iPXE
privkey.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
3  *
4  * This program is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU General Public License as
6  * published by the Free Software Foundation; either version 2 of the
7  * License, or any later version.
8  *
9  * This program is distributed in the hope that it will be useful, but
10  * WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17  * 02110-1301, USA.
18  *
19  * You can also choose to distribute this program under the terms of
20  * the Unmodified Binary Distribution Licence (as given in the file
21  * COPYING.UBDL), provided that you have satisfied its requirements.
22  */
23 
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25 
26 #include <stdint.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <ipxe/dhcp.h>
30 #include <ipxe/settings.h>
31 #include <ipxe/x509.h>
32 #include <ipxe/privkey.h>
33 
34 /** @file
35  *
36  * Private key
37  *
38  * Life would in theory be easier if we could use a single file to
39  * hold both the certificate and corresponding private key.
40  * Unfortunately, the only common format which supports this is
41  * PKCS#12 (aka PFX), which is too ugly to be allowed anywhere near my
42  * codebase. See, for reference and amusement:
43  *
44  * http://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html
45  */
46 
47 /* Allow private key to be overridden if not explicitly specified */
48 #ifdef PRIVATE_KEY
49 #define ALLOW_KEY_OVERRIDE 0
50 #else
51 #define ALLOW_KEY_OVERRIDE 1
52 #endif
53 
54 /* Raw private key data */
55 extern char private_key_data[];
56 extern char private_key_len[];
57 __asm__ ( ".section \".rodata\", \"a\", " PROGBITS "\n\t"
58  "\nprivate_key_data:\n\t"
59 #ifdef PRIVATE_KEY
60  ".incbin \"" PRIVATE_KEY "\"\n\t"
61 #endif /* PRIVATE_KEY */
62  ".size private_key_data, ( . - private_key_data )\n\t"
63  ".equ private_key_len, ( . - private_key_data )\n\t"
64  ".previous\n\t" );
65 
66 /** Private key */
69  .builder = {
70  .data = private_key_data,
71  .len = ( ( size_t ) private_key_len ),
72  },
73 };
74 
75 /** Default private key */
78  .len = ( ( size_t ) private_key_len ),
79 };
80 
81 /** Private key setting */
82 static struct setting privkey_setting __setting ( SETTING_CRYPTO, privkey ) = {
83  .name = "privkey",
84  .description = "Private key",
85  .tag = DHCP_EB_KEY,
86  .type = &setting_type_hex,
87 };
88 
89 /**
90  * Free private key
91  *
92  * @v refcnt Reference counter
93  */
94 void privkey_free ( struct refcnt *refcnt ) {
95  struct private_key *key =
97 
98  free ( key->builder.data );
99  free ( key );
100 }
101 
102 /**
103  * Apply private key configuration settings
104  *
105  * @ret rc Return status code
106  */
107 static int privkey_apply_settings ( void ) {
108  static void *key_data = NULL;
109  int len;
110 
111  /* Allow private key to be overridden only if not explicitly
112  * specified at build time.
113  */
114  if ( ALLOW_KEY_OVERRIDE ) {
115 
116  /* Restore default private key */
118  sizeof ( private_key.builder ) );
119 
120  /* Fetch new private key, if any */
121  free ( key_data );
122  if ( ( len = fetch_raw_setting_copy ( NULL, &privkey_setting,
123  &key_data ) ) >= 0 ) {
124  private_key.builder.data = key_data;
126  }
127  }
128 
129  /* Debug */
130  if ( private_key.builder.len ) {
131  DBGC ( &private_key, "PRIVKEY using %s private key:\n",
132  ( key_data ? "external" : "built-in" ) );
135  } else {
136  DBGC ( &private_key, "PRIVKEY has no private key\n" );
137  }
138 
139  return 0;
140 }
141 
142 /** Private key settings applicator */
143 struct settings_applicator privkey_applicator __settings_applicator = {
145 };
void * data
Data.
Definition: asn1.h:35
Dynamic Host Configuration Protocol.
int fetch_raw_setting_copy(struct settings *settings, const struct setting *setting, void **data)
Fetch value of setting.
Definition: settings.c:821
__SIZE_TYPE__ size_t
Definition: stdint.h:6
char private_key_data[]
#define PROGBITS
Definition: compiler.h:61
const void * data
Start of data.
Definition: asn1.h:22
#define DBGC(...)
Definition: compiler.h:505
A settings applicator.
Definition: settings.h:251
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)
A reference counter.
Definition: refcnt.h:26
const char * name
Name.
Definition: settings.h:28
Private key.
void privkey_free(struct refcnt *refcnt)
Free private key.
Definition: privkey.c:94
struct asn1_builder builder
ASN.1 object builder.
Definition: privkey.h:20
void * memcpy(void *dest, const void *src, size_t len) __nonnull
struct settings_applicator privkey_applicator __settings_applicator
Private key settings applicator.
Definition: privkey.c:143
#define container_of(ptr, type, field)
Get containing structure.
Definition: stddef.h:35
char private_key_len[]
#define DBGC_HDA(...)
Definition: compiler.h:506
Configuration settings.
static struct asn1_cursor default_private_key
Default private key.
Definition: privkey.c:76
static void(* free)(struct refcnt *refcnt))
Definition: refcnt.h:54
static struct setting privkey_setting __setting(SETTING_CRYPTO, privkey)
Private key setting.
X.509 certificates.
A setting.
Definition: settings.h:23
#define ALLOW_KEY_OVERRIDE
Definition: privkey.c:51
__asm__(".section \".rodata\", \"a\", " PROGBITS "\n\t" "\nprivate_key_data:\n\t" ".size private_key_data, ( . - private_key_data )\n\t" ".equ private_key_len, ( . - private_key_data )\n\t" ".previous\n\t")
struct refcnt refcnt
Reference counter.
Definition: privkey.h:18
A private key.
Definition: privkey.h:16
#define REF_INIT(free_fn)
Initialise a static reference counter.
Definition: refcnt.h:77
int(* apply)(void)
Apply updated settings.
Definition: settings.h:256
#define DHCP_EB_KEY
Client private key.
Definition: dhcp.h:420
#define SETTING_CRYPTO
Cryptography settings.
Definition: settings.h:79
static int privkey_apply_settings(void)
Apply private key configuration settings.
Definition: privkey.c:107
uint32_t len
Length.
Definition: ena.h:14
void ref_no_free(struct refcnt *refcnt __unused)
Do not free reference-counted object.
Definition: refcnt.c:101
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321
size_t len
Length of data.
Definition: asn1.h:37
String functions.
An ASN.1 object cursor.
Definition: asn1.h:20
union @383 key
Sense key.
Definition: scsi.h:18