1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3  * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
4  * All rights reserved.
5  ******************************************************************************/
6 
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10 
11 #include <stdlib.h>
12 #include <errno.h>
13 #include <unistd.h>
14 #include <errno.h>
15 #include <string.h>
16 
17 #include "tss2_fapi.h"
18 #include "fapi_crypto.h"
19 #include "fapi_int.h"
20 #include "fapi_util.h"
21 #include "tss2_esys.h"
22 #define LOGMODULE fapi
23 #include "util/log.h"
24 #include "util/aux_util.h"
25 
26 /** One-Call function for Fapi_VerifySignature
27  *
28  * Verifies a signature using a public key found in a keyPath.
29  *
30  * @param[in,out] context The FAPI_CONTEXT
31  * @param[in] keyPath The path to the verification public key
32  * @param[in] digest The that was signed. Must be already hashed
33  * @param[in] digestSize the size of digest in bytes
34  * @param[in] signature The signature to be verified
35  * @param[in] signatureSize The size of signature in bytes
36  *
37  * @retval TSS2_RC_SUCCESS: if the function call was a success.
38  * @retval TSS2_FAPI_RC_BAD_REFERENCE: if context, keyPath, signature, or
39  *         digest is NULL.
40  * @retval TSS2_FAPI_RC_BAD_CONTEXT: if context corruption is detected.
41  * @retval TSS2_FAPI_RC_KEY_NOT_FOUND: if keyPath does not map to a FAPI object.
42  * @retval TSS2_FAPI_RC_BAD_KEY: if the object at publicKeyPath is not a key, or
43  *         is a key that is unsuitable for the requested operation.
44  * @retval TSS2_FAPI_RC_BAD_VALUE: if signature is invalid (has the wrong format)
45  *         or if digestSize is zero.
46  * @retval TSS2_FAPI_RC_SIGNATURE_VERIFICATION_FAILED: if the signature fails to
47  *         verify.
48  * @retval TSS2_FAPI_RC_BAD_SEQUENCE: if the context has an asynchronous
49  *         operation already pending.
50  * @retval TSS2_FAPI_RC_IO_ERROR: if the data cannot be saved.
51  * @retval TSS2_FAPI_RC_MEMORY: if the FAPI cannot allocate enough memory for
52  *         internal operations or return parameters.
53  * @retval TSS2_FAPI_RC_PATH_NOT_FOUND if a FAPI object path was not found
54  *         during authorization.
55  * @retval TSS2_FAPI_RC_TRY_AGAIN if an I/O operation is not finished yet and
56  *         this function needs to be called again.
57  * @retval TSS2_FAPI_RC_GENERAL_FAILURE if an internal error occurred.
58  * @retval TSS2_FAPI_RC_NOT_PROVISIONED FAPI was not provisioned.
59  * @retval TSS2_FAPI_RC_BAD_PATH if the path is used in inappropriate context
60  *         or contains illegal characters.
61  */
62 TSS2_RC
Fapi_VerifySignature(FAPI_CONTEXT * context,char const * keyPath,uint8_t const * digest,size_t digestSize,uint8_t const * signature,size_t signatureSize)63 Fapi_VerifySignature(
64     FAPI_CONTEXT  *context,
65     char    const *keyPath,
66     uint8_t const *digest,
67     size_t         digestSize,
68     uint8_t const *signature,
69     size_t         signatureSize)
70 {
71     LOG_TRACE("called for context:%p", context);
72 
73     TSS2_RC r;
74 
75     /* Check for NULL parameters */
76     check_not_null(context);
77     check_not_null(keyPath);
78     check_not_null(digest);
79     check_not_null(signature);
80 
81     r = Fapi_VerifySignature_Async(context, keyPath, digest, digestSize,
82                                    signature, signatureSize);
83     return_if_error_reset_state(r, "Key_VerifySignature");
84 
85     do {
86         /* We wait for file I/O to be ready if the FAPI state automata
87            are in a file I/O state. */
88         r = ifapi_io_poll(&context->io);
89         return_if_error(r, "Something went wrong with IO polling");
90 
91         /* Repeatedly call the finish function, until FAPI has transitioned
92            through all execution stages / states of this invocation. */
93         r = Fapi_VerifySignature_Finish(context);
94     } while (base_rc(r) == TSS2_BASE_RC_TRY_AGAIN);
95 
96     return_if_error_reset_state(r, "Key_VerifySignature");
97 
98     LOG_TRACE("finished");
99     return TSS2_RC_SUCCESS;
100 }
101 
102 /** Asynchronous function for Fapi_VerifySignature
103  *
104  * Verifies a signature using a public key found in a keyPath.
