Cumulative patch from commit 54ac6ff8c4a20f8c3678e0c610716ce7795b8320
54ac6ff PKCS 1: Add function for checking v1.5 RSA signature
d381184 RSA: Add OID definitions and helper function for hash algorithms
ab6d047 Add function for building RSA public key from n and e parameters
6c5be11 PKCS #1: Enforce minimum padding for decryption in internal TLS
e6d83cc PKCS #1: Allow only BT=01 for signature in internal TLS
9c29d48 X.509: Fix internal TLS/X.509 validation of PKCS#1 signature
10b58b5 TNC: Allow TNC to be enabled dynamically
0a626a5 TNC: Move common definitions into a shared header file
4075e4e TNC: Allow tnc_config file path to be replaced
f0356ec eloop: Add epoll option for better performance
da96a6f eloop: Separate event loop select/poll implementation
68d2700 dbus: No need to recompute group object path on GroupStarted signal
f3734e2 dbus: Provide the P2P Device Address from the relevant structure
e956b83 dbus: Fix interface DeviceFound signal specification
fc591a7 dbus: Declare GONegotiation signals properly
Change-Id: I54a598ae249ca569f15eaef8f728985897e1b2f0
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index 391d774..b7e118c 100644
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -14,6 +14,7 @@
#include "common/wpa_ctrl.h"
#include "radius/radius_client.h"
#include "radius/radius_das.h"
+#include "eap_server/tncs.h"
#include "hostapd.h"
#include "authsrv.h"
#include "sta_info.h"
@@ -673,6 +674,13 @@
wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s), first=%d)",
__func__, hapd, hapd->conf->iface, first);
+#ifdef EAP_SERVER_TNC
+ if (hapd->conf->tnc && tncs_global_init() < 0) {
+ wpa_printf(MSG_ERROR, "Failed to initialize TNCS");
+ return -1;
+ }
+#endif /* EAP_SERVER_TNC */
+
if (hapd->started) {
wpa_printf(MSG_ERROR, "%s: Interface %s was already started",
__func__, hapd->conf->iface);
diff --git a/src/common/tnc.h b/src/common/tnc.h
new file mode 100644
index 0000000..108acf9
--- /dev/null
+++ b/src/common/tnc.h
@@ -0,0 +1,121 @@
+/*
+ * TNC - Common defines
+ * Copyright (c) 2007-2014, Jouni Malinen <j@w1.fi>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#ifndef TNC_H
+#define TNC_H
+
+typedef unsigned long TNC_UInt32;
+typedef unsigned char *TNC_BufferReference;
+
+typedef TNC_UInt32 TNC_IMVID;
+typedef TNC_UInt32 TNC_IMCID;
+typedef TNC_UInt32 TNC_ConnectionID;
+typedef TNC_UInt32 TNC_ConnectionState;
+typedef TNC_UInt32 TNC_RetryReason;
+typedef TNC_UInt32 TNC_IMV_Action_Recommendation;
+typedef TNC_UInt32 TNC_IMV_Evaluation_Result;
+typedef TNC_UInt32 TNC_MessageType;
+typedef TNC_MessageType *TNC_MessageTypeList;
+typedef TNC_UInt32 TNC_VendorID;
+typedef TNC_UInt32 TNC_Subtype;
+typedef TNC_UInt32 TNC_MessageSubtype;
+typedef TNC_UInt32 TNC_Version;
+typedef TNC_UInt32 TNC_Result;
+typedef TNC_UInt32 TNC_AttributeID;
+
+typedef TNC_Result (*TNC_TNCS_BindFunctionPointer)(
+ TNC_IMVID imvID,
+ char *functionName,
+ void **pOutfunctionPointer);
+typedef TNC_Result (*TNC_TNCS_ReportMessageTypesPointer)(
+ TNC_IMVID imvID,
+ TNC_MessageTypeList supportedTypes,
+ TNC_UInt32 typeCount);
+typedef TNC_Result (*TNC_TNCS_SendMessagePointer)(
+ TNC_IMVID imvID,
+ TNC_ConnectionID connectionID,
+ TNC_BufferReference message,
+ TNC_UInt32 messageLength,
+ TNC_MessageType messageType);
+typedef TNC_Result (*TNC_TNCS_RequestHandshakeRetryPointer)(
+ TNC_IMVID imvID,
+ TNC_ConnectionID connectionID,
+ TNC_RetryReason reason);
+typedef TNC_Result (*TNC_TNCS_ProvideRecommendationPointer)(
+ TNC_IMVID imvID,
+ TNC_ConnectionID connectionID,
+ TNC_IMV_Action_Recommendation recommendation,
+ TNC_IMV_Evaluation_Result evaluation);
+typedef TNC_Result (*TNC_TNCC_BindFunctionPointer)(
+ TNC_IMCID imcID,
+ char *functionName,
+ void **pOutfunctionPointer);
