[crypto] Pass image as parameter to CMS functions

The cms_signature() and cms_verify() functions currently accept raw data pointers. This will not be possible for cms_decrypt(), which will need the ability to extract fragments of ASN.1 data from a potentially large image. Change cms_signature() and cms_verify() to accept an image as an input parameter, and move the responsibility for setting the image trust flag within cms_verify() since that now becomes a more natural fit. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2026-01-22 03:32:59 +03:00 · 2024-08-09 16:33:51 +01:00
parent 96fb7a0a93
commit 3b4d0cb555
4 changed files with 101 additions and 65 deletions
--- a/src/tests/cms_test.c
+++ b/src/tests/cms_test.c
@@ -36,7 +36,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <string.h>
 #include <ipxe/sha256.h>
 #include <ipxe/x509.h>
+#include <ipxe/image.h>
 #include <ipxe/uaccess.h>
+#include <ipxe/der.h>
 #include <ipxe/cms.h>
 #include <ipxe/test.h>

@@ -45,19 +47,14 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

 /** CMS test code blob */
 struct cms_test_code {
-	/** Data */
-	const void *data;
-	/** Length of data */
-	size_t len;
+	/** Code image */
+	struct image image;
 };

 /** CMS test signature */
 struct cms_test_signature {
-	/** Data */
-	const void *data;
-	/** Length of data */
-	size_t len;
-
+	/** Signature image */
+	struct image image;
 	/** Parsed signature */
 	struct cms_signature *sig;
 };
@@ -69,19 +66,29 @@ struct cms_test_signature {
 #define FINGERPRINT(...) { __VA_ARGS__ }

 /** Define a test code blob */
-#define SIGNED_CODE( name, DATA )					\
-	static const uint8_t name ## _data[] = DATA;			\
-	static struct cms_test_code name = {				\
-		.data = name ## _data,					\
-		.len = sizeof ( name ## _data ),			\
+#define SIGNED_CODE( NAME, DATA )					\
+	static const uint8_t NAME ## _data[] = DATA;			\
+	static struct cms_test_code NAME = {				\
+		.image = {						\
+			.refcnt = REF_INIT ( ref_no_free ),		\
+			.name = #NAME,					\
+			.type = &der_image_type,			\
+			.data = ( userptr_t ) ( NAME ## _data ),	\
+			.len = sizeof ( NAME ## _data ),		\
+		},							\
 	}

 /** Define a test signature */
-#define SIGNATURE( name, DATA )						\
-	static const uint8_t name ## _data[] = DATA;			\
-	static struct cms_test_signature name = {			\
-		.data = name ## _data,					\
-		.len = sizeof ( name ## _data ),			\
+#define SIGNATURE( NAME, DATA )						\
+	static const uint8_t NAME ## _data[] = DATA;			\
+	static struct cms_test_signature NAME = {			\
+		.image = {						\
+			.refcnt = REF_INIT ( ref_no_free ),		\
+			.name = #NAME,					\
+			.type = &der_image_type,			\
+			.data = ( userptr_t ) ( NAME ## _data ),	\
+			.len = sizeof ( NAME ## _data ),		\
+		},							\
 	}

 /** Code that has been signed */
@@ -1353,9 +1360,16 @@ static time_t test_expired = 1375573111ULL; /* Sat Aug  3 23:38:31 2013 */
 */
 static void cms_signature_okx ( struct cms_test_signature *sgn,
 				const char *file, unsigned int line ) {
+	const void *data = ( ( void * ) sgn->image.data );

-	okx ( cms_signature ( sgn->data, sgn->len, &sgn->sig ) == 0,
-	      file, line );
+	/* Fix up image data pointer */
+	sgn->image.data = virt_to_user ( data );
+
+	/* Check ability to parse signature */
+	okx ( cms_signature ( &sgn->image, &sgn->sig ) == 0, file, line );
+
+	/* Reset image data pointer */
+	sgn->image.data = ( ( userptr_t ) data );
 }
 #define cms_signature_ok( sgn ) \
 	cms_signature_okx ( sgn, __FILE__, __LINE__ )
@@ -1377,10 +1391,21 @@ static void cms_verify_okx ( struct cms_test_signature *sgn,
 			     time_t time, struct x509_chain *store,
 			     struct x509_root *root, const char *file,
 			     unsigned int line ) {
+	const void *data = ( ( void * ) code->image.data );

+	/* Fix up image data pointer */
+	code->image.data = virt_to_user ( data );
+
+	/* Invalidate any certificates from previous tests */
 	x509_invalidate_chain ( sgn->sig->certificates );
-	okx ( cms_verify ( sgn->sig, virt_to_user ( code->data ), code->len,
-			   name, time, store, root ) == 0, file, line );
+
+	/* Check ability to verify signature */
+	okx ( cms_verify ( sgn->sig, &code->image, name, time, store,
+			   root ) == 0, file, line );
+	okx ( code->image.flags & IMAGE_TRUSTED, file, line );
+
+	/* Reset image data pointer */
+	code->image.data = ( ( userptr_t ) data );
 }
 #define cms_verify_ok( sgn, code, name, time, store, root )		\
 	cms_verify_okx ( sgn, code, name, time, store, root,		\
@@ -1403,10 +1428,21 @@ static void cms_verify_fail_okx ( struct cms_test_signature *sgn,
 				  time_t time, struct x509_chain *store,
 				  struct x509_root *root, const char *file,
 				  unsigned int line ) {
+	const void *data = ( ( void * ) code->image.data );

+	/* Fix up image data pointer */
+	code->image.data = virt_to_user ( data );
+
+	/* Invalidate any certificates from previous tests */
 	x509_invalidate_chain ( sgn->sig->certificates );
-	okx ( cms_verify ( sgn->sig, virt_to_user ( code->data ), code->len,
-			   name, time, store, root ) != 0, file, line );
+
+	/* Check inability to verify signature */
+	okx ( cms_verify ( sgn->sig, &code->image, name, time, store,
+			   root ) != 0, file, line );
+	okx ( ! ( code->image.flags & IMAGE_TRUSTED ), file, line );
+
+	/* Reset image data pointer */
+	code->image.data = ( ( userptr_t ) data );
 }
 #define cms_verify_fail_ok( sgn, code, name, time, store, root )	\
 	cms_verify_fail_okx ( sgn, code, name, time, store, root,	\