From d85590b6584499569c19f7ee4a1e0c10d5132f70 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 12 Aug 2024 12:26:52 +0100 Subject: [crypto] Centralise mechanisms for identifying X.509 certificates Centralise all current mechanisms for identifying an X.509 certificate (by raw content, by subject, by issuer and serial number, and by matching public key), and remove the certstore-specific and CMS-specific variants of these functions. Signed-off-by: Michael Brown --- src/net/tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/net/tls.c') diff --git a/src/net/tls.c b/src/net/tls.c index 5f89be452..98414e2b1 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -2467,7 +2467,7 @@ static int tls_new_certificate_request ( struct tls_connection *tls, tls->certs = NULL; /* Determine client certificate to be sent */ - cert = certstore_find_key ( tls->key ); + cert = x509_find_key ( &certstore, tls->key ); if ( ! cert ) { DBGC ( tls, "TLS %p could not find certificate corresponding " "to private key\n", tls ); -- cgit v1.2.3-55-g7522 From 96fb7a0a9395cec423a58069e1b49535e8ceceef Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Tue, 13 Aug 2024 12:25:25 +0100 Subject: [crypto] Allow passing a NULL certificate store to x509_find() et al Allow passing a NULL value for the certificate list to all functions used for identifying an X.509 certificate from an existing set of certificates, and rename function parameters to indicate that this certificate list represents an unordered certificate store (rather than an ordered certificate chain). Signed-off-by: Michael Brown --- src/crypto/certstore.c | 8 +++--- src/crypto/x509.c | 71 ++++++++++++++++++++++++++++++------------------- src/include/ipxe/x509.h | 14 +++++----- src/net/tls.c | 2 +- 4 files changed, 55 insertions(+), 40 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/crypto/certstore.c b/src/crypto/certstore.c index f8ddbd3d7..31797c4cd 100644 --- a/src/crypto/certstore.c +++ b/src/crypto/certstore.c @@ -72,16 +72,16 @@ static struct x509_certificate certstore_certs[ sizeof ( certstore_raw ) / /** * Mark stored certificate as most recently used * - * @v certs X.509 certificate list + * @v store Certificate store * @v cert X.509 certificate */ -static void certstore_found ( struct x509_chain *certs, +static void certstore_found ( struct x509_chain *store, struct x509_certificate *cert ) { /* Mark as most recently used */ list_del ( &cert->store.list ); - list_add ( &cert->store.list, &certs->links ); - DBGC2 ( certs, "CERTSTORE found certificate %s\n", + list_add ( &cert->store.list, &store->links ); + DBGC2 ( store, "CERTSTORE found certificate %s\n", x509_name ( cert ) ); } diff --git a/src/crypto/x509.c b/src/crypto/x509.c index 341b91449..acb85620f 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -1079,7 +1079,7 @@ int x509_certificate ( const void *data, size_t len, asn1_shrink_any ( &cursor ); /* Return stored certificate, if present */ - if ( ( *cert = x509_find ( &certstore, &cursor ) ) != NULL ) { + if ( ( *cert = x509_find ( NULL, &cursor ) ) != NULL ) { /* Add caller's reference */ x509_get ( *cert ); @@ -1714,16 +1714,19 @@ void x509_truncate ( struct x509_chain *chain, struct x509_link *link ) { /** * Mark X.509 certificate as found * - * @v certs X.509 certificate list + * @v store Certificate store * @v cert X.509 certificate * @ret cert X.509 certificate */ -static struct x509_certificate * x509_found ( struct x509_chain *certs, +static struct x509_certificate * x509_found ( struct x509_chain *store, struct x509_certificate *cert ) { + /* Sanity check */ + assert ( store != NULL ); + /* Mark as found, if applicable */ - if ( certs->found ) - certs->found ( certs, cert ); + if ( store->found ) + store->found ( store, cert ); return cert; } @@ -1731,22 +1734,26 @@ static struct x509_certificate * x509_found ( struct x509_chain *certs, /** * Identify X.509 certificate by raw certificate data * - * @v certs X.509 certificate list + * @v store Certificate store, or NULL to use default * @v raw Raw certificate data * @ret cert X.509 certificate, or NULL if not found */ -struct x509_certificate * x509_find ( struct x509_chain *certs, +struct x509_certificate * x509_find ( struct x509_chain *store, const struct asn1_cursor *raw ) { struct x509_link *link; struct x509_certificate *cert; + /* Use default certificate store if none specified */ + if ( ! store ) + store = &certstore; + /* Search for certificate within store */ - list_for_each_entry ( link, &certs->links, list ) { + list_for_each_entry ( link, &store->links, list ) { /* Check raw certificate data */ cert = link->cert; if ( asn1_compare ( raw, &cert->raw ) == 0 ) - return x509_found ( certs, cert ); + return x509_found ( store, cert ); } return NULL; @@ -1755,23 +1762,27 @@ struct x509_certificate * x509_find ( struct x509_chain *certs, /** * Identify X.509 certificate by subject * - * @v certs X.509 certificate list + * @v store Certificate store, or NULL to use default * @v subject Subject * @ret cert X.509 certificate, or NULL if not found */ struct x509_certificate * -x509_find_subject ( struct x509_chain *certs, +x509_find_subject ( struct x509_chain *store, const struct asn1_cursor *subject ) { struct x509_link *link; struct x509_certificate *cert; + /* Use default certificate store if none specified */ + if ( ! store ) + store = &certstore; + /* Scan through certificate list */ - list_for_each_entry ( link, &certs->links, list ) { + list_for_each_entry ( link, &store->links, list ) { /* Check subject */ cert = link->cert; if ( asn1_compare ( subject, &cert->subject.raw ) == 0 ) - return x509_found ( certs, cert ); + return x509_found ( store, cert ); } return NULL; @@ -1780,26 +1791,30 @@ x509_find_subject ( struct x509_chain *certs, /** * Identify X.509 certificate by issuer and serial number * - * @v certs X.509 certificate list + * @v store Certificate store, or NULL to use default * @v issuer Issuer * @v serial Serial number * @ret cert X.509 certificate, or NULL if not found */ struct x509_certificate * -x509_find_issuer_serial ( struct x509_chain *certs, +x509_find_issuer_serial ( struct x509_chain *store, const struct asn1_cursor *issuer, const struct asn1_cursor *serial ) { struct x509_link *link; struct x509_certificate *cert; + /* Use default certificate store if none specified */ + if ( ! store ) + store = &certstore; + /* Scan through certificate list */ - list_for_each_entry ( link, &certs->links, list ) { + list_for_each_entry ( link, &store->links, list ) { /* Check issuer and serial number */ cert = link->cert; if ( ( asn1_compare ( issuer, &cert->issuer.raw ) == 0 ) && ( asn1_compare ( serial, &cert->serial.raw ) == 0 ) ) - return x509_found ( certs, cert ); + return x509_found ( store, cert ); } return NULL; @@ -1808,17 +1823,21 @@ x509_find_issuer_serial ( struct x509_chain *certs, /** * Identify X.509 certificate by corresponding public key * - * @v certs X.509 certificate list + * @v store Certificate store, or NULL to use default * @v key Private key * @ret cert X.509 certificate, or NULL if not found */ -struct x509_certificate * x509_find_key ( struct x509_chain *certs, +struct x509_certificate * x509_find_key ( struct x509_chain *store, struct private_key *key ) { struct x509_link *link; struct x509_certificate *cert; + /* Use default certificate store if none specified */ + if ( ! store ) + store = &certstore; + /* Scan through certificate list */ - list_for_each_entry ( link, &certs->links, list ) { + list_for_each_entry ( link, &store->links, list ) { /* Check public key */ cert = link->cert; @@ -1826,7 +1845,7 @@ struct x509_certificate * x509_find_key ( struct x509_chain *certs, key->builder.data, key->builder.len, cert->subject.public_key.raw.data, cert->subject.public_key.raw.len ) == 0 ) - return x509_found ( certs, cert ); + return x509_found ( store, cert ); } return NULL; @@ -1836,13 +1855,13 @@ struct x509_certificate * x509_find_key ( struct x509_chain *certs, * Append X.509 certificates to X.509 certificate chain * * @v chain X.509 certificate chain - * @v certs X.509 certificate list + * @v store Certificate store, or NULL to use default * @ret rc Return status code * * Certificates will be automatically appended to the chain based upon * the subject and issuer names. */ -int x509_auto_append ( struct x509_chain *chain, struct x509_chain *certs ) { +int x509_auto_append ( struct x509_chain *chain, struct x509_chain *store ) { struct x509_certificate *cert; struct x509_certificate *previous; int rc; @@ -1859,7 +1878,7 @@ int x509_auto_append ( struct x509_chain *chain, struct x509_chain *certs ) { /* Find issuing certificate */ previous = cert; - cert = x509_find_subject ( certs, &cert->issuer.raw ); + cert = x509_find_subject ( store, &cert->issuer.raw ); if ( ! cert ) break; if ( cert == previous ) @@ -1888,10 +1907,6 @@ int x509_validate_chain ( struct x509_chain *chain, time_t time, struct x509_link *link; int rc; - /* Use default certificate store if none specified */ - if ( ! store ) - store = &certstore; - /* Append any applicable certificates from the certificate store */ if ( ( rc = x509_auto_append ( chain, store ) ) != 0 ) return rc; diff --git a/src/include/ipxe/x509.h b/src/include/ipxe/x509.h index 612743a77..e71cee8a3 100644 --- a/src/include/ipxe/x509.h +++ b/src/include/ipxe/x509.h @@ -204,10 +204,10 @@ struct x509_chain { struct list_head links; /** Mark certificate as found * - * @v certs X.509 certificate list + * @v store Certificate store * @v cert X.509 certificate */ - void ( * found ) ( struct x509_chain *certs, + void ( * found ) ( struct x509_chain *store, struct x509_certificate *cert ); }; @@ -432,19 +432,19 @@ extern int x509_append ( struct x509_chain *chain, extern int x509_append_raw ( struct x509_chain *chain, const void *data, size_t len ); extern void x509_truncate ( struct x509_chain *chain, struct x509_link *link ); -extern struct x509_certificate * x509_find ( struct x509_chain *certs, +extern struct x509_certificate * x509_find ( struct x509_chain *store, const struct asn1_cursor *raw ); extern struct x509_certificate * -x509_find_subject ( struct x509_chain *certs, +x509_find_subject ( struct x509_chain *store, const struct asn1_cursor *subject ); extern struct x509_certificate * -x509_find_issuer_serial ( struct x509_chain *certs, +x509_find_issuer_serial ( struct x509_chain *store, const struct asn1_cursor *issuer, const struct asn1_cursor *serial ); -extern struct x509_certificate * x509_find_key ( struct x509_chain *certs, +extern struct x509_certificate * x509_find_key ( struct x509_chain *store, struct private_key *key ); extern int x509_auto_append ( struct x509_chain *chain, - struct x509_chain *certs ); + struct x509_chain *store ); extern int x509_validate_chain ( struct x509_chain *chain, time_t time, struct x509_chain *store, struct x509_root *root ); diff --git a/src/net/tls.c b/src/net/tls.c index 98414e2b1..c08057103 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -2467,7 +2467,7 @@ static int tls_new_certificate_request ( struct tls_connection *tls, tls->certs = NULL; /* Determine client certificate to be sent */ - cert = x509_find_key ( &certstore, tls->key ); + cert = x509_find_key ( NULL, tls->key ); if ( ! cert ) { DBGC ( tls, "TLS %p could not find certificate corresponding " "to private key\n", tls ); -- cgit v1.2.3-55-g7522 From 53f089b723e16eecb4fd2e2a59b74b3932431b30 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Sun, 18 Aug 2024 10:43:52 +0100 Subject: [crypto] Pass asymmetric keys as ASN.1 cursors Asymmetric keys are invariably encountered within ASN.1 structures such as X.509 certificates, and the various large integers within an RSA key are themselves encoded using ASN.1. Simplify all code handling asymmetric keys by passing keys as a single ASN.1 cursor, rather than separate data and length pointers. Signed-off-by: Michael Brown --- src/crypto/cms.c | 3 +-- src/crypto/crypto_null.c | 4 +-- src/crypto/ocsp.c | 4 +-- src/crypto/rsa.c | 30 +++++---------------- src/crypto/x509.c | 9 +++---- src/drivers/net/iphone.c | 3 +-- src/include/ipxe/crypto.h | 23 +++++++--------- src/net/tls.c | 5 ++-- src/tests/pubkey_test.h | 37 ++++++++++---------------- src/tests/rsa_test.c | 68 +++++++++++++++++++++-------------------------- 10 files changed, 74 insertions(+), 112 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/crypto/cms.c b/src/crypto/cms.c index 1f33613f4..0b772f1cf 100644 --- a/src/crypto/cms.c +++ b/src/crypto/cms.c @@ -621,8 +621,7 @@ static int cms_verify_digest ( struct cms_message *cms, cms_digest ( cms, part, data, len, digest_out ); /* Initialise public-key algorithm */ - if ( ( rc = pubkey_init ( pubkey, ctx, public_key->raw.data, - public_key->raw.len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, ctx, &public_key->raw ) ) != 0 ) { DBGC ( cms, "CMS %p/%p could not initialise public key: %s\n", cms, part, strerror ( rc ) ); goto err_init; diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c index 0ad463c3e..b4169382b 100644 --- a/src/crypto/crypto_null.c +++ b/src/crypto/crypto_null.c @@ -93,8 +93,8 @@ struct cipher_algorithm cipher_null = { .auth = cipher_null_auth, }; -int pubkey_null_init ( void *ctx __unused, const void *key __unused, - size_t key_len __unused ) { +int pubkey_null_init ( void *ctx __unused, + const struct asn1_cursor *key __unused ) { return 0; } diff --git a/src/crypto/ocsp.c b/src/crypto/ocsp.c index cc957b40c..f35593454 100644 --- a/src/crypto/ocsp.c +++ b/src/crypto/ocsp.c @@ -857,8 +857,8 @@ static int ocsp_check_signature ( struct ocsp_check *ocsp, digest_final ( digest, digest_ctx, digest_out ); /* Initialise public-key algorithm */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, public_key->raw.data, - public_key->raw.len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, + &public_key->raw ) ) != 0 ) { DBGC ( ocsp, "OCSP %p \"%s\" could not initialise public key: " "%s\n", ocsp, x509_name ( ocsp->cert ), strerror ( rc )); goto err_init; diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c index 16c67d822..2d288a953 100644 --- a/src/crypto/rsa.c +++ b/src/crypto/rsa.c @@ -233,27 +233,21 @@ static int rsa_parse_mod_exp ( struct asn1_cursor *modulus, * * @v ctx RSA context * @v key Key - * @v key_len Length of key * @ret rc Return status code */ -static int rsa_init ( void *ctx, const void *key, size_t key_len ) { +static int rsa_init ( void *ctx, const struct asn1_cursor *key ) { struct rsa_context *context = ctx; struct asn1_cursor modulus; struct asn1_cursor exponent; - struct asn1_cursor cursor; int rc; /* Initialise context */ memset ( context, 0, sizeof ( *context ) ); - /* Initialise cursor */ - cursor.data = key; - cursor.len = key_len; - /* Parse modulus and exponent */ - if ( ( rc = rsa_parse_mod_exp ( &modulus, &exponent, &cursor ) ) != 0 ){ + if ( ( rc = rsa_parse_mod_exp ( &modulus, &exponent, key ) ) != 0 ){ DBGC ( context, "RSA %p invalid modulus/exponent:\n", context ); - DBGC_HDA ( context, 0, cursor.data, cursor.len ); + DBGC_HDA ( context, 0, key->data, key->len ); goto err_parse; } @@ -592,33 +586,23 @@ static void rsa_final ( void *ctx ) { * Check for matching RSA public/private key pair * * @v private_key Private key - * @v private_key_len Private key length * @v public_key Public key - * @v public_key_len Public key length * @ret rc Return status code */ -static int rsa_match ( const void *private_key, size_t private_key_len, - const void *public_key, size_t public_key_len ) { +static int rsa_match ( const struct asn1_cursor *private_key, + const struct asn1_cursor *public_key ) { struct asn1_cursor private_modulus; struct asn1_cursor private_exponent; - struct asn1_cursor private_cursor; struct asn1_cursor public_modulus; struct asn1_cursor public_exponent; - struct asn1_cursor public_cursor; int rc; - /* Initialise cursors */ - private_cursor.data = private_key; - private_cursor.len = private_key_len; - public_cursor.data = public_key; - public_cursor.len = public_key_len; - /* Parse moduli and exponents */ if ( ( rc = rsa_parse_mod_exp ( &private_modulus, &private_exponent, - &private_cursor ) ) != 0 ) + private_key ) ) != 0 ) return rc; if ( ( rc = rsa_parse_mod_exp ( &public_modulus, &public_exponent, - &public_cursor ) ) != 0 ) + public_key ) ) != 0 ) return rc; /* Compare moduli */ diff --git a/src/crypto/x509.c b/src/crypto/x509.c index acb85620f..c0762740e 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -1149,8 +1149,8 @@ static int x509_check_signature ( struct x509_certificate *cert, } /* Verify signature using signer's public key */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, public_key->raw.data, - public_key->raw.len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, + &public_key->raw ) ) != 0 ) { DBGC ( cert, "X509 %p \"%s\" cannot initialise public key: " "%s\n", cert, x509_name ( cert ), strerror ( rc ) ); goto err_pubkey_init; @@ -1842,9 +1842,8 @@ struct x509_certificate * x509_find_key ( struct x509_chain *store, /* Check public key */ cert = link->cert; if ( pubkey_match ( cert->signature_algorithm->pubkey, - key->builder.data, key->builder.len, - cert->subject.public_key.raw.data, - cert->subject.public_key.raw.len ) == 0 ) + privkey_cursor ( key ), + &cert->subject.public_key.raw ) == 0 ) return x509_found ( store, cert ); } diff --git a/src/drivers/net/iphone.c b/src/drivers/net/iphone.c index bbac527bd..96eb0952b 100644 --- a/src/drivers/net/iphone.c +++ b/src/drivers/net/iphone.c @@ -367,8 +367,7 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, int rc; /* Initialise "private" key */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, private->data, - private->len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, private ) ) != 0 ) { DBGC ( icert, "ICERT %p could not initialise private key: " "%s\n", icert, strerror ( rc ) ); goto err_pubkey_init; diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h index a6f437655..8b6eb94f6 100644 --- a/src/include/ipxe/crypto.h +++ b/src/include/ipxe/crypto.h @@ -12,6 +12,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); #include #include #include +#include /** A message digest algorithm */ struct digest_algorithm { @@ -126,10 +127,9 @@ struct pubkey_algorithm { * * @v ctx Context * @v key Key - * @v key_len Length of key * @ret rc Return status code */ - int ( * init ) ( void *ctx, const void *key, size_t key_len ); + int ( * init ) ( void *ctx, const struct asn1_cursor *key ); /** Calculate maximum output length * * @v ctx Context @@ -186,13 +186,11 @@ struct pubkey_algorithm { /** Check that public key matches private key * * @v private_key Private key - * @v private_key_len Private key length * @v public_key Public key - * @v public_key_len Public key length * @ret rc Return status code */ - int ( * match ) ( const void *private_key, size_t private_key_len, - const void *public_key, size_t public_key_len ); + int ( * match ) ( const struct asn1_cursor *private_key, + const struct asn1_cursor *public_key ); }; /** An elliptic curve */ @@ -282,8 +280,8 @@ is_auth_cipher ( struct cipher_algorithm *cipher ) { static inline __attribute__ (( always_inline )) int pubkey_init ( struct pubkey_algorithm *pubkey, void *ctx, - const void *key, size_t key_len ) { - return pubkey->init ( ctx, key, key_len ); + const struct asn1_cursor *key ) { + return pubkey->init ( ctx, key ); } static inline __attribute__ (( always_inline )) size_t @@ -324,10 +322,9 @@ pubkey_final ( struct pubkey_algorithm *pubkey, void *ctx ) { static inline __attribute__ (( always_inline )) int pubkey_match ( struct pubkey_algorithm *pubkey, - const void *private_key, size_t private_key_len, - const void *public_key, size_t public_key_len ) { - return pubkey->match ( private_key, private_key_len, public_key, - public_key_len ); + const struct asn1_cursor *private_key, + const struct asn1_cursor *public_key ) { + return pubkey->match ( private_key, public_key ); } static inline __attribute__ (( always_inline )) int @@ -348,7 +345,7 @@ extern void cipher_null_decrypt ( void *ctx, const void *src, void *dst, size_t len ); extern void cipher_null_auth ( void *ctx, void *auth ); -extern int pubkey_null_init ( void *ctx, const void *key, size_t key_len ); +extern int pubkey_null_init ( void *ctx, const struct asn1_cursor *key ); extern size_t pubkey_null_max_len ( void *ctx ); extern int pubkey_null_encrypt ( void *ctx, const void *plaintext, size_t plaintext_len, void *ciphertext ); diff --git a/src/net/tls.c b/src/net/tls.c index c08057103..a22626f41 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -1824,7 +1824,7 @@ static int tls_send_certificate_verify ( struct tls_connection *tls ) { tls_verify_handshake ( tls, digest_out ); /* Initialise public-key algorithm */ - if ( ( rc = pubkey_init ( pubkey, ctx, key->data, key->len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, ctx, key ) ) != 0 ) { DBGC ( tls, "TLS %p could not initialise %s client private " "key: %s\n", tls, pubkey->name, strerror ( rc ) ); goto err_pubkey_init; @@ -3581,8 +3581,7 @@ static void tls_validator_done ( struct tls_connection *tls, int rc ) { /* Initialise public key algorithm */ if ( ( rc = pubkey_init ( pubkey, cipherspec->pubkey_ctx, - cert->subject.public_key.raw.data, - cert->subject.public_key.raw.len ) ) != 0 ) { + &cert->subject.public_key.raw ) ) != 0 ) { DBGC ( tls, "TLS %p cannot initialise public key: %s\n", tls, strerror ( rc ) ); goto err; diff --git a/src/tests/pubkey_test.h b/src/tests/pubkey_test.h index cd65b8703..214992238 100644 --- a/src/tests/pubkey_test.h +++ b/src/tests/pubkey_test.h @@ -12,17 +12,16 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); * * @v pubkey Public key algorithm * @v key Key - * @v key_len Key length * @v ciphertext Ciphertext * @v ciphertext_len Ciphertext length * @v expected Expected plaintext * @v expected_len Expected plaintext length */ -#define pubkey_decrypt_ok( pubkey, key, key_len, ciphertext, \ - ciphertext_len, expected, expected_len ) do {\ +#define pubkey_decrypt_ok( pubkey, key, ciphertext, ciphertext_len, \ + expected, expected_len ) do { \ uint8_t ctx[ (pubkey)->ctxsize ]; \ \ - ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + ok ( pubkey_init ( (pubkey), ctx, (key) ) == 0 ); \ { \ size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ uint8_t decrypted[ max_len ]; \ @@ -44,19 +43,15 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); * * @v pubkey Public key algorithm * @v encrypt_key Encryption key - * @v encrypt_key_len Encryption key length * @v decrypt_key Decryption key - * @v decrypt_key_len Decryption key length * @v plaintext Plaintext * @v plaintext_len Plaintext length */ -#define pubkey_encrypt_ok( pubkey, encrypt_key, encrypt_key_len, \ - decrypt_key, decrypt_key_len, plaintext, \ +#define pubkey_encrypt_ok( pubkey, encrypt_key, decrypt_key, plaintext, \ plaintext_len ) do { \ uint8_t ctx[ (pubkey)->ctxsize ]; \ \ - ok ( pubkey_init ( (pubkey), ctx, (encrypt_key), \ - (encrypt_key_len) ) == 0 ); \ + ok ( pubkey_init ( (pubkey), ctx, (encrypt_key) ) == 0 ); \ { \ size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ uint8_t encrypted[ max_len ]; \ @@ -68,9 +63,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); encrypted ); \ ok ( encrypted_len >= 0 ); \ pubkey_decrypt_ok ( (pubkey), (decrypt_key), \ - (decrypt_key_len), encrypted, \ - encrypted_len, (plaintext), \ - (plaintext_len) ); \ + encrypted, encrypted_len, \ + (plaintext), (plaintext_len) ); \ } \ pubkey_final ( (pubkey), ctx ); \ } while ( 0 ) @@ -80,15 +74,14 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); * * @v pubkey Public key algorithm * @v key Key - * @v key_len Key length * @v digest Digest algorithm * @v plaintext Plaintext * @v plaintext_len Plaintext length * @v expected Expected signature * @v expected_len Expected signature length */ -#define pubkey_sign_ok( pubkey, key, key_len, digest, plaintext, \ - plaintext_len, expected, expected_len ) do { \ +#define pubkey_sign_ok( pubkey, key, digest, plaintext, plaintext_len, \ + expected, expected_len ) do { \ uint8_t ctx[ (pubkey)->ctxsize ]; \ uint8_t digestctx[ (digest)->ctxsize ]; \ uint8_t digestout[ (digest)->digestsize ]; \ @@ -98,7 +91,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); (plaintext_len) ); \ digest_final ( (digest), digestctx, digestout ); \ \ - ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + ok ( pubkey_init ( (pubkey), ctx, (key) ) == 0 ); \ { \ size_t max_len = pubkey_max_len ( (pubkey), ctx ); \ uint8_t signature[ max_len ]; \ @@ -118,14 +111,13 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); * * @v pubkey Public key algorithm * @v key Key - * @v key_len Key length * @v digest Digest algorithm * @v plaintext Plaintext * @v plaintext_len Plaintext length * @v signature Signature * @v signature_len Signature length */ -#define pubkey_verify_ok( pubkey, key, key_len, digest, plaintext, \ +#define pubkey_verify_ok( pubkey, key, digest, plaintext, \ plaintext_len, signature, signature_len ) do {\ uint8_t ctx[ (pubkey)->ctxsize ]; \ uint8_t digestctx[ (digest)->ctxsize ]; \ @@ -136,7 +128,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); (plaintext_len) ); \ digest_final ( (digest), digestctx, digestout ); \ \ - ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + ok ( pubkey_init ( (pubkey), ctx, (key) ) == 0 ); \ ok ( pubkey_verify ( (pubkey), ctx, (digest), digestout, \ (signature), (signature_len) ) == 0 ); \ pubkey_final ( (pubkey), ctx ); \ @@ -147,14 +139,13 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); * * @v pubkey Public key algorithm * @v key Key - * @v key_len Key length * @v digest Digest algorithm * @v