+typedef TNC_Result (*TNC_TNCC_SendMessagePointer)(
+ TNC_IMCID imcID,
+ TNC_ConnectionID connectionID,
+ TNC_BufferReference message,
+ TNC_UInt32 messageLength,
+ TNC_MessageType messageType);
+typedef TNC_Result (*TNC_TNCC_ReportMessageTypesPointer)(
+ TNC_IMCID imcID,
+ TNC_MessageTypeList supportedTypes,
+ TNC_UInt32 typeCount);
+typedef TNC_Result (*TNC_TNCC_RequestHandshakeRetryPointer)(
+ TNC_IMCID imcID,
+ TNC_ConnectionID connectionID,
+ TNC_RetryReason reason);
+
+#define TNC_IFIMV_VERSION_1 1
+#define TNC_IFIMC_VERSION_1 1
+
+#define TNC_RESULT_SUCCESS 0
+#define TNC_RESULT_NOT_INITIALIZED 1
+#define TNC_RESULT_ALREADY_INITIALIZED 2
+#define TNC_RESULT_NO_COMMON_VERSION 3
+#define TNC_RESULT_CANT_RETRY 4
+#define TNC_RESULT_WONT_RETRY 5
+#define TNC_RESULT_INVALID_PARAMETER 6
+#define TNC_RESULT_CANT_RESPOND 7
+#define TNC_RESULT_ILLEGAL_OPERATION 8
+#define TNC_RESULT_OTHER 9
+#define TNC_RESULT_FATAL 10
+
+#define TNC_CONNECTION_STATE_CREATE 0
+#define TNC_CONNECTION_STATE_HANDSHAKE 1
+#define TNC_CONNECTION_STATE_ACCESS_ALLOWED 2
+#define TNC_CONNECTION_STATE_ACCESS_ISOLATED 3
+#define TNC_CONNECTION_STATE_ACCESS_NONE 4
+#define TNC_CONNECTION_STATE_DELETE 5
+
+#define TNC_VENDORID_ANY ((TNC_VendorID) 0xffffff)
+#define TNC_SUBTYPE_ANY ((TNC_Subtype) 0xff)
+
+/* TNCC-TNCS Message Types */
+#define TNC_TNCCS_RECOMMENDATION 0x00000001
+#define TNC_TNCCS_ERROR 0x00000002
+#define TNC_TNCCS_PREFERREDLANGUAGE 0x00000003
+#define TNC_TNCCS_REASONSTRINGS 0x00000004
+
+/* Possible TNC_IMV_Action_Recommendation values: */
+enum IMV_Action_Recommendation {
+ TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
+ TNC_IMV_ACTION_RECOMMENDATION_NO_ACCESS,
+ TNC_IMV_ACTION_RECOMMENDATION_ISOLATE,
+ TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION
+};
+
+/* Possible TNC_IMV_Evaluation_Result values: */
+enum IMV_Evaluation_Result {
+ TNC_IMV_EVALUATION_RESULT_COMPLIANT,
+ TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR,
+ TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MAJOR,
+ TNC_IMV_EVALUATION_RESULT_ERROR,
+ TNC_IMV_EVALUATION_RESULT_DONT_KNOW
+};
+
+#endif /* TNC_H */
diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h
index 4caa277..f2d5662 100644
--- a/src/crypto/crypto.h
+++ b/src/crypto/crypto.h
@@ -271,6 +271,10 @@
*/
struct crypto_public_key * crypto_public_key_import(const u8 *key, size_t len);
+struct crypto_public_key *
+crypto_public_key_import_parts(const u8 *n, size_t n_len,
+ const u8 *e, size_t e_len);
+
/**
* crypto_private_key_import - Import an RSA private key
* @key: Key buffer (DER encoded RSA private key)
diff --git a/src/crypto/crypto_internal-rsa.c b/src/crypto/crypto_internal-rsa.c
index 54209fa..dc7f350 100644
--- a/src/crypto/crypto_internal-rsa.c
+++ b/src/crypto/crypto_internal-rsa.c
@@ -26,6 +26,15 @@
}
+struct crypto_public_key *
+crypto_public_key_import_parts(const u8 *n, size_t n_len,
+ const u8 *e, size_t e_len)
+{
+ return (struct crypto_public_key *)
+ crypto_rsa_import_public_key_parts(n, n_len, e, e_len);
+}
+
+
struct crypto_private_key * crypto_private_key_import(const u8 *key,
size_t len,
const char *passwd)
diff --git a/src/eap_peer/tncc.c b/src/eap_peer/tncc.c
index a3ec395..5b1a2d4 100644
--- a/src/eap_peer/tncc.c
+++ b/src/eap_peer/tncc.c
@@ -13,6 +13,7 @@
#include "common.h"
#include "base64.h"
+#include "common/tnc.h"
#include "tncc.h"
#include "eap_common/eap_tlv_common.h"
#include "eap_common/eap_defs.h"
@@ -25,7 +26,9 @@
#endif /* UNICODE */
+#ifndef TNC_CONFIG_FILE
#define TNC_CONFIG_FILE "/etc/tnc_config"
+#endif /* TNC_CONFIG_FILE */
#define TNC_WINREG_PATH TEXT("SOFTWARE\\Trusted Computing Group\\TNC\\IMCs")
#define IF_TNCCS_START \
"<?xml version=\"1.0\"?>\n" \
@@ -38,56 +41,6 @@
/* TNC IF-IMC */
