1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/modules/libmar/verify/mar_verify.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,515 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +#ifdef XP_WIN
1.9 +#ifndef WIN32_LEAN_AND_MEAN
1.10 +#define WIN32_LEAN_AND_MEAN
1.11 +#endif
1.12 +#endif
1.13 +
1.14 +#include <sys/types.h>
1.15 +#include <sys/stat.h>
1.16 +#include <fcntl.h>
1.17 +#include <stdlib.h>
1.18 +#include <string.h>
1.19 +#include "mar_private.h"
1.20 +#include "mar.h"
1.21 +#include "cryptox.h"
1.22 +
1.23 +int mar_extract_and_verify_signatures_fp(FILE *fp,
1.24 + CryptoX_ProviderHandle provider,
1.25 + CryptoX_PublicKey *keys,
1.26 + uint32_t keyCount);
1.27 +int mar_verify_signatures_for_fp(FILE *fp,
1.28 + CryptoX_ProviderHandle provider,
1.29 + CryptoX_PublicKey *keys,
1.30 + const uint8_t * const *extractedSignatures,
1.31 + uint32_t keyCount,
1.32 + uint32_t *numVerified);
1.33 +
1.34 +/**
1.35 + * Reads the specified number of bytes from the file pointer and
1.36 + * stores them in the passed buffer.
1.37 + *
1.38 + * @param fp The file pointer to read from.
1.39 + * @param buffer The buffer to store the read results.
1.40 + * @param size The number of bytes to read, buffer must be
1.41 + * at least of this size.
1.42 + * @param ctxs Pointer to the first element in an array of verify context.
1.43 + * @param count The number of elements in ctxs
1.44 + * @param err The name of what is being written to in case of error.
1.45 + * @return 0 on success
1.46 + * -1 on read error
1.47 + * -2 on verify update error
1.48 +*/
1.49 +int
1.50 +ReadAndUpdateVerifyContext(FILE *fp,
1.51 + void *buffer,
1.52 + uint32_t size,
1.53 + CryptoX_SignatureHandle *ctxs,
1.54 + uint32_t count,
1.55 + const char *err)
1.56 +{
1.57 + uint32_t k;
1.58 + if (!fp || !buffer || !ctxs || count == 0 || !err) {
1.59 + fprintf(stderr, "ERROR: Invalid parameter specified.\n");
1.60 + return CryptoX_Error;
1.61 + }
1.62 +
1.63 + if (!size) {
1.64 + return CryptoX_Success;
1.65 + }
1.66 +
1.67 + if (fread(buffer, size, 1, fp) != 1) {
1.68 + fprintf(stderr, "ERROR: Could not read %s\n", err);
1.69 + return CryptoX_Error;
1.70 + }
1.71 +
1.72 + for (k = 0; k < count; k++) {
1.73 + if (CryptoX_Failed(CryptoX_VerifyUpdate(&ctxs[k], buffer, size))) {
1.74 + fprintf(stderr, "ERROR: Could not update verify context for %s\n", err);
1.75 + return -2;
1.76 + }
1.77 + }
1.78 + return CryptoX_Success;
1.79 +}
1.80 +
1.81 +/**
1.82 + * Verifies a MAR file by verifying each signature with the corresponding
1.83 + * certificate. That is, the first signature will be verified using the first
1.84 + * certificate given, the second signature will be verified using the second
1.85 + * certificate given, etc. The signature count must exactly match the number of
1.86 + * certificates given, and all signature verifications must succeed.
1.87 + * This is only used by the signmar program when used with arguments to verify
1.88 + * a MAR. This should not be used to verify a MAR that will be extracted in the
1.89 + * same operation by updater code. This function prints the error message if
1.90 + * verification fails.
1.91 + *
1.92 + * @param pathToMARFile The path of the MAR file to verify.
1.93 + * @param certData Pointer to the first element in an array of certificate
1.94 + * file data.
