Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 1 | // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "update_engine/payload_signer.h" |
| 6 | |
Darin Petkov | b039d50 | 2010-12-03 09:08:04 -0800 | [diff] [blame^] | 7 | #include <base/logging.h> |
| 8 | #include <base/string_util.h> |
| 9 | #include <openssl/pem.h> |
| 10 | |
Andrew de los Reyes | 932bc4c | 2010-08-23 18:14:09 -0700 | [diff] [blame] | 11 | #include "update_engine/omaha_hash_calculator.h" |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 12 | #include "update_engine/subprocess.h" |
| 13 | #include "update_engine/update_metadata.pb.h" |
| 14 | #include "update_engine/utils.h" |
| 15 | |
| 16 | using std::string; |
| 17 | using std::vector; |
| 18 | |
| 19 | namespace chromeos_update_engine { |
| 20 | |
| 21 | const uint32_t kSignatureMessageVersion = 1; |
| 22 | |
| 23 | bool PayloadSigner::SignPayload(const string& unsigned_payload_path, |
| 24 | const string& private_key_path, |
| 25 | vector<char>* out_signature_blob) { |
| 26 | string sig_path; |
| 27 | TEST_AND_RETURN_FALSE( |
| 28 | utils::MakeTempFile("/tmp/signature.XXXXXX", &sig_path, NULL)); |
| 29 | ScopedPathUnlinker sig_path_unlinker(sig_path); |
Andrew de los Reyes | 932bc4c | 2010-08-23 18:14:09 -0700 | [diff] [blame] | 30 | |
| 31 | string hash_path; |
| 32 | TEST_AND_RETURN_FALSE( |
| 33 | utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL)); |
| 34 | ScopedPathUnlinker hash_path_unlinker(hash_path); |
Darin Petkov | d22cb29 | 2010-09-29 10:02:29 -0700 | [diff] [blame] | 35 | |
Andrew de los Reyes | 932bc4c | 2010-08-23 18:14:09 -0700 | [diff] [blame] | 36 | vector<char> hash_data; |
| 37 | { |
| 38 | vector<char> payload; |
| 39 | // TODO(adlr): Read file in chunks. Not urgent as this runs on the server. |
| 40 | TEST_AND_RETURN_FALSE(utils::ReadFile(unsigned_payload_path, &payload)); |
| 41 | TEST_AND_RETURN_FALSE(OmahaHashCalculator::RawHashOfData(payload, |
| 42 | &hash_data)); |
| 43 | } |
| 44 | TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(), |
| 45 | &hash_data[0], |
| 46 | hash_data.size())); |
Darin Petkov | d22cb29 | 2010-09-29 10:02:29 -0700 | [diff] [blame] | 47 | |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 48 | // This runs on the server, so it's okay to cop out and call openssl |
| 49 | // executable rather than properly use the library |
| 50 | vector<string> cmd; |
| 51 | SplitString("/usr/bin/openssl rsautl -pkcs -sign -inkey x -in x -out x", |
| 52 | ' ', |
| 53 | &cmd); |
| 54 | cmd[cmd.size() - 5] = private_key_path; |
Andrew de los Reyes | 932bc4c | 2010-08-23 18:14:09 -0700 | [diff] [blame] | 55 | cmd[cmd.size() - 3] = hash_path; |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 56 | cmd[cmd.size() - 1] = sig_path; |
Darin Petkov | d22cb29 | 2010-09-29 10:02:29 -0700 | [diff] [blame] | 57 | |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 58 | int return_code = 0; |
| 59 | TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code)); |
| 60 | TEST_AND_RETURN_FALSE(return_code == 0); |
Darin Petkov | d22cb29 | 2010-09-29 10:02:29 -0700 | [diff] [blame] | 61 | |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 62 | vector<char> signature; |
| 63 | TEST_AND_RETURN_FALSE(utils::ReadFile(sig_path, &signature)); |
Darin Petkov | d22cb29 | 2010-09-29 10:02:29 -0700 | [diff] [blame] | 64 | |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 65 | // Pack it into a protobuf |
| 66 | Signatures out_message; |
| 67 | Signatures_Signature* sig_message = out_message.add_signatures(); |
| 68 | sig_message->set_version(kSignatureMessageVersion); |
| 69 | sig_message->set_data(signature.data(), signature.size()); |
Darin Petkov | d22cb29 | 2010-09-29 10:02:29 -0700 | [diff] [blame] | 70 | |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 71 | // Serialize protobuf |
| 72 | string serialized; |
| 73 | TEST_AND_RETURN_FALSE(out_message.AppendToString(&serialized)); |
| 74 | out_signature_blob->insert(out_signature_blob->end(), |
| 75 | serialized.begin(), |
