Expand asn1_encode_integer() to variable size integers, meaning that it will get a blob in big-endian format as integer and length of the blob as parameters. This is required in order to encode RSA public key modulus. Signed-off-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx> --- v3: * Fix off-by-one in indices when returning zero: https://lore.kernel.org/linux-integrity/SN7PR18MB5314CFBD18B011F292809EBFE3EA2@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/ --- include/linux/asn1_encoder.h | 3 +- lib/asn1_encoder.c | 185 ++++++++++++---------- security/keys/trusted-keys/trusted_tpm2.c | 4 +- 3 files changed, 103 insertions(+), 89 deletions(-) diff --git a/include/linux/asn1_encoder.h b/include/linux/asn1_encoder.h index 08cd0c2ad34f..ad5fb18db9e2 100644 --- a/include/linux/asn1_encoder.h +++ b/include/linux/asn1_encoder.h @@ -9,9 +9,10 @@ #include <linux/bug.h> #define asn1_oid_len(oid) (sizeof(oid)/sizeof(u32)) + unsigned char * asn1_encode_integer(unsigned char *data, const unsigned char *end_data, - s64 integer); + const u8 *integer, int integer_len); unsigned char * asn1_encode_oid(unsigned char *data, const unsigned char *end_data, u32 oid[], int oid_len); diff --git a/lib/asn1_encoder.c b/lib/asn1_encoder.c index 0fd3c454a468..266e8042742e 100644 --- a/lib/asn1_encoder.c +++ b/lib/asn1_encoder.c @@ -9,12 +9,78 @@ #include <linux/bug.h> #include <linux/string.h> #include <linux/module.h> +#include <linux/slab.h> + +/** + * asn1_encode_length() - encode a length to follow an ASN.1 tag + * @data: pointer to encode at + * @data_len: pointer to remaining length (adjusted by routine) + * @len: length to encode + * + * This routine can encode lengths up to 65535 using the ASN.1 rules. + * It will accept a negative length and place a zero length tag + * instead (to keep the ASN.1 valid). This convention allows other + * encoder primitives to accept negative lengths as singalling the + * sequence will be re-encoded when the length is known. + */ +static int asn1_encode_length(unsigned char **data, int *data_len, int len) +{ + if (*data_len < 1) + return -EINVAL; + + if (len < 0) { + *((*data)++) = 0; + (*data_len)--; + return 0; + } + + if (len <= 0x7f) { + *((*data)++) = len; + (*data_len)--; + return 0; + } + + if (*data_len < 2) + return -EINVAL; + + if (len <= 0xff) { + *((*data)++) = 0x81; + *((*data)++) = len & 0xff; + *data_len -= 2; + return 0; + } + + if (*data_len < 3) + return -EINVAL; + + if (len <= 0xffff) { + *((*data)++) = 0x82; + *((*data)++) = (len >> 8) & 0xff; + *((*data)++) = len & 0xff; + *data_len -= 3; + return 0; + } + + if (WARN(len > 0xffffff, "ASN.1 length can't be > 0xffffff")) + return -EINVAL; + + if (*data_len < 4) + return -EINVAL; + *((*data)++) = 0x83; + *((*data)++) = (len >> 16) & 0xff; + *((*data)++) = (len >> 8) & 0xff; + *((*data)++) = len & 0xff; + *data_len -= 4; + + return 0; +} /** * asn1_encode_integer() - encode positive integer to ASN.1 - * @data: pointer to the pointer to the data - * @end_data: end of data pointer, points one beyond last usable byte in @data - * @integer: integer to be encoded + * @data: pointer to the pointer to the data + * @end_data: end of data pointer, points one beyond last usable byte in @data + * @integer: integer to be encoded + * @integer_len: length in bytes of the integer blob * * This is a simplified encoder: it only currently does * positive integers, but it should be simple enough to add the @@ -22,15 +88,17 @@ */ unsigned char * asn1_encode_integer(unsigned char *data, const unsigned char *end_data, - s64 integer) + const u8 *integer, int integer_len) { int data_len = end_data - data; - unsigned char *d = &data[2]; bool found = false; + unsigned char *d; + int encoded_len; + u8 *encoded; + int ret; int i; - if (WARN(integer < 0, - "BUG: integer encode only supports