1.95 + * @param certDataSizes Pointer to the first element in an array for size of the
1.96 + * cert data.
1.97 + * @param certNames Pointer to the first element in an array of certificate names.
1.98 + * Used only if compiled as NSS, specifies the certificate names
1.99 + * @param certCount The number of elements in certData, certDataSizes, and certNames
1.100 + * @return 0 on success
1.101 + * a negative number if there was an error
1.102 + * a positive number if the signature does not verify
1.103 + */
1.104 +int
1.105 +mar_verify_signatures(const char *pathToMARFile,
1.106 + const uint8_t * const *certData,
1.107 + const uint32_t *certDataSizes,
1.108 + const char * const *certNames,
1.109 + uint32_t certCount) {
1.110 + int rv;
1.111 + CryptoX_ProviderHandle provider = CryptoX_InvalidHandleValue;
1.112 + CryptoX_Certificate certs[MAX_SIGNATURES];
1.113 + CryptoX_PublicKey keys[MAX_SIGNATURES];
1.114 + FILE *fp;
1.115 + uint32_t k;
1.116 +
1.117 + memset(certs, 0, sizeof(certs));
1.118 + memset(keys, 0, sizeof(keys));
1.119 +
1.120 + if (!pathToMARFile || certCount == 0) {
1.121 + fprintf(stderr, "ERROR: Invalid parameter specified.\n");
1.122 + return CryptoX_Error;
1.123 + }
1.124 +
1.125 + fp = fopen(pathToMARFile, "rb");
1.126 + if (!fp) {
1.127 + fprintf(stderr, "ERROR: Could not open MAR file.\n");
1.128 + return CryptoX_Error;
1.129 + }
1.130 +
1.131 + if (CryptoX_Failed(CryptoX_InitCryptoProvider(&provider))) {
1.132 + fclose(fp);
1.133 + fprintf(stderr, "ERROR: Could not init crytpo library.\n");
1.134 + return CryptoX_Error;
1.135 + }
1.136 +
1.137 + /* Load the certs and keys */
1.138 + for (k = 0; k < certCount; k++) {
1.139 + if (CryptoX_Failed(CryptoX_LoadPublicKey(provider, certData[k], certDataSizes[k],
1.140 + &keys[k], certNames[k], &certs[k]))) {
1.141 + fclose(fp);
1.142 + fprintf(stderr, "ERROR: Could not load public key.\n");
1.143 + return CryptoX_Error;
1.144 + }
1.145 + }
1.146 +
1.147 + rv = mar_extract_and_verify_signatures_fp(fp, provider, keys, certCount);
1.148 + fclose(fp);
1.149 +
1.150 + /* Cleanup the allocated keys and certs */
1.151 + for (k = 0; k < certCount; k++) {
1.152 + if (keys[k]) {
1.153 + CryptoX_FreePublicKey(&keys[k]);
1.154 + }
1.155 +
1.156 + if (certs[k]) {
1.157 + CryptoX_FreeCertificate(&certs[k]);
1.158 + }
1.159 + }
1.160 + return rv;
1.161 +}
1.162 +
1.163 +#ifdef XP_WIN
1.164 +/**
1.165 + * Verifies a MAR file by verifying each signature with the corresponding
1.166 + * certificate. That is, the first signature will be verified using the first
1.167 + * certificate given, the second signature will be verified using the second
1.168 + * certificate given, etc. The signature count must exactly match the number of
1.169 + * certificates given, and all signature verifications must succeed.