plaintext Plaintext * @v plaintext_len Plaintext length * @v signature Signature * @v signature_len Signature length */ -#define pubkey_verify_fail_ok( pubkey, key, key_len, digest, plaintext, \ +#define pubkey_verify_fail_ok( pubkey, key, digest, plaintext, \ plaintext_len, signature, \ signature_len ) do { \ uint8_t ctx[ (pubkey)->ctxsize ]; \ @@ -166,7 +157,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); (plaintext_len) ); \ digest_final ( (digest), digestctx, digestout ); \ \ - ok ( pubkey_init ( (pubkey), ctx, (key), (key_len) ) == 0 ); \ + ok ( pubkey_init ( (pubkey), ctx, (key) ) == 0 ); \ ok ( pubkey_verify ( (pubkey), ctx, (digest), digestout, \ (signature), (signature_len) ) != 0 ); \ pubkey_final ( (pubkey), ctx ); \ diff --git a/src/tests/rsa_test.c b/src/tests/rsa_test.c index 46894f603..b1d522bc0 100644 --- a/src/tests/rsa_test.c +++ b/src/tests/rsa_test.c @@ -61,13 +61,9 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); /** An RSA encryption and decryption self-test */ struct rsa_encrypt_decrypt_test { /** Private key */ - const void *private; - /** Private key length */ - size_t private_len; + const struct asn1_cursor private; /** Public key */ - const void *public; - /** Public key length */ - size_t public_len; + const struct asn1_cursor public; /** Plaintext */ const void *plaintext; /** Plaintext length */ @@ -100,10 +96,14 @@ struct rsa_encrypt_decrypt_test { static const uint8_t name ## _plaintext[] = PLAINTEXT; \ static const uint8_t name ## _ciphertext[] = CIPHERTEXT; \ static struct rsa_encrypt_decrypt_test name = { \ - .private = name ## _private, \ - .private_len = sizeof ( name ## _private ), \ - .public = name ## _public, \ - .public_len = sizeof ( name ## _public ), \ + .private = { \ + .data = name ## _private, \ + .len = sizeof ( name ## _private ), \ + }, \ + .public = { \ + .data = name ## _public, \ + .len = sizeof ( name ## _public ), \ + }, \ .plaintext = name ## _plaintext, \ .plaintext_len = sizeof ( name ## _plaintext ), \ .ciphertext = name ## _ciphertext, \ @@ -113,13 +113,9 @@ struct rsa_encrypt_decrypt_test { /** An RSA signature self-test */ struct rsa_signature_test { /** Private key */ - const void *private; - /** Private key length */ - size_t private_len; + const struct asn1_cursor private; /** Public key */ - const void *public; - /** Public key length */ - size_t public_len; + const struct asn1_cursor public; /** Plaintext */ const void *plaintext; /** Plaintext length */ @@ -150,10 +146,14 @@ struct rsa_signature_test { static const uint8_t name ## _plaintext[] = PLAINTEXT; \ static const uint8_t name ## _signature[] = SIGNATURE; \ static struct rsa_signature_test name = { \ - .private = name ## _private, \ - .private_len = sizeof ( name ## _private ), \ - .public = name ## _public, \ - .public_len = sizeof ( name ## _public ), \ + .private = { \ + .data = name ## _private, \ + .len = sizeof ( name ## _private ), \ + }, \ + .public = { \ + .data = name ## _public, \ + .len = sizeof ( name ## _public ), \ + }, \ .plaintext = name ## _plaintext, \ .plaintext_len = sizeof ( name ## _plaintext ), \ .algorithm = ALGORITHM, \ @@ -167,17 +167,14 @@ struct rsa_signature_test { * @v test RSA encryption and decryption test */ #define rsa_encrypt_decrypt_ok( test ) do { \ - pubkey_decrypt_ok ( &rsa_algorithm, (test)->private, \ - (test)->private_len, (test)->ciphertext, \ - (test)->ciphertext_len, (test)->plaintext, \ + pubkey_decrypt_ok ( &rsa_algorithm, &(test)->private, \ + (test)->ciphertext, (test)->ciphertext_len, \ + (test)->plaintext, (test)->plaintext_len );\ + pubkey_encrypt_ok ( &rsa_algorithm, &(test)->private, \ + &(test)->public, (test)->plaintext, \ (test)->plaintext_len ); \ - pubkey_encrypt_ok ( &rsa_algorithm, (test)->private, \ - (test)->private_len, (test)->public, \ - (test)->public_len, (test)->plaintext, \ - (test)->plaintext_len ); \ - pubkey_encrypt_ok ( &rsa_algorithm, (test)->public, \ - (test)->public_len, (test)->private, \ - (test)->private_len, (test)->plaintext, \ + pubkey_encrypt_ok ( &rsa_algorithm, &(test)->public, \ + &(test)->private, (test)->plaintext, \ (test)->plaintext_len ); \ } while ( 0 ) @@ -190,18 +187,15 @@ struct rsa_signature_test { #define rsa_signature_ok( test ) do { \ struct digest_algorithm *digest = (test)->algorithm->digest; \ uint8_t bad_signature[ (test)->signature_len ]; \ - pubkey_sign_ok ( &rsa_algorithm, (test)->private, \ - (test)->private_len, digest, \ + pubkey_sign_ok ( &rsa_algorithm, &(test)->private, digest, \ (test)->plaintext, (test)->plaintext_len, \ (test)->signature, (test)->signature_len ); \ - pubkey_verify_ok ( &rsa_algorithm, (test)->public, \ - (test)->public_len, digest, \ + pubkey_verify_ok ( &rsa_algorithm, &(test)->public, digest, \ (test)->plaintext, (test)->plaintext_len, \ (test)->signature, (test)->signature_len ); \ memset ( bad_signature, 0, sizeof ( bad_signature ) ); \ - pubkey_verify_fail_ok ( &rsa_algorithm, (test)->public, \ - (test)->public_len, digest, \ - (test)->plaintext, \ + pubkey_verify_fail_ok ( &rsa_algorithm, &(test)->public, \ + digest, (test)->plaintext, \ (test)->plaintext_len, bad_signature, \ sizeof ( bad_signature ) ); \ } while ( 0 ) -- cgit v1.2.3-55-g7522 From c9cac76a5c07536a466bdcbb15c69e090f0bb9f7 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Wed, 21 Aug 2024 11:45:36 +0100 Subject: [tls] Group transmit and receive state in TLS connection structure The TLS connection structure has grown to become unmanageably large as new features and support for new TLS protocol versions have been added over time. Split out the portions of struct tls_connection that are specific to transmit and receive operations into separate structures, and simplify some structure field names. Signed-off-by: Michael Brown --- src/include/ipxe/tls.h | 69 ++++++++++++--------- src/net/tls.c | 158 ++++++++++++++++++++++++------------------------- 2 files changed, 119 insertions(+), 108 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index cf3277820..b4e41ccc2 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -250,6 +250,14 @@ struct tls_cipherspec { void *fixed_iv; }; +/** A TLS cipher specification pair */ +struct tls_cipherspec_pair { + /** Current cipher specification */ + struct tls_cipherspec active; + /** Next cipher specification */ + struct tls_cipherspec pending; +}; + /** A TLS signature and hash algorithm identifier */ struct tls_signature_hash_id { /** Hash algorithm */ @@ -340,6 +348,36 @@ struct tls_session { struct list_head conn; }; +/** TLS transmit state */ +struct tls_tx { + /** Cipher specifications */ + struct tls_cipherspec_pair cipherspec; + /** Sequence number */ + uint64_t seq; + /** Pending transmissions */ + unsigned int pending; + /** Transmit process */ + struct process process; +}; + +/** TLS receive state */ +struct tls_rx { + /** Cipher specifications */ + struct tls_cipherspec_pair cipherspec; + /** Sequence number */ + uint64_t seq; + /** State machine current state */ + enum tls_rx_state state; + /** Current received record header */ + struct tls_header header; + /** Current received record header (static I/O buffer) */ + struct io_buffer iobuf; + /** List of received data buffers */ + struct list_head data; + /** Received handshake fragment */ + struct io_buffer *handshake; +}; + /** A TLS connection */ struct tls_connection { /** Reference counter */ @@ -365,14 +403,6 @@ struct tls_connection { /** Protocol version */ uint16_t version; - /** Current TX cipher specification */ - struct tls_cipherspec tx_cipherspec; - /** Next TX cipher specification */ - struct tls_cipherspec tx_cipherspec_pending; - /** Current RX cipher specification */ - struct tls_cipherspec rx_cipherspec; - /** Next RX cipher specification */ - struct tls_cipherspec rx_cipherspec_pending; /** Master secret */ uint8_t master_secret[48]; /** Server random bytes */ @@ -410,25 +440,10 @@ struct tls_connection { /** Certificate validation pending operation */ struct pending_operation validation; - /** TX sequence number */ - uint64_t tx_seq; - /** TX pending transmissions */ - unsigned int tx_pending; - /** TX process */ - struct process process; - - /** RX sequence number */ - uint64_t rx_seq; - /** RX state */ - enum tls_rx_state rx_state; - /** Current received record header */ - struct tls_header rx_header; - /** Current received record header (static I/O buffer) */ - struct io_buffer rx_header_iobuf; - /** List of received data buffers */ - struct list_head rx_data; - /** Received handshake fragment */ - struct io_buffer *rx_handshake; + /** Transmit state */ + struct tls_tx tx; + /** Receive state */ + struct tls_rx rx; }; /** RX I/O buffer size diff --git a/src/net/tls.c b/src/net/tls.c index a22626f41..ec985e332 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -382,17 +382,17 @@ static void free_tls ( struct refcnt *refcnt ) { /* Free dynamically-allocated resources */ free ( tls->new_session_ticket ); - tls_clear_cipher ( tls, &tls->tx_cipherspec ); - tls_clear_cipher ( tls, &tls->tx_cipherspec_pending ); - tls_clear_cipher ( tls, &tls->rx_cipherspec ); - tls_clear_cipher ( tls, &tls->rx_cipherspec_pending ); + tls_clear_cipher ( tls, &tls->tx.cipherspec.active ); + tls_clear_cipher ( tls, &tls->tx.cipherspec.pending ); + tls_clear_cipher ( tls, &tls->rx.cipherspec.active ); + tls_clear_cipher ( tls, &tls->rx.cipherspec.pending ); free ( tls->server_key ); free ( tls->handshake_ctx ); - list_for_each_entry_safe ( iobuf, tmp, &tls->rx_data, list ) { + list_for_each_entry_safe ( iobuf, tmp, &tls->rx.data, list ) { list_del ( &iobuf->list ); free_iob ( iobuf ); } - free_iob ( tls->rx_handshake ); + free_iob ( tls->rx.handshake ); x509_chain_put ( tls->certs ); x509_chain_put ( tls->chain ); x509_root_put ( tls->root ); @@ -420,7 +420,7 @@ static void tls_close ( struct tls_connection *tls, int rc ) { pending_put ( &tls->validation ); /* Remove process */ - process_del ( &tls->process ); + process_del ( &tls->tx.process ); /* Close all interfaces */ intf_shutdown ( &tls->cipherstream, rc ); @@ -662,8 +662,8 @@ static void tls_generate_master_secret ( struct tls_connection *tls, * The master secret must already be known. */ static int tls_generate_keys ( struct tls_connection *tls ) { - struct tls_cipherspec *tx_cipherspec = &tls->tx_cipherspec_pending; - struct tls_cipherspec *rx_cipherspec = &tls->rx_cipherspec_pending; + struct tls_cipherspec *tx_cipherspec = &tls->tx.cipherspec.pending; + struct tls_cipherspec *rx_cipherspec = &tls->rx.cipherspec.pending; size_t hash_size = tx_cipherspec->suite->mac_len; size_t key_size = tx_cipherspec->suite->key_len; size_t iv_size = tx_cipherspec->suite->fixed_iv_len; @@ -936,10 +936,10 @@ static int tls_select_cipher ( struct tls_connection *tls, return rc; /* Set ciphers */ - if ( ( rc = tls_set_cipher ( tls, &tls->tx_cipherspec_pending, + if ( ( rc = tls_set_cipher ( tls, &tls->tx.cipherspec.pending, suite ) ) != 0 ) return rc; - if ( ( rc = tls_set_cipher ( tls, &tls->rx_cipherspec_pending, + if ( ( rc = tls_set_cipher ( tls, &tls->rx.cipherspec.pending, suite ) ) != 0 ) return rc; @@ -955,22 +955,20 @@ static int tls_select_cipher ( struct tls_connection *tls, * Activate next cipher suite * * @v tls TLS connection - * @v pending Pending cipher specification - * @v active Active cipher specification to replace + * @v pair Cipher specification pair * @ret rc Return status code */ static int tls_change_cipher ( struct tls_connection *tls, - struct tls_cipherspec *pending, - struct tls_cipherspec *active ) { + struct tls_cipherspec_pair *pair ) { /* Sanity check */ - if ( pending->suite == &tls_cipher_suite_null ) { + if ( pair->pending.suite == &tls_cipher_suite_null ) { DBGC ( tls, "TLS %p refusing to use null cipher\n", tls ); return -ENOTSUP_NULL; } - tls_clear_cipher ( tls, active ); - memswap ( active, pending, sizeof ( *active ) ); + tls_clear_cipher ( tls, &pair->active ); + memswap ( &pair->active, &pair->pending, sizeof ( pair->active ) ); return 0; } @@ -1088,7 +1086,7 @@ tls_find_named_curve ( unsigned int named_curve ) { * @v tls TLS connection */ static void tls_tx_resume ( struct tls_connection *tls ) { - process_add ( &tls->process ); + process_add ( &tls->tx.process ); } /** @@ -1111,13 +1109,13 @@ static void tls_tx_resume_all ( struct tls_session *session ) { static void tls_restart ( struct tls_connection *tls ) { /* Sanity check */ - assert ( ! tls->tx_pending ); + assert ( ! tls->tx.pending ); assert ( ! is_pending ( &tls->client_negotiation ) ); assert ( ! is_pending ( &tls->server_negotiation ) ); assert ( ! is_pending ( &tls->validation ) ); /* (Re)start negotiation */ - tls->tx_pending = TLS_TX_CLIENT_HELLO; + tls->tx.pending = TLS_TX_CLIENT_HELLO; tls_tx_resume ( tls ); pending_get ( &tls->client_negotiation ); pending_get ( &tls->server_negotiation ); @@ -1392,7 +1390,7 @@ static int tls_send_certificate ( struct tls_connection *tls ) { * @ret rc Return status code */ static int tls_send_client_key_exchange_pubkey ( struct tls_connection *tls ) { - struct tls_cipherspec *cipherspec = &tls->tx_cipherspec_pending; + struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.pending; struct pubkey_algorithm *pubkey = cipherspec->suite->pubkey; size_t max_len = pubkey_max_len ( pubkey, cipherspec->pubkey_ctx ); struct { @@ -1458,7 +1456,7 @@ struct tls_key_exchange_algorithm tls_pubkey_exchange_algorithm = { */ static int tls_verify_dh_params ( struct tls_connection *tls, size_t param_len ) { - struct tls_cipherspec *cipherspec = &tls->tx_cipherspec_pending; + struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.pending; struct pubkey_algorithm *pubkey; struct digest_algorithm *digest; int use_sig_hash = tls_version ( tls, TLS_VERSION_TLS_1_2 ); @@ -1783,7 +1781,7 @@ struct tls_key_exchange_algorithm tls_ecdhe_exchange_algorithm = { * @ret rc Return status code */ static int tls_send_client_key_exchange ( struct tls_connection *tls ) { - struct tls_cipherspec *cipherspec = &tls->tx_cipherspec_pending; + struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.pending; struct tls_cipher_suite *suite = cipherspec->suite; int rc; @@ -1976,13 +1974,12 @@ static int tls_new_change_cipher ( struct tls_connection *tls, iob_pull ( iobuf, sizeof ( *change_cipher ) ); /* Change receive cipher spec */ - if ( ( rc = tls_change_cipher ( tls, &tls->rx_cipherspec_pending, - &tls->rx_cipherspec ) ) != 0 ) { + if ( ( rc = tls_change_cipher ( tls, &tls->rx.cipherspec ) ) != 0 ) { DBGC ( tls, "TLS %p could not activate RX cipher: %s\n", tls, strerror ( rc ) ); return rc; } - tls->rx_seq = ~( ( uint64_t ) 0 ); + tls->rx.seq = ~( ( uint64_t ) 0 ); return 0; } @@ -2587,7 +2584,7 @@ static int tls_new_finished ( struct tls_connection *tls, * transmission of Change Cipher and Finished. */ if ( is_pending ( &tls->client_negotiation ) ) { - tls->tx_pending |= ( TLS_TX_CHANGE_CIPHER | TLS_TX_FINISHED ); + tls->tx.pending |= ( TLS_TX_CHANGE_CIPHER | TLS_TX_FINISHED ); tls_tx_resume ( tls ); } @@ -2788,7 +2785,7 @@ static int tls_new_record ( struct tls_connection *tls, unsigned int type, break; case TLS_TYPE_HANDSHAKE: handler = tls_new_handshake; - iobuf = &tls->rx_handshake; + iobuf = &tls->rx.handshake; break; default: DBGC ( tls, "TLS %p unknown record type %d\n", tls, type ); @@ -2935,7 +2932,7 @@ static void tls_hmac_list ( struct tls_cipherspec *cipherspec, */ static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, const void *data, size_t len ) { - struct tls_cipherspec *cipherspec = &tls->tx_cipherspec; + struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.active; struct tls_cipher_suite *suite = cipherspec->suite; struct cipher_algorithm *cipher = suite->cipher; struct digest_algorithm *digest = suite->digest; @@ -2962,7 +2959,7 @@ static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, } /* Construct authentication data */ - authhdr.seq = cpu_to_be64 ( tls->tx_seq ); + authhdr.seq = cpu_to_be64 ( tls->tx.seq ); authhdr.header.type = type; authhdr.header.version = htons ( tls->version ); authhdr.header.length = htons ( len ); @@ -3046,7 +3043,7 @@ static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, } /* Update TX state machine to next record */ - tls->tx_seq += 1; + tls->tx.seq += 1; assert ( plaintext == NULL ); assert ( ciphertext == NULL ); @@ -3107,7 +3104,7 @@ static int tls_verify_padding ( struct tls_connection *tls, static int tls_new_ciphertext ( struct tls_connection *tls, struct tls_header *tlshdr, struct list_head *rx_data ) { - struct tls_cipherspec *cipherspec = &tls->rx_cipherspec; + struct tls_cipherspec *cipherspec = &tls->rx.cipherspec.active; struct tls_cipher_suite *suite = cipherspec->suite; struct cipher_algorithm *cipher = suite->cipher; struct digest_algorithm *digest = suite->digest; @@ -3156,7 +3153,7 @@ static int tls_new_ciphertext ( struct tls_connection *tls, auth = last->tail; /* Construct authentication data */ - authhdr.seq = cpu_to_be64 ( tls->rx_seq ); + authhdr.seq = cpu_to_be64 ( tls->rx.seq ); authhdr.header.type = tlshdr->type; authhdr.header.version = tlshdr->version; authhdr.header.length = htons ( len ); @@ -3172,7 +3169,7 @@ static int tls_new_ciphertext ( struct tls_connection *tls, /* Decrypt the received data */ check_len = 0; - list_for_each_entry ( iobuf, &tls->rx_data, list ) { + list_for_each_entry ( iobuf, &tls->rx.data, list ) { cipher_decrypt ( cipher, cipherspec->cipher_ctx, iobuf->data, iobuf->data, iob_len ( iobuf ) ); check_len += iob_len ( iobuf ); @@ -3334,10 +3331,10 @@ static struct interface_descriptor tls_plainstream_desc = * @ret rc Returned status code */ static int tls_newdata_process_header ( struct tls_connection *tls ) { - struct tls_cipherspec *cipherspec = &tls->rx_cipherspec; + struct tls_cipherspec *cipherspec = &tls->rx.cipherspec.active; struct cipher_algorithm *cipher = cipherspec->suite->cipher; size_t iv_len = cipherspec->suite->record_iv_len; - size_t data_len = ntohs ( tls->rx_header.length ); + size_t data_len = ntohs ( tls->rx.header.length ); size_t remaining = data_len; size_t frag_len; size_t reserve; @@ -3353,7 +3350,7 @@ static int tls_newdata_process_header ( struct tls_connection *tls ) { remaining += reserve; /* Allocate data buffers now that we know the length */ - assert ( list_empty ( &tls->rx_data ) ); + assert ( list_empty ( &tls->rx.data ) ); while ( remaining ) { /* Calculate fragment length. Ensure that no block is @@ -3394,16 +3391,16 @@ static int tls_newdata_process_header ( struct tls_connection *tls ) { reserve = 0; /* Add I/O buffer to list */ - list_add_tail ( &iobuf->list, &tls->rx_data ); + list_add_tail ( &iobuf->list, &tls->rx.data ); } /* Move to data state */ - tls->rx_state = TLS_RX_DATA; + tls->rx.state = TLS_RX_DATA; return 0; err: - list_for_each_entry_safe ( iobuf, tmp, &tls->rx_data, list ) { + list_for_each_entry_safe ( iobuf, tmp, &tls->rx.data, list ) { list_del ( &iobuf->list ); free_iob ( iobuf ); } @@ -3421,27 +3418,27 @@ static int tls_newdata_process_data ( struct tls_connection *tls ) { int rc; /* Move current buffer to end of list */ - iobuf = list_first_entry ( &tls->rx_data, struct io_buffer, list ); + iobuf = list_first_entry ( &tls->rx.data, struct io_buffer, list ); list_del ( &iobuf->list ); - list_add_tail ( &iobuf->list, &tls->rx_data ); + list_add_tail ( &iobuf->list, &tls->rx.data ); /* Continue receiving data if any space remains */ - iobuf = list_first_entry ( &tls->rx_data, struct io_buffer, list ); + iobuf = list_first_entry ( &tls->rx.data, struct io_buffer, list ); if ( iob_tailroom ( iobuf ) ) return 0; /* Process record */ - if ( ( rc = tls_new_ciphertext ( tls, &tls->rx_header, - &tls->rx_data ) ) != 0 ) + if ( ( rc = tls_new_ciphertext ( tls, &tls->rx.header, + &tls->rx.data ) ) != 0 ) return rc; /* Increment RX sequence number */ - tls->rx_seq += 1; + tls->rx.seq += 1; /* Return to header state */ - assert ( list_empty ( &tls->rx_data ) ); - tls->rx_state = TLS_RX_HEADER; - iob_unput ( &tls->rx_header_iobuf, sizeof ( tls->rx_header ) ); + assert ( list_empty ( &tls->rx.data ) ); + tls->rx.state = TLS_RX_HEADER; + iob_unput ( &tls->rx.iobuf, sizeof ( tls->rx.header ) ); return 0; } @@ -3480,13 +3477,13 @@ static int tls_cipherstream_deliver ( struct tls_connection *tls, while ( iob_len ( iobuf ) ) { /* Select buffer according to current state */ - switch ( tls->rx_state ) { + switch ( tls->rx.state ) { case TLS_RX_HEADER: - dest = &tls->rx_header_iobuf; + dest = &tls->rx.iobuf; process = tls_newdata_process_header; break; case TLS_RX_DATA: - dest = list_first_entry ( &tls->rx_data, + dest = list_first_entry ( &tls->rx.data, struct io_buffer, list ); assert ( dest != NULL ); process = tls_newdata_process_data; @@ -3550,7 +3547,7 @@ static struct interface_descriptor tls_cipherstream_desc = */ static void tls_validator_done ( struct tls_connection *tls, int rc ) { struct tls_session *session = tls->session; - struct tls_cipherspec *cipherspec = &tls->tx_cipherspec_pending; + struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.pending; struct pubkey_algorithm *pubkey = cipherspec->suite->pubkey; struct x509_certificate *cert; @@ -3588,11 +3585,11 @@ static void tls_validator_done ( struct tls_connection *tls, int rc ) { } /* Schedule Client Key Exchange, Change Cipher, and Finished */ - tls->tx_pending |= ( TLS_TX_CLIENT_KEY_EXCHANGE | + tls->tx.pending |= ( TLS_TX_CLIENT_KEY_EXCHANGE | TLS_TX_CHANGE_CIPHER | TLS_TX_FINISHED ); if ( tls->certs ) { - tls->tx_pending |= ( TLS_TX_CERTIFICATE | + tls->tx.pending |= ( TLS_TX_CERTIFICATE | TLS_TX_CERTIFICATE_VERIFY ); } tls_tx_resume ( tls ); @@ -3635,7 +3632,7 @@ static void tls_tx_step ( struct tls_connection *tls ) { return; /* Send first pending transmission */ - if ( tls->tx_pending & TLS_TX_CLIENT_HELLO ) { + if ( tls->tx.pending & TLS_TX_CLIENT_HELLO ) { /* Serialise server negotiations within a session, to * provide a consistent view of session IDs and * session tickets. @@ -3668,32 +3665,32 @@ static void tls_tx_step ( struct tls_connection *tls ) { tls, strerror ( rc ) ); goto err; } - tls->tx_pending &= ~TLS_TX_CLIENT_HELLO; - } else if ( tls->tx_pending & TLS_TX_CERTIFICATE ) { + tls->tx.pending &= ~TLS_TX_CLIENT_HELLO; + } else if ( tls->tx.pending & TLS_TX_CERTIFICATE ) { /* Send Certificate */ if ( ( rc = tls_send_certificate ( tls ) ) != 0 ) { DBGC ( tls, "TLS %p cold not send Certificate: %s\n", tls, strerror ( rc ) ); goto err; } - tls->tx_pending &= ~TLS_TX_CERTIFICATE; - } else if ( tls->tx_pending & TLS_TX_CLIENT_KEY_EXCHANGE ) { + tls->tx.pending &= ~TLS_TX_CERTIFICATE; + } else if ( tls->tx.pending & TLS_TX_CLIENT_KEY_EXCHANGE ) { /* Send Client Key Exchange */ if ( ( rc = tls_send_client_key_exchange ( tls ) ) != 0 ) { DBGC ( tls, "TLS %p could not send Client Key " "Exchange: %s\n", tls, strerror ( rc ) ); goto err; } - tls->tx_pending &= ~TLS_TX_CLIENT_KEY_EXCHANGE; - } else if ( tls->tx_pending & TLS_TX_CERTIFICATE_VERIFY ) { + tls->tx.pending &= ~TLS_TX_CLIENT_KEY_EXCHANGE; + } else if ( tls->tx.pending & TLS_TX_CERTIFICATE_VERIFY ) { /* Send Certificate Verify */ if ( ( rc = tls_send_certificate_verify ( tls ) ) != 0 ) { DBGC ( tls, "TLS %p could not send Certificate " "Verify: %s\n", tls, strerror ( rc ) ); goto err; } - tls->tx_pending &= ~TLS_TX_CERTIFICATE_VERIFY; - } else if ( tls->tx_pending & TLS_TX_CHANGE_CIPHER ) { + tls->tx.pending &= ~TLS_TX_CERTIFICATE_VERIFY; + } else if ( tls->tx.pending & TLS_TX_CHANGE_CIPHER ) { /* Send Change Cipher, and then change the cipher in use */ if ( ( rc = tls_send_change_cipher ( tls ) ) != 0 ) { DBGC ( tls, "TLS %p could not send Change Cipher: " @@ -3701,28 +3698,27 @@ static void tls_tx_step ( struct tls_connection *tls ) { goto err; } if ( ( rc = tls_change_cipher ( tls, - &tls->tx_cipherspec_pending, - &tls->tx_cipherspec )) != 0 ){ + &tls->tx.cipherspec ) ) != 0 ){ DBGC ( tls, "TLS %p could not activate TX cipher: " "%s\n", tls, strerror ( rc ) ); goto err; } - tls->tx_seq = 0; - tls->tx_pending &= ~TLS_TX_CHANGE_CIPHER; - } else if ( tls->tx_pending & TLS_TX_FINISHED ) { + tls->tx.seq = 0; + tls->tx.pending &= ~TLS_TX_CHANGE_CIPHER; + } else if ( tls->tx.pending & TLS_TX_FINISHED ) { /* Send Finished */ if ( ( rc = tls_send_finished ( tls ) ) != 0 ) { DBGC ( tls, "TLS %p could not send Finished: %s\n", tls, strerror ( rc ) ); goto err; } - tls->tx_pending &= ~TLS_TX_FINISHED; + tls->tx.pending &= ~TLS_TX_FINISHED; } /* Reschedule process if pending transmissions remain, * otherwise send notification of a window change. */ - if ( tls->tx_pending ) { + if ( tls->tx.pending ) { tls_tx_resume ( tls ); } else { xfer_window_changed ( &tls->plainstream ); @@ -3736,7 +3732,7 @@ static void tls_tx_step ( struct tls_connection *tls ) { /** TLS TX process descriptor */ static struct process_descriptor tls_process_desc = - PROC_DESC_ONCE ( struct tls_connection, process, tls_tx_step ); + PROC_DESC_ONCE ( struct tls_connection, tx.process, tls_tx_step ); /****************************************************************************** * @@ -3829,20 +3825,20 @@ int add_tls ( struct interface *xfer, const char *name, intf_init ( &tls->plainstream, &tls_plainstream_desc, &tls->refcnt ); intf_init ( &tls->cipherstream, &tls_cipherstream_desc, &tls->refcnt ); intf_init ( &tls->validator, &tls_validator_desc, &tls->refcnt ); - process_init_stopped ( &tls->process, &tls_process_desc, + process_init_stopped ( &tls->tx.process, &tls_process_desc, &tls->refcnt ); tls->key = privkey_get ( key ? key : &private_key ); tls->root = x509_root_get ( root ? root : &root_certificates ); tls->version = TLS_VERSION_MAX; - tls_clear_cipher ( tls, &tls->tx_cipherspec ); - tls_clear_cipher ( tls, &tls->tx_cipherspec_pending ); - tls_clear_cipher ( tls, &tls->rx_cipherspec ); - tls_clear_cipher ( tls, &tls->rx_cipherspec_pending ); + tls_clear_cipher ( tls, &tls->tx.cipherspec.active ); + tls_clear_cipher ( tls, &tls->tx.cipherspec.pending ); + tls_clear_cipher ( tls, &tls->rx.cipherspec.active ); + tls_clear_cipher ( tls, &tls->rx.cipherspec.pending ); tls_clear_handshake ( tls ); tls->client_random.gmt_unix_time = time ( NULL ); - iob_populate ( &tls->rx_header_iobuf, &tls->rx_header, 0, - sizeof ( tls->rx_header ) ); - INIT_LIST_HEAD ( &tls->rx_data ); + iob_populate ( &tls->rx.iobuf, &tls->rx.header, 0, + sizeof ( tls->rx.header ) ); + INIT_LIST_HEAD ( &tls->rx.data ); if ( ( rc = tls_generate_random ( tls, &tls->client_random.random, ( sizeof ( tls->client_random.random ) ) ) ) != 0 ) { goto err_random; -- cgit v1.2.3-55-g7522 From acbabdb335f47eb8246188a23ed7e3997da6e8ba Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Wed, 21 Aug 2024 12:15:24 +0100 Subject: [tls] Group client and server state in TLS connection structure The TLS connection structure has grown to become unmanageably large as new features and support for new TLS protocol versions have been added over time. Split out the portions of struct tls_connection that are specific to client and server operations into separate structures, and simplify some structure field names. Signed-off-by: Michael Brown --- src/include/ipxe/tls.h | 62 ++++++++------ src/net/tls.c | 213 ++++++++++++++++++++++++++----------------------- 2 files changed, 147 insertions(+), 128 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index b4e41ccc2..9494eaa05 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -378,6 +378,38 @@ struct tls_rx { struct io_buffer *handshake; }; +/** TLS client state */ +struct tls_client { + /** Random bytes */ + struct tls_client_random random; + /** Private key (if used) */ + struct private_key *key; + /** Certificate chain (if used) */ + struct x509_chain *chain; + /** Security negotiation pending operation */ + struct pending_operation negotiation; +}; + +/** TLS server state */ +struct tls_server { + /** Random bytes */ + uint8_t random[32]; + /** Server Key Exchange record (if any) */ + void *exchange; + /** Server Key Exchange record length */ + size_t exchange_len; + /** Root of trust */ + struct x509_root *root; + /** Certificate chain */ + struct x509_chain *chain; + /** Certificate validator */ + struct interface validator; + /** Certificate validation pending operation */ + struct pending_operation validation; + /** Security negotiation pending operation */ + struct pending_operation negotiation; +}; + /** A TLS connection */ struct tls_connection { /** Reference counter */ @@ -405,45 +437,23 @@ struct tls_connection { uint16_t version; /** Master secret */ uint8_t master_secret[48]; - /** Server random bytes */ - uint8_t server_random[32]; - /** Client random bytes */ - struct tls_client_random client_random; - /** Server Key Exchange record (if any) */ - void *server_key; - /** Server Key Exchange record length */ - size_t server_key_len; /** Digest algorithm used for handshake verification */ struct digest_algorithm *handshake_digest; /** Digest algorithm context used for handshake verification */ uint8_t *handshake_ctx; - /** Private key */ - struct private_key *key; - /** Client certificate chain (if used) */ - struct x509_chain *certs; /** Secure renegotiation flag */ int secure_renegotiation; /** Verification data */ struct tls_verify_data verify; - /** Root of trust */ - struct x509_root *root; - /** Server certificate chain */ - struct x509_chain *chain; - /** Certificate validator */ - struct interface validator; - - /** Client security negotiation pending operation */ - struct pending_operation client_negotiation; - /** Server security negotiation pending operation */ - struct pending_operation server_negotiation; - /** Certificate validation pending operation */ - struct pending_operation validation; - /** Transmit state */ struct tls_tx tx; /** Receive state */ struct tls_rx rx; + /** Client state */ + struct tls_client client; + /** Server state */ + struct tls_server server; }; /** RX I/O buffer size diff --git a/src/net/tls.c b/src/net/tls.c index ec985e332..ec503e43d 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -251,8 +251,8 @@ static void tls_set_uint24 ( tls24_t *field24, unsigned long value ) { * @ret is_ready TLS connection is ready */ static int tls_ready ( struct tls_connection *tls ) { - return ( ( ! is_pending ( &tls->client_negotiation ) ) && - ( ! is_pending ( &tls->server_negotiation ) ) ); + return ( ( ! is_pending ( &tls->client.negotiation ) ) && + ( ! is_pending ( &tls->server.negotiation ) ) ); } /** @@ -386,17 +386,17 @@ static void free_tls ( struct refcnt *refcnt ) { tls_clear_cipher ( tls, &tls->tx.cipherspec.pending ); tls_clear_cipher ( tls, &tls->rx.cipherspec.active ); tls_clear_cipher ( tls, &tls->rx.cipherspec.pending ); - free ( tls->server_key ); + free ( tls->server.exchange ); free ( tls->handshake_ctx ); list_for_each_entry_safe ( iobuf, tmp, &tls->rx.data, list ) { list_del ( &iobuf->list ); free_iob ( iobuf ); } free_iob ( tls->rx.handshake ); - x509_chain_put ( tls->certs ); - x509_chain_put ( tls->chain ); - x509_root_put ( tls->root ); - privkey_put ( tls->key ); + privkey_put ( tls->client.key ); + x509_chain_put ( tls->client.chain ); + x509_chain_put ( tls->server.chain ); + x509_root_put ( tls->server.root ); /* Drop reference to session */ assert ( list_empty ( &tls->list ) ); @@ -415,9 +415,9 @@ static void free_tls ( struct refcnt *refcnt ) { static void tls_close ( struct tls_connection *tls, int rc ) { /* Remove pending operations, if applicable */ - pending_put ( &tls->client_negotiation ); - pending_put ( &tls->server_negotiation ); - pending_put ( &tls->validation ); + pending_put ( &tls->client.negotiation ); + pending_put ( &tls->server.negotiation ); + pending_put ( &tls->server.validation ); /* Remove process */ process_del ( &tls->tx.process ); @@ -425,7 +425,7 @@ static void tls_close ( struct tls_connection *tls, int rc ) { /* Close all interfaces */ intf_shutdown ( &tls->cipherstream, rc ); intf_shutdown ( &tls->plainstream, rc ); - intf_shutdown ( &tls->validator, rc ); + intf_shutdown ( &tls->server.validator, rc ); /* Remove from session */ list_del ( &tls->list ); @@ -640,15 +640,15 @@ static void tls_generate_master_secret ( struct tls_connection *tls, DBGC ( tls, "TLS %p pre-master-secret:\n", tls ); DBGC_HD ( tls, pre_master_secret, pre_master_secret_len ); DBGC ( tls, "TLS %p client random bytes:\n", tls ); - DBGC_HD ( tls, &tls->client_random, sizeof ( tls->client_random ) ); + DBGC_HD ( tls, &tls->client.random, sizeof ( tls->client.random ) ); DBGC ( tls, "TLS %p server random bytes:\n", tls ); - DBGC_HD ( tls, &tls->server_random, sizeof ( tls->server_random ) ); + DBGC_HD ( tls, &tls->server.random, sizeof ( tls->server.random ) ); tls_prf_label ( tls, pre_master_secret, pre_master_secret_len, &tls->master_secret, sizeof ( tls->master_secret ), "master secret", - &tls->client_random, sizeof ( tls->client_random ), - &tls->server_random, sizeof ( tls->server_random ) ); + &tls->client.random, sizeof ( tls->client.random ), + &tls->server.random, sizeof ( tls->server.random ) ); DBGC ( tls, "TLS %p generated master secret:\n", tls ); DBGC_HD ( tls, &tls->master_secret, sizeof ( tls->master_secret ) ); @@ -675,8 +675,8 @@ static int tls_generate_keys ( struct tls_connection *tls ) { /* Generate key block */ tls_prf_label ( tls, &tls->master_secret, sizeof ( tls->master_secret ), key_block, sizeof ( key_block ), "key expansion", - &tls->server_random, sizeof ( tls->server_random ), - &tls->client_random, sizeof ( tls->client_random ) ); + &tls->server.random, sizeof ( tls->server.random ), + &tls->client.random, sizeof ( tls->client.random ) ); /* Split key block into portions */ key = key_block; @@ -1110,15 +1110,15 @@ static void tls_restart ( struct tls_connection *tls ) { /* Sanity check */ assert ( ! tls->tx.pending ); - assert ( ! is_pending ( &tls->client_negotiation ) ); - assert ( ! is_pending ( &tls->server_negotiation ) ); - assert ( ! is_pending ( &tls->validation ) ); + assert ( ! is_pending ( &tls->client.negotiation ) ); + assert ( ! is_pending ( &tls->server.negotiation ) ); + assert ( ! is_pending ( &tls->server.validation ) ); /* (Re)start negotiation */ tls->tx.pending = TLS_TX_CLIENT_HELLO; tls_tx_resume ( tls ); - pending_get ( &tls->client_negotiation ); - pending_get ( &tls->server_negotiation ); + pending_get ( &tls->client.negotiation ); + pending_get ( &tls->server.negotiation ); } /** @@ -1237,7 +1237,7 @@ static int tls_client_hello ( struct tls_connection *tls, htonl ( sizeof ( hello ) - sizeof ( hello.type_length ) ) ); hello.version = htons ( TLS_VERSION_MAX ); - memcpy ( &hello.random, &tls->client_random, sizeof ( hello.random ) ); + memcpy ( &hello.random, &tls->client.random, sizeof ( hello.random ) ); hello.session_id_len = tls->session_id_len; memcpy ( hello.session_id, tls->session_id, sizeof ( hello.session_id ) ); @@ -1344,7 +1344,7 @@ static int tls_send_certificate ( struct tls_connection *tls ) { /* Calculate length of client certificates */ len = 0; - list_for_each_entry ( link, &tls->certs->links, list ) { + list_for_each_entry ( link, &tls->client.chain->links, list ) { cert = link->cert; len += ( sizeof ( *certificate ) + cert->raw.len ); DBGC ( tls, "TLS %p sending client certificate %s\n", @@ -1365,7 +1365,7 @@ static int tls_send_certificate ( struct tls_connection *tls ) { sizeof ( certificates->type_length ) ) ); tls_set_uint24 ( &certificates->length, len ); certificate = &certificates->certificates[0]; - list_for_each_entry ( link, &tls->certs->links, list ) { + list_for_each_entry ( link, &tls->client.chain->links, list ) { cert = link->cert; tls_set_uint24 ( &certificate->length, cert->raw.len ); memcpy ( certificate->data, cert->raw.data, cert->raw.len ); @@ -1470,9 +1470,9 @@ static int tls_verify_dh_params ( struct tls_connection *tls, int rc; /* Signature follows parameters */ - assert ( param_len <= tls->server_key_len ); - data = ( tls->server_key + param_len ); - remaining = ( tls->server_key_len - param_len ); + assert ( param_len <= tls->server.exchange_len ); + data = ( tls->server.exchange + param_len ); + remaining = ( tls->server.exchange_len - param_len ); /* Parse signature from ServerKeyExchange */ sig = data; @@ -1481,7 +1481,8 @@ static int tls_verify_dh_params ( struct tls_connection *tls, sizeof ( *sig ) ) ) ) { DBGC ( tls, "TLS %p received underlength ServerKeyExchange\n", tls ); - DBGC_HDA ( tls, 0, tls->server_key, tls->server_key_len ); + DBGC_HDA ( tls, 0, tls->server.exchange, + tls->server.exchange_len ); return -EINVAL_KEY_EXCHANGE; } @@ -1514,11 +1515,11 @@ static int tls_verify_dh_params ( struct tls_connection *tls, /* Calculate digest */ digest_init ( digest, ctx ); - digest_update ( digest, ctx, &tls->client_random, - sizeof ( tls->client_random ) ); - digest_update ( digest, ctx, tls->server_random, - sizeof ( tls->server_random ) ); - digest_update ( digest, ctx, tls->server_key, param_len ); + digest_update ( digest, ctx, &tls->client.random, + sizeof ( tls->client.random ) ); + digest_update ( digest, ctx, tls->server.random, + sizeof ( tls->server.random ) ); + digest_update ( digest, ctx, tls->server.exchange, param_len ); digest_final ( digest, ctx, hash ); /* Verify signature */ @@ -1527,8 +1528,8 @@ static int tls_verify_dh_params ( struct tls_connection *tls, signature_len ) ) != 0 ) { DBGC ( tls, "TLS %p ServerKeyExchange failed " "verification\n", tls ); - DBGC_HDA ( tls, 0, tls->server_key, - tls->server_key_len ); + DBGC_HDA ( tls, 0, tls->server.exchange, + tls->server.exchange_len ); return -EPERM_KEY_EXCHANGE; } } @@ -1543,7 +1544,7 @@ static int tls_verify_dh_params ( struct tls_connection *tls, * @ret rc Return status code */ static int tls_send_client_key_exchange_dhe ( struct tls_connection *tls ) { - uint8_t private[ sizeof ( tls->client_random.random ) ]; + uint8_t private[ sizeof ( tls->client.random.random ) ]; const struct { uint16_t len; uint8_t data[0]; @@ -1556,8 +1557,8 @@ static int tls_send_client_key_exchange_dhe ( struct tls_connection *tls ) { int rc; /* Parse ServerKeyExchange */ - data = tls->server_key; - remaining = tls->server_key_len; + data = tls->server.exchange; + remaining = tls->server.exchange_len; for ( i = 0 ; i < ( sizeof ( dh_val ) / sizeof ( dh_val[0] ) ) ; i++ ){ dh_val[i] = data; if ( ( sizeof ( *dh_val[i] ) > remaining ) || @@ -1565,8 +1566,8 @@ static int tls_send_client_key_exchange_dhe ( struct tls_connection *tls ) { sizeof ( *dh_val[i] ) ) )){ DBGC ( tls, "TLS %p received underlength " "ServerKeyExchange\n", tls ); - DBGC_HDA ( tls, 0, tls->server_key, - tls->server_key_len ); + DBGC_HDA ( tls, 0, tls->server.exchange, + tls->server.exchange_len ); rc = -EINVAL_KEY_EXCHANGE; goto err_header; } @@ -1574,7 +1575,7 @@ static int tls_send_client_key_exchange_dhe ( struct tls_connection *tls ) { data += frag_len; remaining -= frag_len; } - param_len = ( tls->server_key_len - remaining ); + param_len = ( tls->server.exchange_len - remaining ); /* Verify parameter signature */ if ( ( rc = tls_verify_dh_params ( tls, param_len ) ) != 0 ) @@ -1679,12 +1680,14 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { int rc; /* Parse ServerKeyExchange record */ - ecdh = tls->server_key; - if ( ( sizeof ( *ecdh ) > tls->server_key_len ) || - ( ecdh->public_len > ( tls->server_key_len - sizeof ( *ecdh ) ))){ + ecdh = tls->server.exchange; + if ( ( sizeof ( *ecdh ) > tls->server.exchange_len ) || + ( ecdh->public_len > ( tls->server.exchange_len - + sizeof ( *ecdh ) ) ) ) { DBGC ( tls, "TLS %p received underlength ServerKeyExchange\n", tls ); - DBGC_HDA ( tls, 0, tls->server_key, tls->server_key_len ); + DBGC_HDA ( tls, 0, tls->server.exchange, + tls->server.exchange_len ); return -EINVAL_KEY_EXCHANGE; } param_len = ( sizeof ( *ecdh ) + ecdh->public_len ); @@ -1697,14 +1700,16 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { if ( ecdh->curve_type != TLS_NAMED_CURVE_TYPE ) { DBGC ( tls, "TLS %p unsupported curve type %d\n", tls, ecdh->curve_type ); - DBGC_HDA ( tls, 0, tls->server_key, tls->server_key_len ); + DBGC_HDA ( tls, 0, tls->server.exchange, + tls->server.exchange_len ); return -ENOTSUP_CURVE; } curve = tls_find_named_curve ( ecdh->named_curve ); if ( ! curve ) { DBGC ( tls, "TLS %p unsupported named curve %d\n", tls, ntohs ( ecdh->named_curve ) ); - DBGC_HDA ( tls, 0, tls->server_key, tls->server_key_len ); + DBGC_HDA ( tls, 0, tls->server.exchange, + tls->server.exchange_len ); return -ENOTSUP_CURVE; } @@ -1712,7 +1717,8 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { if ( ecdh->public_len != curve->curve->keysize ) { DBGC ( tls, "TLS %p invalid %s key\n", tls, curve->curve->name ); - DBGC_HDA ( tls, 0, tls->server_key, tls->server_key_len ); + DBGC_HDA ( tls, 0, tls->server.exchange, + tls->server.exchange_len ); return -EINVAL_KEY_EXCHANGE; } @@ -1810,9 +1816,9 @@ static int tls_send_client_key_exchange ( struct tls_connection *tls ) { */ static int tls_send_certificate_verify ( struct tls_connection *tls ) { struct digest_algorithm *digest = tls->handshake_digest; - struct x509_certificate *cert = x509_first ( tls->certs ); + struct x509_certificate *cert = x509_first ( tls->client.chain ); struct pubkey_algorithm *pubkey = cert->signature_algorithm->pubkey; - struct asn1_cursor *key = privkey_cursor ( tls->key ); + struct asn1_cursor *key = privkey_cursor ( tls->client.key ); uint8_t digest_out[ digest->digestsize ]; uint8_t ctx[ pubkey->ctxsize ]; struct tls_signature_hash_algorithm *sig_hash = NULL; @@ -1944,7 +1950,7 @@ static int tls_send_finished ( struct tls_connection *tls ) { return rc; /* Mark client as finished */ - pending_put ( &tls->client_negotiation ); + pending_put ( &tls->client.negotiation ); return 0; } @@ -2185,8 +2191,8 @@ static int tls_new_server_hello ( struct tls_connection *tls, return rc; /* Copy out server random bytes */ - memcpy ( &tls->server_random, &hello_a->random, - sizeof ( tls->server_random ) ); + memcpy ( &tls->server.random, &hello_a->random, + sizeof ( tls->server.random ) ); /* Check session ID */ if ( hello_a->session_id_len && @@ -2306,12 +2312,12 @@ static int tls_parse_chain ( struct tls_connection *tls, int rc; /* Free any existing certificate chain */ - x509_chain_put ( tls->chain ); - tls->chain = NULL; + x509_chain_put ( tls->server.chain ); + tls->server.chain = NULL; /* Create certificate chain */ - tls->chain = x509_alloc_chain(); - if ( ! tls->chain ) { + tls->server.chain = x509_alloc_chain(); + if ( ! tls->server.chain ) { rc = -ENOMEM_CHAIN; goto err_alloc_chain; } @@ -2343,14 +2349,15 @@ static int tls_parse_chain ( struct tls_connection *tls, record_len = ( sizeof ( *certificate ) + certificate_len ); /* Add certificate to chain */ - if ( ( rc = x509_append_raw ( tls->chain, certificate->data, + if ( ( rc = x509_append_raw ( tls->server.chain, + certificate->data, certificate_len ) ) != 0 ) { DBGC ( tls, "TLS %p could not append certificate: %s\n", tls, strerror ( rc ) ); DBGC_HDA ( tls, 0, data, remaining ); goto err_parse; } - cert = x509_last ( tls->chain ); + cert = x509_last ( tls->server.chain ); DBGC ( tls, "TLS %p found certificate %s\n", tls, x509_name ( cert ) ); @@ -2364,8 +2371,8 @@ static int tls_parse_chain ( struct tls_connection *tls, err_parse: err_overlength: err_underlength: - x509_chain_put ( tls->chain ); - tls->chain = NULL; + x509_chain_put ( tls->server.chain ); + tls->server.chain = NULL; err_alloc_chain: return rc; } @@ -2422,12 +2429,12 @@ static int tls_new_server_key_exchange ( struct tls_connection *tls, const void *data, size_t len ) { /* Free any existing server key exchange record */ - free ( tls->server_key ); - tls->server_key_len = 0; + free ( tls->server.exchange ); + tls->server.exchange_len = 0; /* Allocate copy of server key exchange record */ - tls->server_key = malloc ( len ); - if ( ! tls->server_key ) + tls->server.exchange = malloc ( len ); + if ( ! tls->server.exchange ) return -ENOMEM; /* Store copy of server key exchange record for later @@ -2435,8 +2442,8 @@ static int tls_new_server_key_exchange ( struct tls_connection *tls, * since the certificate validation will not yet have * completed. */ - memcpy ( tls->server_key, data, len ); - tls->server_key_len = len; + memcpy ( tls->server.exchange, data, len ); + tls->server.exchange_len = len; return 0; } @@ -2460,11 +2467,11 @@ static int tls_new_certificate_request ( struct tls_connection *tls, */ /* Free any existing client certificate chain */ - x509_chain_put ( tls->certs ); - tls->certs = NULL; + x509_chain_put ( tls->client.chain ); + tls->client.chain = NULL; /* Determine client certificate to be sent */ - cert = x509_find_key ( NULL, tls->key ); + cert = x509_find_key ( NULL, tls->client.key ); if ( ! cert ) { DBGC ( tls, "TLS %p could not find certificate corresponding " "to private key\n", tls ); @@ -2476,18 +2483,18 @@ static int tls_new_certificate_request ( struct tls_connection *tls, tls, x509_name ( cert ) ); /* Create client certificate chain */ - tls->certs = x509_alloc_chain(); - if ( ! tls->certs ) { + tls->client.chain = x509_alloc_chain(); + if ( ! tls->client.chain ) { rc = -ENOMEM; goto err_alloc; } /* Append client certificate to chain */ - if ( ( rc = x509_append ( tls->certs, cert ) ) != 0 ) + if ( ( rc = x509_append ( tls->client.chain, cert ) ) != 0 ) goto err_append; /* Append any relevant issuer certificates */ - if ( ( rc = x509_auto_append ( tls->certs, &certstore ) ) != 0 ) + if ( ( rc = x509_auto_append ( tls->client.chain, &certstore ) ) != 0 ) goto err_auto_append; /* Drop local reference to client certificate */ @@ -2497,8 +2504,8 @@ static int tls_new_certificate_request ( struct tls_connection *tls, err_auto_append: err_append: - x509_chain_put ( tls->certs ); - tls->certs = NULL; + x509_chain_put ( tls->client.chain ); + tls->client.chain = NULL; err_alloc: x509_put ( cert ); err_find: @@ -2529,13 +2536,14 @@ static int tls_new_server_hello_done ( struct tls_connection *tls, } /* Begin certificate validation */ - if ( ( rc = create_validator ( &tls->validator, tls->chain, - tls->root ) ) != 0 ) { + if ( ( rc = create_validator ( &tls->server.validator, + tls->server.chain, + tls->server.root ) ) != 0 ) { DBGC ( tls, "TLS %p could not start certificate validation: " "%s\n", tls, strerror ( rc ) ); return rc; } - pending_get ( &tls->validation ); + pending_get ( &tls->server.validation ); return 0; } @@ -2577,13 +2585,13 @@ static int tls_new_finished ( struct tls_connection *tls, } /* Mark server as finished */ - pending_put ( &tls->server_negotiation ); + pending_put ( &tls->server.negotiation ); /* If we are resuming a session (i.e. if the server Finished * arrives before the client Finished is sent), then schedule * transmission of Change Cipher and Finished. */ - if ( is_pending ( &tls->client_negotiation ) ) { + if ( is_pending ( &tls->client.negotiation ) ) { tls->tx.pending |= ( TLS_TX_CHANGE_CIPHER | TLS_TX_FINISHED ); tls_tx_resume ( tls ); } @@ -3295,8 +3303,8 @@ static int tls_progress ( struct tls_connection *tls, struct job_progress *progress ) { /* Return cipherstream or validator progress as applicable */ - if ( is_pending ( &tls->validation ) ) { - return job_progress ( &tls->validator, progress ); + if ( is_pending ( &tls->server.validation ) ) { + return job_progress ( &tls->server.validator, progress ); } else { return job_progress ( &tls->cipherstream, progress ); } @@ -3552,10 +3560,10 @@ static void tls_validator_done ( struct tls_connection *tls, int rc ) { struct x509_certificate *cert; /* Mark validation as complete */ - pending_put ( &tls->validation ); + pending_put ( &tls->server.validation ); /* Close validator interface */ - intf_restart ( &tls->validator, rc ); + intf_restart ( &tls->server.validator, rc ); /* Check for validation failure */ if ( rc != 0 ) { @@ -3566,7 +3574,7 @@ static void tls_validator_done ( struct tls_connection *tls, int rc ) { DBGC ( tls, "TLS %p certificate validation succeeded\n", tls ); /* Extract first certificate */ - cert = x509_first ( tls->chain ); + cert = x509_first ( tls->server.chain ); assert ( cert != NULL ); /* Verify server name */ @@ -3588,7 +3596,7 @@ static void tls_validator_done ( struct tls_connection *tls, int rc ) { tls->tx.pending |= ( TLS_TX_CLIENT_KEY_EXCHANGE | TLS_TX_CHANGE_CIPHER | TLS_TX_FINISHED ); - if ( tls->certs ) { + if ( tls->client.chain ) { tls->tx.pending |= ( TLS_TX_CERTIFICATE | TLS_TX_CERTIFICATE_VERIFY ); } @@ -3608,7 +3616,8 @@ static struct interface_operation tls_validator_ops[] = { /** TLS certificate validator interface descriptor */ static struct interface_descriptor tls_validator_desc = - INTF_DESC ( struct tls_connection, validator, tls_validator_ops ); + INTF_DESC ( struct tls_connection, server.validator, + tls_validator_ops ); /****************************************************************************** * @@ -3640,7 +3649,7 @@ static void tls_tx_step ( struct tls_connection *tls ) { list_for_each_entry ( conn, &session->conn, list ) { if ( conn == tls ) break; - if ( is_pending ( &conn->server_negotiation ) ) + if ( is_pending ( &conn->server.negotiation ) ) return; } /* Record or generate session ID and associated master secret */ @@ -3654,8 +3663,8 @@ static void tls_tx_step ( struct tls_connection *tls ) { } else { /* No existing session: use a random session ID */ assert ( sizeof ( tls->session_id ) == - sizeof ( tls->client_random ) ); - memcpy ( tls->session_id, &tls->client_random, + sizeof ( tls->client.random ) ); + memcpy ( tls->session_id, &tls->client.random, sizeof ( tls->session_id ) ); tls->session_id_len = sizeof ( tls->session_id ); } @@ -3756,8 +3765,8 @@ static int tls_session ( struct tls_connection *tls, const char *name ) { /* Find existing matching session, if any */ list_for_each_entry ( session, &tls_sessions, list ) { if ( ( strcmp ( name, session->name ) == 0 ) && - ( tls->root == session->root ) && - ( tls->key == session->key ) ) { + ( tls->server.root == session->root ) && + ( tls->client.key == session->key ) ) { ref_get ( &session->refcnt ); tls->session = session; DBGC ( tls, "TLS %p joining session %s\n", tls, name ); @@ -3776,8 +3785,8 @@ static int tls_session ( struct tls_connection *tls, const char *name ) { name_copy = ( ( ( void * ) session ) + sizeof ( *session ) ); strcpy ( name_copy, name ); session->name = name_copy; - session->root = x509_root_get ( tls->root ); - session->key = privkey_get ( tls->key ); + session->root = x509_root_get ( tls->server.root ); + session->key = privkey_get ( tls->client.key ); INIT_LIST_HEAD ( &session->conn ); list_add ( &session->list, &tls_sessions ); @@ -3824,23 +3833,23 @@ int add_tls ( struct interface *xfer, const char *name, INIT_LIST_HEAD ( &tls->list ); intf_init ( &tls->plainstream, &tls_plainstream_desc, &tls->refcnt ); intf_init ( &tls->cipherstream, &tls_cipherstream_desc, &tls->refcnt ); - intf_init ( &tls->validator, &tls_validator_desc, &tls->refcnt ); + intf_init ( &tls->server.validator, &tls_validator_desc, &tls->refcnt ); process_init_stopped ( &tls->tx.process, &tls_process_desc, &tls->refcnt ); - tls->key = privkey_get ( key ? key : &private_key ); - tls->root = x509_root_get ( root ? root : &root_certificates ); + tls->client.key = privkey_get ( key ? key : &private_key ); + tls->server.root = x509_root_get ( root ? root : &root_certificates ); tls->version = TLS_VERSION_MAX; tls_clear_cipher ( tls, &tls->tx.cipherspec.active ); tls_clear_cipher ( tls, &tls->tx.cipherspec.pending ); tls_clear_cipher ( tls, &tls->rx.cipherspec.active ); tls_clear_cipher ( tls, &tls->rx.cipherspec.pending ); tls_clear_handshake ( tls ); - tls->client_random.gmt_unix_time = time ( NULL ); + tls->client.random.gmt_unix_time = time ( NULL ); iob_populate ( &tls->rx.iobuf, &tls->rx.header, 0, sizeof ( tls->rx.header ) ); INIT_LIST_HEAD ( &tls->rx.data ); - if ( ( rc = tls_generate_random ( tls, &tls->client_random.random, - ( sizeof ( tls->client_random.random ) ) ) ) != 0 ) { + if ( ( rc = tls_generate_random ( tls, &tls->client.random.random, + ( sizeof ( tls->client.random.random ) ) ) ) != 0 ) { goto err_random; } if ( ( rc = tls_session ( tls, name ) ) != 0 ) -- cgit v1.2.3-55-g7522 From 46937a9df622d1e9fb5b1e926a04176b8855fdce Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Wed, 21 Aug 2024 16:25:10 +0100 Subject: [crypto] Remove the concept of a public-key algorithm reusable context Instances of cipher and digest algorithms tend to get called repeatedly to process substantial amounts of data. This is not true for public-key algorithms, which tend to get called only once or twice for a given key. Simplify the public-key algorithm API so that there is no reusable algorithm context. In particular, this allows callers to omit the error handling currently required to handle memory allocation (or key parsing) errors from pubkey_init(), and to omit the cleanup calls to pubkey_final(). This change does remove the ability for a caller to distinguish between a verification failure due to a memory allocation failure and a verification failure due to a bad signature. This difference is not material in practice: in both cases, for whatever reason, the caller was unable to verify the signature and so cannot proceed further, and the cause of the error will be visible to the user via the return status code. Signed-off-by: Michael Brown --- src/crypto/cms.c | 19 +-- src/crypto/crypto_null.c | 24 ++-- src/crypto/ocsp.c | 21 +--- src/crypto/rsa.c | 295 +++++++++++++++++++++++++++++----------------- src/crypto/x509.c | 13 +- src/drivers/net/iphone.c | 18 +-- src/include/ipxe/crypto.h | 96 ++++++--------- src/include/ipxe/rsa.h | 25 ---- src/include/ipxe/tls.h | 4 +- src/net/tls.c | 45 ++----- src/tests/pubkey_test.c | 142 +++++++--------------- 11 files changed, 304 insertions(+), 398 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/crypto/cms.c b/src/crypto/cms.c index 0b772f1cf..2e153d819 100644 --- a/src/crypto/cms.c +++ b/src/crypto/cms.c @@ -612,33 +612,22 @@ static int cms_verify_digest ( struct cms_message *cms, userptr_t data, size_t len ) { struct digest_algorithm *digest = part->digest; struct pubkey_algorithm *pubkey = part->pubkey; - struct x509_public_key *public_key = &cert->subject.public_key; + struct asn1_cursor *key = &cert->subject.public_key.raw; uint8_t digest_out[ digest->digestsize ]; - uint8_t ctx[ pubkey->ctxsize ]; int rc; /* Generate digest */ cms_digest ( cms, part, data, len, digest_out ); - /* Initialise public-key algorithm */ - if ( ( rc = pubkey_init ( pubkey, ctx, &public_key->raw ) ) != 0 ) { - DBGC ( cms, "CMS %p/%p could not initialise public key: %s\n", - cms, part, strerror ( rc ) ); - goto err_init; - } - /* Verify digest */ - if ( ( rc = pubkey_verify ( pubkey, ctx, digest, digest_out, + if ( ( rc = pubkey_verify ( pubkey, key, digest, digest_out, part->value, part->len ) ) != 0 ) { DBGC ( cms, "CMS %p/%p signature verification failed: %s\n", cms, part, strerror ( rc ) ); - goto err_verify; + return rc; } - err_verify: - pubkey_final ( pubkey, ctx ); - err_init: - return rc; + return 0; } /** diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c index b4169382b..d5863f958 100644 --- a/src/crypto/crypto_null.c +++ b/src/crypto/crypto_null.c @@ -93,34 +93,31 @@ struct cipher_algorithm cipher_null = { .auth = cipher_null_auth, }; -int pubkey_null_init ( void *ctx __unused, - const struct asn1_cursor *key __unused ) { +size_t pubkey_null_max_len ( const struct asn1_cursor *key __unused ) { return 0; } -size_t pubkey_null_max_len ( void *ctx __unused ) { - return 0; -} - -int pubkey_null_encrypt ( void *ctx __unused, const void *plaintext __unused, +int pubkey_null_encrypt ( const struct asn1_cursor *key __unused, + const void *plaintext __unused, size_t plaintext_len __unused, void *ciphertext __unused ) { return 0; } -int pubkey_null_decrypt ( void *ctx __unused, const void *ciphertext __unused, +int pubkey_null_decrypt ( const struct asn1_cursor *key __unused, + const void *ciphertext __unused, size_t ciphertext_len __unused, void *plaintext __unused ) { return 0; } -int pubkey_null_sign ( void *ctx __unused, +int pubkey_null_sign ( const struct asn1_cursor *key __unused, struct digest_algorithm *digest __unused, const void *value __unused, void *signature __unused ) { return 0; } -int pubkey_null_verify ( void *ctx __unused, +int pubkey_null_verify ( const struct asn1_cursor *key __unused, struct digest_algorithm *digest __unused, const void *value __unused, const void *signature __unused , @@ -128,18 +125,11 @@ int pubkey_null_verify ( void *ctx __unused, return 0; } -void pubkey_null_final ( void *ctx __unused ) { - /* Do nothing */ -} - struct pubkey_algorithm pubkey_null = { .name = "null", - .ctxsize = 0, - .init = pubkey_null_init, .max_len = pubkey_null_max_len, .encrypt = pubkey_null_encrypt, .decrypt = pubkey_null_decrypt, .sign = pubkey_null_sign, .verify = pubkey_null_verify, - .final = pubkey_null_final, }; diff --git a/src/crypto/ocsp.c b/src/crypto/ocsp.c index f35593454..e65f7180a 100644 --- a/src/crypto/ocsp.c +++ b/src/crypto/ocsp.c @@ -844,10 +844,9 @@ static int ocsp_check_signature ( struct ocsp_check *ocsp, struct ocsp_response *response = &ocsp->response; struct digest_algorithm *digest = response->algorithm->digest; struct pubkey_algorithm *pubkey = response->algorithm->pubkey; - struct x509_public_key *public_key = &signer->subject.public_key; + struct asn1_cursor *key = &signer->subject.public_key.raw; uint8_t digest_ctx[ digest->ctxsize ]; uint8_t digest_out[ digest->digestsize ]; - uint8_t pubkey_ctx[ pubkey->ctxsize ]; int rc; /* Generate digest */ @@ -856,30 +855,18 @@ static int ocsp_check_signature ( struct ocsp_check *ocsp, response->tbs.len ); digest_final ( digest, digest_ctx, digest_out ); - /* Initialise public-key algorithm */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, - &public_key->raw ) ) != 0 ) { - DBGC ( ocsp, "OCSP %p \"%s\" could not initialise public key: " - "%s\n", ocsp, x509_name ( ocsp->cert ), strerror ( rc )); - goto err_init; - } - /* Verify digest */ - if ( ( rc = pubkey_verify ( pubkey, pubkey_ctx, digest, digest_out, + if ( ( rc = pubkey_verify ( pubkey, key, digest, digest_out, response->signature.data, response->signature.len ) ) != 0 ) { DBGC ( ocsp, "OCSP %p \"%s\" signature verification failed: " "%s\n", ocsp, x509_name ( ocsp->cert ), strerror ( rc )); - goto err_verify; + return rc; } DBGC2 ( ocsp, "OCSP %p \"%s\" signature is correct\n", ocsp, x509_name ( ocsp->cert ) ); - - err_verify: - pubkey_final ( pubkey, pubkey_ctx ); - err_init: - return rc; + return 0; } /** diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c index 2d288a953..19472c121 100644 --- a/src/crypto/rsa.c +++ b/src/crypto/rsa.c @@ -47,6 +47,28 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); #define EINFO_EACCES_VERIFY \ __einfo_uniqify ( EINFO_EACCES, 0x01, "RSA signature incorrect" ) +/** An RSA context */ +struct rsa_context { + /** Allocated memory */ + void *dynamic; + /** Modulus */ + bigint_element_t *modulus0; + /** Modulus size */ + unsigned int size; + /** Modulus length */ + size_t max_len; + /** Exponent */ + bigint_element_t *exponent0; + /** Exponent size */ + unsigned int exponent_size; + /** Input buffer */ + bigint_element_t *input0; + /** Output buffer */ + bigint_element_t *output0; + /** Temporary working space for modular exponentiation */ + void *tmp; +}; + /** * Identify RSA prefix * @@ -69,10 +91,9 @@ rsa_find_prefix ( struct digest_algorithm *digest ) { * * @v context RSA context */ -static void rsa_free ( struct rsa_context *context ) { +static inline void rsa_free ( struct rsa_context *context ) { free ( context->dynamic ); - context->dynamic = NULL; } /** @@ -98,9 +119,6 @@ static int rsa_alloc ( struct rsa_context *context, size_t modulus_len, uint8_t tmp[tmp_len]; } __attribute__ (( packed )) *dynamic; - /* Free any existing dynamic storage */ - rsa_free ( context ); - /* Allocate dynamic storage */ dynamic = malloc ( sizeof ( *dynamic ) ); if ( ! dynamic ) @@ -231,12 +249,12 @@ static int rsa_parse_mod_exp ( struct asn1_cursor *modulus, /** * Initialise RSA cipher * - * @v ctx RSA context + * @v context RSA context * @v key Key * @ret rc Return status code */ -static int rsa_init ( void *ctx, const struct asn1_cursor *key ) { - struct rsa_context *context = ctx; +static int rsa_init ( struct rsa_context *context, + const struct asn1_cursor *key ) { struct asn1_cursor modulus; struct asn1_cursor exponent; int rc; @@ -277,13 +295,22 @@ static int rsa_init ( void *ctx, const struct asn1_cursor *key ) { /** * Calculate RSA maximum output length * - * @v ctx RSA context + * @v key Key * @ret max_len Maximum output length */ -static size_t rsa_max_len ( void *ctx ) { - struct rsa_context *context = ctx; +static size_t rsa_max_len ( const struct asn1_cursor *key ) { + struct asn1_cursor modulus; + struct asn1_cursor exponent; + int rc; - return context->max_len; + /* Parse moduli and exponents */ + if ( ( rc = rsa_parse_mod_exp ( &modulus, &exponent, key ) ) != 0 ) { + /* Return a zero maximum length on error */ + return 0; + } + + /* Output length can never exceed modulus length */ + return modulus.len; } /** @@ -314,111 +341,147 @@ static void rsa_cipher ( struct rsa_context *context, /** * Encrypt using RSA * - * @v ctx RSA context + * @v key Key * @v plaintext Plaintext * @v plaintext_len Length of plaintext * @v ciphertext Ciphertext * @ret ciphertext_len Length of ciphertext, or negative error */ -static int rsa_encrypt ( void *ctx, const void *plaintext, +static int rsa_encrypt ( const struct asn1_cursor *key, const void *plaintext, size_t plaintext_len, void *ciphertext ) { - struct rsa_context *context = ctx; + struct rsa_context context; void *temp; uint8_t *encoded; - size_t max_len = ( context->max_len - 11 ); - size_t random_nz_len = ( max_len - plaintext_len + 8 ); + size_t max_len; + size_t random_nz_len; int rc; + DBGC ( &context, "RSA %p encrypting:\n", &context ); + DBGC_HDA ( &context, 0, plaintext, plaintext_len ); + + /* Initialise context */ + if ( ( rc = rsa_init ( &context, key ) ) != 0 ) + goto err_init; + + /* Calculate lengths */ + max_len = ( context.max_len - 11 ); + random_nz_len = ( max_len - plaintext_len + 8 ); + /* Sanity check */ if ( plaintext_len > max_len ) { - DBGC ( context, "RSA %p plaintext too long (%zd bytes, max " - "%zd)\n", context, plaintext_len, max_len ); - return -ERANGE; + DBGC ( &context, "RSA %p plaintext too long (%zd bytes, max " + "%zd)\n", &context, plaintext_len, max_len ); + rc = -ERANGE; + goto err_sanity; } - DBGC ( context, "RSA %p encrypting:\n", context ); - DBGC_HDA ( context, 0, plaintext, plaintext_len ); /* Construct encoded message (using the big integer output * buffer as temporary storage) */ - temp = context->output0; + temp = context.output0; encoded = temp; encoded[0] = 0x00; encoded[1] = 0x02; if ( ( rc = get_random_nz ( &encoded[2], random_nz_len ) ) != 0 ) { - DBGC ( context, "RSA %p could not generate random data: %s\n", - context, strerror ( rc ) ); - return rc; + DBGC ( &context, "RSA %p could not generate random data: %s\n", + &context, strerror ( rc ) ); + goto err_random; } encoded[ 2 + random_nz_len ] = 0x00; - memcpy ( &encoded[ context->max_len - plaintext_len ], + memcpy ( &encoded[ context.max_len - plaintext_len ], plaintext, plaintext_len ); /* Encipher the encoded message */ - rsa_cipher ( context, encoded, ciphertext ); - DBGC ( context, "RSA %p encrypted:\n", context ); - DBGC_HDA ( context, 0, ciphertext, context->max_len ); + rsa_cipher ( &context, encoded, ciphertext ); + DBGC ( &context, "RSA %p encrypted:\n", &context ); + DBGC_HDA ( &context, 0, ciphertext, context.max_len ); + + /* Free context */ + rsa_free ( &context ); - return context->max_len; + return context.max_len; + + err_random: + err_sanity: + rsa_free ( &context ); + err_init: + return rc; } /** * Decrypt using RSA * - * @v ctx RSA context + * @v key Key * @v ciphertext Ciphertext * @v ciphertext_len Ciphertext length * @v plaintext Plaintext * @ret plaintext_len Plaintext length, or negative error */ -static int rsa_decrypt ( void *ctx, const void *ciphertext, +static int rsa_decrypt ( const struct asn1_cursor *key, const void *ciphertext, size_t ciphertext_len, void *plaintext ) { - struct rsa_context *context = ctx; + struct rsa_context context; void *temp; uint8_t *encoded; uint8_t *end; uint8_t *zero; uint8_t *start; size_t plaintext_len; + int rc; + + DBGC ( &context, "RSA %p decrypting:\n", &context ); + DBGC_HDA ( &context, 0, ciphertext, ciphertext_len ); + + /* Initialise context */ + if ( ( rc = rsa_init ( &context, key ) ) != 0 ) + goto err_init; /* Sanity check */ - if ( ciphertext_len != context->max_len ) { - DBGC ( context, "RSA %p ciphertext incorrect length (%zd " + if ( ciphertext_len != context.max_len ) { + DBGC ( &context, "RSA %p ciphertext incorrect length (%zd " "bytes, should be %zd)\n", - context, ciphertext_len, context->max_len ); - return -ERANGE; + &context, ciphertext_len, context.max_len ); + rc = -ERANGE; + goto err_sanity; } - DBGC ( context, "RSA %p decrypting:\n", context ); - DBGC_HDA ( context, 0, ciphertext, ciphertext_len ); /* Decipher the message (using the big integer input buffer as * temporary storage) */ - temp = context->input0; + temp = context.input0; encoded = temp; - rsa_cipher ( context, ciphertext, encoded ); + rsa_cipher ( &context, ciphertext, encoded ); /* Parse the message */ - end = ( encoded + context->max_len ); - if ( ( encoded[0] != 0x00 ) || ( encoded[1] != 0x02 ) ) - goto invalid; + end = ( encoded + context.max_len ); + if ( ( encoded[0] != 0x00 ) || ( encoded[1] != 0x02 ) ) { + rc = -EINVAL; + goto err_invalid; + } zero = memchr ( &encoded[2], 0, ( end - &encoded[2] ) ); - if ( ! zero ) - goto invalid; + if ( ! zero ) { + rc = -EINVAL; + goto err_invalid; + } start = ( zero + 1 ); plaintext_len = ( end - start ); /* Copy out message */ memcpy ( plaintext, start, plaintext_len ); - DBGC ( context, "RSA %p decrypted:\n", context ); - DBGC_HDA ( context, 0, plaintext, plaintext_len ); + DBGC ( &context, "RSA %p decrypted:\n", &context ); + DBGC_HDA ( &context, 0, plaintext, plaintext_len ); + + /* Free context */ + rsa_free ( &context ); return plaintext_len; - invalid: - DBGC ( context, "RSA %p invalid decrypted message:\n", context ); - DBGC_HDA ( context, 0, encoded, context->max_len ); - return -EINVAL; + err_invalid: + DBGC ( &context, "RSA %p invalid decrypted message:\n", &context ); + DBGC_HDA ( &context, 0, encoded, context.max_len ); + err_sanity: + rsa_free ( &context ); + err_init: + return rc; } /** @@ -452,9 +515,9 @@ static int rsa_encode_digest ( struct rsa_context *context, /* Sanity check */ max_len = ( context->max_len - 11 ); if ( digestinfo_len > max_len ) { - DBGC ( context, "RSA %p %s digestInfo too long (%zd bytes, max" - "%zd)\n", - context, digest->name, digestinfo_len, max_len ); + DBGC ( context, "RSA %p %s digestInfo too long (%zd bytes, " + "max %zd)\n", context, digest->name, digestinfo_len, + max_len ); return -ERANGE; } DBGC ( context, "RSA %p encoding %s digest:\n", @@ -482,104 +545,125 @@ static int rsa_encode_digest ( struct rsa_context *context, /** * Sign digest value using RSA * - * @v ctx RSA context + * @v key Key * @v digest Digest algorithm * @v value Digest value * @v signature Signature * @ret signature_len Signature length, or negative error */ -static int rsa_sign ( void *ctx, struct digest_algorithm *digest, - const void *value, void *signature ) { - struct rsa_context *context = ctx; +static int rsa_sign ( const struct asn1_cursor *key, + struct digest_algorithm *digest, const void *value, + void *signature ) { + struct rsa_context context; void *temp; int rc; - DBGC ( context, "RSA %p signing %s digest:\n", context, digest->name ); - DBGC_HDA ( context, 0, value, digest->digestsize ); + DBGC ( &context, "RSA %p signing %s digest:\n", + &context, digest->name ); + DBGC_HDA ( &context, 0, value, digest->digestsize ); + + /* Initialise context */ + if ( ( rc = rsa_init ( &context, key ) ) != 0 ) + goto err_init; /* Encode digest (using the big integer output buffer as * temporary storage) */ - temp = context->output0; - if ( ( rc = rsa_encode_digest ( context, digest, value, temp ) ) != 0 ) - return rc; + temp = context.output0; + if ( ( rc = rsa_encode_digest ( &context, digest, value, temp ) ) != 0 ) + goto err_encode; /* Encipher the encoded digest */ - rsa_cipher ( context, temp, signature ); - DBGC ( context, "RSA %p signed %s digest:\n", context, digest->name ); - DBGC_HDA ( context, 0, signature, context->max_len ); + rsa_cipher ( &context, temp, signature ); + DBGC ( &context, "RSA %p signed %s digest:\n", &context, digest->name ); + DBGC_HDA ( &context, 0, signature, context.max_len ); + + /* Free context */ + rsa_free ( &context ); - return context->max_len; + return context.max_len; + + err_encode: + rsa_free ( &context ); + err_init: + return rc; } /** * Verify signed digest value using RSA * - * @v ctx RSA context + * @v key Key * @v digest Digest algorithm * @v value Digest value * @v signature Signature * @v signature_len Signature length * @ret rc Return status code */ -static int rsa_verify ( void *ctx, struct digest_algorithm *digest, - const void *value, const void *signature, - size_t signature_len ) { - struct rsa_context *context = ctx; +static int rsa_verify ( const struct asn1_cursor *key, + struct digest_algorithm *digest, const void *value, + const void *signature, size_t signature_len ) { + struct rsa_context context; void *temp; void *expected; void *actual; int rc; + DBGC ( &context, "RSA %p verifying %s digest:\n", + &context, digest->name ); + DBGC_HDA ( &context, 0, value, digest->digestsize ); + DBGC_HDA ( &context, 0, signature, signature_len ); + + /* Initialise context */ + if ( ( rc = rsa_init ( &context, key ) ) != 0 ) + goto err_init; + /* Sanity check */ - if ( signature_len != context->max_len ) { - DBGC ( context, "RSA %p signature incorrect length (%zd " + if ( signature_len != context.max_len ) { + DBGC ( &context, "RSA %p signature incorrect length (%zd " "bytes, should be %zd)\n", - context, signature_len, context->max_len ); - return -ERANGE; + &context, signature_len, context.max_len ); + rc = -ERANGE; + goto err_sanity; } - DBGC ( context, "RSA %p verifying %s digest:\n", - context, digest->name ); - DBGC_HDA ( context, 0, value, digest->digestsize ); - DBGC_HDA ( context, 0, signature, signature_len ); /* Decipher the signature (using the big integer input buffer * as temporary storage) */ - temp = context->input0; + temp = context.input0; expected = temp; - rsa_cipher ( context, signature, expected ); - DBGC ( context, "RSA %p deciphered signature:\n", context ); - DBGC_HDA ( context, 0, expected, context->max_len ); + rsa_cipher ( &context, signature, expected ); + DBGC ( &context, "RSA %p deciphered signature:\n", &context ); + DBGC_HDA ( &context, 0, expected, context.max_len ); /* Encode digest (using the big integer output buffer as * temporary storage) */ - temp = context->output0; + temp = context.output0; actual = temp; - if ( ( rc = rsa_encode_digest ( context, digest, value, actual ) ) !=0 ) - return rc; + if ( ( rc = rsa_encode_digest ( &context, digest, value, + actual ) ) != 0 ) + goto err_encode; /* Verify the signature */ - if ( memcmp ( actual, expected, context->max_len ) != 0 ) { - DBGC ( context, "RSA %p signature verification failed\n", - context ); - return -EACCES_VERIFY; + if ( memcmp ( actual, expected, context.max_len ) != 0 ) { + DBGC ( &context, "RSA %p signature verification failed\n", + &context ); + rc = -EACCES_VERIFY; + goto err_verify; } - DBGC ( context, "RSA %p signature verified successfully\n", context ); - return 0; -} + /* Free context */ + rsa_free ( &context ); -/** - * Finalise RSA cipher - * - * @v ctx RSA context - */ -static void rsa_final ( void *ctx ) { - struct rsa_context *context = ctx; + DBGC ( &context, "RSA %p signature verified successfully\n", &context ); + return 0; - rsa_free ( context ); + err_verify: + err_encode: + err_sanity: + rsa_free ( &context ); + err_init: + return rc; } /** @@ -615,14 +699,11 @@ static int rsa_match ( const struct asn1_cursor *private_key, /** RSA public-key algorithm */ struct pubkey_algorithm rsa_algorithm = { .name = "rsa", - .ctxsize = RSA_CTX_SIZE, - .init = rsa_init, .max_len = rsa_max_len, .encrypt = rsa_encrypt, .decrypt = rsa_decrypt, .sign = rsa_sign, .verify = rsa_verify, - .final = rsa_final, .match = rsa_match, }; diff --git a/src/crypto/x509.c b/src/crypto/x509.c index c0762740e..4101c8094 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -1125,7 +1125,6 @@ static int x509_check_signature ( struct x509_certificate *cert, struct pubkey_algorithm *pubkey = algorithm->pubkey; uint8_t digest_ctx[ digest->ctxsize ]; uint8_t digest_out[ digest->digestsize ]; - uint8_t pubkey_ctx[ pubkey->ctxsize ]; int rc; /* Sanity check */ @@ -1149,14 +1148,8 @@ static int x509_check_signature ( struct x509_certificate *cert, } /* Verify signature using signer's public key */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, - &public_key->raw ) ) != 0 ) { - DBGC ( cert, "X509 %p \"%s\" cannot initialise public key: " - "%s\n", cert, x509_name ( cert ), strerror ( rc ) ); - goto err_pubkey_init; - } - if ( ( rc = pubkey_verify ( pubkey, pubkey_ctx, digest, digest_out, - signature->value.data, + if ( ( rc = pubkey_verify ( pubkey, &public_key->raw, digest, + digest_out, signature->value.data, signature->value.len ) ) != 0 ) { DBGC ( cert, "X509 %p \"%s\" signature verification failed: " "%s\n", cert, x509_name ( cert ), strerror ( rc ) ); @@ -1167,8 +1160,6 @@ static int x509_check_signature ( struct x509_certificate *cert, rc = 0; err_pubkey_verify: - pubkey_final ( pubkey, pubkey_ctx ); - err_pubkey_init: err_mismatch: return rc; } diff --git a/src/drivers/net/iphone.c b/src/drivers/net/iphone.c index 96eb0952b..08459a6e2 100644 --- a/src/drivers/net/iphone.c +++ b/src/drivers/net/iphone.c @@ -362,17 +362,9 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, struct asn1_builder raw = { NULL, 0 }; uint8_t digest_ctx[SHA256_CTX_SIZE]; uint8_t digest_out[SHA256_DIGEST_SIZE]; - uint8_t pubkey_ctx[RSA_CTX_SIZE]; int len; int rc; - /* Initialise "private" key */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, private ) ) != 0 ) { - DBGC ( icert, "ICERT %p could not initialise private key: " - "%s\n", icert, strerror ( rc ) ); - goto err_pubkey_init; - } - /* Construct subjectPublicKeyInfo */ if ( ( rc = ( asn1_prepend_raw ( &spki, public->data, public->len ), asn1_prepend_raw ( &spki, icert_nul, @@ -406,14 +398,14 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, digest_update ( digest, digest_ctx, tbs.data, tbs.len ); digest_final ( digest, digest_ctx, digest_out ); - /* Construct signature */ - if ( ( rc = asn1_grow ( &raw, pubkey_max_len ( pubkey, - pubkey_ctx ) ) ) != 0 ) { + /* Construct signature using "private" key */ + if ( ( rc = asn1_grow ( &raw, + pubkey_max_len ( pubkey, private ) ) ) != 0 ) { DBGC ( icert, "ICERT %p could not build signature: %s\n", icert, strerror ( rc ) ); goto err_grow; } - if ( ( len = pubkey_sign ( pubkey, pubkey_ctx, digest, digest_out, + if ( ( len = pubkey_sign ( pubkey, private, digest, digest_out, raw.data ) ) < 0 ) { rc = len; DBGC ( icert, "ICERT %p could not sign: %s\n", @@ -452,8 +444,6 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, err_tbs: free ( spki.data ); err_spki: - pubkey_final ( pubkey, pubkey_ctx ); - err_pubkey_init: return rc; } diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h index 8b6eb94f6..dcc73f3ef 100644 --- a/src/include/ipxe/crypto.h +++ b/src/include/ipxe/crypto.h @@ -121,68 +121,55 @@ struct cipher_algorithm { struct pubkey_algorithm { /** Algorithm name */ const char *name; - /** Context size */ - size_t ctxsize; - /** Initialise algorithm - * - * @v ctx Context - * @v key Key - * @ret rc Return status code - */ - int ( * init ) ( void *ctx, const struct asn1_cursor *key ); /** Calculate maximum output length * - * @v ctx Context + * @v key Key * @ret max_len Maximum output length */ - size_t ( * max_len ) ( void *ctx ); + size_t ( * max_len ) ( const struct asn1_cursor *key ); /** Encrypt * - * @v ctx Context + * @v key Key * @v plaintext Plaintext * @v plaintext_len Length of plaintext * @v ciphertext Ciphertext * @ret ciphertext_len Length of ciphertext, or negative error */ - int ( * encrypt ) ( void *ctx, const void *data, size_t len, - void *out ); + int ( * encrypt ) ( const struct asn1_cursor *key, const void *data, + size_t len, void *out ); /** Decrypt * - * @v ctx Context + * @v key Key * @v ciphertext Ciphertext * @v ciphertext_len Ciphertext length * @v plaintext Plaintext * @ret plaintext_len Plaintext length, or negative error */ - int ( * decrypt ) ( void *ctx, const void *data, size_t len, - void *out ); + int ( * decrypt ) ( const struct asn1_cursor *key, const void *data, + size_t len, void *out ); /** Sign digest value * - * @v ctx Context + * @v key Key * @v digest Digest algorithm * @v value Digest value * @v signature Signature * @ret signature_len Signature length, or negative error */ - int ( * sign ) ( void *ctx, struct digest_algorithm *digest, - const void *value, void *signature ); + int ( * sign ) ( const struct asn1_cursor *key, + struct digest_algorithm *digest, const void *value, + void *signature ); /** Verify signed digest value * - * @v ctx Context + * @v key Key * @v digest Digest algorithm * @v value Digest value * @v signature Signature * @v signature_len Signature length * @ret rc Return status code */ - int ( * verify ) ( void *ctx, struct digest_algorithm *digest, - const void *value, const void *signature, - size_t signature_len ); - /** Finalise algorithm - * - * @v ctx Context - */ - void ( * final ) ( void *ctx ); + int ( * verify ) ( const struct asn1_cursor *key, + struct digest_algorithm *digest, const void *value, + const void *signature, size_t signature_len ); /** Check that public key matches private key * * @v private_key Private key @@ -278,46 +265,36 @@ is_auth_cipher ( struct cipher_algorithm *cipher ) { return cipher->authsize; } -static inline __attribute__ (( always_inline )) int -pubkey_init ( struct pubkey_algorithm *pubkey, void *ctx, - const struct asn1_cursor *key ) { - return pubkey->init ( ctx, key ); -} - static inline __attribute__ (( always_inline )) size_t -pubkey_max_len ( struct pubkey_algorithm *pubkey, void *ctx ) { - return pubkey->max_len ( ctx ); +pubkey_max_len ( struct pubkey_algorithm *pubkey, + const struct asn1_cursor *key ) { + return pubkey->max_len ( key ); } static inline __attribute__ (( always_inline )) int -pubkey_encrypt ( struct pubkey_algorithm *pubkey, void *ctx, +pubkey_encrypt ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, const void *data, size_t len, void *out ) { - return pubkey->encrypt ( ctx, data, len, out ); + return pubkey->encrypt ( key, data, len, out ); } static inline __attribute__ (( always_inline )) int -pubkey_decrypt ( struct pubkey_algorithm *pubkey, void *ctx, +pubkey_decrypt ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, const void *data, size_t len, void *out ) { - return pubkey->decrypt ( ctx, data, len, out ); + return pubkey->decrypt ( key, data, len, out ); } static inline __attribute__ (( always_inline )) int -pubkey_sign ( struct pubkey_algorithm *pubkey, void *ctx, +pubkey_sign ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, void *signature ) { - return pubkey->sign ( ctx, digest, value, signature ); + return pubkey->sign ( key, digest, value, signature ); } static inline __attribute__ (( always_inline )) int -pubkey_verify ( struct pubkey_algorithm *pubkey, void *ctx, +pubkey_verify ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, const void *signature, size_t signature_len ) { - return pubkey->verify ( ctx, digest, value, signature, signature_len ); -} - -static inline __attribute__ (( always_inline )) void -pubkey_final ( struct pubkey_algorithm *pubkey, void *ctx ) { - pubkey->final ( ctx ); + return pubkey->verify ( key, digest, value, signature, signature_len ); } static inline __attribute__ (( always_inline )) int @@ -345,15 +322,18 @@ extern void cipher_null_decrypt ( void *ctx, const void *src, void *dst, size_t len ); extern void cipher_null_auth ( void *ctx, void *auth ); -extern int pubkey_null_init ( void *ctx, const struct asn1_cursor *key ); -extern size_t pubkey_null_max_len ( void *ctx ); -extern int pubkey_null_encrypt ( void *ctx, const void *plaintext, - size_t plaintext_len, void *ciphertext ); -extern int pubkey_null_decrypt ( void *ctx, const void *ciphertext, - size_t ciphertext_len, void *plaintext ); -extern int pubkey_null_sign ( void *ctx, struct digest_algorithm *digest, +extern size_t pubkey_null_max_len ( const struct asn1_cursor *key ); +extern int pubkey_null_encrypt ( const struct asn1_cursor *key, + const void *plaintext, size_t plaintext_len, + void *ciphertext ); +extern int pubkey_null_decrypt ( const struct asn1_cursor *key, + const void *ciphertext, size_t ciphertext_len, + void *plaintext ); +extern int pubkey_null_sign ( const struct asn1_cursor *key, + struct digest_algorithm *digest, const void *value, void *signature ); -extern int pubkey_null_verify ( void *ctx, struct digest_algorithm *digest, +extern int pubkey_null_verify ( const struct asn1_cursor *key, + struct digest_algorithm *digest, const void *value, const void *signature , size_t signature_len ); diff --git a/src/include/ipxe/rsa.h b/src/include/ipxe/rsa.h index a1b5e0c03..e36a75edf 100644 --- a/src/include/ipxe/rsa.h +++ b/src/include/ipxe/rsa.h @@ -55,31 +55,6 @@ struct rsa_digestinfo_prefix { /** Declare an RSA digestInfo prefix */ #define __rsa_digestinfo_prefix __table_entry ( RSA_DIGESTINFO_PREFIXES, 01 ) -/** An RSA context */ -struct rsa_context { - /** Allocated memory */ - void *dynamic; - /** Modulus */ - bigint_element_t *modulus0; - /** Modulus size */ - unsigned int size; - /** Modulus length */ - size_t max_len; - /** Exponent */ - bigint_element_t *exponent0; - /** Exponent size */ - unsigned int exponent_size; - /** Input buffer */ - bigint_element_t *input0; - /** Output buffer */ - bigint_element_t *output0; - /** Temporary working space for modular exponentiation */ - void *tmp; -}; - -/** RSA context size */ -#define RSA_CTX_SIZE sizeof ( struct rsa_context ) - extern struct pubkey_algorithm rsa_algorithm; #endif /* _IPXE_RSA_H */ diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index 9494eaa05..08d58689e 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -240,8 +240,6 @@ struct tls_cipherspec { struct tls_cipher_suite *suite; /** Dynamically-allocated storage */ void *dynamic; - /** Public key encryption context */ - void *pubkey_ctx; /** Bulk encryption cipher context */ void *cipher_ctx; /** MAC secret */ @@ -402,6 +400,8 @@ struct tls_server { struct x509_root *root; /** Certificate chain */ struct x509_chain *chain; + /** Public key (within server certificate) */ + struct asn1_cursor key; /** Certificate validator */ struct interface validator; /** Certificate validation pending operation */ diff --git a/src/net/tls.c b/src/net/tls.c index ec503e43d..ded100d0e 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -856,10 +856,6 @@ tls_find_cipher_suite ( unsigned int cipher_suite ) { static void tls_clear_cipher ( struct tls_connection *tls __unused, struct tls_cipherspec *cipherspec ) { - if ( cipherspec->suite ) { - pubkey_final ( cipherspec->suite->pubkey, - cipherspec->pubkey_ctx ); - } free ( cipherspec->dynamic ); memset ( cipherspec, 0, sizeof ( *cipherspec ) ); cipherspec->suite = &tls_cipher_suite_null; @@ -876,7 +872,6 @@ static void tls_clear_cipher ( struct tls_connection *tls __unused, static int tls_set_cipher ( struct tls_connection *tls, struct tls_cipherspec *cipherspec, struct tls_cipher_suite *suite ) { - struct pubkey_algorithm *pubkey = suite->pubkey; struct cipher_algorithm *cipher = suite->cipher; size_t total; void *dynamic; @@ -885,8 +880,7 @@ static int tls_set_cipher ( struct tls_connection *tls, tls_clear_cipher ( tls, cipherspec ); /* Allocate dynamic storage */ - total = ( pubkey->ctxsize + cipher->ctxsize + suite->mac_len + - suite->fixed_iv_len ); + total = ( cipher->ctxsize + suite->mac_len + suite->fixed_iv_len ); dynamic = zalloc ( total ); if ( ! dynamic ) { DBGC ( tls, "TLS %p could not allocate %zd bytes for crypto " @@ -896,7 +890,6 @@ static int tls_set_cipher ( struct tls_connection *tls, /* Assign storage */ cipherspec->dynamic = dynamic; - cipherspec->pubkey_ctx = dynamic; dynamic += pubkey->ctxsize; cipherspec->cipher_ctx = dynamic; dynamic += cipher->ctxsize; cipherspec->mac_secret = dynamic; dynamic += suite->mac_len; cipherspec->fixed_iv = dynamic; dynamic += suite->fixed_iv_len; @@ -1392,7 +1385,7 @@ static int tls_send_certificate ( struct tls_connection *tls ) { static int tls_send_client_key_exchange_pubkey ( struct tls_connection *tls ) { struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.pending; struct pubkey_algorithm *pubkey = cipherspec->suite->pubkey; - size_t max_len = pubkey_max_len ( pubkey, cipherspec->pubkey_ctx ); + size_t max_len = pubkey_max_len ( pubkey, &tls->server.key ); struct { uint16_t version; uint8_t random[46]; @@ -1419,8 +1412,8 @@ static int tls_send_client_key_exchange_pubkey ( struct tls_connection *tls ) { /* Encrypt pre-master secret using server's public key */ memset ( &key_xchg, 0, sizeof ( key_xchg ) ); - len = pubkey_encrypt ( pubkey, cipherspec->pubkey_ctx, - &pre_master_secret, sizeof ( pre_master_secret ), + len = pubkey_encrypt ( pubkey, &tls->server.key, &pre_master_secret, + sizeof ( pre_master_secret ), key_xchg.encrypted_pre_master_secret ); if ( len < 0 ) { rc = len; @@ -1523,7 +1516,7 @@ static int tls_verify_dh_params ( struct tls_connection *tls, digest_final ( digest, ctx, hash ); /* Verify signature */ - if ( ( rc = pubkey_verify ( pubkey, cipherspec->pubkey_ctx, + if ( ( rc = pubkey_verify ( pubkey, &tls->server.key, digest, hash, signature, signature_len ) ) != 0 ) { DBGC ( tls, "TLS %p ServerKeyExchange failed " @@ -1820,20 +1813,12 @@ static int tls_send_certificate_verify ( struct tls_connection *tls ) { struct pubkey_algorithm *pubkey = cert->signature_algorithm->pubkey; struct asn1_cursor *key = privkey_cursor ( tls->client.key ); uint8_t digest_out[ digest->digestsize ]; - uint8_t ctx[ pubkey->ctxsize ]; struct tls_signature_hash_algorithm *sig_hash = NULL; int rc; /* Generate digest to be signed */ tls_verify_handshake ( tls, digest_out ); - /* Initialise public-key algorithm */ - if ( ( rc = pubkey_init ( pubkey, ctx, key ) ) != 0 ) { - DBGC ( tls, "TLS %p could not initialise %s client private " - "key: %s\n", tls, pubkey->name, strerror ( rc ) ); - goto err_pubkey_init; - } - /* TLSv1.2 and later use explicit algorithm identifiers */ if ( tls_version ( tls, TLS_VERSION_TLS_1_2 ) ) { sig_hash = tls_signature_hash_algorithm ( pubkey, digest ); @@ -1848,7 +1833,7 @@ static int tls_send_certificate_verify ( struct tls_connection *tls ) { /* Generate and transmit record */ { - size_t max_len = pubkey_max_len ( pubkey, ctx ); + size_t max_len = pubkey_max_len ( pubkey, key ); int use_sig_hash = ( ( sig_hash == NULL ) ? 0 : 1 ); struct { uint32_t type_length; @@ -1860,7 +1845,7 @@ static int tls_send_certificate_verify ( struct tls_connection *tls ) { int len; /* Sign digest */ - len = pubkey_sign ( pubkey, ctx, digest, digest_out, + len = pubkey_sign ( pubkey, key, digest, digest_out, certificate_verify.signature ); if ( len < 0 ) { rc = len; @@ -1893,8 +1878,6 @@ static int tls_send_certificate_verify ( struct tls_connection *tls ) { err_pubkey_sign: err_sig_hash: - pubkey_final ( pubkey, ctx ); - err_pubkey_init: return rc; } @@ -2312,6 +2295,7 @@ static int tls_parse_chain ( struct tls_connection *tls, int rc; /* Free any existing certificate chain */ + memset ( &tls->server.key, 0, sizeof ( tls->server.key ) ); x509_chain_put ( tls->server.chain ); tls->server.chain = NULL; @@ -2371,6 +2355,7 @@ static int tls_parse_chain ( struct tls_connection *tls, err_parse: err_overlength: err_underlength: + memset ( &tls->server.key, 0, sizeof ( tls->server.key ) ); x509_chain_put ( tls->server.chain ); tls->server.chain = NULL; err_alloc_chain: @@ -3555,8 +3540,6 @@ static struct interface_descriptor tls_cipherstream_desc = */ static void tls_validator_done ( struct tls_connection *tls, int rc ) { struct tls_session *session = tls->session; - struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.pending; - struct pubkey_algorithm *pubkey = cipherspec->suite->pubkey; struct x509_certificate *cert; /* Mark validation as complete */ @@ -3584,13 +3567,9 @@ static void tls_validator_done ( struct tls_connection *tls, int rc ) { goto err; } - /* Initialise public key algorithm */ - if ( ( rc = pubkey_init ( pubkey, cipherspec->pubkey_ctx, - &cert->subject.public_key.raw ) ) != 0 ) { - DBGC ( tls, "TLS %p cannot initialise public key: %s\n", - tls, strerror ( rc ) ); - goto err; - } + /* Extract the now trusted server public key */ + memcpy ( &tls->server.key, &cert->subject.public_key.raw, + sizeof ( tls->server.key ) ); /* Schedule Client Key Exchange, Change Cipher, and Finished */ tls->tx.pending |= ( TLS_TX_CLIENT_KEY_EXCHANGE | diff --git a/src/tests/pubkey_test.c b/src/tests/pubkey_test.c index 93962516a..ff318bfb7 100644 --- a/src/tests/pubkey_test.c +++ b/src/tests/pubkey_test.c @@ -50,77 +50,41 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); void pubkey_okx ( struct pubkey_test *test, const char *file, unsigned int line ) { struct pubkey_algorithm *pubkey = test->pubkey; - uint8_t private_ctx[pubkey->ctxsize]; - uint8_t public_ctx[pubkey->ctxsize]; - size_t max_len; - - /* Initialize contexts */ - okx ( pubkey_init ( pubkey, private_ctx, &test->private ) == 0, - file, line ); - okx ( pubkey_init ( pubkey, public_ctx, &test->public ) == 0, - file, line ); - max_len = pubkey_max_len ( pubkey, private_ctx ); + size_t max_len = pubkey_max_len ( pubkey, &test->private ); + uint8_t encrypted[max_len]; + uint8_t decrypted[max_len]; + int encrypted_len; + int decrypted_len; /* Test decrypting with private key to obtain known plaintext */ - { - uint8_t decrypted[max_len]; - int decrypted_len; - - decrypted_len = pubkey_decrypt ( pubkey, private_ctx, - test->ciphertext, - test->ciphertext_len, - decrypted ); - okx ( decrypted_len == ( ( int ) test->plaintext_len ), - file, line ); - okx ( memcmp ( decrypted, test->plaintext, - test->plaintext_len ) == 0, file, line ); - } + decrypted_len = pubkey_decrypt ( pubkey, &test->private, + test->ciphertext, test->ciphertext_len, + decrypted ); + okx ( decrypted_len == ( ( int ) test->plaintext_len ), file, line ); + okx ( memcmp ( decrypted, test->plaintext, test->plaintext_len ) == 0, + file, line ); /* Test encrypting with private key and decrypting with public key */ - { - uint8_t encrypted[max_len]; - uint8_t decrypted[max_len]; - int encrypted_len; - int decrypted_len; - - encrypted_len = pubkey_encrypt ( pubkey, private_ctx, - test->plaintext, - test->plaintext_len, - encrypted ); - okx ( encrypted_len >= 0, file, line ); - decrypted_len = pubkey_decrypt ( pubkey, public_ctx, - encrypted, encrypted_len, - decrypted ); - okx ( decrypted_len == ( ( int ) test->plaintext_len ), - file, line ); - okx ( memcmp ( decrypted, test->plaintext, - test->plaintext_len ) == 0, file, line ); - } + encrypted_len = pubkey_encrypt ( pubkey, &test->private, + test->plaintext, test->plaintext_len, + encrypted ); + okx ( encrypted_len >= 0, file, line ); + decrypted_len = pubkey_decrypt ( pubkey, &test->public, encrypted, + encrypted_len, decrypted ); + okx ( decrypted_len == ( ( int ) test->plaintext_len ), file, line ); + okx ( memcmp ( decrypted, test->plaintext, test->plaintext_len ) == 0, + file, line ); /* Test encrypting with public key and decrypting with private key */ - { - uint8_t encrypted[max_len]; - uint8_t decrypted[max_len]; - int encrypted_len; - int decrypted_len; - - encrypted_len = pubkey_encrypt ( pubkey, public_ctx, - test->plaintext, - test->plaintext_len, - encrypted ); - okx ( encrypted_len >= 0, file, line ); - decrypted_len = pubkey_decrypt ( pubkey, private_ctx, - encrypted, encrypted_len, - decrypted ); - okx ( decrypted_len == ( ( int ) test->plaintext_len ), - file, line ); - okx ( memcmp ( decrypted, test->plaintext, - test->plaintext_len ) == 0, file, line ); - } - - /* Free contexts */ - pubkey_final ( pubkey, public_ctx ); - pubkey_final ( pubkey, private_ctx ); + encrypted_len = pubkey_encrypt ( pubkey, &test->public, + test->plaintext, test->plaintext_len, + encrypted ); + okx ( encrypted_len >= 0, file, line ); + decrypted_len = pubkey_decrypt ( pubkey, &test->private, encrypted, + encrypted_len, decrypted ); + okx ( decrypted_len == ( ( int ) test->plaintext_len ), file, line ); + okx ( memcmp ( decrypted, test->plaintext, test->plaintext_len ) == 0, + file, line ); } /** @@ -134,18 +98,12 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file, unsigned int line ) { struct pubkey_algorithm *pubkey = test->pubkey; struct digest_algorithm *digest = test->digest; - uint8_t private_ctx[pubkey->ctxsize]; - uint8_t public_ctx[pubkey->ctxsize]; + size_t max_len = pubkey_max_len ( pubkey, &test->private ); + uint8_t bad[test->signature_len]; uint8_t digestctx[digest->ctxsize ]; uint8_t digestout[digest->digestsize]; - size_t max_len; - - /* Initialize contexts */ - okx ( pubkey_init ( pubkey, private_ctx, &test->private ) == 0, - file, line ); - okx ( pubkey_init ( pubkey, public_ctx, &test->public ) == 0, - file, line ); - max_len = pubkey_max_len ( pubkey, private_ctx ); + uint8_t signature[max_len]; + int signature_len; /* Construct digest over plaintext */ digest_init ( digest, digestctx ); @@ -154,34 +112,20 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file, digest_final ( digest, digestctx, digestout ); /* Test signing using private key */ - { - uint8_t signature[max_len]; - int signature_len; - - signature_len = pubkey_sign ( pubkey, private_ctx, digest, - digestout, signature ); - okx ( signature_len == ( ( int ) test->signature_len ), - file, line ); - okx ( memcmp ( signature, test->signature, - test->signature_len ) == 0, file, line ); - } + signature_len = pubkey_sign ( pubkey, &test->private, digest, + digestout, signature ); + okx ( signature_len == ( ( int ) test->signature_len ), file, line ); + okx ( memcmp ( signature, test->signature, test->signature_len ) == 0, + file, line ); /* Test verification using public key */ - okx ( pubkey_verify ( pubkey, public_ctx, digest, digestout, + okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, test->signature, test->signature_len ) == 0, file, line ); /* Test verification failure of modified signature */ - { - uint8_t bad[test->signature_len]; - - memcpy ( bad, test->signature, test->signature_len ); - bad[ test->signature_len / 2 ] ^= 0x40; - okx ( pubkey_verify ( pubkey, public_ctx, digest, digestout, - bad, sizeof ( bad ) ) != 0, file, line ); - } - - /* Free contexts */ - pubkey_final ( pubkey, public_ctx ); - pubkey_final ( pubkey, private_ctx ); + memcpy ( bad, test->signature, test->signature_len ); + bad[ test->signature_len / 2 ] ^= 0x40; + okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, + bad, sizeof ( bad ) ) != 0, file, line ); } -- cgit v1.2.3-55-g7522 From df7ec31766cd08eb1e01d59afc79198f5411517e Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Tue, 21 Jan 2025 15:13:20 +0000 Subject: [crypto] Generalise elliptic curve key exchange to ecdhe_key() Split out the portion of tls_send_client_key_exchange_ecdhe() that actually performs the elliptic curve key exchange into a separate function ecdhe_key(). Signed-off-by: Michael Brown --- src/crypto/ecdhe.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++ src/include/ipxe/ecdhe.h | 17 +++++++++++++ src/net/tls.c | 13 +++------- 3 files changed, 87 insertions(+), 9 deletions(-) create mode 100644 src/crypto/ecdhe.c create mode 100644 src/include/ipxe/ecdhe.h (limited to 'src/net/tls.c') diff --git a/src/crypto/ecdhe.c b/src/crypto/ecdhe.c new file mode 100644 index 000000000..5481b02eb --- /dev/null +++ b/src/crypto/ecdhe.c @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2025 Michael Brown . + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + * + * You can also choose to distribute this program under the terms of + * the Unmodified Binary Distribution Licence (as given in the file + * COPYING.UBDL), provided that you have satisfied its requirements. + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +/** @file + * + * Elliptic Curve Ephemeral Diffie-Hellman (ECDHE) key exchange + * + */ + +#include +#include + +/** + * Calculate ECDHE key + * + * @v curve Elliptic curve + * @v partner Partner public curve point + * @v private Private key + * @v public Public curve point to fill in (may overlap partner key) + * @v shared Shared secret curve point to fill in + * @ret rc Return status code + */ +int ecdhe_key ( struct elliptic_curve *curve, const void *partner, + const void *private, void *public, void *shared ) { + int rc; + + /* Construct shared key */ + if ( ( rc = elliptic_multiply ( curve, partner, private, + shared ) ) != 0 ) { + DBGC ( curve, "CURVE %s could not generate shared key: %s\n", + curve->name, strerror ( rc ) ); + return rc; + } + + /* Construct public key */ + if ( ( rc = elliptic_multiply ( curve, NULL, private, + public ) ) != 0 ) { + DBGC ( curve, "CURVE %s could not generate public key: %s\n", + curve->name, strerror ( rc ) ); + return rc; + } + + return 0; +} diff --git a/src/include/ipxe/ecdhe.h b/src/include/ipxe/ecdhe.h new file mode 100644 index 000000000..36fc0a1ee --- /dev/null +++ b/src/include/ipxe/ecdhe.h @@ -0,0 +1,17 @@ +#ifndef _IPXE_ECDHE_H +#define _IPXE_ECDHE_H + +/** @file + * + * Elliptic Curve Ephemeral Diffie-Hellman (ECDHE) key exchange + * + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +#include + +extern int ecdhe_key ( struct elliptic_curve *curve, const void *partner, + const void *private, void *public, void *shared ); + +#endif /* _IPXE_ECDHE_H */ diff --git a/src/net/tls.c b/src/net/tls.c index ded100d0e..286d2cc9f 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -50,6 +50,7 @@ FILE_LICENCE ( GPL2_OR_LATER ); #include #include #include +#include #include #include @@ -1733,9 +1734,9 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { } /* Calculate pre-master secret */ - if ( ( rc = elliptic_multiply ( curve->curve, - ecdh->public, private, - pre_master_secret ) ) != 0 ) { + if ( ( rc = ecdhe_key ( curve->curve, ecdh->public, + private, key_xchg.public, + pre_master_secret ) ) != 0 ) { DBGC ( tls, "TLS %p could not exchange ECDHE key: %s\n", tls, strerror ( rc ) ); return rc; @@ -1750,12 +1751,6 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { htonl ( sizeof ( key_xchg ) - sizeof ( key_xchg.type_length ) ) ); key_xchg.public_len = len; - if ( ( rc = elliptic_multiply ( curve->curve, NULL, private, - key_xchg.public ) ) != 0 ) { - DBGC ( tls, "TLS %p could not generate ECDHE key: %s\n", - tls, strerror ( rc ) ); - return rc; - } /* Transmit Client Key Exchange record */ if ( ( rc = tls_send_handshake ( tls, &key_xchg, -- cgit v1.2.3-55-g7522 From c9291bc5c7adfa9aa05e94aded90ba49d3dc8179 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Tue, 21 Jan 2025 15:29:05 +0000 Subject: [tls] Allow for NIST elliptic curve point formats The elliptic curve point representation for the x25519 curve includes only the X value, since the curve is designed such that the Montgomery ladder does not need to ever know or calculate a Y value. There is no curve point format byte: the public key data is simply the X value. The pre-master secret is also simply the X value of the shared secret curve point. The point representation for the NIST curves includes both X and Y values, and a single curve point format byte that must indicate that the format is uncompressed. The pre-master secret for the NIST curves does not include both X and Y values: only the X value is used. Extend the definition of an elliptic curve to allow the point size to be specified separately from the key size, and extend the definition of a TLS named curve to include an optional curve point format byte and a pre-master secret length. Signed-off-by: Michael Brown --- src/crypto/mishmash/oid_x25519.c | 1 + src/crypto/x25519.c | 1 + src/include/ipxe/crypto.h | 4 +++- src/include/ipxe/tls.h | 7 +++++++ src/net/tls.c | 38 ++++++++++++++++++++++++++++---------- 5 files changed, 40 insertions(+), 11 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/crypto/mishmash/oid_x25519.c b/src/crypto/mishmash/oid_x25519.c index 2f8aa065b..30b7905ea 100644 --- a/src/crypto/mishmash/oid_x25519.c +++ b/src/crypto/mishmash/oid_x25519.c @@ -42,4 +42,5 @@ struct asn1_algorithm x25519_algorithm __asn1_algorithm = { struct tls_named_curve tls_x25519_named_curve __tls_named_curve ( 01 ) = { .curve = &x25519_curve, .code = htons ( TLS_NAMED_CURVE_X25519 ), + .pre_master_secret_len = sizeof ( struct x25519_value ), }; diff --git a/src/crypto/x25519.c b/src/crypto/x25519.c index ab5d2e8b0..995cfa352 100644 --- a/src/crypto/x25519.c +++ b/src/crypto/x25519.c @@ -839,6 +839,7 @@ static int x25519_curve_multiply ( const void *base, const void *scalar, /** X25519 elliptic curve */ struct elliptic_curve x25519_curve = { .name = "x25519", + .pointsize = sizeof ( struct x25519_value ), .keysize = sizeof ( struct x25519_value ), .multiply = x25519_curve_multiply, }; diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h index dcc73f3ef..4bd543ae2 100644 --- a/src/include/ipxe/crypto.h +++ b/src/include/ipxe/crypto.h @@ -184,7 +184,9 @@ struct pubkey_algorithm { struct elliptic_curve { /** Curve name */ const char *name; - /** Key size */ + /** Point (and public key) size */ + size_t pointsize; + /** Scalar (and private key) size */ size_t keysize; /** Multiply scalar by curve point * diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index 08d58689e..bf9807230 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -218,12 +218,19 @@ struct tls_cipher_suite { /** TLS named curved type */ #define TLS_NAMED_CURVE_TYPE 3 +/** TLS uncompressed curve point format */ +#define TLS_POINT_FORMAT_UNCOMPRESSED 4 + /** A TLS named curve */ struct tls_named_curve { /** Elliptic curve */ struct elliptic_curve *curve; /** Numeric code (in network-endian order) */ uint16_t code; + /** Curve point format byte (if any) */ + uint8_t format; + /** Pre-master secret length */ + uint8_t pre_master_secret_len; }; /** TLS named curve table */ diff --git a/src/net/tls.c b/src/net/tls.c index 286d2cc9f..a94e71c8a 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -1671,6 +1671,9 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { uint8_t public[0]; } __attribute__ (( packed )) *ecdh; size_t param_len; + size_t pointsize; + size_t keysize; + size_t offset; int rc; /* Parse ServerKeyExchange record */ @@ -1706,9 +1709,13 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { tls->server.exchange_len ); return -ENOTSUP_CURVE; } + DBGC ( tls, "TLS %p using named curve %s\n", tls, curve->curve->name ); + pointsize = curve->curve->pointsize; + keysize = curve->curve->keysize; + offset = ( curve->format ? 