positive integers")) + if (WARN(!integer, "BUG: integer is null")) return ERR_PTR(-EINVAL); if (IS_ERR(data)) @@ -40,17 +108,22 @@ asn1_encode_integer(unsigned char *data, const unsigned char *end_data, if (data_len < 3) return ERR_PTR(-EINVAL); - /* remaining length where at d (the start of the integer encoding) */ - data_len -= 2; + (*data++) = _tag(UNIV, PRIM, INT); + data_len--; - data[0] = _tag(UNIV, PRIM, INT); - if (integer == 0) { - *d++ = 0; - goto out; + if (!memchr_inv(integer, 0, integer_len)) { + data[0] = 1; + data[1] = 0; + return &data[2]; } - for (i = sizeof(integer); i > 0 ; i--) { - int byte = integer >> (8 * (i - 1)); + encoded = kzalloc(integer_len, GFP_KERNEL); + if (!encoded) + return ERR_PTR(-ENOMEM); + d = encoded; + + for (i = 0; i < integer_len; i++) { + int byte = integer[i]; if (!found && byte == 0) continue; @@ -67,21 +140,23 @@ asn1_encode_integer(unsigned char *data, const unsigned char *end_data, * have len >= 1 */ *d++ = 0; - data_len--; } found = true; - if (data_len == 0) - return ERR_PTR(-EINVAL); - *d++ = byte; - data_len--; } - out: - data[1] = d - data - 2; + encoded_len = d - encoded; - return d; + ret = asn1_encode_length(&data, &data_len, encoded_len); + if (ret) { + kfree(encoded); + return ERR_PTR(ret); + } + + memcpy(data, encoded, encoded_len); + kfree(encoded); + return data + encoded_len; } EXPORT_SYMBOL_GPL(asn1_encode_integer); @@ -176,70 +251,6 @@ asn1_encode_oid(unsigned char *data, const unsigned char *end_data, } EXPORT_SYMBOL_GPL(asn1_encode_oid); -/** - * asn1_encode_length() - encode a length to follow an ASN.1 tag - * @data: pointer to encode at - * @data_len: pointer to remaining length (adjusted by routine) - * @len: length to encode - * - * This routine can encode lengths up to 65535 using the ASN.1 rules. - * It will accept a negative length and place a zero length tag - * instead (to keep the ASN.1 valid). This convention allows other - * encoder primitives to accept negative lengths as singalling the - * sequence will be re-encoded when the length is known. - */ -static int asn1_encode_length(unsigned char **data, int *data_len, int len) -{ - if (*data_len < 1) - return -EINVAL; - - if (len < 0) { - *((*data)++) = 0; - (*data_len)--; - return 0; - } - - if (len <= 0x7f) { - *((*data)++) = len; - (*data_len)--; - return 0; - } - - if (*data_len < 2) - return -EINVAL; - - if (len <= 0xff) { - *((*data)++) = 0x81; - *((*data)++) = len & 0xff; - *data_len -= 2; - return 0; - } - - if (*data_len < 3) - return -EINVAL; - - if (len <= 0xffff) { - *((*data)++) = 0x82; - *((*data)++) = (len >> 8) & 0xff; - *((*data)++) = len & 0xff; - *data_len -= 3; - return 0; - } - - if (WARN(len > 0xffffff, "ASN.1 length can't be > 0xffffff")) - return -EINVAL; - - if (*data_len < 4) - return -EINVAL; - *((*data)++) = 0x83; - *((*data)++) = (len >> 16) & 0xff; - *((*data)++) = (len >> 8) & 0xff; - *((*data)++) = len & 0xff; - *data_len -= 4; - - return 0; -} - /** * asn1_encode_tag() - add a tag for optional or explicit value * @data: pointer to place tag at diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index 8b7dd73d94c1..ec59f9389a2d 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -38,6 +38,7 @@ static int tpm2_key_encode(struct trusted_key_payload *payload, u8 *end_work = scratch + SCRATCH_SIZE; u8 *priv, *pub; u16 priv_len, pub_len; + u32 key_handle; int ret; priv_len = get_unaligned_be16(src) + 2; @@ -77,7 +78,8 @@ static int tpm2_key_encode(struct trusted_key_payload *payload, goto err; } - work = asn1_encode_integer(work, end_work, options->keyhandle); + key_handle = cpu_to_be32(options->keyhandle); + work = asn1_encode_integer(work, end_work, (u8 *)&key_handle, 4); work = asn1_encode_octet_string(work, end_work, pub, pub_len); work = asn1_encode_octet_string(work, end_work, priv, priv_len); -- 2.45.1