-typedef unsigned long TNC_UInt32;
-typedef unsigned char *TNC_BufferReference;
-
-typedef TNC_UInt32 TNC_IMCID;
-typedef TNC_UInt32 TNC_ConnectionID;
-typedef TNC_UInt32 TNC_ConnectionState;
-typedef TNC_UInt32 TNC_RetryReason;
-typedef TNC_UInt32 TNC_MessageType;
-typedef TNC_MessageType *TNC_MessageTypeList;
-typedef TNC_UInt32 TNC_VendorID;
-typedef TNC_UInt32 TNC_MessageSubtype;
-typedef TNC_UInt32 TNC_Version;
-typedef TNC_UInt32 TNC_Result;
-
-typedef TNC_Result (*TNC_TNCC_BindFunctionPointer)(
- TNC_IMCID imcID,
- char *functionName,
- void **pOutfunctionPointer);
-
-#define TNC_RESULT_SUCCESS 0
-#define TNC_RESULT_NOT_INITIALIZED 1
-#define TNC_RESULT_ALREADY_INITIALIZED 2
-#define TNC_RESULT_NO_COMMON_VERSION 3
-#define TNC_RESULT_CANT_RETRY 4
-#define TNC_RESULT_WONT_RETRY 5
-#define TNC_RESULT_INVALID_PARAMETER 6
-#define TNC_RESULT_CANT_RESPOND 7
-#define TNC_RESULT_ILLEGAL_OPERATION 8
-#define TNC_RESULT_OTHER 9
-#define TNC_RESULT_FATAL 10
-
-#define TNC_CONNECTION_STATE_CREATE 0
-#define TNC_CONNECTION_STATE_HANDSHAKE 1
-#define TNC_CONNECTION_STATE_ACCESS_ALLOWED 2
-#define TNC_CONNECTION_STATE_ACCESS_ISOLATED 3
-#define TNC_CONNECTION_STATE_ACCESS_NONE 4
-#define TNC_CONNECTION_STATE_DELETE 5
-
-#define TNC_IFIMC_VERSION_1 1
-
-#define TNC_VENDORID_ANY ((TNC_VendorID) 0xffffff)
-#define TNC_SUBTYPE_ANY ((TNC_MessageSubtype) 0xff)
-
-/* TNCC-TNCS Message Types */
-#define TNC_TNCCS_RECOMMENDATION 0x00000001
-#define TNC_TNCCS_ERROR 0x00000002
-#define TNC_TNCCS_PREFERREDLANGUAGE 0x00000003
-#define TNC_TNCCS_REASONSTRINGS 0x00000004
-
-
/* IF-TNCCS-SOH - SSoH and SSoHR Attributes */
enum {
SSOH_MS_MACHINE_INVENTORY = 1,
diff --git a/src/eap_server/tncs.c b/src/eap_server/tncs.c
index e429f1e..dc6f689 100644
--- a/src/eap_server/tncs.c
+++ b/src/eap_server/tncs.c
@@ -11,6 +11,7 @@
#include "common.h"
#include "base64.h"
+#include "common/tnc.h"
#include "tncs.h"
#include "eap_common/eap_tlv_common.h"
#include "eap_common/eap_defs.h"
@@ -19,7 +20,9 @@
/* TODO: TNCS must be thread-safe; review the code and add locking etc. if
* needed.. */
+#ifndef TNC_CONFIG_FILE
#define TNC_CONFIG_FILE "/etc/tnc_config"
+#endif /* TNC_CONFIG_FILE */
#define IF_TNCCS_START \
"<?xml version=\"1.0\"?>\n" \
"<TNCCS-Batch BatchId=\"%d\" Recipient=\"TNCS\" " \
@@ -31,75 +34,6 @@
/* TNC IF-IMV */
-typedef unsigned long TNC_UInt32;
-typedef unsigned char *TNC_BufferReference;
-
-typedef TNC_UInt32 TNC_IMVID;
-typedef TNC_UInt32 TNC_ConnectionID;
-typedef TNC_UInt32 TNC_ConnectionState;
-typedef TNC_UInt32 TNC_RetryReason;
-typedef TNC_UInt32 TNC_IMV_Action_Recommendation;
-typedef TNC_UInt32 TNC_IMV_Evaluation_Result;
-typedef TNC_UInt32 TNC_MessageType;
-typedef TNC_MessageType *TNC_MessageTypeList;
-typedef TNC_UInt32 TNC_VendorID;
-typedef TNC_UInt32 TNC_Subtype;
-typedef TNC_UInt32 TNC_Version;
-typedef TNC_UInt32 TNC_Result;
-typedef TNC_UInt32 TNC_AttributeID;
-
-typedef TNC_Result (*TNC_TNCS_BindFunctionPointer)(
- TNC_IMVID imvID,
- char *functionName,
- void **pOutfunctionPointer);
-
-#define TNC_RESULT_SUCCESS 0
-#define TNC_RESULT_NOT_INITIALIZED 1
-#define TNC_RESULT_ALREADY_INITIALIZED 2
-#define TNC_RESULT_NO_COMMON_VERSION 3
-#define TNC_RESULT_CANT_RETRY 4
-#define TNC_RESULT_WONT_RETRY 5
-#define TNC_RESULT_INVALID_PARAMETER 6
-#define TNC_RESULT_CANT_RESPOND 7
-#define TNC_RESULT_ILLEGAL_OPERATION 8
-#define TNC_RESULT_OTHER 9
-#define TNC_RESULT_FATAL 10
-
-#define TNC_CONNECTION_STATE_CREATE 0
-#define TNC_CONNECTION_STATE_HANDSHAKE 1
-#define TNC_CONNECTION_STATE_ACCESS_ALLOWED 2
-#define TNC_CONNECTION_STATE_ACCESS_ISOLATED 3
-#define TNC_CONNECTION_STATE_ACCESS_NONE 4
-#define TNC_CONNECTION_STATE_DELETE 5
-
-#define TNC_IFIMV_VERSION_1 1
-
-#define TNC_VENDORID_ANY ((TNC_VendorID) 0xffffff)