1 : 0 ); /* Check key length */ - if ( ecdh->public_len != curve->curve->keysize ) { + if ( ecdh->public_len != ( offset + pointsize ) ) { DBGC ( tls, "TLS %p invalid %s key\n", tls, curve->curve->name ); DBGC_HDA ( tls, 0, tls->server.exchange, @@ -1716,15 +1723,23 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { return -EINVAL_KEY_EXCHANGE; } + /* Check curve point format byte (if present) */ + if ( curve->format && ( ecdh->public[0] != curve->format ) ) { + DBGC ( tls, "TLS %p invalid %s curve point format\n", + tls, curve->curve->name ); + DBGC_HDA ( tls, 0, tls->server.exchange, + tls->server.exchange_len ); + return -EINVAL_KEY_EXCHANGE; + } + /* Construct pre-master secret and ClientKeyExchange record */ { - size_t len = curve->curve->keysize; - uint8_t private[len]; - uint8_t pre_master_secret[len]; + uint8_t private[keysize]; + uint8_t pre_master_secret[pointsize]; struct { uint32_t type_length; uint8_t public_len; - uint8_t public[len]; + uint8_t public[ecdh->public_len]; } __attribute__ (( packed )) key_xchg; /* Generate ephemeral private key */ @@ -1733,9 +1748,9 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { return rc; } - /* Calculate pre-master secret */ - if ( ( rc = ecdhe_key ( curve->curve, ecdh->public, - private, key_xchg.public, + /* Exchange keys */ + if ( ( rc = ecdhe_key ( curve->curve, ( ecdh->public + offset ), + private, ( key_xchg.public + offset ), pre_master_secret ) ) != 0 ) { DBGC ( tls, "TLS %p could not exchange ECDHE key: %s\n", tls, strerror ( rc ) ); @@ -1743,14 +1758,17 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { } /* Generate master secret */ - tls_generate_master_secret ( tls, pre_master_secret, len ); + tls_generate_master_secret ( tls, pre_master_secret, + curve->pre_master_secret_len ); /* Generate Client Key Exchange record */ key_xchg.type_length = ( cpu_to_le32 ( TLS_CLIENT_KEY_EXCHANGE ) | htonl ( sizeof ( key_xchg ) - sizeof ( key_xchg.type_length ) ) ); - key_xchg.public_len = len; + key_xchg.public_len = sizeof ( key_xchg.public ); + if ( curve->format ) + key_xchg.public[0] = curve->format; /* Transmit Client Key Exchange record */ if ( ( rc = tls_send_handshake ( tls, &key_xchg, -- cgit v1.2.3-55-g7522 From 7fe467a46db6bb989c82f55119a6b302d85f8bc6 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 31 Mar 2025 00:15:27 +0100 Subject: [tls] Encrypt data in place to reduce memory usage Provide a custom xfer_alloc_iob() handler to ensure that transmit I/O buffers contain sufficient headroom for the TLS record header and record initialisation vector, and sufficient tailroom for the MAC, block cipher padding, and authentication tag. This allows us to use in-place encryption for the actual data within the I/O buffer, which essentially halves the amount of memory that needs to be allocated for a TLS data transmission. Signed-off-by: Michael Brown --- src/net/tls.c | 210 +++++++++++++++++++++++++++++++++------------------------- 1 file changed, 121 insertions(+), 89 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/net/tls.c b/src/net/tls.c index a94e71c8a..fc4662007 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -196,6 +196,10 @@ FILE_LICENCE ( GPL2_OR_LATER ); static LIST_HEAD ( tls_sessions ); static void tls_tx_resume_all ( struct tls_session *session ); +static struct io_buffer * tls_alloc_iob ( struct tls_connection *tls, + size_t len ); +static int tls_send_record ( struct tls_connection *tls, unsigned int type, + struct io_buffer *iobuf ); static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, const void *data, size_t len ); static void tls_clear_cipher ( struct tls_connection *tls, @@ -1126,9 +1130,6 @@ static void tls_restart ( struct tls_connection *tls ) { static int tls_send_handshake ( struct tls_connection *tls, const void *data, size_t len ) { - /* Add to handshake digest */ - tls_add_handshake ( tls, data, len ); - /* Send record */ return tls_send_plaintext ( tls, TLS_TYPE_HANDSHAKE, data, len ); } @@ -1333,8 +1334,8 @@ static int tls_send_certificate ( struct tls_connection *tls ) { } __attribute__ (( packed )) *certificates; struct x509_link *link; struct x509_certificate *cert; + struct io_buffer *iobuf; size_t len; - int rc; /* Calculate length of client certificates */ len = 0; @@ -1348,33 +1349,28 @@ static int tls_send_certificate ( struct tls_connection *tls ) { /* Allocate storage for Certificate record (which may be too * large for the stack). */ - certificates = zalloc ( sizeof ( *certificates ) + len ); - if ( ! certificates ) + iobuf = tls_alloc_iob ( tls, ( sizeof ( *certificates ) + len ) ); + if ( ! iobuf ) return -ENOMEM_CERTIFICATE; /* Populate record */ + certificates = iob_put ( iobuf, sizeof ( *certificates ) ); certificates->type_length = ( cpu_to_le32 ( TLS_CERTIFICATE ) | htonl ( sizeof ( *certificates ) + len - sizeof ( certificates->type_length ) ) ); tls_set_uint24 ( &certificates->length, len ); - certificate = &certificates->certificates[0]; list_for_each_entry ( link, &tls->client.chain->links, list ) { cert = link->cert; + certificate = iob_put ( iobuf, sizeof ( *certificate ) ); tls_set_uint24 ( &certificate->length, cert->raw.len ); - memcpy ( certificate->data, cert->raw.data, cert->raw.len ); - certificate = ( ( ( void * ) certificate->data ) + - cert->raw.len ); + memcpy ( iob_put ( iobuf, cert->raw.len ), cert->raw.data, + cert->raw.len ); } /* Transmit record */ - rc = tls_send_handshake ( tls, certificates, - ( sizeof ( *certificates ) + len ) ); - - /* Free record */ - free ( certificates ); - - return rc; + return tls_send_record ( tls, TLS_TYPE_HANDSHAKE, + iob_disown ( iobuf ) ); } /** @@ -2927,17 +2923,58 @@ static void tls_hmac_list ( struct tls_cipherspec *cipherspec, tls_hmac_final ( cipherspec, ctx, hmac ); } +/** + * Allocate I/O buffer for transmitted record + * + * @v tls TLS connection + * @v len I/O buffer payload length + * @ret iobuf I/O buffer + */ +static struct io_buffer * tls_alloc_iob ( struct tls_connection *tls, + size_t len ) { + struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.active; + struct tls_cipher_suite *suite = cipherspec->suite; + struct cipher_algorithm *cipher = suite->cipher; + struct tls_header *tlshdr; + struct io_buffer *iobuf; + size_t pre_len; + size_t padded_len; + size_t post_len; + + /* Calculate length of padded data */ + padded_len = ( len + suite->mac_len ); + if ( is_block_cipher ( cipher ) ) { + padded_len = ( ( padded_len + 1 + cipher->blocksize - 1 ) & + ~( cipher->blocksize - 1 ) ); + assert ( padded_len > ( len + suite->mac_len ) ); + } + + /* Calculate lengths before and after padded data */ + pre_len = ( sizeof ( *tlshdr ) + suite->record_iv_len ); + post_len = cipher->authsize; + + /* Allocate I/O buffer */ + iobuf = xfer_alloc_iob ( &tls->cipherstream, + ( pre_len + padded_len + post_len ) ); + if ( ! iobuf ) + return NULL; + + /* Reserve space */ + iob_reserve ( iobuf, pre_len ); + + return iobuf; +} + /** * Send plaintext record * * @v tls TLS connection * @v type Record type - * @v data Plaintext record - * @v len Length of plaintext record + * @v iobuf I/O buffer * @ret rc Return status code */ -static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, - const void *data, size_t len ) { +static int tls_send_record ( struct tls_connection *tls, unsigned int type, + struct io_buffer *iobuf ) { struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.active; struct tls_cipher_suite *suite = cipherspec->suite; struct cipher_algorithm *cipher = suite->cipher; @@ -2948,15 +2985,14 @@ static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, } __attribute__ (( packed )) iv; struct tls_auth_header authhdr; struct tls_header *tlshdr; - void *plaintext; - size_t plaintext_len; - struct io_buffer *ciphertext; - size_t ciphertext_len; - size_t padding_len; uint8_t mac[digest->digestsize]; - void *tmp; + size_t pad_len; int rc; + /* Add to handshake digest if applicable */ + if ( type == TLS_TYPE_HANDSHAKE ) + tls_add_handshake ( tls, iobuf->data, iob_len ( iobuf ) ); + /* Construct initialisation vector */ memcpy ( iv.fixed, cipherspec->fixed_iv, sizeof ( iv.fixed ) ); if ( ( rc = tls_generate_random ( tls, iv.record, @@ -2968,40 +3004,25 @@ static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, authhdr.seq = cpu_to_be64 ( tls->tx.seq ); authhdr.header.type = type; authhdr.header.version = htons ( tls->version ); - authhdr.header.length = htons ( len ); + authhdr.header.length = htons ( iob_len ( iobuf ) ); - /* Calculate padding length */ - plaintext_len = ( len + suite->mac_len ); - if ( is_block_cipher ( cipher ) ) { - padding_len = ( ( ( cipher->blocksize - 1 ) & - -( plaintext_len + 1 ) ) + 1 ); - } else { - padding_len = 0; + /* Append MAC, if applicable */ + if ( suite->mac_len ) { + tls_hmac ( cipherspec, &authhdr, iobuf->data, + iob_len ( iobuf ), mac ); + memcpy ( iob_put ( iobuf, suite->mac_len ), mac, + suite->mac_len ); } - plaintext_len += padding_len; - /* Allocate plaintext */ - plaintext = malloc ( plaintext_len ); - if ( ! plaintext ) { - DBGC ( tls, "TLS %p could not allocate %zd bytes for " - "plaintext\n", tls, plaintext_len ); - rc = -ENOMEM_TX_PLAINTEXT; - goto err_plaintext; + /* Append padding, if applicable */ + if ( is_block_cipher ( cipher ) ) { + pad_len = ( ( ( cipher->blocksize - 1 ) & + -( iob_len ( iobuf ) + 1 ) ) + 1 ); + memset ( iob_put ( iobuf, pad_len ), ( pad_len - 1 ), pad_len ); + assert ( ! ( iob_len ( iobuf ) & ( cipher->blocksize - 1 ) ) ); } - - /* Assemble plaintext */ - tmp = plaintext; - memcpy ( tmp, data, len ); - tmp += len; - if ( suite->mac_len ) - tls_hmac ( cipherspec, &authhdr, data, len, mac ); - memcpy ( tmp, mac, suite->mac_len ); - tmp += suite->mac_len; - memset ( tmp, ( padding_len - 1 ), padding_len ); - tmp += padding_len; - assert ( tmp == ( plaintext + plaintext_len ) ); DBGC2 ( tls, "Sending plaintext data:\n" ); - DBGC2_HD ( tls, plaintext, plaintext_len ); + DBGC2_HDA ( tls, 0, iobuf->data, iob_len ( iobuf ) ); /* Set initialisation vector */ cipher_setiv ( cipher, cipherspec->cipher_ctx, &iv, sizeof ( iv ) ); @@ -3012,37 +3033,23 @@ static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, NULL, sizeof ( authhdr ) ); } - /* Allocate ciphertext */ - ciphertext_len = ( sizeof ( *tlshdr ) + sizeof ( iv.record ) + - plaintext_len + cipher->authsize ); - ciphertext = xfer_alloc_iob ( &tls->cipherstream, ciphertext_len ); - if ( ! ciphertext ) { - DBGC ( tls, "TLS %p could not allocate %zd bytes for " - "ciphertext\n", tls, ciphertext_len ); - rc = -ENOMEM_TX_CIPHERTEXT; - goto err_ciphertext; - } + /* Encrypt data to be transmitted and append authentication tag */ + cipher_encrypt ( cipher, cipherspec->cipher_ctx, iobuf->data, + iobuf->data, iob_len ( iobuf ) ); + cipher_auth ( cipher, cipherspec->cipher_ctx, + iob_put ( iobuf, cipher->authsize ) ); - /* Assemble ciphertext */ - tlshdr = iob_put ( ciphertext, sizeof ( *tlshdr ) ); + /* Prepend record header and initialisation vector */ + memcpy ( iob_push ( iobuf, sizeof ( iv.record ) ), iv.record, + sizeof ( iv.record ) ); + tlshdr = iob_push ( iobuf, sizeof ( *tlshdr ) ); tlshdr->type = type; tlshdr->version = htons ( tls->version ); - tlshdr->length = htons ( ciphertext_len - sizeof ( *tlshdr ) ); - memcpy ( iob_put ( ciphertext, sizeof ( iv.record ) ), iv.record, - sizeof ( iv.record ) ); - cipher_encrypt ( cipher, cipherspec->cipher_ctx, plaintext, - iob_put ( ciphertext, plaintext_len ), plaintext_len ); - cipher_auth ( cipher, cipherspec->cipher_ctx, - iob_put ( ciphertext, cipher->authsize ) ); - assert ( iob_len ( ciphertext ) == ciphertext_len ); - - /* Free plaintext as soon as possible to conserve memory */ - free ( plaintext ); - plaintext = NULL; + tlshdr->length = htons ( iob_len ( iobuf ) - sizeof ( *tlshdr ) ); /* Send ciphertext */ if ( ( rc = xfer_deliver_iob ( &tls->cipherstream, - iob_disown ( ciphertext ) ) ) != 0 ) { + iob_disown ( iobuf ) ) ) != 0 ) { DBGC ( tls, "TLS %p could not deliver ciphertext: %s\n", tls, strerror ( rc ) ); goto err_deliver; @@ -3051,19 +3058,42 @@ static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, /* Update TX state machine to next record */ tls->tx.seq += 1; - assert ( plaintext == NULL ); - assert ( ciphertext == NULL ); + assert ( iobuf == NULL ); return 0; err_deliver: - free_iob ( ciphertext ); - err_ciphertext: - free ( plaintext ); - err_plaintext: err_random: + free_iob ( iobuf ); return rc; } +/** + * Send plaintext record + * + * @v tls TLS connection + * @v type Record type + * @v data Plaintext record + * @v len Length of plaintext record + * @ret rc Return status code + */ +static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, + const void *data, size_t len ) { + struct io_buffer *iobuf; + int rc; + + /* Allocate I/O buffer */ + iobuf = tls_alloc_iob ( tls, len ); + if ( ! iobuf ) + return -ENOMEM_TX_PLAINTEXT; + memcpy ( iob_put ( iobuf, len ), data, len ); + + /* Transmit I/O buffer */ + if ( ( rc = tls_send_record ( tls, type, iob_disown ( iobuf ) ) ) != 0 ) + return rc; + + return 0; +} + /** * Verify block padding * @@ -3281,8 +3311,9 @@ static int tls_plainstream_deliver ( struct tls_connection *tls, goto done; } - if ( ( rc = tls_send_plaintext ( tls, TLS_TYPE_DATA, iobuf->data, - iob_len ( iobuf ) ) ) != 0 ) + /* Send data record */ + if ( ( rc = tls_send_record ( tls, TLS_TYPE_DATA, + iob_disown ( iobuf ) ) ) != 0 ) goto done; done: @@ -3310,6 +3341,7 @@ static int tls_progress ( struct tls_connection *tls, /** TLS plaintext stream interface operations */ static struct interface_operation tls_plainstream_ops[] = { + INTF_OP ( xfer_alloc_iob, struct tls_connection *, tls_alloc_iob ), INTF_OP ( xfer_deliver, struct tls_connection *, tls_plainstream_deliver ), INTF_OP ( xfer_window, struct tls_connection *, -- cgit v1.2.3-55-g7522 From f115cfcf994e0141eb1f9c0a3684c8d1b6260719 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 31 Mar 2025 14:25:41 +0100 Subject: [tls] Send an empty client certificate chain if we have no certificate RFC5246 states that "a client MAY send no certificates if it does not have an appropriate certificate to send in response to the server's authentication request". This use case may arise when the server is using optional client certificate verification and iPXE has not been provided with a client certificate to use. Treat the absence of a suitable client certificate as a non-fatal condition and send a Certificate message containing no certificates as permitted by RFC5246. Reported-by: Alexandre Ravey Originally-implemented-by: Alexandre Ravey Signed-off-by: Michael Brown --- src/net/tls.c | 56 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 28 insertions(+), 28 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/net/tls.c b/src/net/tls.c index fc4662007..5ad20fff4 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -171,10 +171,6 @@ FILE_LICENCE ( GPL2_OR_LATER ); #define EINFO_EPERM_VERIFY \ __einfo_uniqify ( EINFO_EPERM, 0x02, \ "Handshake verification failed" ) -#define EPERM_CLIENT_CERT __einfo_error ( EINFO_EPERM_CLIENT_CERT ) -#define EINFO_EPERM_CLIENT_CERT \ - __einfo_uniqify ( EINFO_EPERM, 0x03, \ - "No suitable client certificate available" ) #define EPERM_RENEG_INSECURE __einfo_error ( EINFO_EPERM_RENEG_INSECURE ) #define EINFO_EPERM_RENEG_INSECURE \ __einfo_uniqify ( EINFO_EPERM, 0x04, \ @@ -2464,18 +2460,6 @@ static int tls_new_certificate_request ( struct tls_connection *tls, x509_chain_put ( tls->client.chain ); tls->client.chain = NULL; - /* Determine client certificate to be sent */ - cert = x509_find_key ( NULL, tls->client.key ); - if ( ! cert ) { - DBGC ( tls, "TLS %p could not find certificate corresponding " - "to private key\n", tls ); - rc = -EPERM_CLIENT_CERT; - goto err_find; - } - x509_get ( cert ); - DBGC ( tls, "TLS %p selected client certificate %s\n", - tls, x509_name ( cert ) ); - /* Create client certificate chain */ tls->client.chain = x509_alloc_chain(); if ( ! tls->client.chain ) { @@ -2483,26 +2467,41 @@ static int tls_new_certificate_request ( struct tls_connection *tls, goto err_alloc; } - /* Append client certificate to chain */ - if ( ( rc = x509_append ( tls->client.chain, cert ) ) != 0 ) - goto err_append; + /* Determine client certificate to be sent, if any */ + cert = x509_find_key ( NULL, tls->client.key ); + if ( cert ) { + + /* Get temporary reference to certificate */ + x509_get ( cert ); + DBGC ( tls, "TLS %p selected client certificate %s\n", + tls, x509_name ( cert ) ); + + /* Append client certificate to chain */ + if ( ( rc = x509_append ( tls->client.chain, cert ) ) != 0 ) + goto err_append; + + /* Append any relevant issuer certificates */ + if ( ( rc = x509_auto_append ( tls->client.chain, + &certstore ) ) != 0 ) + goto err_auto_append; + } else { - /* Append any relevant issuer certificates */ - if ( ( rc = x509_auto_append ( tls->client.chain, &certstore ) ) != 0 ) - goto err_auto_append; + /* Send an empty certificate chain */ + DBGC ( tls, "TLS %p could not find certificate corresponding " + "to private key\n", tls ); + } - /* Drop local reference to client certificate */ + /* Drop local reference (if any) to client certificate */ x509_put ( cert ); return 0; err_auto_append: err_append: + x509_put ( cert ); x509_chain_put ( tls->client.chain ); tls->client.chain = NULL; err_alloc: - x509_put ( cert ); - err_find: return rc; } @@ -3616,13 +3615,14 @@ static void tls_validator_done ( struct tls_connection *tls, int rc ) { memcpy ( &tls->server.key, &cert->subject.public_key.raw, sizeof ( tls->server.key ) ); - /* Schedule Client Key Exchange, Change Cipher, and Finished */ + /* Schedule transmission of applicable handshake messages */ tls->tx.pending |= ( TLS_TX_CLIENT_KEY_EXCHANGE | TLS_TX_CHANGE_CIPHER | TLS_TX_FINISHED ); if ( tls->client.chain ) { - tls->tx.pending |= ( TLS_TX_CERTIFICATE | - TLS_TX_CERTIFICATE_VERIFY ); + tls->tx.pending |= TLS_TX_CERTIFICATE; + if ( ! list_empty ( &tls->client.chain->links ) ) + tls->tx.pending |= TLS_TX_CERTIFICATE_VERIFY; } tls_tx_resume ( tls ); -- cgit v1.2.3-55-g7522 From a289b4b8c2eb06d013a48088e25e11a3390006ca Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 31 Mar 2025 16:36:33 +0100 Subject: [tls] Support fragmentation of transmitted records Large transmitted records may arise if we have long client certificate chains or if a client sends a large block of data (such as a large HTTP POST payload). Fragment records as needed to comply with the value that we advertise via the max_fragment_length extension. Signed-off-by: Michael Brown --- src/include/ipxe/tls.h | 11 +++ src/net/tls.c | 197 +++++++++++++++++++++++++++++++------------------ 2 files changed, 135 insertions(+), 73 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index 7abbe4ff9..3b46543bb 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -465,6 +465,17 @@ struct tls_connection { struct tls_server server; }; +/** Advertised maximum fragment length */ +#define TLS_MAX_FRAGMENT_LENGTH_VALUE TLS_MAX_FRAGMENT_LENGTH_4096 + +/** TX maximum fragment length + * + * TLS requires us to limit our transmitted records to the maximum + * fragment length that we attempt to negotiate, even if the server + * does not respect this choice. + */ +#define TLS_TX_BUFSIZE 4096 + /** RX I/O buffer size * * The maximum fragment length extension is optional, and many common diff --git a/src/net/tls.c b/src/net/tls.c index 5ad20fff4..4c135f090 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -1256,7 +1256,7 @@ static int tls_client_hello ( struct tls_connection *tls, max_fragment_length_ext->type = htons ( TLS_MAX_FRAGMENT_LENGTH ); max_fragment_length_ext->len = htons ( sizeof ( max_fragment_length_ext->data ) ); - max_fragment_length_ext->data.max = TLS_MAX_FRAGMENT_LENGTH_4096; + max_fragment_length_ext->data.max = TLS_MAX_FRAGMENT_LENGTH_VALUE; /* Construct supported signature algorithms extension */ signature_algorithms_ext = &extensions->signature_algorithms; @@ -2923,49 +2923,60 @@ static void tls_hmac_list ( struct tls_cipherspec *cipherspec, } /** - * Allocate I/O buffer for transmitted record + * Calculate maximum additional length required for transmitted record(s) * * @v tls TLS connection * @v len I/O buffer payload length - * @ret iobuf I/O buffer + * @ret reserve Maximum additional length to reserve */ -static struct io_buffer * tls_alloc_iob ( struct tls_connection *tls, - size_t len ) { +static size_t tls_iob_reserved ( struct tls_connection *tls, size_t len ) { struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.active; struct tls_cipher_suite *suite = cipherspec->suite; struct cipher_algorithm *cipher = suite->cipher; struct tls_header *tlshdr; - struct io_buffer *iobuf; - size_t pre_len; - size_t padded_len; - size_t post_len; + unsigned int count; + size_t each; - /* Calculate length of padded data */ - padded_len = ( len + suite->mac_len ); - if ( is_block_cipher ( cipher ) ) { - padded_len = ( ( padded_len + 1 + cipher->blocksize - 1 ) & - ~( cipher->blocksize - 1 ) ); - assert ( padded_len > ( len + suite->mac_len ) ); - } + /* Calculate number of records (allowing for zero-length records) */ + count = ( len ? ( ( len + TLS_TX_BUFSIZE - 1 ) / TLS_TX_BUFSIZE ) : 1 ); + + /* Calculate maximum additional length per record */ + each = ( sizeof ( *tlshdr ) + suite->record_iv_len + suite->mac_len + + ( is_block_cipher ( cipher ) ? cipher->blocksize : 0 ) + + cipher->authsize ); + + /* Calculate maximum total additional length */ + return ( count * each ); +} + +/** + * Allocate I/O buffer for transmitted record(s) + * + * @v tls TLS connection + * @v len I/O buffer payload length + * @ret iobuf I/O buffer + */ +static struct io_buffer * tls_alloc_iob ( struct tls_connection *tls, + size_t len ) { + struct io_buffer *iobuf; + size_t reserve; - /* Calculate lengths before and after padded data */ - pre_len = ( sizeof ( *tlshdr ) + suite->record_iv_len ); - post_len = cipher->authsize; + /* Calculate maximum additional length to reserve */ + reserve = tls_iob_reserved ( tls, len ); /* Allocate I/O buffer */ - iobuf = xfer_alloc_iob ( &tls->cipherstream, - ( pre_len + padded_len + post_len ) ); + iobuf = xfer_alloc_iob ( &tls->cipherstream, ( reserve + len ) ); if ( ! iobuf ) return NULL; /* Reserve space */ - iob_reserve ( iobuf, pre_len ); + iob_reserve ( iobuf, reserve ); return iobuf; } /** - * Send plaintext record + * Send plaintext record(s) * * @v tls TLS connection * @v type Record type @@ -2980,71 +2991,114 @@ static int tls_send_record ( struct tls_connection *tls, unsigned int type, struct digest_algorithm *digest = suite->digest; struct { uint8_t fixed[suite->fixed_iv_len]; - uint8_t record[suite->record_iv_len]; + uint8_t rec[suite->record_iv_len]; } __attribute__ (( packed )) iv; struct tls_auth_header authhdr; struct tls_header *tlshdr; uint8_t mac[digest->digestsize]; + const void *plaintext; + const void *encrypt; + void *ciphertext; + size_t record_len; + size_t encrypt_len; size_t pad_len; + size_t len; int rc; + /* Record plaintext pointer and length */ + plaintext = iobuf->data; + len = iob_len ( iobuf ); + /* Add to handshake digest if applicable */ if ( type == TLS_TYPE_HANDSHAKE ) - tls_add_handshake ( tls, iobuf->data, iob_len ( iobuf ) ); + tls_add_handshake ( tls, plaintext, len ); + + /* Start constructing ciphertext at start of reserved space */ + iob_push ( iobuf, tls_iob_reserved ( tls, len ) ); + iob_unput ( iobuf, iob_len ( iobuf ) ); + + /* Construct records */ + do { + /* Limit length of this record (may be zero) */ + record_len = len; + if ( record_len > TLS_TX_BUFSIZE ) + record_len = TLS_TX_BUFSIZE; + + /* Construct and set initialisation vector */ + memcpy ( iv.fixed, cipherspec->fixed_iv, sizeof ( iv.fixed ) ); + if ( ( rc = tls_generate_random ( tls, iv.rec, + sizeof ( iv.rec ) ) ) != 0 ) { + goto err_random; + } + cipher_setiv ( cipher, cipherspec->cipher_ctx, &iv, + sizeof ( iv ) ); + + /* Construct and process authentication data */ + authhdr.seq = cpu_to_be64 ( tls->tx.seq ); + authhdr.header.type = type; + authhdr.header.version = htons ( tls->version ); + authhdr.header.length = htons ( record_len ); + if ( suite->mac_len ) { + tls_hmac ( cipherspec, &authhdr, plaintext, record_len, + mac ); + } + if ( is_auth_cipher ( cipher ) ) { + cipher_encrypt ( cipher, cipherspec->cipher_ctx, + &authhdr, NULL, sizeof ( authhdr ) ); + } - /* Construct initialisation vector */ - memcpy ( iv.fixed, cipherspec->fixed_iv, sizeof ( iv.fixed ) ); - if ( ( rc = tls_generate_random ( tls, iv.record, - sizeof ( iv.record ) ) ) != 0 ) { - goto err_random; - } + /* Calculate encryption length */ + encrypt_len = ( record_len + suite->mac_len ); + if ( is_block_cipher ( cipher ) ) { + pad_len = ( ( ( cipher->blocksize - 1 ) & + -( encrypt_len + 1 ) ) + 1 ); + } else { + pad_len = 0; + } + encrypt_len += pad_len; + + /* Add record header */ + tlshdr = iob_put ( iobuf, sizeof ( *tlshdr ) ); + tlshdr->type = type; + tlshdr->version = htons ( tls->version ); + tlshdr->length = htons ( sizeof ( iv.rec ) + encrypt_len + + cipher->authsize ); + + /* Add