1.170 + *
1.171 + * @param pathToMARFile The path of the MAR file who's signature
1.172 + * should be calculated
1.173 + * @param certData Pointer to the first element in an array of
1.174 + * certificate data
1.175 + * @param certDataSizes Pointer to the first element in an array for size of
1.176 + * the data stored
1.177 + * @param certCount The number of elements in certData and certDataSizes
1.178 + * @return 0 on success
1.179 +*/
1.180 +int
1.181 +mar_verify_signaturesW(MarFile *mar,
1.182 + const uint8_t * const *certData,
1.183 + const uint32_t *certDataSizes,
1.184 + uint32_t certCount) {
1.185 + int rv = -1;
1.186 + CryptoX_ProviderHandle provider = CryptoX_InvalidHandleValue;
1.187 + CryptoX_Certificate certs[MAX_SIGNATURES];
1.188 + CryptoX_PublicKey keys[MAX_SIGNATURES];
1.189 + uint32_t k;
1.190 +
1.191 + memset(certs, 0, sizeof(certs));
1.192 + memset(keys, 0, sizeof(keys));
1.193 +
1.194 + if (!mar || !certData || !certDataSizes || certCount == 0) {
1.195 + fprintf(stderr, "ERROR: Invalid parameter specified.\n");
1.196 + goto failure;
1.197 + }
1.198 +
1.199 + if (!mar->fp) {
1.200 + fprintf(stderr, "ERROR: MAR file is not open.\n");
1.201 + goto failure;
1.202 + }
1.203 +
1.204 + if (CryptoX_Failed(CryptoX_InitCryptoProvider(&provider))) {
1.205 + fprintf(stderr, "ERROR: Could not init crytpo library.\n");
1.206 + goto failure;
1.207 + }
1.208 +
1.209 + for (k = 0; k < certCount; ++k) {
1.210 + if (CryptoX_Failed(CryptoX_LoadPublicKey(provider, certData[k], certDataSizes[k],
1.211 + &keys[k], "", &certs[k]))) {
1.212 + fprintf(stderr, "ERROR: Could not load public key.\n");
1.213 + goto failure;
1.214 + }
1.215 + }
1.216 +
1.217 + rv = mar_extract_and_verify_signatures_fp(mar->fp, provider, keys, certCount);
1.218 +
1.219 +failure:
1.220 +
1.221 + for (k = 0; k < certCount; ++k) {
1.222 + if (keys[k]) {
1.223 + CryptoX_FreePublicKey(&keys[k]);
1.224 + }
1.225 +
1.226 + if (certs[k]) {
1.227 + CryptoX_FreeCertificate(&certs[k]);
1.228 + }
1.229 + }
1.230 +
1.231 + return rv;
1.232 +}
1.233 +#endif
1.234 +
1.235 +/**
1.236 + * Extracts each signature from the specified MAR file,
1.237 + * then calls mar_verify_signatures_for_fp to verify each signature.
1.238 + *
1.239 + * @param fp An opened MAR file handle
1.240 + * @param provider A library provider
1.241 + * @param keys The public keys to use to verify the MAR
1.242 + * @param keyCount The number of keys pointed to by keys
1.243 + * @return 0 on success
1.244 +*/
1.245 +int
1.246 +mar_extract_and_verify_signatures_fp(FILE *fp,
1.247 + CryptoX_ProviderHandle provider,
1.248 + CryptoX_PublicKey *keys,
1.249 + uint32_t keyCount) {
1.250 + char buf[5] = {0};
1.251 + uint32_t signatureCount, signatureLen, numVerified = 0;
1.252 + uint32_t signatureAlgorithmIDs[MAX_SIGNATURES];
1.253 + int rv = -1;
1.254 + int64_t curPos;
1.255 + uint8_t *extractedSignatures[MAX_SIGNATURES];
1.256 + uint32_t i;
1.257 +
1.258 + memset(signatureAlgorithmIDs, 0, sizeof(signatureAlgorithmIDs));
1.259 + memset(extractedSignatures, 0, sizeof(extractedSignatures));