-#define TNC_SUBTYPE_ANY ((TNC_Subtype) 0xff)
-
-/* TNCC-TNCS Message Types */
-#define TNC_TNCCS_RECOMMENDATION 0x00000001
-#define TNC_TNCCS_ERROR 0x00000002
-#define TNC_TNCCS_PREFERREDLANGUAGE 0x00000003
-#define TNC_TNCCS_REASONSTRINGS 0x00000004
-
-/* Possible TNC_IMV_Action_Recommendation values: */
-enum IMV_Action_Recommendation {
- TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
- TNC_IMV_ACTION_RECOMMENDATION_NO_ACCESS,
- TNC_IMV_ACTION_RECOMMENDATION_ISOLATE,
- TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION
-};
-
-/* Possible TNC_IMV_Evaluation_Result values: */
-enum IMV_Evaluation_Result {
- TNC_IMV_EVALUATION_RESULT_COMPLIANT,
- TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MINOR,
- TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MAJOR,
- TNC_IMV_EVALUATION_RESULT_ERROR,
- TNC_IMV_EVALUATION_RESULT_DONT_KNOW
-};
-
struct tnc_if_imv {
struct tnc_if_imv *next;
char *name;
@@ -1181,6 +1115,9 @@
{
struct tnc_if_imv *imv;
+ if (tncs_global_data)
+ return 0;
+
tncs_global_data = os_zalloc(sizeof(*tncs_global_data));
if (tncs_global_data == NULL)
return -1;
diff --git a/src/tls/asn1.c b/src/tls/asn1.c
index 53acd53..97462fa 100644
--- a/src/tls/asn1.c
+++ b/src/tls/asn1.c
@@ -1,6 +1,6 @@
/*
* ASN.1 DER parsing
- * Copyright (c) 2006, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2006-2014, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -11,6 +11,17 @@
#include "common.h"
#include "asn1.h"
+struct asn1_oid asn1_sha1_oid = {
+ .oid = { 1, 3, 14, 3, 2, 26 },
+ .len = 6
+};
+
+struct asn1_oid asn1_sha256_oid = {
+ .oid = { 2, 16, 840, 1, 101, 3, 4, 2, 1 },
+ .len = 9
+};
+
+
int asn1_get_next(const u8 *buf, size_t len, struct asn1_hdr *hdr)
{
const u8 *pos, *end;
@@ -140,7 +151,7 @@
}
-void asn1_oid_to_str(struct asn1_oid *oid, char *buf, size_t len)
+void asn1_oid_to_str(const struct asn1_oid *oid, char *buf, size_t len)
{
char *pos = buf;
size_t i;
@@ -204,3 +215,19 @@
return val;
}
+
+
+int asn1_oid_equal(const struct asn1_oid *a, const struct asn1_oid *b)
+{
+ size_t i;
+
+ if (a->len != b->len)
+ return 0;
+
+ for (i = 0; i < a->len; i++) {
+ if (a->oid[i] != b->oid[i])
+ return 0;
+ }
+
+ return 1;
+}
diff --git a/src/tls/asn1.h b/src/tls/asn1.h
index 6342c4c..7475007 100644
--- a/src/tls/asn1.h
+++ b/src/tls/asn1.h
@@ -60,7 +60,11 @@
int asn1_parse_oid(const u8 *buf, size_t len, struct asn1_oid *oid);
int asn1_get_oid(const u8 *buf, size_t len, struct asn1_oid *oid,
const u8 **next);
-void asn1_oid_to_str(struct asn1_oid *oid, char *buf, size_t len);
+void asn1_oid_to_str(const struct asn1_oid *oid, char *buf, size_t len);
unsigned long asn1_bit_string_to_long(const u8 *buf, size_t len);
+int asn1_oid_equal(const struct asn1_oid *a, const struct asn1_oid *b);
+
+extern struct asn1_oid asn1_sha1_oid;
+extern struct asn1_oid asn1_sha256_oid;
#endif /* ASN1_H */
diff --git a/src/tls/pkcs1.c b/src/tls/pkcs1.c
index b6fde5e..381b7a0 100644
--- a/src/tls/pkcs1.c
+++ b/src/tls/pkcs1.c
@@ -1,6 +1,6 @@
/*
* PKCS #1 (RSA Encryption)
- * Copyright (c) 2006-2009, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2006-2014, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -9,7 +9,9 @@
#include "includes.h"
#include "common.h"
+#include "crypto/crypto.h"
#include "rsa.h"
+#include "asn1.h"
#include "pkcs1.h"
@@ -113,6 +115,11 @@
pos++;
if (pos == end)
return -1;
+ if (pos - out - 2 < 8) {
+ /* PKCS #1 v1.5, 8.1: At least eight octets long PS */
+ wpa_printf(MSG_INFO, "LibTomCrypt: Too short padding");
+ return -1;
+ }
pos++;
*outlen -= pos - out;
@@ -142,35 +149,26 @@
* BT = 00 or 01
* PS = k-3-||D|| times (00 if BT=00) or (FF if BT=01)
* k = length of modulus in octets
+ *
+ * Based on 10.1.3, "The block type shall be 01" for a signature.