record initialisation vector, if applicable */ + memcpy ( iob_put ( iobuf, sizeof ( iv.rec ) ), iv.rec, + sizeof ( iv.rec ) ); + + /* Copy plaintext data if necessary */ + ciphertext = iob_put ( iobuf, record_len ); + assert ( ciphertext <= plaintext ); + if ( encrypt_len > record_len ) { + memmove ( ciphertext, plaintext, record_len ); + encrypt = ciphertext; + } else { + encrypt = plaintext; + } - /* Construct authentication data */ - authhdr.seq = cpu_to_be64 ( tls->tx.seq ); - authhdr.header.type = type; - authhdr.header.version = htons ( tls->version ); - authhdr.header.length = htons ( iob_len ( iobuf ) ); - - /* Append MAC, if applicable */ - if ( suite->mac_len ) { - tls_hmac ( cipherspec, &authhdr, iobuf->data, - iob_len ( iobuf ), mac ); + /* Add MAC, if applicable */ memcpy ( iob_put ( iobuf, suite->mac_len ), mac, suite->mac_len ); - } - /* Append padding, if applicable */ - if ( is_block_cipher ( cipher ) ) { - pad_len = ( ( ( cipher->blocksize - 1 ) & - -( iob_len ( iobuf ) + 1 ) ) + 1 ); + /* Add padding, if applicable */ memset ( iob_put ( iobuf, pad_len ), ( pad_len - 1 ), pad_len ); - assert ( ! ( iob_len ( iobuf ) & ( cipher->blocksize - 1 ) ) ); - } - DBGC2 ( tls, "Sending plaintext data:\n" ); - DBGC2_HDA ( tls, 0, iobuf->data, iob_len ( iobuf ) ); - /* Set initialisation vector */ - cipher_setiv ( cipher, cipherspec->cipher_ctx, &iv, sizeof ( iv ) ); + /* Encrypt data and append authentication tag */ + DBGC2 ( tls, "Sending plaintext data:\n" ); + DBGC2_HDA ( tls, 0, encrypt, encrypt_len ); + cipher_encrypt ( cipher, cipherspec->cipher_ctx, encrypt, + ciphertext, encrypt_len ); + cipher_auth ( cipher, cipherspec->cipher_ctx, + iob_put ( iobuf, cipher->authsize ) ); - /* Process authentication data, if applicable */ - if ( is_auth_cipher ( cipher ) ) { - cipher_encrypt ( cipher, cipherspec->cipher_ctx, &authhdr, - NULL, sizeof ( authhdr ) ); - } + /* Move to next record */ + tls->tx.seq += 1; + plaintext += record_len; + len -= record_len; - /* Encrypt data to be transmitted and append authentication tag */ - cipher_encrypt ( cipher, cipherspec->cipher_ctx, iobuf->data, - iobuf->data, iob_len ( iobuf ) ); - cipher_auth ( cipher, cipherspec->cipher_ctx, - iob_put ( iobuf, cipher->authsize ) ); - - /* Prepend record header and initialisation vector */ - memcpy ( iob_push ( iobuf, sizeof ( iv.record ) ), iv.record, - sizeof ( iv.record ) ); - tlshdr = iob_push ( iobuf, sizeof ( *tlshdr ) ); - tlshdr->type = type; - tlshdr->version = htons ( tls->version ); - tlshdr->length = htons ( iob_len ( iobuf ) - sizeof ( *tlshdr ) ); + } while ( len ); /* Send ciphertext */ if ( ( rc = xfer_deliver_iob ( &tls->cipherstream, @@ -3054,9 +3108,6 @@ static int tls_send_record ( struct tls_connection *tls, unsigned int type, goto err_deliver; } - /* Update TX state machine to next record */ - tls->tx.seq += 1; - assert ( iobuf == NULL ); return 0; -- cgit v1.2.3-55-g7522 From 0a48bb32145ce14b11d5d1e2a537d3d567489385 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 31 Mar 2025 17:44:59 +0100 Subject: [x509] Ensure certificate remains valid during x509_append() The allocation of memory for the certificate chain link may cause the certificate itself to be freed by the cache discarder, if the only current reference to the certificate is held by the certificate store and the system runs out of memory during the call to malloc(). Ensure that this cannot happen by taking out a temporary additional reference to the certificate within x509_append(), rather than requiring the caller to do so. Signed-off-by: Michael Brown --- src/crypto/x509.c | 17 ++++++++++++++--- src/net/tls.c | 7 ------- 2 files changed, 14 insertions(+), 10 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/crypto/x509.c b/src/crypto/x509.c index acb27411a..10bc6369a 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -1634,11 +1634,17 @@ struct x509_chain * x509_alloc_chain ( void ) { */ int x509_append ( struct x509_chain *chain, struct x509_certificate *cert ) { struct x509_link *link; + int rc; + + /* Ensure allocation of link cannot invalidate certificate */ + x509_get ( cert ); /* Allocate link */ link = zalloc ( sizeof ( *link ) ); - if ( ! link ) - return -ENOMEM; + if ( ! link ) { + rc = -ENOMEM; + goto err_alloc; + } /* Add link to chain */ link->cert = x509_get ( cert ); @@ -1646,7 +1652,12 @@ int x509_append ( struct x509_chain *chain, struct x509_certificate *cert ) { DBGC ( chain, "X509 chain %p added X509 %p \"%s\"\n", chain, cert, x509_name ( cert ) ); - return 0; + /* Success */ + rc = 0; + + x509_put ( cert ); + err_alloc: + return rc; } /** diff --git a/src/net/tls.c b/src/net/tls.c index 4c135f090..643b9292d 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -2470,9 +2470,6 @@ static int tls_new_certificate_request ( struct tls_connection *tls, /* Determine client certificate to be sent, if any */ cert = x509_find_key ( NULL, tls->client.key ); if ( cert ) { - - /* Get temporary reference to certificate */ - x509_get ( cert ); DBGC ( tls, "TLS %p selected client certificate %s\n", tls, x509_name ( cert ) ); @@ -2491,14 +2488,10 @@ static int tls_new_certificate_request ( struct tls_connection *tls, "to private key\n", tls ); } - /* Drop local reference (if any) to client certificate */ - x509_put ( cert ); - return 0; err_auto_append: err_append: - x509_put ( cert ); x509_chain_put ( tls->client.chain ); tls->client.chain = NULL; err_alloc: -- cgit v1.2.3-55-g7522 From d6656106e9a9a08642ab24700c0554273d917510 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Sun, 12 Oct 2025 22:20:13 +0100 Subject: [tls] Generate master secret only after sending Client Key Exchange The calculation for the extended master secret as defined in RFC 7627 relies upon the digest of all handshake messages up to and including the Client Key Exchange. Facilitate this calculation by generating the master secret only after sending the Client Key Exchange message. Signed-off-by: Michael Brown --- src/net/tls.c | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/net/tls.c b/src/net/tls.c index 643b9292d..cc463214f 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -1399,10 +1399,6 @@ static int tls_send_client_key_exchange_pubkey ( struct tls_connection *tls ) { return rc; } - /* Generate master secret */ - tls_generate_master_secret ( tls, &pre_master_secret, - sizeof ( pre_master_secret ) ); - /* Encrypt pre-master secret using server's public key */ memset ( &key_xchg, 0, sizeof ( key_xchg ) ); len = pubkey_encrypt ( pubkey, &tls->server.key, &pre_master_secret, @@ -1423,8 +1419,18 @@ static int tls_send_client_key_exchange_pubkey ( struct tls_connection *tls ) { htons ( sizeof ( key_xchg.encrypted_pre_master_secret ) - unused ); - return tls_send_handshake ( tls, &key_xchg, - ( sizeof ( key_xchg ) - unused ) ); + /* Transmit Client Key Exchange record */ + if ( ( rc = tls_send_handshake ( tls, &key_xchg, + ( sizeof ( key_xchg ) - + unused ) ) ) != 0 ) { + return rc; + } + + /* Generate master secret */ + tls_generate_master_secret ( tls, &pre_master_secret, + sizeof ( pre_master_secret ) ); + + return 0; } /** Public key exchange algorithm */ @@ -1622,15 +1628,15 @@ static int tls_send_client_key_exchange_dhe ( struct tls_connection *tls ) { len--; } - /* Generate master secret */ - tls_generate_master_secret ( tls, pre_master_secret, len ); - /* Transmit Client Key Exchange record */ if ( ( rc = tls_send_handshake ( tls, key_xchg, sizeof ( *key_xchg ) ) ) !=0){ goto err_send_handshake; } + /* Generate master secret */ + tls_generate_master_secret ( tls, pre_master_secret, len ); + err_send_handshake: err_dhe_key: free ( dynamic ); @@ -1749,10 +1755,6 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { return rc; } - /* Generate master secret */ - tls_generate_master_secret ( tls, pre_master_secret, - curve->pre_master_secret_len ); - /* Generate Client Key Exchange record */ key_xchg.type_length = ( cpu_to_le32 ( TLS_CLIENT_KEY_EXCHANGE ) | @@ -1767,6 +1769,10 @@ static int tls_send_client_key_exchange_ecdhe ( struct tls_connection *tls ) { sizeof ( key_xchg ) ) ) !=0){ return rc; } + + /* Generate master secret */ + tls_generate_master_secret ( tls, pre_master_secret, + curve->pre_master_secret_len ); } return 0; -- cgit v1.2.3-55-g7522 From ab64bc5b8d2335294ce2d967fc1f0c32322bbf40 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Sun, 12 Oct 2025 22:26:49 +0100 Subject: [tls] Add support for the Extended Master Secret RFC 7627 defines the Extended Master Secret (EMS) as an alternative calculation that uses the digest of all handshake messages rather than just the client and server random bytes. Add support for negotiating the Extended Master Secret extension and performing the relevant calculation of the master secret. Signed-off-by: Michael Brown --- src/include/ipxe/tls.h | 5 +++++ src/net/tls.c | 57 +++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 55 insertions(+), 7 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index 3b46543bb..658a008f8 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -134,6 +134,9 @@ struct tls_header { /* TLS signature algorithms extension */ #define TLS_SIGNATURE_ALGORITHMS 13 +/* TLS extended master secret extension */ +#define TLS_EXTENDED_MASTER_SECRET 23 + /* TLS session ticket extension */ #define TLS_SESSION_TICKET 35 @@ -452,6 +455,8 @@ struct tls_connection { uint8_t *handshake_ctx; /** Secure renegotiation flag */ int secure_renegotiation; + /** Extended master secret flag */ + int extended_master_secret; /** Verification data */ struct tls_verify_data verify; diff --git a/src/net/tls.c b/src/net/tls.c index cc463214f..8f91da018 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -200,6 +200,7 @@ static int tls_send_plaintext ( struct tls_connection *tls, unsigned int type, const void *data, size_t len ); static void tls_clear_cipher ( struct tls_connection *tls, struct tls_cipherspec *cipherspec ); +static void tls_verify_handshake ( struct tls_connection *tls, void *out ); /****************************************************************************** * @@ -637,21 +638,43 @@ static void tls_prf ( struct tls_connection *tls, const void *secret, static void tls_generate_master_secret ( struct tls_connection *tls, const void *pre_master_secret, size_t pre_master_secret_len ) { + struct digest_algorithm *digest = tls->handshake_digest; + uint8_t digest_out[ digest->digestsize ]; + + /* Generate handshake digest */ + tls_verify_handshake ( tls, digest_out ); - DBGC ( tls, "TLS %p pre-master-secret:\n", tls ); + /* Show inputs */ + DBGC ( tls, "TLS %p pre-master secret:\n", tls ); DBGC_HD ( tls, pre_master_secret, pre_master_secret_len ); DBGC ( tls, "TLS %p client random bytes:\n", tls ); DBGC_HD ( tls, &tls->client.random, sizeof ( tls->client.random ) ); DBGC ( tls, "TLS %p server random bytes:\n", tls ); DBGC_HD ( tls, &tls->server.random, sizeof ( tls->server.random ) ); + DBGC ( tls, "TLS %p session hash:\n", tls ); + DBGC_HD ( tls, digest_out, sizeof ( digest_out ) ); - tls_prf_label ( tls, pre_master_secret, pre_master_secret_len, - &tls->master_secret, sizeof ( tls->master_secret ), - "master secret", - &tls->client.random, sizeof ( tls->client.random ), - &tls->server.random, sizeof ( tls->server.random ) ); + /* Generate master secret */ + if ( tls->extended_master_secret ) { + tls_prf_label ( tls, pre_master_secret, pre_master_secret_len, + &tls->master_secret, + sizeof ( tls->master_secret ), + "extended master secret", + digest_out, sizeof ( digest_out ) ); + } else { + tls_prf_label ( tls, pre_master_secret, pre_master_secret_len, + &tls->master_secret, + sizeof ( tls->master_secret ), + "master secret", + &tls->client.random, + sizeof ( tls->client.random ), + &tls->server.random, + sizeof ( tls->server.random ) ); + } - DBGC ( tls, "TLS %p generated master secret:\n", tls ); + /* Show output */ + DBGC ( tls, "TLS %p generated %smaster secret:\n", tls, + ( tls->extended_master_secret ? "extended ": "" ) ); DBGC_HD ( tls, &tls->master_secret, sizeof ( tls->master_secret ) ); } @@ -1195,12 +1218,17 @@ static int tls_client_hello ( struct tls_connection *tls, uint16_t code[TLS_NUM_NAMED_CURVES]; } __attribute__ (( packed )) data; } __attribute__ (( packed )) *named_curve_ext; + struct { + uint16_t type; + uint16_t len; + } __attribute__ (( packed )) *extended_master_secret_ext; struct { typeof ( *server_name_ext ) server_name; typeof ( *max_fragment_length_ext ) max_fragment_length; typeof ( *signature_algorithms_ext ) signature_algorithms; typeof ( *renegotiation_info_ext ) renegotiation_info; typeof ( *session_ticket_ext ) session_ticket; + typeof ( *extended_master_secret_ext ) extended_master_secret; typeof ( *named_curve_ext ) named_curve[TLS_NUM_NAMED_CURVES ? 1 : 0]; } __attribute__ (( packed )) *extensions; @@ -1286,6 +1314,12 @@ static int tls_client_hello ( struct tls_connection *tls, memcpy ( session_ticket_ext->data.data, session->ticket, sizeof ( session_ticket_ext->data.data ) ); + /* Construct extended master secret extension */ + extended_master_secret_ext = &extensions->extended_master_secret; + extended_master_secret_ext->type + = htons ( TLS_EXTENDED_MASTER_SECRET ); + extended_master_secret_ext->len = 0; + /* Construct named curves extension, if applicable */ if ( sizeof ( extensions->named_curve ) ) { named_curve_ext = &extensions->named_curve[0]; @@ -2091,6 +2125,9 @@ static int tls_new_server_hello ( struct tls_connection *tls, uint8_t len; uint8_t data[0]; } __attribute__ (( packed )) *reneg = NULL; + const struct { + uint8_t data[0]; + } __attribute__ (( packed )) *ems = NULL; uint16_t version; size_t exts_len; size_t ext_len; @@ -2155,6 +2192,9 @@ static int tls_new_server_hello ( struct tls_connection *tls, return -EINVAL_HELLO; } break; + case htons ( TLS_EXTENDED_MASTER_SECRET ) : + ems = ( ( void * ) ext->data ); + break; } } } @@ -2188,6 +2228,9 @@ static int tls_new_server_hello ( struct tls_connection *tls, memcpy ( &tls->server.random, &hello_a->random, sizeof ( tls->server.random ) ); + /* Handle extended master secret */ + tls->extended_master_secret = ( !! ems ); + /* Check session ID */ if ( hello_a->session_id_len && ( hello_a->session_id_len == tls->session_id_len ) && -- cgit v1.2.3-55-g7522 From 57504353febc61533e637f16ec6f933870b68ec9 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Sun, 12 Oct 2025 22:29:33 +0100 Subject: [tls] Refuse to resume sessions with mismatched master secret methods RFC 7627 section 5.3 states that the client must abort the handshake if the server attempts to resume a session where the master secret calculation method stored in the session does not match the method used for the connection being resumed. Signed-off-by: Michael Brown --- src/include/ipxe/tls.h | 2 ++ src/net/tls.c | 13 +++++++++++++ 2 files changed, 15 insertions(+) (limited to 'src/net/tls.c') diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index 658a008f8..8ddc9c1be 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -353,6 +353,8 @@ struct tls_session { size_t ticket_len; /** Master secret */ uint8_t master_secret[48]; + /** Extended master secret flag */ + int extended_master_secret; /** List of connections */ struct list_head conn; diff --git a/src/net/tls.c b/src/net/tls.c index 8f91da018..efecf368c 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -183,6 +183,10 @@ FILE_LICENCE ( GPL2_OR_LATER ); #define EINFO_EPERM_KEY_EXCHANGE \ __einfo_uniqify ( EINFO_EPERM, 0x06, \ "ServerKeyExchange verification failed" ) +#define EPERM_EMS __einfo_error ( EINFO_EPERM_EMS ) +#define EINFO_EPERM_EMS \ + __einfo_uniqify ( EINFO_EPERM, 0x07, \ + "Extended master secret extension mismatch" ) #define EPROTO_VERSION __einfo_error ( EINFO_EPROTO_VERSION ) #define EINFO_EPROTO_VERSION \ __einfo_uniqify ( EINFO_EPROTO, 0x01, \ @@ -2243,6 +2247,14 @@ static int tls_new_server_hello ( struct tls_connection *tls, if ( ( rc = tls_generate_keys ( tls ) ) != 0 ) return rc; + /* Ensure master secret generation method matches */ + if ( tls->extended_master_secret != + tls->session->extended_master_secret ) { + DBGC ( tls, "TLS %p mismatched extended master secret " + "extension\n", tls ); + return -EPERM_EMS; + } + } else { /* Record new session ID, if present */ @@ -2635,6 +2647,7 @@ static int tls_new_finished ( struct tls_connection *tls, if ( tls->session_id_len || tls->new_session_ticket_len ) { memcpy ( session->master_secret, tls->master_secret, sizeof ( session->master_secret ) ); + session->extended_master_secret = tls->extended_master_secret; } if ( tls->session_id_len ) { session->id_len = tls->session_id_len; -- cgit v1.2.3-55-g7522 From e80818e4f6e3791ec8240bda0a72eef999e4bf26 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Sun, 12 Oct 2025 22:37:49 +0100 Subject: [tls] Disable renegotiation unless extended master secret is used RFC 7627 states that renegotiation becomes no longer secure under various circumstances when the non-extended master secret is used. The description of the precise set of circumstances is spread across various points within the document and is not entirely clear. Avoid a superset of the circumstances in which renegotiation apparently becomes insecure by refusing renegotiation completely unless the extended master secret is used. Signed-off-by: Michael Brown --- src/net/tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/net/tls.c') diff --git a/src/net/tls.c b/src/net/tls.c index efecf368c..1d5a6c6d8 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -2082,7 +2082,7 @@ static int tls_new_hello_request ( struct tls_connection *tls, } /* Fail unless server supports secure renegotiation */ - if ( ! tls->secure_renegotiation ) { + if ( ! ( tls->secure_renegotiation && tls->extended_master_secret ) ) { DBGC ( tls, "TLS %p refusing to renegotiate insecurely\n", tls ); return -EPERM_RENEG_INSECURE; -- cgit v1.2.3-55-g7522 From 8cd963ab9657d3b14ad36a37a73522fc91415c90 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 1 Dec 2025 14:47:51 +0000 Subject: [crypto] Pass signatures for verification as ASN.1 cursors Signed-off-by: Michael Brown --- src/crypto/cms.c | 2 +- src/crypto/crypto_null.c | 3 +-- src/crypto/ocsp.c | 3 +-- src/crypto/rsa.c | 11 +++++------ src/crypto/x509.c | 3 +-- src/include/ipxe/crypto.h | 11 +++++------ src/net/tls.c | 10 +++++----- src/tests/pubkey_test.c | 20 +++++++++++--------- src/tests/pubkey_test.h | 10 +++++----- 9 files changed, 35 insertions(+), 38 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/crypto/cms.c b/src/crypto/cms.c index e3571f330..a3c03a9b4 100644 --- a/src/crypto/cms.c +++ b/src/crypto/cms.c @@ -757,7 +757,7 @@ static int cms_verify_digest ( struct cms_message *cms, /* Verify digest */ if ( ( rc = pubkey_verify ( pubkey, key, digest, digest_out, - value->data, value->len ) ) != 0 ) { + value ) ) != 0 ) { DBGC ( cms, "CMS %p/%p signature verification failed: %s\n", cms, part, strerror ( rc ) ); return rc; diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c index d5863f958..ca4e1b134 100644 --- a/src/crypto/crypto_null.c +++ b/src/crypto/crypto_null.c @@ -120,8 +120,7 @@ int pubkey_null_sign ( const struct asn1_cursor *key __unused, int pubkey_null_verify ( const struct asn1_cursor *key __unused, struct digest_algorithm *digest __unused, const void *value __unused, - const void *signature __unused , - size_t signature_len __unused ) { + const struct asn1_cursor *signature __unused ) { return 0; } diff --git a/src/crypto/ocsp.c b/src/crypto/ocsp.c index ae70f320c..1712d614e 100644 --- a/src/crypto/ocsp.c +++ b/src/crypto/ocsp.c @@ -858,8 +858,7 @@ static int ocsp_check_signature ( struct ocsp_check *ocsp, /* Verify digest */ if ( ( rc = pubkey_verify ( pubkey, key, digest, digest_out, - response->signature.data, - response->signature.len ) ) != 0 ) { + &response->signature ) ) != 0 ) { DBGC ( ocsp, "OCSP %p \"%s\" signature verification failed: " "%s\n", ocsp, x509_name ( ocsp->cert ), strerror ( rc )); return rc; diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c index f9041eede..b93437518 100644 --- a/src/crypto/rsa.c +++ b/src/crypto/rsa.c @@ -591,12 +591,11 @@ static int rsa_sign ( const struct asn1_cursor *key, * @v digest Digest algorithm * @v value Digest value * @v signature Signature - * @v signature_len Signature length * @ret rc Return status code */ static int rsa_verify ( const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, - const void *signature, size_t signature_len ) { + const struct asn1_cursor *signature ) { struct rsa_context context; void *temp; void *expected; @@ -606,17 +605,17 @@ static int rsa_verify ( const struct asn1_cursor *key, DBGC ( &context, "RSA %p verifying %s digest:\n", &context, digest->name ); DBGC_HDA ( &context, 0, value, digest->digestsize ); - DBGC_HDA ( &context, 0, signature, signature_len ); + DBGC_HDA ( &context, 0, signature->data, signature->len ); /* Initialise context */ if ( ( rc = rsa_init ( &context, key ) ) != 0 ) goto err_init; /* Sanity check */ - if ( signature_len != context.max_len ) { + if ( signature->len != context.max_len ) { DBGC ( &context, "RSA %p signature incorrect length (%zd " "bytes, should be %zd)\n", - &context, signature_len, context.max_len ); + &context, signature->len, context.max_len ); rc = -ERANGE; goto err_sanity; } @@ -626,7 +625,7 @@ static int rsa_verify ( const struct asn1_cursor *key, */ temp = context.input0; expected = temp; - rsa_cipher ( &context, signature, expected ); + rsa_cipher ( &context, signature->data, expected ); DBGC ( &context, "RSA %p deciphered signature:\n", &context ); DBGC_HDA ( &context, 0, expected, context.max_len ); diff --git a/src/crypto/x509.c b/src/crypto/x509.c index 0b01171b6..5d39a1dd8 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -1152,8 +1152,7 @@ static int x509_check_signature ( struct x509_certificate *cert, /* Verify signature using signer's public key */ if ( ( rc = pubkey_verify ( pubkey, &public_key->raw, digest, - digest_out, signature->value.data, - signature->value.len ) ) != 0 ) { + digest_out, &signature->value ) ) != 0 ) { DBGC ( cert, "X509 %p \"%s\" signature verification failed: " "%s\n", cert, x509_name ( cert ), strerror ( rc ) ); goto err_pubkey_verify; diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h index 4bd543ae2..5b87d1a47 100644 --- a/src/include/ipxe/crypto.h +++ b/src/include/ipxe/crypto.h @@ -164,12 +164,11 @@ struct pubkey_algorithm { * @v digest Digest algorithm * @v value Digest value * @v signature Signature - * @v signature_len Signature length * @ret rc Return status code */ int ( * verify ) ( const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, - const void *signature, size_t signature_len ); + const struct asn1_cursor *signature ); /** Check that public key matches private key * * @v private_key Private key @@ -295,8 +294,8 @@ pubkey_sign ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, static inline __attribute__ (( always_inline )) int pubkey_verify ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, - const void *signature, size_t signature_len ) { - return pubkey->verify ( key, digest, value, signature, signature_len ); + const struct asn1_cursor *signature ) { + return pubkey->verify ( key, digest, value, signature ); } static inline __attribute__ (( always_inline )) int @@ -336,8 +335,8 @@ extern int pubkey_null_sign ( const struct asn1_cursor *key, const void *value, void *signature ); extern int pubkey_null_verify ( const struct asn1_cursor *key, struct digest_algorithm *digest, - const void *value, const void *signature , - size_t signature_len ); + const void *value, + const struct asn1_cursor *signature ); extern struct digest_algorithm digest_null; extern struct cipher_algorithm cipher_null; diff --git a/src/net/tls.c b/src/net/tls.c index 1d5a6c6d8..1bcb5c027 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -1495,6 +1495,7 @@ static int tls_verify_dh_params ( struct tls_connection *tls, uint16_t signature_len; uint8_t signature[0]; } __attribute__ (( packed )) *sig; + struct asn1_cursor signature; const void *data; size_t remaining; int rc; @@ -1515,6 +1516,8 @@ static int tls_verify_dh_params ( struct tls_connection *tls, tls->server.exchange_len ); return -EINVAL_KEY_EXCHANGE; } + signature.data = sig->signature; + signature.len = ntohs ( sig->signature_len ); /* Identify signature and hash algorithm */ if ( use_sig_hash ) { @@ -1538,8 +1541,6 @@ static int tls_verify_dh_params ( struct tls_connection *tls, /* Verify signature */ { - const void *signature = sig->signature; - size_t signature_len = ntohs ( sig->signature_len ); uint8_t ctx[digest->ctxsize]; uint8_t hash[digest->digestsize]; @@ -1553,9 +1554,8 @@ static int tls_verify_dh_params ( struct tls_connection *tls, digest_final ( digest, ctx, hash ); /* Verify signature */ - if ( ( rc = pubkey_verify ( pubkey, &tls->server.key, - digest, hash, signature, - signature_len ) ) != 0 ) { + if ( ( rc = pubkey_verify ( pubkey, &tls->server.key, digest, + hash, &signature ) ) != 0 ) { DBGC ( tls, "TLS %p ServerKeyExchange failed " "verification\n", tls ); DBGC_HDA ( tls, 0, tls->server.exchange, diff --git a/src/tests/pubkey_test.c b/src/tests/pubkey_test.c index ff318bfb7..2e0eeb116 100644 --- a/src/tests/pubkey_test.c +++ b/src/tests/pubkey_test.c @@ -99,10 +99,11 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file, struct pubkey_algorithm *pubkey = test->pubkey; struct digest_algorithm *digest = test->digest; size_t max_len = pubkey_max_len ( pubkey, &test->private ); - uint8_t bad[test->signature_len]; + uint8_t bad[test->signature.len]; uint8_t digestctx[digest->ctxsize ]; uint8_t digestout[digest->digestsize]; uint8_t