105  *
106  * Call Fapi_VerifySignature_Finish to finish the execution of this command.
107  *
108  * @param[in,out] context The FAPI_CONTEXT
109  * @param[in] keyPath The path to the verification public key
110  * @param[in] digest The that was signed. Must be already hashed
111  * @param[in] digestSize the size of digest in bytes
112  * @param[in] signature The signature to be verified
113  * @param[in] signatureSize The size of signature in bytes
114  *
115  * @retval TSS2_RC_SUCCESS: if the function call was a success.
116  * @retval TSS2_FAPI_RC_BAD_REFERENCE: if context, keyPath, signature, or
117  *         digest is NULL.
118  * @retval TSS2_FAPI_RC_BAD_CONTEXT: if context corruption is detected.
119  * @retval TSS2_FAPI_RC_KEY_NOT_FOUND: if keyPath does not map to a FAPI object.
120  * @retval TSS2_FAPI_RC_BAD_KEY: if the object at publicKeyPath is not a key, or
121  *         is a key that is unsuitable for the requested operation.
122  * @retval TSS2_FAPI_RC_BAD_VALUE: if signature is invalid (has the wrong format)
123  *         or if digestSize is zero.
124  * @retval TSS2_FAPI_RC_SIGNATURE_VERIFICATION_FAILED: if the signature fails to
125  *         verify.
126  * @retval TSS2_FAPI_RC_BAD_SEQUENCE: if the context has an asynchronous
127  *         operation already pending.
128  * @retval TSS2_FAPI_RC_IO_ERROR: if the data cannot be saved.
129  * @retval TSS2_FAPI_RC_MEMORY: if the FAPI cannot allocate enough memory for
130  *         internal operations or return parameters.
131  * @retval TSS2_FAPI_RC_PATH_NOT_FOUND if a FAPI object path was not found
132  *         during authorization.
133  * @retval TSS2_FAPI_RC_NOT_PROVISIONED FAPI was not provisioned.
134  * @retval TSS2_FAPI_RC_BAD_PATH if the path is used in inappropriate context
135  *         or contains illegal characters.
136  */
137 TSS2_RC
Fapi_VerifySignature_Async(FAPI_CONTEXT * context,char const * keyPath,uint8_t const * digest,size_t digestSize,uint8_t const * signature,size_t signatureSize)138 Fapi_VerifySignature_Async(
139     FAPI_CONTEXT  *context,
140     char    const *keyPath,
141     uint8_t const *digest,
142     size_t         digestSize,
143     uint8_t const *signature,
144     size_t         signatureSize)
145 {
146     LOG_TRACE("called for context:%p", context);
147     LOG_TRACE("keyPath: %s", keyPath);
148     if (digest) {
149         LOGBLOB_TRACE(digest, digestSize, "digest");
150     } else {
151         LOG_TRACE("digset: (null) digestSize: %zi", digestSize);
152     }
153     if (signature) {
154         LOGBLOB_TRACE(signature, signatureSize, "signature");
155     } else {
156         LOG_TRACE("signature: (null) sigantureSize: %zi", signatureSize);
157     }
158 
159     TSS2_RC r;
160 
161     /* Check for NULL parameters */
162     check_not_null(context);
163     check_not_null(keyPath);
164     check_not_null(digest);
165     check_not_null(signature);
166 
167     /* Helpful alias pointers */
168     IFAPI_Key_VerifySignature * command = &context->cmd.Key_VerifySignature;
169 
170     r = ifapi_non_tpm_mode_init(context);
171     return_if_error(r, "Initialize VerifySignature");
172 
173     /* Copy parameters to context for use during _Finish. */
174     uint8_t * signatureBuffer = malloc(signatureSize);
175     uint8_t * digestBuffer = malloc(digestSize);
176     goto_if_null2(signatureBuffer, "Out of memory", r, TSS2_FAPI_RC_MEMORY,
177             error_cleanup);
178     goto_if_null2(digestBuffer, "Out of memory", r, TSS2_FAPI_RC_MEMORY,
179             error_cleanup);
180     memcpy(signatureBuffer, signature, signatureSize);