*/
if (len < 3 + 8 + 16 /* min hash len */ ||
- plain[0] != 0x00 || (plain[1] != 0x00 && plain[1] != 0x01)) {
+ plain[0] != 0x00 || plain[1] != 0x01) {
wpa_printf(MSG_INFO, "LibTomCrypt: Invalid signature EB "
"structure");
return -1;
}
pos = plain + 3;
- if (plain[1] == 0x00) {
- /* BT = 00 */
- if (plain[2] != 0x00) {
- wpa_printf(MSG_INFO, "LibTomCrypt: Invalid signature "
- "PS (BT=00)");
- return -1;
- }
- while (pos + 1 < plain + len && *pos == 0x00 && pos[1] == 0x00)
- pos++;
- } else {
- /* BT = 01 */
- if (plain[2] != 0xff) {
- wpa_printf(MSG_INFO, "LibTomCrypt: Invalid signature "
- "PS (BT=01)");
- return -1;
- }
- while (pos < plain + len && *pos == 0xff)
- pos++;
+ /* BT = 01 */
+ if (plain[2] != 0xff) {
+ wpa_printf(MSG_INFO, "LibTomCrypt: Invalid signature "
+ "PS (BT=01)");
+ return -1;
}
+ while (pos < plain + len && *pos == 0xff)
+ pos++;
if (pos - plain - 2 < 8) {
/* PKCS #1 v1.5, 8.1: At least eight octets long PS */
@@ -193,3 +191,130 @@
return 0;
}
+
+
+int pkcs1_v15_sig_ver(struct crypto_public_key *pk,
+ const u8 *s, size_t s_len,
+ const struct asn1_oid *hash_alg,
+ const u8 *hash, size_t hash_len)
+{
+ int res;
+ u8 *decrypted;
+ size_t decrypted_len;
+ const u8 *pos, *end, *next, *da_end;
+ struct asn1_hdr hdr;
+ struct asn1_oid oid;
+
+ decrypted = os_malloc(s_len);
+ if (decrypted == NULL)
+ return -1;
+ decrypted_len = s_len;
+ res = crypto_public_key_decrypt_pkcs1(pk, s, s_len, decrypted,
+ &decrypted_len);
+ if (res < 0) {
+ wpa_printf(MSG_INFO, "PKCS #1: RSA decrypt failed");
+ os_free(decrypted);
+ return -1;
+ }
+ wpa_hexdump(MSG_DEBUG, "Decrypted(S)", decrypted, decrypted_len);
+
+ /*
+ * PKCS #1 v1.5, 10.1.2:
+ *
+ * DigestInfo ::= SEQUENCE {
+ * digestAlgorithm DigestAlgorithmIdentifier,
+ * digest Digest
+ * }
+ *
+ * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+ *
+ * Digest ::= OCTET STRING
+ *
+ */
+ if (asn1_get_next(decrypted, decrypted_len, &hdr) < 0 ||
+ hdr.class != ASN1_CLASS_UNIVERSAL ||
+ hdr.tag != ASN1_TAG_SEQUENCE) {
+ wpa_printf(MSG_DEBUG,
+ "PKCS #1: Expected SEQUENCE (DigestInfo) - found class %d tag 0x%x",
+ hdr.class, hdr.tag);
+ os_free(decrypted);
+ return -1;
+ }
+
+ pos = hdr.payload;
+ end = pos + hdr.length;
+
+ /*
+ * X.509:
+ * AlgorithmIdentifier ::= SEQUENCE {
+ * algorithm OBJECT IDENTIFIER,
+ * parameters ANY DEFINED BY algorithm OPTIONAL
+ * }
+ */
+
+ if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
+ hdr.class != ASN1_CLASS_UNIVERSAL ||
+ hdr.tag != ASN1_TAG_SEQUENCE) {
+ wpa_printf(MSG_DEBUG,
+ "PKCS #1: Expected SEQUENCE (AlgorithmIdentifier) - found class %d tag 0x%x",
+ hdr.class, hdr.tag);
+ os_free(decrypted);
+ return -1;
+ }
+ da_end = hdr.payload + hdr.length;
+
+ if (asn1_get_oid(hdr.payload, hdr.length, &oid, &next)) {
+ wpa_printf(MSG_DEBUG,
+ "PKCS #1: Failed to parse digestAlgorithm");
+ os_free(decrypted);
+ return -1;
+ }
+
+ if (!asn1_oid_equal(&oid, hash_alg)) {
+ char txt[100], txt2[100];
+ asn1_oid_to_str(&oid, txt, sizeof(txt));
+ asn1_oid_to_str(hash_alg, txt2, sizeof(txt2));
+ wpa_printf(MSG_DEBUG,
+ "PKCS #1: Hash alg OID mismatch: was %s, expected %s",
+ txt, txt2);
+ os_free(decrypted);
+ return -1;
+ }
+
+ /* Digest ::= OCTET STRING */
+ pos = da_end;
+ end = decrypted + decrypted_len;
+
+ if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
+ hdr.class != ASN1_CLASS_UNIVERSAL ||
+ hdr.tag != ASN1_TAG_OCTETSTRING) {
+ wpa_printf(MSG_DEBUG,
+ "PKCS #1: Expected OCTETSTRING (Digest) - found class %d tag 0x%x",
+ hdr.class, hdr.tag);
+ os_free(decrypted);
+ return -1;
+ }
+ wpa_hexdump(MSG_MSGDUMP, "PKCS #1: Decrypted Digest",
+ hdr.payload, hdr.length);
+
+ if (hdr.length != hash_len ||
+ os_memcmp(hdr.payload, hash, hdr.length) != 0) {
+ wpa_printf(MSG_INFO, "PKCS #1: Digest value does not match calculated hash");
+ os_free(decrypted);
+ return -1;
+ }
+
+ os_free(decrypted);
+
+ if (hdr.payload + hdr.length != end) {
+ wpa_printf(MSG_INFO,
+ "PKCS #1: Extra data after signature - reject");
+
+ wpa_hexdump(MSG_DEBUG, "PKCS #1: Extra data",
+ hdr.payload + hdr.length,
+ end - hdr.payload - hdr.length);
+ return -1;
+ }
+
+ return 0;