| 76 | serialized.end()); |
| 77 | return true; |
| 78 | } |
| 79 | |
| 80 | bool PayloadSigner::SignatureBlobLength( |
| 81 | const string& private_key_path, |
| 82 | uint64_t* out_length) { |
| 83 | DCHECK(out_length); |
Darin Petkov | d22cb29 | 2010-09-29 10:02:29 -0700 | [diff] [blame] | 84 | |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 85 | string x_path; |
| 86 | TEST_AND_RETURN_FALSE( |
| 87 | utils::MakeTempFile("/tmp/signed_data.XXXXXX", &x_path, NULL)); |
| 88 | ScopedPathUnlinker x_path_unlinker(x_path); |
| 89 | TEST_AND_RETURN_FALSE(utils::WriteFile(x_path.c_str(), "x", 1)); |
| 90 | |
| 91 | vector<char> sig_blob; |
| 92 | TEST_AND_RETURN_FALSE(PayloadSigner::SignPayload(x_path, |
| 93 | private_key_path, |
| 94 | &sig_blob)); |
| 95 | *out_length = sig_blob.size(); |
| 96 | return true; |
| 97 | } |
| 98 | |
Darin Petkov | d7061ab | 2010-10-06 14:37:09 -0700 | [diff] [blame] | 99 | bool PayloadSigner::VerifySignature(const std::vector<char>& signature_blob, |
| 100 | const std::string& public_key_path, |
| 101 | std::vector<char>* out_hash_data) { |
| 102 | TEST_AND_RETURN_FALSE(!public_key_path.empty()); |
| 103 | |
| 104 | Signatures signatures; |
| 105 | TEST_AND_RETURN_FALSE(signatures.ParseFromArray(&signature_blob[0], |
| 106 | signature_blob.size())); |
| 107 | |
| 108 | // Finds a signature that matches the current version. |
| 109 | int sig_index = 0; |
| 110 | for (; sig_index < signatures.signatures_size(); sig_index++) { |
| 111 | const Signatures_Signature& signature = signatures.signatures(sig_index); |
| 112 | if (signature.has_version() && |
| 113 | signature.version() == kSignatureMessageVersion) { |
| 114 | break; |
| 115 | } |
| 116 | } |
| 117 | TEST_AND_RETURN_FALSE(sig_index < signatures.signatures_size()); |
| 118 | |
| 119 | const Signatures_Signature& signature = signatures.signatures(sig_index); |
Darin Petkov | b039d50 | 2010-12-03 09:08:04 -0800 | [diff] [blame^] | 120 | const string& sig_data = signature.data(); |
Darin Petkov | d7061ab | 2010-10-06 14:37:09 -0700 | [diff] [blame] | 121 | |
Darin Petkov | b039d50 | 2010-12-03 09:08:04 -0800 | [diff] [blame^] | 122 | // The code below executes the equivalent of: |
| 123 | // |
| 124 | // openssl rsautl -verify -pubin -inkey |public_key_path| |
| 125 | // -in |sig_data| -out |out_hash_data| |
Darin Petkov | d7061ab | 2010-10-06 14:37:09 -0700 | [diff] [blame] | 126 | |
Darin Petkov | b039d50 | 2010-12-03 09:08:04 -0800 | [diff] [blame^] | 127 | // Loads the public key. |
| 128 | FILE* fpubkey = fopen(public_key_path.c_str(), "rb"); |
| 129 | TEST_AND_RETURN_FALSE(fpubkey != NULL); |
| 130 | char dummy_password[] = { ' ', 0 }; // Ensure no password is read from stdin. |
| 131 | RSA* rsa = PEM_read_RSA_PUBKEY(fpubkey, NULL, NULL, dummy_password); |
| 132 | fclose(fpubkey); |
| 133 | TEST_AND_RETURN_FALSE(rsa != NULL); |
| 134 | unsigned int keysize = RSA_size(rsa); |
| 135 | if (sig_data.size() > 2 * keysize) { |
| 136 | LOG(ERROR) << "Signature size is too big for public key size."; |
| 137 | RSA_free(rsa); |
| 138 | return false; |
| 139 | } |
Darin Petkov | d7061ab | 2010-10-06 14:37:09 -0700 | [diff] [blame] | 140 | |
Darin Petkov | b039d50 | 2010-12-03 09:08:04 -0800 | [diff] [blame^] | 141 | // Decrypts the signature. |
| 142 | vector<char> hash_data(keysize); |
| 143 | int decrypt_size = RSA_public_decrypt( |
| 144 | sig_data.size(), |
| 145 | reinterpret_cast<const unsigned char*>(sig_data.data()), |
| 146 | reinterpret_cast<unsigned char*>(hash_data.data()), |
| 147 | rsa, |
| 148 | RSA_PKCS1_PADDING); |
| 149 | RSA_free(rsa); |
| 150 | TEST_AND_RETURN_FALSE(decrypt_size > 0 && |
| 151 | decrypt_size <= static_cast<int>(hash_data.size())); |
| 152 | hash_data.resize(decrypt_size); |
| 153 | out_hash_data->swap(hash_data); |
Darin Petkov | d7061ab | 2010-10-06 14:37:09 -0700 | [diff] [blame] | 154 | return true; |
| 155 | } |
| 156 | |
Andrew de los Reyes | 0c44005 | 2010-08-20 11:25:54 -0700 | [diff] [blame] | 157 | } // namespace chromeos_update_engine |