_v2(&hdr->keyid, name, key);
+
+	asn1 = &RSA_ASN1_templates[hdr->hash_algo];
+
+	buf = malloc(size + asn1->size);
+	if (!buf)
+		goto out;
+
+	memcpy(buf, asn1->data, asn1->size);
+	memcpy(buf + asn1->size, hash, size);
+	len = RSA_private_encrypt(size + asn1->size, buf, hdr->sig,
+				  key, RSA_PKCS1_PADDING);
+	if (len < 0) {
+		log_err("RSA_private_encrypt() failed: %d\n", len);
+		goto out;
+	}
+
+	/* we add bit length of the signature to make it gnupg compatible */
+	hdr->sig_size = __cpu_to_be16(len);
+	len += sizeof(*hdr);
+	log_info("evm/ima signature: %d bytes\n", len);
+out:
+	if (buf)
+		free(buf);
+	RSA_free(key);
+	return len;
+}
+
+
+int sign_hash(const char *hashalgo, const unsigned char *hash, int size, const char *keyfile, const char *keypass, unsigned char *sig)
+{
+	if (keypass)
+		params.keypass = keypass;
+
+	return params.x509 ? sign_hash_v2(hashalgo, hash, size, keyfile, sig) :
+			     sign_hash_v1(hashalgo, hash, size, keyfile, sig);
+}
+
+static void libinit()
+{
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+}