+}
diff --git a/src/tls/pkcs1.h b/src/tls/pkcs1.h
index ed64def..f37ebf3 100644
--- a/src/tls/pkcs1.h
+++ b/src/tls/pkcs1.h
@@ -9,6 +9,9 @@
#ifndef PKCS1_H
#define PKCS1_H
+struct crypto_public_key;
+struct asn1_oid;
+
int pkcs1_encrypt(int block_type, struct crypto_rsa_key *key,
int use_private, const u8 *in, size_t inlen,
u8 *out, size_t *outlen);
@@ -18,5 +21,9 @@
int pkcs1_decrypt_public_key(struct crypto_rsa_key *key,
const u8 *crypt, size_t crypt_len,
u8 *plain, size_t *plain_len);
+int pkcs1_v15_sig_ver(struct crypto_public_key *pk,
+ const u8 *s, size_t s_len,
+ const struct asn1_oid *hash_alg,
+ const u8 *hash, size_t hash_len);
#endif /* PKCS1_H */
diff --git a/src/tls/rsa.c b/src/tls/rsa.c
index 125c420..0b7b530 100644
--- a/src/tls/rsa.c
+++ b/src/tls/rsa.c
@@ -1,6 +1,6 @@
/*
* RSA
- * Copyright (c) 2006, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2006-2014, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -116,6 +116,29 @@
}
+struct crypto_rsa_key *
+crypto_rsa_import_public_key_parts(const u8 *n, size_t n_len,
+ const u8 *e, size_t e_len)
+{
+ struct crypto_rsa_key *key;
+
+ key = os_zalloc(sizeof(*key));
+ if (key == NULL)
+ return NULL;
+
+ key->n = bignum_init();
+ key->e = bignum_init();
+ if (key->n == NULL || key->e == NULL ||
+ bignum_set_unsigned_bin(key->n, n, n_len) < 0 ||
+ bignum_set_unsigned_bin(key->e, e, e_len) < 0) {
+ crypto_rsa_free(key);
+ return NULL;
+ }
+
+ return key;
+}
+
+
/**
* crypto_rsa_import_private_key - Import an RSA private key
* @buf: Key buffer (DER encoded RSA private key)
diff --git a/src/tls/rsa.h b/src/tls/rsa.h
index c236a9d..b65818e 100644
--- a/src/tls/rsa.h
+++ b/src/tls/rsa.h
@@ -14,6 +14,9 @@
struct crypto_rsa_key *
crypto_rsa_import_public_key(const u8 *buf, size_t len);
struct crypto_rsa_key *
+crypto_rsa_import_public_key_parts(const u8 *n, size_t n_len,
+ const u8 *e, size_t e_len);
+struct crypto_rsa_key *
crypto_rsa_import_private_key(const u8 *buf, size_t len);
size_t crypto_rsa_get_modulus_len(struct crypto_rsa_key *key);
int crypto_rsa_exptmod(const u8 *in, size_t inlen, u8 *out, size_t *outlen,
diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c
index a9483cb..751a268 100644
--- a/src/tls/x509v3.c
+++ b/src/tls/x509v3.c
@@ -1783,6 +1783,15 @@
return -1;
}
+ if (hdr.payload + hdr.length < data + data_len) {
+ wpa_hexdump(MSG_INFO,
+ "X509: Extra data after certificate signature hash",
+ hdr.payload + hdr.length,
+ data + data_len - hdr.payload - hdr.length);
+ os_free(data);
+ return -1;
+ }
+
os_free(data);
wpa_printf(MSG_DEBUG, "X509: Certificate Digest matches with "
diff --git a/src/utils/eloop.c b/src/utils/eloop.c
index 2667c8c..0da6de4 100644
--- a/src/utils/eloop.c
+++ b/src/utils/eloop.c
@@ -14,10 +14,21 @@
#include "list.h"
#include "eloop.h"
+#if defined(CONFIG_ELOOP_POLL) && defined(CONFIG_ELOOP_EPOLL)
+#error Do not define both of poll and epoll
+#endif
+
+#if !defined(CONFIG_ELOOP_POLL) && !defined(CONFIG_ELOOP_EPOLL)
+#define CONFIG_ELOOP_SELECT
+#endif
+
#ifdef CONFIG_ELOOP_POLL
#include <poll.h>
#endif /* CONFIG_ELOOP_POLL */
+#ifdef CONFIG_ELOOP_EPOLL
+#include <sys/epoll.h>
+#endif /* CONFIG_ELOOP_EPOLL */
struct eloop_sock {
int sock;
@@ -50,7 +61,11 @@
struct eloop_sock_table {
int count;
struct eloop_sock *table;
+#ifdef CONFIG_ELOOP_EPOLL
+ eloop_event_type type;
+#else /* CONFIG_ELOOP_EPOLL */
int changed;
+#endif /* CONFIG_ELOOP_EPOLL */
};
struct eloop_data {
@@ -63,6 +78,13 @@
struct pollfd *pollfds;
struct pollfd **pollfds_map;
#endif /* CONFIG_ELOOP_POLL */
+#ifdef CONFIG_ELOOP_EPOLL
+ int epollfd;
+ int epoll_max_event_num;
+ int epoll_max_fd;
+ struct eloop_sock *epoll_table;
+ struct epoll_event *epoll_events;
+#endif /* CONFIG_ELOOP_EPOLL */
struct eloop_sock_table readers;
struct eloop_sock_table writers;
struct eloop_sock_table exceptions;
@@ -75,7 +97,6 @@
int pending_terminate;
int terminate;
- int reader_table_changed;
};
static struct eloop_data eloop;
@@ -128,6 +149,17 @@
{
os_memset(&eloop, 0, sizeof(eloop));
dl_list_init(&eloop.timeout);
+#ifdef CONFIG_ELOOP_EPOLL
+ eloop.epollfd = epoll_create1(0);
+ if (eloop.epollfd < 0) {