1.260 +
1.261 + if (!fp) {
1.262 + fprintf(stderr, "ERROR: Invalid file pointer passed.\n");
1.263 + return CryptoX_Error;
1.264 + }
1.265 +
1.266 + /* To protect against invalid MAR files, we assumes that the MAR file
1.267 + size is less than or equal to MAX_SIZE_OF_MAR_FILE. */
1.268 + if (fseeko(fp, 0, SEEK_END)) {
1.269 + fprintf(stderr, "ERROR: Could not seek to the end of the MAR file.\n");
1.270 + return CryptoX_Error;
1.271 + }
1.272 + if (ftello(fp) > MAX_SIZE_OF_MAR_FILE) {
1.273 + fprintf(stderr, "ERROR: MAR file is too large to be verified.\n");
1.274 + return CryptoX_Error;
1.275 + }
1.276 +
1.277 + /* Skip to the start of the signature block */
1.278 + if (fseeko(fp, SIGNATURE_BLOCK_OFFSET, SEEK_SET)) {
1.279 + fprintf(stderr, "ERROR: Could not seek to the signature block.\n");
1.280 + return CryptoX_Error;
1.281 + }
1.282 +
1.283 + /* Get the number of signatures */
1.284 + if (fread(&signatureCount, sizeof(signatureCount), 1, fp) != 1) {
1.285 + fprintf(stderr, "ERROR: Could not read number of signatures.\n");
1.286 + return CryptoX_Error;
1.287 + }
1.288 + signatureCount = ntohl(signatureCount);
1.289 +
1.290 + /* Check that we have less than the max amount of signatures so we don't
1.291 + waste too much of either updater's or signmar's time. */
1.292 + if (signatureCount > MAX_SIGNATURES) {
1.293 + fprintf(stderr, "ERROR: At most %d signatures can be specified.\n",
1.294 + MAX_SIGNATURES);
1.295 + return CryptoX_Error;
1.296 + }
1.297 +
1.298 + for (i = 0; i < signatureCount; i++) {
1.299 + /* Get the signature algorithm ID */
1.300 + if (fread(&signatureAlgorithmIDs[i], sizeof(uint32_t), 1, fp) != 1) {
1.301 + fprintf(stderr, "ERROR: Could not read signatures algorithm ID.\n");
1.302 + return CryptoX_Error;
1.303 + }
1.304 + signatureAlgorithmIDs[i] = ntohl(signatureAlgorithmIDs[i]);
1.305 +
1.306 + if (fread(&signatureLen, sizeof(uint32_t), 1, fp) != 1) {
1.307 + fprintf(stderr, "ERROR: Could not read signatures length.\n");
1.308 + return CryptoX_Error;
1.309 + }
1.310 + signatureLen = ntohl(signatureLen);
1.311 +
1.312 + /* To protected against invalid input make sure the signature length
1.313 + isn't too big. */
1.314 + if (signatureLen > MAX_SIGNATURE_LENGTH) {
1.315 + fprintf(stderr, "ERROR: Signature length is too large to verify.\n");
1.316 + return CryptoX_Error;
1.317 + }
1.318 +
1.319 + extractedSignatures[i] = malloc(signatureLen);
1.320 + if (!extractedSignatures[i]) {
1.321 + fprintf(stderr, "ERROR: Could allocate buffer for signature.\n");
1.322 + return CryptoX_Error;
1.323 + }
1.324 + if (fread(extractedSignatures[i], signatureLen, 1, fp) != 1) {
1.325 + fprintf(stderr, "ERROR: Could not read extracted signature.\n");
1.326 + for (i = 0; i < signatureCount; ++i) {
1.327 + free(extractedSignatures[i]);
1.328 + }
1.329 + return CryptoX_Error;
1.330 + }
1.331 +
1.332 + /* We don't try to verify signatures we don't know about */
1.333 + if (signatureAlgorithmIDs[i] != 1) {
1.334 + fprintf(stderr, "ERROR: Unknown signature algorithm ID.\n");
