Hi Ilias, Thank you for reviewing the logic.
On Fri, Feb 04, 2022 at 09:32:01AM +0200, Ilias Apalodimas wrote: > The EFI spec allows for images to carry multiple signatures. Currently > we don't adhere to the verification process for such images. In this patch, you're trying to do three things: * remove efi_image_unsigned_authenticate() * pull efi_signature_lookup_digest() out of a while loop * change the logic of authentication I'd prefer to see those changes in separate patches for better reviewing. > The spec says: > "Multiple signatures are allowed to exist in the binary's certificate > table (as per PE/COFF Section "Attribute Certificate Table"). Only one > hash or signature is required to be present in db in order to pass > validation, so long as neither the SHA-256 hash of the binary nor any > present signature is reflected in dbx." I have some concern about what the last phrase, "neither the SHA-256 hash of the binary nor any present signature is reflected in dbx" means. See the comment below. > With our current implementation signing the image with two certificates > and inserting both of them in db and one of them dbx doesn't always reject > the image. The rejection depends on the order that the image was signed > and the order the certificates are read (and checked) in db. > > While at it move the sha256 hash verification outside the signature > checking loop, since it only needs to run once per image and get simplify > the logic for authenticating an unsigned imahe using sha256 hashes. > > Signed-off-by: Ilias Apalodimas <ilias.apalodi...@linaro.org> > --- > lib/efi_loader/efi_image_loader.c | 88 +++++++------------------------ > 1 file changed, 18 insertions(+), 70 deletions(-) > > diff --git a/lib/efi_loader/efi_image_loader.c > b/lib/efi_loader/efi_image_loader.c > index f41cfa4fccd5..5df35939f702 100644 > --- a/lib/efi_loader/efi_image_loader.c > +++ b/lib/efi_loader/efi_image_loader.c > @@ -516,53 +516,6 @@ err: > } > > #ifdef CONFIG_EFI_SECURE_BOOT > -/** > - * efi_image_unsigned_authenticate() - authenticate unsigned image with > - * SHA256 hash > - * @regs: List of regions to be verified > - * > - * If an image is not signed, it doesn't have a signature. In this case, > - * its message digest is calculated and it will be compared with one of > - * hash values stored in signature databases. > - * > - * Return: true if authenticated, false if not > - */ > -static bool efi_image_unsigned_authenticate(struct efi_image_regions *regs) > -{ > - struct efi_signature_store *db = NULL, *dbx = NULL; > - bool ret = false; > - > - dbx = efi_sigstore_parse_sigdb(u"dbx"); > - if (!dbx) { > - EFI_PRINT("Getting signature database(dbx) failed\n"); > - goto out; > - } > - > - db = efi_sigstore_parse_sigdb(u"db"); > - if (!db) { > - EFI_PRINT("Getting signature database(db) failed\n"); > - goto out; > - } > - > - /* try black-list first */ > - if (efi_signature_lookup_digest(regs, dbx, true)) { > - EFI_PRINT("Image is not signed and its digest found in > \"dbx\"\n"); > - goto out; > - } > - > - /* try white-list */ > - if (efi_signature_lookup_digest(regs, db, false)) > - ret = true; > - else > - EFI_PRINT("Image is not signed and its digest not found in > \"db\" or \"dbx\"\n"); > - > -out: > - efi_sigstore_free(db); > - efi_sigstore_free(dbx); > - > - return ret; > -} > - > /** > * efi_image_authenticate() - verify a signature of signed image > * @efi: Pointer to image > @@ -608,14 +561,7 @@ static bool efi_image_authenticate(void *efi, size_t > efi_size) > if (!efi_image_parse(new_efi, efi_size, ®s, &wincerts, > &wincerts_len)) { > EFI_PRINT("Parsing PE executable image failed\n"); > - goto err; > - } > - > - if (!wincerts) { > - /* The image is not signed */ > - ret = efi_image_unsigned_authenticate(regs); > - > - goto err; > + goto out; > } > > /* > @@ -624,18 +570,18 @@ static bool efi_image_authenticate(void *efi, size_t > efi_size) > db = efi_sigstore_parse_sigdb(u"db"); > if (!db) { > EFI_PRINT("Getting signature database(db) failed\n"); > - goto err; > + goto out; > } > > dbx = efi_sigstore_parse_sigdb(u"dbx"); > if (!dbx) { > EFI_PRINT("Getting signature database(dbx) failed\n"); > - goto err; > + goto out; > } > > if (efi_signature_lookup_digest(regs, dbx, true)) { > EFI_PRINT("Image's digest was found in \"dbx\"\n"); > - goto err; > + goto out; > } > > /* > @@ -678,7 +624,8 @@ static bool efi_image_authenticate(void *efi, size_t > efi_size) > if (guidcmp(auth, &efi_guid_cert_type_pkcs7)) { > EFI_PRINT("Certificate type not supported: > %pUs\n", > auth); > - continue; > + ret = false; > + goto out; Why should we break the loop here? > } > > auth += sizeof(efi_guid_t); > @@ -686,7 +633,8 @@ static bool efi_image_authenticate(void *efi, size_t > efi_size) > } else if (wincert->wCertificateType > != WIN_CERT_TYPE_PKCS_SIGNED_DATA) { > EFI_PRINT("Certificate type not supported\n"); > - continue; > + ret = false; > + goto out; > } > > msg = pkcs7_parse_message(auth, auth_size); > @@ -717,32 +665,32 @@ static bool efi_image_authenticate(void *efi, size_t > efi_size) > */ > /* try black-list first */ > if (efi_signature_verify_one(regs, msg, dbx)) { > + ret = false; > EFI_PRINT("Signature was rejected by \"dbx\"\n"); > - continue; > + goto out; If we go to "out" here, we have no chance to verify some cases: 1) An image has two signatures, for instance, one signed by SHA1 cert and the other signed by SHA256 cert. A user wants to reject SHA1 cert and put the cert in dbx. But this image can and should yet be verified by SHA256 cert. 2) A user knows that a given image is safe for some reason even though he or she doesn't trust the certficate which is used for signing the image. -Takahiro Akashi > } > > if (!efi_signature_check_signers(msg, dbx)) { > + ret = false; > EFI_PRINT("Signer(s) in \"dbx\"\n"); > - continue; > + goto out; > } > > /* try white-list */ > if (efi_signature_verify(regs, msg, db, dbx)) { > ret = true; > - break; > + continue; > } > > EFI_PRINT("Signature was not verified by \"db\"\n"); > + } > > - if (efi_signature_lookup_digest(regs, db, false)) { > - ret = true; > - break; > - } > > - EFI_PRINT("Image's digest was not found in \"db\" or > \"dbx\"\n"); > - } > + /* last resort try the image sha256 hash in db */ > + if (!ret && efi_signature_lookup_digest(regs, db, false)) > + ret = true; > > -err: > +out: > efi_sigstore_free(db); > efi_sigstore_free(dbx); > pkcs7_free_message(msg); > -- > 2.32.0 >