+ wpa_printf(MSG_ERROR, "%s: epoll_create1 failed. %s\n",
+ __func__, strerror(errno));
+ return -1;
+ }
+ eloop.readers.type = EVENT_TYPE_READ;
+ eloop.writers.type = EVENT_TYPE_WRITE;
+ eloop.exceptions.type = EVENT_TYPE_EXCEPTION;
+#endif /* CONFIG_ELOOP_EPOLL */
#ifdef WPA_TRACE
signal(SIGSEGV, eloop_sigsegv_handler);
#endif /* WPA_TRACE */
@@ -139,6 +171,11 @@
int sock, eloop_sock_handler handler,
void *eloop_data, void *user_data)
{
+#ifdef CONFIG_ELOOP_EPOLL
+ struct eloop_sock *temp_table;
+ struct epoll_event ev, *temp_events;
+ int next;
+#endif /* CONFIG_ELOOP_EPOLL */
struct eloop_sock *tmp;
int new_max_sock;
@@ -174,6 +211,33 @@
eloop.pollfds = n;
}
#endif /* CONFIG_ELOOP_POLL */
+#ifdef CONFIG_ELOOP_EPOLL
+ if (new_max_sock >= eloop.epoll_max_fd) {
+ next = eloop.epoll_max_fd == 0 ? 16 : eloop.epoll_max_fd * 2;
+ temp_table = os_realloc_array(eloop.epoll_table, next,
+ sizeof(struct eloop_sock));
+ if (temp_table == NULL)
+ return -1;
+
+ eloop.epoll_max_fd = next;
+ eloop.epoll_table = temp_table;
+ }
+
+ if (eloop.count + 1 > eloop.epoll_max_event_num) {
+ next = eloop.epoll_max_event_num == 0 ? 8 :
+ eloop.epoll_max_event_num * 2;
+ temp_events = os_realloc_array(eloop.epoll_events, next,
+ sizeof(struct epoll_event));
+ if (temp_events == NULL) {
+ wpa_printf(MSG_ERROR, "%s: malloc for epoll failed. "
+ "%s\n", __func__, strerror(errno));
+ return -1;
+ }
+
+ eloop.epoll_max_event_num = next;
+ eloop.epoll_events = temp_events;
+ }
+#endif /* CONFIG_ELOOP_EPOLL */
eloop_trace_sock_remove_ref(table);
tmp = os_realloc_array(table->table, table->count + 1,
@@ -190,9 +254,38 @@
table->table = tmp;
eloop.max_sock = new_max_sock;
eloop.count++;
+#ifndef CONFIG_ELOOP_EPOLL
table->changed = 1;
+#endif /* CONFIG_ELOOP_EPOLL */
eloop_trace_sock_add_ref(table);
+#ifdef CONFIG_ELOOP_EPOLL
+ os_memset(&ev, 0, sizeof(ev));
+ switch (table->type) {
+ case EVENT_TYPE_READ:
+ ev.events = EPOLLIN;
+ break;
+ case EVENT_TYPE_WRITE:
+ ev.events = EPOLLOUT;
+ break;
+ /*
+ * Exceptions are always checked when using epoll, but I suppose it's
+ * possible that someone registered a socket *only* for exception
+ * handling.
+ */
+ case EVENT_TYPE_EXCEPTION:
+ ev.events = EPOLLERR | EPOLLHUP;
+ break;
+ }
+ ev.data.fd = sock;
+ if (epoll_ctl(eloop.epollfd, EPOLL_CTL_ADD, sock, &ev) < 0) {
+ wpa_printf(MSG_ERROR, "%s: epoll_ctl(ADD) for fd=%d "
+ "failed. %s\n", __func__, sock, strerror(errno));
+ return -1;
+ }
+ os_memcpy(&eloop.epoll_table[sock], &table->table[table->count - 1],
+ sizeof(struct eloop_sock));
+#endif /* CONFIG_ELOOP_EPOLL */
return 0;
}
@@ -219,8 +312,18 @@
}
table->count--;
eloop.count--;
+#ifndef CONFIG_ELOOP_EPOLL
table->changed = 1;
+#endif /* CONFIG_ELOOP_EPOLL */
eloop_trace_sock_add_ref(table);
+#ifdef CONFIG_ELOOP_EPOLL
+ if (epoll_ctl(eloop.epollfd, EPOLL_CTL_DEL, sock, NULL) < 0) {
+ wpa_printf(MSG_ERROR, "%s: epoll_ctl(DEL) for fd=%d "
+ "failed. %s\n", __func__, sock, strerror(errno));
+ return;
+ }
+ os_memset(&eloop.epoll_table[sock], 0, sizeof(struct eloop_sock));
+#endif /* CONFIG_ELOOP_EPOLL */
}
@@ -362,7 +465,9 @@
max_pollfd_map, POLLERR | POLLHUP);
}
-#else /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_POLL */
+
+#ifdef CONFIG_ELOOP_SELECT
static void eloop_sock_table_set_fds(struct eloop_sock_table *table,
fd_set *fds)
@@ -401,7 +506,24 @@
}
}
-#endif /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_SELECT */
+
+
+#ifdef CONFIG_ELOOP_EPOLL
+static void eloop_sock_table_dispatch(struct epoll_event *events, int nfds)
+{
+ struct eloop_sock *table;
+ int i;
+
+ for (i = 0; i < nfds; i++) {
+ table = &eloop.epoll_table[events[i].data.fd];
+ if (table->handler == NULL)
+ continue;
+ table->handler(table->sock, table->eloop_data,
+ table->user_data);
+ }
+}
+#endif /* CONFIG_ELOOP_EPOLL */
static void eloop_sock_table_destroy(struct eloop_sock_table *table)
@@ -776,20 +898,24 @@
#ifdef CONFIG_ELOOP_POLL
int num_poll_fds;
int timeout_ms = 0;
-#else /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_POLL */
+#ifdef CONFIG_ELOOP_SELECT
fd_set *rfds, *wfds, *efds;
struct timeval _tv;
