From: Roberto Sassu <roberto.sassu@huaweicloud.com>
To: dhowells@redhat.com, dwmw2@infradead.org,
herbert@gondor.apana.org.au, davem@davemloft.net
Cc: linux-kernel@vger.kernel.org, keyrings@vger.kernel.org,
linux-crypto@vger.kernel.org, zohar@linux.ibm.com,
linux-integrity@vger.kernel.org,
Roberto Sassu <roberto.sassu@huawei.com>
Subject: [PATCH v2 13/14] KEYS: Provide a function to load keys from a PGP keyring blob
Date: Sun, 18 Aug 2024 18:57:55 +0200 [thread overview]
Message-ID: <20240818165756.629203-14-roberto.sassu@huaweicloud.com> (raw)
In-Reply-To: <20240818165756.629203-1-roberto.sassu@huaweicloud.com>
From: David Howells <dhowells@redhat.com>
Provide a function to load keys from a PGP keyring blob to the built-in
keyring:
int preload_pgp_keys(const u8 *pgpdata, size_t pgpdatalen,
struct key *keyring);
Descriptions are generated from user ID notes and key fingerprints. The
keys will actually be identified by the ID calculated from the PGP data
rather than by the description, so this shouldn't be a problem.
The keys are attached to the keyring supplied.
Looking as root in /proc/keys after the built-in keyring has been loaded:
383a00c1 I------ 1 perm 1f030000 0 0 asymmetri \
Red Hat, Inc. dbeca166: PGP.DSA dbeca166 []
Thanks to Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> for some
pointing out some errors.
Signed-off-by: David Howells <dhowells@redhat.com>
Co-developed-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
crypto/asymmetric_keys/Kconfig | 8 ++
crypto/asymmetric_keys/Makefile | 1 +
crypto/asymmetric_keys/pgp_preload.c | 111 +++++++++++++++++++++++++++
include/crypto/pgp.h | 8 +-
4 files changed, 127 insertions(+), 1 deletion(-)
create mode 100644 crypto/asymmetric_keys/pgp_preload.c
diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig
index d9c709e042f6..6379efded6f4 100644
--- a/crypto/asymmetric_keys/Kconfig
+++ b/crypto/asymmetric_keys/Kconfig
@@ -133,4 +133,12 @@ config PGP_TEST_KEY
This is intended for testing the PGP parser.
+config PGP_PRELOAD
+ bool "PGP public key preloading facility"
+ depends on SYSTEM_TRUSTED_KEYRING
+ select PGP_KEY_PARSER
+ help
+ This option provides a facility for the kernel to preload PGP-wrapped
+ bundles of keys during boot to the built-in keyring.
+
endif # ASYMMETRIC_KEY_TYPE
diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile
index 507a78f9a0a1..2fa55a7830e6 100644
--- a/crypto/asymmetric_keys/Makefile
+++ b/crypto/asymmetric_keys/Makefile
@@ -84,6 +84,7 @@ $(obj)/mscode.asn1.o: $(obj)/mscode.asn1.c $(obj)/mscode.asn1.h
# PGP handling
#
obj-$(CONFIG_PGP_LIBRARY) += pgp_library.o
+obj-$(CONFIG_PGP_PRELOAD) += pgp_preload.o
obj-$(CONFIG_PGP_KEY_PARSER) += pgp_key_parser.o
pgp_key_parser-y := \
diff --git a/crypto/asymmetric_keys/pgp_preload.c b/crypto/asymmetric_keys/pgp_preload.c
new file mode 100644
index 000000000000..e0776dc8f928
--- /dev/null
+++ b/crypto/asymmetric_keys/pgp_preload.c
@@ -0,0 +1,111 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Asymmetric key request handling
+ *
+ * Copyright (C) 2011 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#include <linux/module.h>
+#include <linux/key.h>
+#include <linux/err.h>
+#include <crypto/pgp.h>
+#include <keys/asymmetric-type.h>
+
+#include "pgp_parser.h"
+
+struct preload_pgp_keys_context {
+ struct pgp_parse_context pgp;
+ key_ref_t keyring;
+ const u8 *key_start;
+ const u8 *key_end;
+ bool found_key;
+};
+
+/*
+ * Create a key.
+ */
+static void __init create_pgp_key(struct preload_pgp_keys_context *ctx)
+{
+ key_ref_t key;
+
+ key = key_create_or_update(ctx->keyring,
+ "asymmetric",
+ NULL,
+ ctx->key_start,
+ ctx->key_end - ctx->key_start,
+ ((KEY_POS_ALL & ~KEY_POS_SETATTR) |
+ KEY_USR_VIEW | KEY_USR_READ),
+ KEY_ALLOC_NOT_IN_QUOTA |
+ KEY_ALLOC_BUILT_IN |
+ KEY_ALLOC_BYPASS_RESTRICTION);
+ if (IS_ERR(key)) {
+ pr_notice("Ignoring PGP key, error: %ld\n", PTR_ERR(key));
+ return;
+ }
+
+ pr_notice("Loaded PGP key '%s'\n",
+ key_ref_to_ptr(key)->description);
+
+ key_ref_put(key);
+}
+
+/*
+ * Extract a public key or subkey from the PGP stream.
