imgtrust_8c_source.html

/*

 * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.

 *

 * This program is free software; you can redistribute it and/or

 * modify it under the terms of the GNU General Public License as

 * published by the Free Software Foundation; either version 2 of the

 * License, or any later version.

 *

 * This program is distributed in the hope that it will be useful, but

 * WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

 * General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program; if not, write to the Free Software

 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA

 * 02110-1301, USA.

 *

 * You can also choose to distribute this program under the terms of

 * the Unmodified Binary Distribution Licence (as given in the file

 * COPYING.UBDL), provided that you have satisfied its requirements.

 */


FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

FILE_SECBOOT ( PERMITTED );


#include <stdlib.h>

#include <string.h>

#include <errno.h>

#include <time.h>

#include <syslog.h>

#include <ipxe/image.h>

#include <ipxe/cms.h>

#include <ipxe/validator.h>

#include <ipxe/monojob.h>

#include <usr/imgtrust.h>


/** @file

 *

 * Image trust management

 *

 */


/**

 * Verify image using downloaded signature

 *

 * @v image             Image to verify

 * @v signature         Image containing signature

 * @v name              Required common name, or NULL to allow any name

 * @ret rc              Return status code

 */


int imgverify ( struct image *image, struct image *signature,

                const char *name ) {

        struct cms_message *cms;

        struct cms_participant *part;

        time_t now;

        int rc;


        /* Parse signature */

        if ( ( rc = cms_message ( signature, &cms ) ) != 0 )

                goto err_parse;


        /* Complete all certificate chains */

        list_for_each_entry ( part, &cms->participants, list ) {

                if ( ( rc = create_validator ( &monojob, part->chain,

                                               NULL ) ) != 0 )

                        goto err_create_validator;

                if ( ( rc = monojob_wait ( NULL, 0 ) ) != 0 )

                        goto err_validator_wait;

        }


        /* Use signature to verify image */

        now = time ( NULL );

        if ( ( rc = cms_verify ( cms, image, name, now, NULL, NULL ) ) != 0 )

                goto err_verify;


        /* Drop reference to message */

        cms_put ( cms );

        cms = NULL;


        /* Record signature verification */

        syslog ( LOG_NOTICE, "Image \"%s\" signature OK\n", image->name );


        return 0;


 err_verify:

 err_validator_wait:

 err_create_validator:

        cms_put ( cms );

 err_parse:

        syslog ( LOG_ERR, "Image \"%s\" signature bad: %s\n",

                 image->name, strerror ( rc ) );

        return rc;

}


NULL
#define NULL
NULL pointer (VOID *)
Definition Base.h:322

signature
u8 signature
CPU signature.
Definition CIB_PRM.h:7

rc
struct arbelprm_rc_send_wqe rc
Definition arbel.h:3

name
const char * name
Definition ath9k_hw.c:1986

cms_verify
int cms_verify(struct cms_message *cms, struct image *image, const char *name, time_t time, struct x509_chain *store, struct x509_root *root)
Verify CMS signature.
Definition cms.c:834

cms.h
Cryptographic Message Syntax (PKCS #7)

cms_put
static void cms_put(struct cms_message *cms)
Drop reference to CMS message.
Definition cms.h:94

errno.h
Error codes.

FILE_LICENCE
#define FILE_LICENCE(_licence)
Declare a particular licence as applying to a file.
Definition compiler.h:896

FILE_SECBOOT
#define FILE_SECBOOT(_status)
Declare a file's UEFI Secure Boot permission status.
Definition compiler.h:926

LOG_ERR
#define LOG_ERR
Error: error conditions.
Definition syslog.h:36

LOG_NOTICE
#define LOG_NOTICE
Notice: normal but significant conditions.
Definition syslog.h:42

image.h
Executable images.

imgverify
int imgverify(struct image *image, struct image *signature, const char *name)
Verify image using downloaded signature.
Definition imgtrust.c:52

imgtrust.h
Image trust management.

string.h
String functions.

time_t
int64_t time_t
Seconds since the Epoch.
Definition time.h:19

time.h
Date and time.

list_for_each_entry
#define list_for_each_entry(pos, head, member)
Iterate over entries in a list.
Definition list.h:432

monojob
struct interface monojob
Definition monojob.c:57

monojob_wait
int monojob_wait(const char *string, unsigned long timeout)
Wait for single foreground job to complete.
Definition monojob.c:82

monojob.h
Single foreground job.

stdlib.h

strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition strerror.c:79

cms_message
A CMS message.
Definition cms.h:55

cms_message::participants
struct list_head participants
List of participant information blocks.
Definition cms.h:66

cms_participant
CMS participant information.
Definition cms.h:39

cms_participant::list
struct list_head list
List of participant information blocks.
Definition cms.h:41

cms_participant::chain
struct x509_chain * chain
Certificate chain.
Definition cms.h:43

image
An executable image.
Definition image.h:24

image::name
char * name
Name.
Definition image.h:38

syslog.h
System logger.

syslog
#define syslog(priority, fmt,...)
Write message to system log.
Definition syslog.h:94

create_validator
int create_validator(struct interface *job, struct x509_chain *chain, struct x509_root *root)
Instantiate a certificate validator.
Definition validator.c:760

validator.h
Certificate validator.