-#endif /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_SELECT */
+#ifdef CONFIG_ELOOP_EPOLL
+ int timeout_ms = -1;
+#endif /* CONFIG_ELOOP_EPOLL */
int res;
struct os_reltime tv, now;
-#ifndef CONFIG_ELOOP_POLL
+#ifdef CONFIG_ELOOP_SELECT
rfds = os_malloc(sizeof(*rfds));
wfds = os_malloc(sizeof(*wfds));
efds = os_malloc(sizeof(*efds));
if (rfds == NULL || wfds == NULL || efds == NULL)
goto out;
-#endif /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_SELECT */
while (!eloop.terminate &&
(!dl_list_empty(&eloop.timeout) || eloop.readers.count > 0 ||
@@ -803,12 +929,13 @@
os_reltime_sub(&timeout->time, &now, &tv);
else
tv.sec = tv.usec = 0;
-#ifdef CONFIG_ELOOP_POLL
+#if defined(CONFIG_ELOOP_POLL) || defined(CONFIG_ELOOP_EPOLL)
timeout_ms = tv.sec * 1000 + tv.usec / 1000;
-#else /* CONFIG_ELOOP_POLL */
+#endif /* defined(CONFIG_ELOOP_POLL) || defined(CONFIG_ELOOP_EPOLL) */
+#ifdef CONFIG_ELOOP_SELECT
_tv.tv_sec = tv.sec;
_tv.tv_usec = tv.usec;
-#endif /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_SELECT */
}
#ifdef CONFIG_ELOOP_POLL
@@ -818,24 +945,36 @@
eloop.max_pollfd_map);
res = poll(eloop.pollfds, num_poll_fds,
timeout ? timeout_ms : -1);
-
- if (res < 0 && errno != EINTR && errno != 0) {
- wpa_printf(MSG_INFO, "eloop: poll: %s",
- strerror(errno));
- goto out;
- }
-#else /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_POLL */
+#ifdef CONFIG_ELOOP_SELECT
eloop_sock_table_set_fds(&eloop.readers, rfds);
eloop_sock_table_set_fds(&eloop.writers, wfds);
eloop_sock_table_set_fds(&eloop.exceptions, efds);
res = select(eloop.max_sock + 1, rfds, wfds, efds,
timeout ? &_tv : NULL);
+#endif /* CONFIG_ELOOP_SELECT */
+#ifdef CONFIG_ELOOP_EPOLL
+ if (eloop.count == 0) {
+ res = 0;
+ } else {
+ res = epoll_wait(eloop.epollfd, eloop.epoll_events,
+ eloop.count, timeout_ms);
+ }
+#endif /* CONFIG_ELOOP_EPOLL */
if (res < 0 && errno != EINTR && errno != 0) {
- wpa_printf(MSG_INFO, "eloop: select: %s",
- strerror(errno));
+ wpa_printf(MSG_ERROR, "eloop: %s: %s",
+#ifdef CONFIG_ELOOP_POLL
+ "poll"
+#endif /* CONFIG_ELOOP_POLL */
+#ifdef CONFIG_ELOOP_SELECT
+ "select"
+#endif /* CONFIG_ELOOP_SELECT */
+#ifdef CONFIG_ELOOP_EPOLL
+ "epoll"
+#endif /* CONFIG_ELOOP_EPOLL */
+ , strerror(errno));
goto out;
}
-#endif /* CONFIG_ELOOP_POLL */
eloop_process_pending_signals();
/* check if some registered timeouts have occurred */
@@ -861,20 +1000,24 @@
eloop_sock_table_dispatch(&eloop.readers, &eloop.writers,
&eloop.exceptions, eloop.pollfds_map,
eloop.max_pollfd_map);
-#else /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_POLL */
+#ifdef CONFIG_ELOOP_SELECT
eloop_sock_table_dispatch(&eloop.readers, rfds);
eloop_sock_table_dispatch(&eloop.writers, wfds);
eloop_sock_table_dispatch(&eloop.exceptions, efds);
-#endif /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_SELECT */
+#ifdef CONFIG_ELOOP_EPOLL
+ eloop_sock_table_dispatch(eloop.epoll_events, res);
+#endif /* CONFIG_ELOOP_EPOLL */
}
eloop.terminate = 0;
out:
-#ifndef CONFIG_ELOOP_POLL
+#ifdef CONFIG_ELOOP_SELECT
os_free(rfds);
os_free(wfds);
os_free(efds);
-#endif /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_SELECT */
return;
}
@@ -918,6 +1061,11 @@
os_free(eloop.pollfds);
os_free(eloop.pollfds_map);
#endif /* CONFIG_ELOOP_POLL */
+#ifdef CONFIG_ELOOP_EPOLL
+ os_free(eloop.epoll_table);
+ os_free(eloop.epoll_events);
+ close(eloop.epollfd);
+#endif /* CONFIG_ELOOP_EPOLL */
}
@@ -940,7 +1088,13 @@
pfd.events = POLLIN;
poll(&pfd, 1, -1);
-#else /* CONFIG_ELOOP_POLL */
+#endif /* CONFIG_ELOOP_POLL */
+#if defined(CONFIG_ELOOP_SELECT) || defined(CONFIG_ELOOP_EPOLL)
+ /*
+ * We can use epoll() here. But epoll() requres 4 system calls.
+ * epoll_create1(), epoll_ctl() for ADD, epoll_wait, and close() for
+ * epoll fd. So select() is better for performance here.
+ */
fd_set rfds;
if (sock < 0)
@@ -949,5 +1103,9 @@
FD_ZERO(&rfds);
FD_SET(sock, &rfds);
select(sock + 1, &rfds, NULL, NULL, NULL);
-#endif /* CONFIG_ELOOP_POLL */
+#endif /* defined(CONFIG_ELOOP_SELECT) || defined(CONFIG_ELOOP_EPOLL) */
}
+
+#ifdef CONFIG_ELOOP_SELECT
+#undef CONFIG_ELOOP_SELECT
+#endif /* CONFIG_ELOOP_SELECT */