1.335 + for (i = 0; i < signatureCount; ++i) {
1.336 + free(extractedSignatures[i]);
1.337 + }
1.338 + return CryptoX_Error;
1.339 + }
1.340 + }
1.341 +
1.342 + curPos = ftello(fp);
1.343 + rv = mar_verify_signatures_for_fp(fp,
1.344 + provider,
1.345 + keys,
1.346 + (const uint8_t * const *)extractedSignatures,
1.347 + signatureCount,
1.348 + &numVerified);
1.349 + for (i = 0; i < signatureCount; ++i) {
1.350 + free(extractedSignatures[i]);
1.351 + }
1.352 +
1.353 + /* If we reached here and we verified every
1.354 + signature, return success. */
1.355 + if (numVerified == signatureCount && keyCount == numVerified) {
1.356 + return CryptoX_Success;
1.357 + }
1.358 +
1.359 + if (numVerified == 0) {
1.360 + fprintf(stderr, "ERROR: Not all signatures were verified.\n");
1.361 + } else {
1.362 + fprintf(stderr, "ERROR: Only %d of %d signatures were verified.\n",
1.363 + numVerified, signatureCount);
1.364 + }
1.365 + return CryptoX_Error;
1.366 +}
1.367 +
1.368 +/**
1.369 + * Verifies a MAR file by verifying each signature with the corresponding
1.370 + * certificate. That is, the first signature will be verified using the first
1.371 + * certificate given, the second signature will be verified using the second
1.372 + * certificate given, etc. The signature count must exactly match the number of
1.373 + * certificates given, and all signature verifications must succeed.
1.374 + *
1.375 + * @param fp An opened MAR file handle
1.376 + * @param provider A library provider
1.377 + * @param keys A pointer to the first element in an
1.378 + * array of keys.
1.379 + * @param extractedSignatures Pointer to the first element in an array
1.380 + * of extracted signatures.
1.381 + * @param signatureCount The number of signatures in the MAR file
1.382 + * @param numVerified Out parameter which will be filled with
1.383 + * the number of verified signatures.
1.384 + * This information can be useful for printing
1.385 + * error messages.
1.386 + * @return 0 on success, *numVerified == signatureCount.
1.387 +*/
1.388 +int
1.389 +mar_verify_signatures_for_fp(FILE *fp,
1.390 + CryptoX_ProviderHandle provider,
1.391 + CryptoX_PublicKey *keys,
1.392 + const uint8_t * const *extractedSignatures,
1.393 + uint32_t signatureCount,
1.394 + uint32_t *numVerified)
1.395 +{
1.396 + CryptoX_SignatureHandle signatureHandles[MAX_SIGNATURES];
1.397 + char buf[BLOCKSIZE];
1.398 + uint32_t signatureLengths[MAX_SIGNATURES];
1.399 + uint32_t i;
1.400 + int rv = CryptoX_Error;
1.401 +
1.402 + memset(signatureHandles, 0, sizeof(signatureHandles));
1.403 + memset(signatureLengths, 0, sizeof(signatureLengths));
1.404 +
1.405 + if (!extractedSignatures || !numVerified) {
1.406 + fprintf(stderr, "ERROR: Invalid parameter specified.\n");
1.407 + goto failure;
1.408 + }
1.409 +
1.410 + *numVerified = 0;
1.411 +
1.412 + /* This function is only called when we have at least one signature,
1.413 + but to protected against future people who call this function we
1.414 + make sure a non zero value is passed in.