+ */
+static int __init found_pgp_key(struct pgp_parse_context *context,
+ enum pgp_packet_tag type, u8 headerlen,
+ const u8 *data, size_t datalen)
+{
+ struct preload_pgp_keys_context *ctx =
+ container_of(context, struct preload_pgp_keys_context, pgp);
+
+ if (ctx->found_key) {
+ ctx->key_end = data - headerlen;
+ create_pgp_key(ctx);
+ }
+
+ ctx->key_start = data - headerlen;
+ ctx->found_key = true;
+ return 0;
+}
+
+/**
+ * preload_pgp_keys - Load keys from a PGP keyring blob
+ * @pgpdata: The PGP keyring blob containing the keys.
+ * @pgpdatalen: The size of the @pgpdata blob.
+ * @keyring: The keyring to add the new keys to.
+ *
+ * Preload a pack of keys from a PGP keyring blob.
+ *
+ * The keys have their descriptions generated from the user ID and fingerprint
+ * in the PGP stream. Since keys can be matched on their key IDs independently
+ * of the key description, the description is mostly irrelevant apart from the
+ * fact that keys of the same description displace one another from a keyring.
+ *
+ * The caller should override the current creds if they want the keys to be
+ * owned by someone other than the current process's owner. Keys will not be
+ * accounted towards the owner's quota.
+ *
+ * This function may only be called whilst the kernel is booting.
+ */
+int __init preload_pgp_keys(const u8 *pgpdata, size_t pgpdatalen,
+ struct key *keyring)
+{
+ struct preload_pgp_keys_context ctx;
+ int ret;
+
+ ctx.pgp.types_of_interest = (1 << PGP_PKT_PUBLIC_KEY);
+ ctx.pgp.process_packet = found_pgp_key;
+ ctx.keyring = make_key_ref(keyring, 1);
+ ctx.found_key = false;
+
+ ret = pgp_parse_packets(pgpdata, pgpdatalen, &ctx.pgp);
+ if (ret < 0)
+ return ret;
+
+ if (ctx.found_key) {
+ ctx.key_end = pgpdata + pgpdatalen;
+ create_pgp_key(&ctx);
+ }
+ return 0;
+}
diff --git a/include/crypto/pgp.h b/include/crypto/pgp.h
index 99dd1ab6c1b1..263b44603636 100644
--- a/include/crypto/pgp.h
+++ b/include/crypto/pgp.h
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: GPL-2.0+ */
-/* PGP signature processing
+/* PGP key and signature processing
*
* Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
* Written by David Howells (dhowells@redhat.com)
@@ -27,4 +27,10 @@ extern struct public_key_signature *pgp_sig_get_sig(struct pgp_sig_verify *ctx,
bool is_key_sig);
extern u8 pgp_sig_get_version(struct pgp_sig_verify *ctx);
+/*
+ * pgp_preload.c
+ */
+extern int __init preload_pgp_keys(const u8 *pgpdata, size_t pgpdatalen,
+ struct key *keyring);
+
#endif /* _CRYPTO_PGP_H */
--
2.34.1
next prev parent reply other threads:[~2024-08-18 17:01 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-18 16:57 [PATCH v2 00/14] KEYS: Add support for PGP keys and signatures Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 01/14] mpi: Introduce mpi_key_length() Roberto Sassu
2024-08-19 17:55 ` Jarkko Sakkinen
2024-08-18 16:57 ` [PATCH v2 02/14] rsa: add parser of raw format Roberto Sassu
2024-08-19 17:56 ` Jarkko Sakkinen
2024-08-18 16:57 ` [PATCH v2 03/14] PGPLIB: PGP definitions (RFC 4880) Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 04/14] PGPLIB: Basic packet parser Roberto Sassu
2024-08-19 14:34 ` Jeff Johnson
2024-08-19 15:06 ` Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 05/14] PGPLIB: Signature parser Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 06/14] KEYS: PGP data parser Roberto Sassu
2024-08-19 14:36 ` Jeff Johnson
2024-08-19 14:38 ` Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 07/14] KEYS: Provide PGP key description autogeneration Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 08/14] KEYS: PGP-based public key signature verification Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 09/14] KEYS: Retry asym key search with partial ID in restrict_link_by_signature() Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 10/14] KEYS: Calculate key digest and get signature of the key Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 11/14] verification: introduce verify_pgp_signature() Roberto Sassu
2024-08-18 16:57 ` [PATCH v2 12/14] PGP: Provide a key type for testing PGP signatures Roberto Sassu
2024-08-19 14:37 ` Jeff Johnson
2024-08-18 16:57 ` Roberto Sassu [this message]
2024-08-18 16:57 ` [PATCH v2 14/14] KEYS: Introduce load_pgp_public_keyring() Roberto Sassu
2024-08-19 15:08 ` [PATCH v2 00/14] KEYS: Add support for PGP keys and signatures Jonathan McDowell
2024-08-19 15:15 ` Roberto Sassu
2024-08-20 14:12 ` Jonathan McDowell
2024-08-20 14:14 ` Roberto Sassu
2024-09-10 14:36 ` Roberto Sassu
2024-09-10 14:51 ` Roberto Sassu
2024-09-10 15:16 ` Jonathan McDowell
2024-09-11 9:55 ` Roberto Sassu
2024-08-19 16:30 ` Roberto Sassu
2024-08-19 17:53 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240818165756.629203-14-roberto.sassu@huaweicloud.com \
--to=roberto.sassu@huaweicloud.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dwmw2@infradead.org \
--cc=herbert@gondor.apana.org.au \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=roberto.sassu@huawei.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).