181     memcpy(digestBuffer, digest, digestSize);
182     command->signature = signatureBuffer;
183     command->digest = digestBuffer;
184     command->signatureSize = signatureSize;
185     command->digestSize = digestSize;
186     memset(&command->key_object, 0, sizeof(IFAPI_OBJECT));
187 
188     /* Load the key for verification from the keystore. */
189     r = ifapi_keystore_load_async(&context->keystore, &context->io, keyPath);
190     goto_if_error2(r, "Could not open: %s", error_cleanup, keyPath);
191 
192     /* Initialize the context state for this operation. */
193     LOG_TRACE("finished");
194     return TSS2_RC_SUCCESS;
195 
196 error_cleanup:
197     /* Cleanup duplicated input parameters that were copied before. */
198     SAFE_FREE(signatureBuffer);
199     command->signature = NULL;
200     SAFE_FREE(digestBuffer);
201     command->digest = NULL;
202     return r;
203 }
204 
205 /** Asynchronous finish function for Fapi_VerifySignature
206  *
207  * This function should be called after a previous Fapi_VerifySignature_Async.
208  *
209  * @param[in,out] context The FAPI_CONTEXT
210  *
211  * @retval TSS2_RC_SUCCESS: if the function call was a success.
212  * @retval TSS2_FAPI_RC_BAD_REFERENCE: if context is NULL.
213  * @retval TSS2_FAPI_RC_BAD_CONTEXT: if context corruption is detected.
214  * @retval TSS2_FAPI_RC_BAD_SEQUENCE: if the context has an asynchronous
215  *         operation already pending.
216  * @retval TSS2_FAPI_RC_IO_ERROR: if the data cannot be saved.
217  * @retval TSS2_FAPI_RC_MEMORY: if the FAPI cannot allocate enough memory for
218  *         internal operations or return parameters.
219  * @retval TSS2_FAPI_RC_TRY_AGAIN: if the asynchronous operation is not yet
220  *         complete. Call this function again later.
221  * @retval TSS2_FAPI_RC_GENERAL_FAILURE if an internal error occurred.
222  * @retval TSS2_FAPI_RC_BAD_VALUE if an invalid value was passed into
223  *         the function.
224  * @retval TSS2_FAPI_RC_SIGNATURE_VERIFICATION_FAILED if the signature could not
225  *         be verified
226  */
227 TSS2_RC
Fapi_VerifySignature_Finish(FAPI_CONTEXT * context)228 Fapi_VerifySignature_Finish(
229     FAPI_CONTEXT  *context)
230 {
231     LOG_TRACE("called for context:%p", context);
232 
233     TSS2_RC r;
234 
235     /* Check for NULL parameters */
236     check_not_null(context);
237 
238     /* Helpful alias pointers */
239     IFAPI_Key_VerifySignature * command = &context->cmd.Key_VerifySignature;
240 
241     r = ifapi_keystore_load_finish(&context->keystore, &context->io,
242                                    &command->key_object);
243     return_try_again(r);
244     return_if_error_reset_state(r, "read_finish failed");
245 
246     /* Verify the signature using a helper that tests all known signature schemes. */
247     r = ifapi_verify_signature(&command->key_object, command->signature,
248            command->signatureSize, command->digest, command->digestSize);
249     goto_if_error(r, "Verify signature.", cleanup);
250 
251 cleanup:
252     /* Cleanup any intermediate results and state stored in the context. */
253     if (command->key_object.objectType)
254         ifapi_cleanup_ifapi_object(&command->key_object);
255     ifapi_cleanup_ifapi_object(&context->loadKey.auth_object);
256     ifapi_cleanup_ifapi_object(context->loadKey.key_object);
257     ifapi_cleanup_ifapi_object(&context->createPrimary.pkey_object);
258     SAFE_FREE(command->signature);
259     SAFE_FREE(command->digest);
260     LOG_TRACE("finished");
261     return r;
262 }
263