1.415 + */
1.416 + if (!signatureCount) {
1.417 + fprintf(stderr, "ERROR: There must be at least one signature.\n");
1.418 + goto failure;
1.419 + }
1.420 +
1.421 + for (i = 0; i < signatureCount; i++) {
1.422 + if (CryptoX_Failed(CryptoX_VerifyBegin(provider,
1.423 + &signatureHandles[i], &keys[i]))) {
1.424 + fprintf(stderr, "ERROR: Could not initialize signature handle.\n");
1.425 + goto failure;
1.426 + }
1.427 + }
1.428 +
1.429 + /* Skip to the start of the file */
1.430 + if (fseeko(fp, 0, SEEK_SET)) {
1.431 + fprintf(stderr, "ERROR: Could not seek to start of the file\n");
1.432 + goto failure;
1.433 + }
1.434 +
1.435 + /* Bytes 0-3: MAR1
1.436 + Bytes 4-7: index offset
1.437 + Bytes 8-15: size of entire MAR
1.438 + */
1.439 + if (CryptoX_Failed(ReadAndUpdateVerifyContext(fp, buf,
1.440 + SIGNATURE_BLOCK_OFFSET +
1.441 + sizeof(uint32_t),
1.442 + signatureHandles,
1.443 + signatureCount,
1.444 + "signature block"))) {
1.445 + goto failure;
1.446 + }
1.447 +
1.448 + /* Read the signature block */
1.449 + for (i = 0; i < signatureCount; i++) {
1.450 + /* Get the signature algorithm ID */
1.451 + if (CryptoX_Failed(ReadAndUpdateVerifyContext(fp,
1.452 + &buf,
1.453 + sizeof(uint32_t),
1.454 + signatureHandles,
1.455 + signatureCount,
1.456 + "signature algorithm ID"))) {
1.457 + goto failure;
1.458 + }
1.459 +
1.460 + if (CryptoX_Failed(ReadAndUpdateVerifyContext(fp,
1.461 + &signatureLengths[i],
1.462 + sizeof(uint32_t),
1.463 + signatureHandles,
1.464 + signatureCount,
1.465 + "signature length"))) {
1.466 + goto failure;
1.467 + }
1.468 + signatureLengths[i] = ntohl(signatureLengths[i]);
1.469 + if (signatureLengths[i] > MAX_SIGNATURE_LENGTH) {
1.470 + fprintf(stderr, "ERROR: Embedded signature length is too large.\n");
1.471 + goto failure;
1.472 + }
1.473 +
1.474 + /* Skip past the signature itself as those are not included */
1.475 + if (fseeko(fp, signatureLengths[i], SEEK_CUR)) {
1.476 + fprintf(stderr, "ERROR: Could not seek past signature.\n");
1.477 + goto failure;
1.478 + }
1.479 + }
1.480 +
1.481 + /* Read the rest of the file after the signature block */
1.482 + while (!feof(fp)) {
1.483 + int numRead = fread(buf, 1, BLOCKSIZE , fp);
1.484 + if (ferror(fp)) {
1.485 + fprintf(stderr, "ERROR: Error reading data block.\n");
1.486 + goto failure;
1.487 + }
1.488 +
1.489 + for (i = 0; i < signatureCount; i++) {
1.490 + if (CryptoX_Failed(CryptoX_VerifyUpdate(&signatureHandles[i],
1.491 + buf, numRead))) {
1.492 + fprintf(stderr, "ERROR: Error updating verify context with"
1.493 + " data block.\n");
1.494 + goto failure;
1.495 + }
1.496 + }
1.497 + }
1.498 +
1.499 + /* Verify the signatures */
1.500 + for (i = 0; i < signatureCount; i++) {
1.501 + if (CryptoX_Failed(CryptoX_VerifySignature(&signatureHandles[i],
1.502 + &keys[i],
1.503 + extractedSignatures[i],
1.504 + signatureLengths[i]))) {
1.505 + fprintf(stderr, "ERROR: Error verifying signature.\n");
1.506 + goto failure;
1.507 + }
1.508 + ++*numVerified;
1.509 + }
1.510 +
1.511 + rv = CryptoX_Success;
1.512 +failure:
1.513 + for (i = 0; i < signatureCount; i++) {
1.514 + CryptoX_FreeSignatureHandle(&signatureHandles[i]);
1.515 + }
1.516 +
1.517 + return rv;
1.518 +}