signature[max_len]; + struct asn1_cursor cursor; int signature_len; /* Construct digest over plaintext */ @@ -114,18 +115,19 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file, /* Test signing using private key */ signature_len = pubkey_sign ( pubkey, &test->private, digest, digestout, signature ); - okx ( signature_len == ( ( int ) test->signature_len ), file, line ); - okx ( memcmp ( signature, test->signature, test->signature_len ) == 0, - file, line ); + okx ( signature_len == ( ( int ) test->signature.len ), file, line ); + okx ( memcmp ( signature, test->signature.data, + test->signature.len ) == 0, file, line ); /* Test verification using public key */ okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, - test->signature, test->signature_len ) == 0, - file, line ); + &test->signature ) == 0, file, line ); /* Test verification failure of modified signature */ - memcpy ( bad, test->signature, test->signature_len ); - bad[ test->signature_len / 2 ] ^= 0x40; + memcpy ( bad, test->signature.data, test->signature.len ); + bad[ test->signature.len / 2 ] ^= 0x40; + cursor.data = bad; + cursor.len = test->signature.len; okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, - bad, sizeof ( bad ) ) != 0, file, line ); + &cursor ) != 0, file, line ); } diff --git a/src/tests/pubkey_test.h b/src/tests/pubkey_test.h index 20bb94355..1bb6caf51 100644 --- a/src/tests/pubkey_test.h +++ b/src/tests/pubkey_test.h @@ -45,9 +45,7 @@ struct pubkey_sign_test { /** Signature algorithm */ struct digest_algorithm *digest; /** Signature */ - const void *signature; - /** Signature length */ - size_t signature_len; + const struct asn1_cursor signature; }; /** Define inline private key data */ @@ -129,8 +127,10 @@ struct pubkey_sign_test { .plaintext = name ## _plaintext, \ .plaintext_len = sizeof ( name ## _plaintext ), \ .digest = DIGEST, \ - .signature = name ## _signature, \ - .signature_len = sizeof ( name ## _signature ), \ + .signature = { \ + .data = name ## _signature, \ + .len = sizeof ( name ## _signature ), \ + }, \ } extern void pubkey_okx ( struct pubkey_test *test, -- cgit v1.2.3-55-g7522 From d4258272c679c8bd42430fc2df57402cdc03d711 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 1 Dec 2025 16:02:54 +0000 Subject: [crypto] Construct signatures using ASN.1 builders Signed-off-by: Michael Brown --- src/crypto/crypto_null.c | 3 ++- src/crypto/rsa.c | 24 +++++++++-------- src/drivers/net/iphone.c | 18 +++---------- src/include/ipxe/crypto.h | 9 ++++--- src/net/tls.c | 69 ++++++++++++++++++++++++----------------------- src/tests/pubkey_test.c | 30 ++++++++++----------- 6 files changed, 74 insertions(+), 79 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c index ca4e1b134..ee948e00d 100644 --- a/src/crypto/crypto_null.c +++ b/src/crypto/crypto_null.c @@ -113,7 +113,8 @@ int pubkey_null_decrypt ( const struct asn1_cursor *key __unused, int pubkey_null_sign ( const struct asn1_cursor *key __unused, struct digest_algorithm *digest __unused, - const void *value __unused, void *signature __unused ) { + const void *value __unused, + struct asn1_builder *signature __unused ) { return 0; } diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c index b93437518..fd6a1ef39 100644 --- a/src/crypto/rsa.c +++ b/src/crypto/rsa.c @@ -544,13 +544,12 @@ static int rsa_encode_digest ( struct rsa_context *context, * @v digest Digest algorithm * @v value Digest value * @v signature Signature - * @ret signature_len Signature length, or negative error + * @ret rc Return status code */ static int rsa_sign ( const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, - void *signature ) { + struct asn1_builder *signature ) { struct rsa_context context; - void *temp; int rc; DBGC ( &context, "RSA %p signing %s digest:\n", @@ -561,24 +560,27 @@ static int rsa_sign ( const struct asn1_cursor *key, if ( ( rc = rsa_init ( &context, key ) ) != 0 ) goto err_init; - /* Encode digest (using the big integer output buffer as - * temporary storage) - */ - temp = context.output0; - if ( ( rc = rsa_encode_digest ( &context, digest, value, temp ) ) != 0 ) + /* Create space for encoded digest and signature */ + if ( ( rc = asn1_grow ( signature, context.max_len ) ) != 0 ) + goto err_grow; + + /* Encode digest */ + if ( ( rc = rsa_encode_digest ( &context, digest, value, + signature->data ) ) != 0 ) goto err_encode; /* Encipher the encoded digest */ - rsa_cipher ( &context, temp, signature ); + rsa_cipher ( &context, signature->data, signature->data ); DBGC ( &context, "RSA %p signed %s digest:\n", &context, digest->name ); - DBGC_HDA ( &context, 0, signature, context.max_len ); + DBGC_HDA ( &context, 0, signature->data, signature->len ); /* Free context */ rsa_free ( &context ); - return context.max_len; + return 0; err_encode: + err_grow: rsa_free ( &context ); err_init: return rc; diff --git a/src/drivers/net/iphone.c b/src/drivers/net/iphone.c index bcc9949fe..11f763553 100644 --- a/src/drivers/net/iphone.c +++ b/src/drivers/net/iphone.c @@ -362,7 +362,6 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, struct asn1_builder raw = { NULL, 0 }; uint8_t digest_ctx[SHA256_CTX_SIZE]; uint8_t digest_out[SHA256_DIGEST_SIZE]; - int len; int rc; /* Construct subjectPublicKeyInfo */ @@ -399,20 +398,12 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, digest_final ( digest, digest_ctx, digest_out ); /* Construct signature using "private" key */ - if ( ( rc = asn1_grow ( &raw, - pubkey_max_len ( pubkey, private ) ) ) != 0 ) { - DBGC ( icert, "ICERT %p could not build signature: %s\n", - icert, strerror ( rc ) ); - goto err_grow; - } - if ( ( len = pubkey_sign ( pubkey, private, digest, digest_out, - raw.data ) ) < 0 ) { - rc = len; + if ( ( rc = pubkey_sign ( pubkey, private, digest, digest_out, + &raw ) ) != 0 ) { DBGC ( icert, "ICERT %p could not sign: %s\n", icert, strerror ( rc ) ); goto err_pubkey_sign; } - assert ( ( ( size_t ) len ) == raw.len ); /* Construct raw certificate data */ if ( ( rc = ( asn1_prepend_raw ( &raw, icert_nul, @@ -438,12 +429,11 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, err_x509: err_raw: err_pubkey_sign: + err_tbs: + err_spki: free ( raw.data ); - err_grow: free ( tbs.data ); - err_tbs: free ( spki.data ); - err_spki: return rc; } diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h index 5b87d1a47..c457a74b1 100644 --- a/src/include/ipxe/crypto.h +++ b/src/include/ipxe/crypto.h @@ -153,11 +153,11 @@ struct pubkey_algorithm { * @v digest Digest algorithm * @v value Digest value * @v signature Signature - * @ret signature_len Signature length, or negative error + * @ret rc Return status code */ int ( * sign ) ( const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, - void *signature ); + struct asn1_builder *builder ); /** Verify signed digest value * * @v key Key @@ -287,7 +287,7 @@ pubkey_decrypt ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, static inline __attribute__ (( always_inline )) int pubkey_sign ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, - void *signature ) { + struct asn1_builder *signature ) { return pubkey->sign ( key, digest, value, signature ); } @@ -332,7 +332,8 @@ extern int pubkey_null_decrypt ( const struct asn1_cursor *key, void *plaintext ); extern int pubkey_null_sign ( const struct asn1_cursor *key, struct digest_algorithm *digest, - const void *value, void *signature ); + const void *value, + struct asn1_builder *signature ); extern int pubkey_null_verify ( const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, diff --git a/src/net/tls.c b/src/net/tls.c index 1bcb5c027..c01ce9515 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -1863,6 +1863,7 @@ static int tls_send_certificate_verify ( struct tls_connection *tls ) { struct asn1_cursor *key = privkey_cursor ( tls->client.key ); uint8_t digest_out[ digest->digestsize ]; struct tls_signature_hash_algorithm *sig_hash = NULL; + struct asn1_builder builder = { NULL, 0 }; int rc; /* Generate digest to be signed */ @@ -1880,53 +1881,53 @@ static int tls_send_certificate_verify ( struct tls_connection *tls ) { } } - /* Generate and transmit record */ + /* Sign digest */ + if ( ( rc = pubkey_sign ( pubkey, key, digest, digest_out, + &builder ) ) != 0 ) { + DBGC ( tls, "TLS %p could not sign %s digest using %s client " + "private key: %s\n", tls, digest->name, pubkey->name, + strerror ( rc ) ); + goto err_pubkey_sign; + } + + /* Construct Certificate Verify record */ { - size_t max_len = pubkey_max_len ( pubkey, key ); int use_sig_hash = ( ( sig_hash == NULL ) ? 0 : 1 ); struct { uint32_t type_length; struct tls_signature_hash_id sig_hash[use_sig_hash]; uint16_t signature_len; - uint8_t signature[max_len]; - } __attribute__ (( packed )) certificate_verify; - size_t unused; - int len; - - /* Sign digest */ - len = pubkey_sign ( pubkey, key, digest, digest_out, - certificate_verify.signature ); - if ( len < 0 ) { - rc = len; - DBGC ( tls, "TLS %p could not sign %s digest using %s " - "client private key: %s\n", tls, digest->name, - pubkey->name, strerror ( rc ) ); - goto err_pubkey_sign; - } - unused = ( max_len - len ); - - /* Construct Certificate Verify record */ - certificate_verify.type_length = - ( cpu_to_le32 ( TLS_CERTIFICATE_VERIFY ) | - htonl ( sizeof ( certificate_verify ) - - sizeof ( certificate_verify.type_length ) - - unused ) ); + } __attribute__ (( packed )) header; + + header.type_length = ( cpu_to_le32 ( TLS_CERTIFICATE_VERIFY ) | + htonl ( builder.len + + sizeof ( header ) - + sizeof ( header.type_length ))); if ( use_sig_hash ) { - memcpy ( &certificate_verify.sig_hash[0], - &sig_hash->code, - sizeof ( certificate_verify.sig_hash[0] ) ); + memcpy ( &header.sig_hash[0], &sig_hash->code, + sizeof ( header.sig_hash[0] ) ); } - certificate_verify.signature_len = - htons ( sizeof ( certificate_verify.signature ) - - unused ); + header.signature_len = htons ( builder.len ); - /* Transmit record */ - rc = tls_send_handshake ( tls, &certificate_verify, - ( sizeof ( certificate_verify ) - unused ) ); + if ( ( rc = asn1_prepend_raw ( &builder, &header, + sizeof ( header ) ) ) != 0 ) { + DBGC ( tls, "TLS %p could not construct Certificate " + "Verify: %s\n", tls, strerror ( rc ) ); + goto err_prepend; + } + } + + /* Transmit record */ + if ( ( rc = tls_send_handshake ( tls, builder.data, + builder.len ) ) != 0 ) { + goto err_send; } + err_send: + err_prepend: err_pubkey_sign: err_sig_hash: + free ( builder.data ); return rc; } diff --git a/src/tests/pubkey_test.c b/src/tests/pubkey_test.c index 2e0eeb116..e3fbc3b3f 100644 --- a/src/tests/pubkey_test.c +++ b/src/tests/pubkey_test.c @@ -98,13 +98,10 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file, unsigned int line ) { struct pubkey_algorithm *pubkey = test->pubkey; struct digest_algorithm *digest = test->digest; - size_t max_len = pubkey_max_len ( pubkey, &test->private ); - uint8_t bad[test->signature.len]; uint8_t digestctx[digest->ctxsize ]; uint8_t digestout[digest->digestsize]; - uint8_t signature[max_len]; - struct asn1_cursor cursor; - int signature_len; + struct asn1_builder signature = { NULL, 0 }; + uint8_t *bad; /* Construct digest over plaintext */ digest_init ( digest, digestctx ); @@ -113,21 +110,24 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file, digest_final ( digest, digestctx, digestout ); /* Test signing using private key */ - signature_len = pubkey_sign ( pubkey, &test->private, digest, - digestout, signature ); - okx ( signature_len == ( ( int ) test->signature.len ), file, line ); - okx ( memcmp ( signature, test->signature.data, - test->signature.len ) == 0, file, line ); + okx ( pubkey_sign ( pubkey, &test->private, digest, digestout, + &signature ) == 0, file, line ); + okx ( signature.len != 0, file, line ); + okx ( asn1_compare ( asn1_built ( &signature ), + &test->signature ) == 0, file, line ); /* Test verification using public key */ okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, &test->signature ) == 0, file, line ); /* Test verification failure of modified signature */ - memcpy ( bad, test->signature.data, test->signature.len ); - bad[ test->signature.len / 2 ] ^= 0x40; - cursor.data = bad; - cursor.len = test->signature.len; + bad = ( signature.data + ( test->signature.len / 2 ) ); + okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, + asn1_built ( &signature ) ) == 0, file, line ); + *bad ^= 0x40; okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, - &cursor ) != 0, file, line ); + asn1_built ( &signature ) ) != 0, file, line ); + + /* Free signature */ + free ( signature.data ); } -- cgit v1.2.3-55-g7522 From 1ccc320ee99651622ced9b33764d5e7890ca3f57 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Tue, 2 Dec 2025 13:12:25 +0000 Subject: [crypto] Construct asymmetric ciphered data using ASN.1 builders Signed-off-by: Michael Brown --- src/crypto/cms.c | 24 ++++++++--------- src/crypto/crypto_null.c | 10 +++---- src/crypto/rsa.c | 65 +++++++++++++++++++++++++------------------- src/include/ipxe/crypto.h | 34 +++++++++++++----------- src/net/tls.c | 68 +++++++++++++++++++++++++++-------------------- src/tests/pubkey_test.c | 64 ++++++++++++++++++++++++-------------------- src/tests/pubkey_test.h | 20 +++++++------- 7 files changed, 156 insertions(+), 129 deletions(-) (limited to 'src/net/tls.c') diff --git a/src/crypto/cms.c b/src/crypto/cms.c index a3c03a9b4..7775e581b 100644 --- a/src/crypto/cms.c +++ b/src/crypto/cms.c @@ -917,29 +917,26 @@ static int cms_cipher_key ( struct cms_message *cms, struct pubkey_algorithm *pubkey = part->pubkey; const struct asn1_cursor *key = privkey_cursor ( private_key ); const struct asn1_cursor *value = &part->value; - size_t max_len = pubkey_max_len ( pubkey, key ); - uint8_t cipher_key[max_len]; - int len; + struct asn1_builder cipher_key = { NULL, 0 }; int rc; /* Decrypt cipher key */ - len = pubkey_decrypt ( pubkey, key, value->data, value->len, - cipher_key ); - if ( len < 0 ) { - rc = len; + if ( ( rc = pubkey_decrypt ( pubkey, key, value, + &cipher_key ) ) != 0 ) { DBGC ( cms, "CMS %p/%p could not decrypt cipher key: %s\n", cms, part, strerror ( rc ) ); DBGC_HDA ( cms, 0, value->data, value->len ); - return rc; + goto err_decrypt; } DBGC ( cms, "CMS %p/%p cipher key:\n", cms, part ); - DBGC_HDA ( cms, 0, cipher_key, len ); + DBGC_HDA ( cms, 0, cipher_key.data, cipher_key.len ); /* Set cipher key */ - if ( ( rc = cipher_setkey ( cipher, ctx, cipher_key, len ) ) != 0 ) { + if ( ( rc = cipher_setkey ( cipher, ctx, cipher_key.data, + cipher_key.len ) ) != 0 ) { DBGC ( cms, "CMS %p could not set cipher key: %s\n", cms, strerror ( rc ) ); - return rc; + goto err_setkey; } /* Set cipher initialization vector */ @@ -949,7 +946,10 @@ static int cms_cipher_key ( struct cms_message *cms, DBGC_HDA ( cms, 0, cms->iv.data, cms->iv.len ); } - return 0; + err_setkey: + err_decrypt: + free ( cipher_key.data ); + return rc; } /** diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c index ee948e00d..e8f8cbde8 100644 --- a/src/crypto/crypto_null.c +++ b/src/crypto/crypto_null.c @@ -98,16 +98,14 @@ size_t pubkey_null_max_len ( const struct asn1_cursor *key __unused ) { } int pubkey_null_encrypt ( const struct asn1_cursor *key __unused, - const void *plaintext __unused, - size_t plaintext_len __unused, - void *ciphertext __unused ) { + const struct asn1_cursor *plaintext __unused, + struct asn1_builder *ciphertext __unused ) { return 0; } int pubkey_null_decrypt ( const struct asn1_cursor *key __unused, - const void *ciphertext __unused, - size_t ciphertext_len __unused, - void *plaintext __unused ) { + const struct asn1_cursor *ciphertext __unused, + struct asn1_builder *plaintext __unused ) { return 0; } diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c index fd6a1ef39..18b2b1c14 100644 --- a/src/crypto/rsa.c +++ b/src/crypto/rsa.c @@ -338,12 +338,12 @@ static void rsa_cipher ( struct rsa_context *context, * * @v key Key * @v plaintext Plaintext - * @v plaintext_len Length of plaintext * @v ciphertext Ciphertext * @ret ciphertext_len Length of ciphertext, or negative error */ -static int rsa_encrypt ( const struct asn1_cursor *key, const void *plaintext, - size_t plaintext_len, void *ciphertext ) { +static int rsa_encrypt ( const struct asn1_cursor *key, + const struct asn1_cursor *plaintext, + struct asn1_builder *ciphertext ) { struct rsa_context context; void *temp; uint8_t *encoded; @@ -352,7 +352,7 @@ static int rsa_encrypt ( const struct asn1_cursor *key, const void *plaintext, int rc; DBGC ( &context, "RSA %p encrypting:\n", &context ); - DBGC_HDA ( &context, 0, plaintext, plaintext_len ); + DBGC_HDA ( &context, 0, plaintext->data, plaintext->len ); /* Initialise context */ if ( ( rc = rsa_init ( &context, key ) ) != 0 ) @@ -360,12 +360,12 @@ static int rsa_encrypt ( const struct asn1_cursor *key, const void *plaintext, /* Calculate lengths */ max_len = ( context.max_len - 11 ); - random_nz_len = ( max_len - plaintext_len + 8 ); + random_nz_len = ( max_len - plaintext->len + 8 ); /* Sanity check */ - if ( plaintext_len > max_len ) { + if ( plaintext->len > max_len ) { DBGC ( &context, "RSA %p plaintext too long (%zd bytes, max " - "%zd)\n", &context, plaintext_len, max_len ); + "%zd)\n", &context, plaintext->len, max_len ); rc = -ERANGE; goto err_sanity; } @@ -383,19 +383,24 @@ static int rsa_encrypt ( const struct asn1_cursor *key, const void *plaintext, goto err_random; } encoded[ 2 + random_nz_len ] = 0x00; - memcpy ( &encoded[ context.max_len - plaintext_len ], - plaintext, plaintext_len ); + memcpy ( &encoded[ context.max_len - plaintext->len ], + plaintext->data, plaintext->len ); + + /* Create space for ciphertext */ + if ( ( rc = asn1_grow ( ciphertext, context.max_len ) ) != 0 ) + goto err_grow; /* Encipher the encoded message */ - rsa_cipher ( &context, encoded, ciphertext ); + rsa_cipher ( &context, encoded, ciphertext->data ); DBGC ( &context, "RSA %p encrypted:\n", &context ); - DBGC_HDA ( &context, 0, ciphertext, context.max_len ); + DBGC_HDA ( &context, 0, ciphertext->data, context.max_len ); /* Free context */ rsa_free ( &context ); - return context.max_len; + return 0; + err_grow: err_random: err_sanity: rsa_free ( &context ); @@ -408,33 +413,33 @@ static int rsa_encrypt ( const struct asn1_cursor *key, const void *plaintext, * * @v key Key * @v ciphertext Ciphertext - * @v ciphertext_len Ciphertext length * @v plaintext Plaintext - * @ret plaintext_len Plaintext length, or negative error + * @ret rc Return status code */ -static int rsa_decrypt ( const struct asn1_cursor *key, const void *ciphertext, - size_t ciphertext_len, void *plaintext ) { +static int rsa_decrypt ( const struct asn1_cursor *key, + const struct asn1_cursor *ciphertext, + struct asn1_builder *plaintext ) { struct rsa_context context; void *temp; uint8_t *encoded; uint8_t *end; uint8_t *zero; uint8_t *start; - size_t plaintext_len; + size_t len; int rc; DBGC ( &context, "RSA %p decrypting:\n", &context ); - DBGC_HDA ( &context, 0, ciphertext, ciphertext_len ); + DBGC_HDA ( &context, 0, ciphertext->data, ciphertext->len ); /* Initialise context */ if ( ( rc = rsa_init ( &context, key ) ) != 0 ) goto err_init; /* Sanity check */ - if ( ciphertext_len != context.max_len ) { + if ( ciphertext->len != context.max_len ) { DBGC ( &context, "RSA %p ciphertext incorrect length (%zd " "bytes, should be %zd)\n", - &context, ciphertext_len, context.max_len ); + &context, ciphertext->len, context.max_len ); rc = -ERANGE; goto err_sanity; } @@ -444,7 +449,7 @@ static int rsa_decrypt ( const struct asn1_cursor *key, const void *ciphertext, */ temp = context.input0; encoded = temp; - rsa_cipher ( &context, ciphertext, encoded ); + rsa_cipher ( &context, ciphertext->data, encoded ); /* Parse the message */ end = ( encoded + context.max_len ); @@ -454,25 +459,31 @@ static int rsa_decrypt ( const struct asn1_cursor *key, const void *ciphertext, } zero = memchr ( &encoded[2], 0, ( end - &encoded[2] ) ); if ( ! zero ) { + DBGC ( &context, "RSA %p invalid decrypted message:\n", + &context ); + DBGC_HDA ( &context, 0, encoded, context.max_len ); rc = -EINVAL; goto err_invalid; } start = ( zero + 1 ); - plaintext_len = ( end - start ); + len = ( end - start ); + + /* Create space for plaintext */ + if ( ( rc = asn1_grow ( plaintext, len ) ) != 0 ) + goto err_grow; /* Copy out message */ - memcpy ( plaintext, start, plaintext_len ); + memcpy ( plaintext->data, start, len ); DBGC ( &context, "RSA %p decrypted:\n", &context ); - DBGC_HDA ( &context, 0, plaintext, plaintext_len ); + DBGC_HDA ( &context, 0, plaintext->data, len ); /* Free context */ rsa_free ( &context ); - return plaintext_len; + return 0; + err_grow: err_invalid: - DBGC ( &context, "RSA %p invalid decrypted message:\n", &context ); - DBGC_HDA ( &context, 0, encoded, context.max_len ); err_sanity: rsa_free ( &context ); err_init: diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h index c457a74b1..68bd23048 100644 --- a/src/include/ipxe/crypto.h +++ b/src/include/ipxe/crypto.h @@ -131,22 +131,22 @@ struct pubkey_algorithm { * * @v key Key * @v plaintext Plaintext - * @v plaintext_len Length of plaintext * @v ciphertext Ciphertext - * @ret ciphertext_len Length of ciphertext, or negative error + * @ret rc Return status code */ - int ( * encrypt ) ( const struct asn1_cursor *key, const void *data, - size_t len, void *out ); + int ( * encrypt ) ( const struct asn1_cursor *key, + const struct asn1_cursor *plaintext, + struct asn1_builder *ciphertext ); /** Decrypt * * @v key Key * @v ciphertext Ciphertext - * @v ciphertext_len Ciphertext length * @v plaintext Plaintext - * @ret plaintext_len Plaintext length, or negative error + * @ret rc Return status code */ - int ( * decrypt ) ( const struct asn1_cursor *key, const void *data, - size_t len, void *out ); + int ( * decrypt ) ( const struct asn1_cursor *key, + const struct asn1_cursor *ciphertext, + struct asn1_builder *plaintext ); /** Sign digest value * * @v key Key @@ -274,14 +274,16 @@ pubkey_max_len ( struct pubkey_algorithm *pubkey, static inline __attribute__ (( always_inline )) int pubkey_encrypt ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, - const void *data, size_t len, void *out ) { - return pubkey->encrypt ( key, data, len, out ); + const struct asn1_cursor *plaintext, + struct asn1_builder *ciphertext ) { + return pubkey->encrypt ( key, plaintext, ciphertext ); } static inline __attribute__ (( always_inline )) int pubkey_decrypt ( struct pubkey_algorithm *pubkey, const struct asn1_cursor *key, - const void *data, size_t len, void *out ) { - return pubkey->decrypt ( key, data, len, out ); + const struct asn1_cursor *ciphertext, + struct asn1_builder *plaintext ) { + return pubkey->decrypt ( key, ciphertext, plaintext ); } static inline __attribute__ (( always_inline )) int @@ -325,11 +327,11 @@ extern void cipher_null_auth ( void *ctx, void *auth ); extern size_t pubkey_null_max_len ( const struct asn1_cursor *key ); extern int pubkey_null_encrypt ( const struct asn1_cursor *key, - const void *plaintext, size_t plaintext_len, - void *ciphertext ); + const struct asn1_cursor *plaintext, + struct asn1_builder *ciphertext ); extern int pubkey_null_decrypt ( const struct asn1_cursor *key, - const void *ciphertext, size_t ciphertext_len, - void *plaintext ); + const struct asn1_cursor *ciphertext, + struct asn1_builder *plaintext ); extern int pubkey_null_sign ( const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, diff --git a/src/net/tls.c b/src/net/tls.c index c01ce9515..6140ca58a 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -1416,59 +1416,69 @@ static int tls_send_certificate ( struct tls_connection *tls ) { static int tls_send_client_key_exchange_pubkey ( struct tls_connection *tls ) { struct tls_cipherspec *cipherspec = &tls->tx.cipherspec.pending; struct pubkey_algorithm *pubkey = cipherspec->suite->pubkey; - size_t max_len = pubkey_max_len ( pubkey, &tls->server.key ); struct { uint16_t version; uint8_t random[46]; } __attribute__ (( packed )) pre_master_secret; - struct { - uint32_t type_length; - uint16_t encrypted_pre_master_secret_len; - uint8_t encrypted_pre_master_secret[max_len]; - } __attribute__ (( packed )) key_xchg; - size_t unused; - int len; + struct asn1_cursor cursor = { + .data = &pre_master_secret, + .len = sizeof ( pre_master_secret ), + }; + struct asn1_builder builder = { NULL, 0 }; int rc; /* Generate pre-master secret */ pre_master_secret.version = htons ( TLS_VERSION_MAX ); if ( ( rc = tls_generate_random ( tls, &pre_master_secret.random, ( sizeof ( pre_master_secret.random ) ) ) ) != 0 ) { - return rc; + goto err_random; } /* Encrypt pre-master secret using server's public key */ - memset ( &key_xchg, 0, sizeof ( key_xchg ) ); - len = pubkey_encrypt ( pubkey, &tls->server.key, &pre_master_secret, - sizeof ( pre_master_secret ), - key_xchg.encrypted_pre_master_secret ); - if ( len < 0 ) { - rc = len; + if ( ( rc = pubkey_encrypt ( pubkey, &tls->server.key, &cursor, + &builder ) ) != 0 ) { DBGC ( tls, "TLS %p could not encrypt pre-master secret: %s\n", tls, strerror ( rc ) ); - return rc; + goto err_encrypt; + } + + /* Construct Client Key Exchange record */ + { + struct { + uint32_t type_length; + uint16_t encrypted_pre_master_secret_len; + } __attribute__ (( packed )) header; + + header.type_length = + ( cpu_to_le32 ( TLS_CLIENT_KEY_EXCHANGE ) | + htonl ( builder.len + sizeof ( header ) - + sizeof ( header.type_length ) ) ); + header.encrypted_pre_master_secret_len = htons ( builder.len ); + + if ( ( rc = asn1_prepend_raw ( &builder, &header, + sizeof ( header ) ) ) != 0 ) { + DBGC ( tls, "TLS %p could not construct Client Key " + "Exchange: %s\n", tls, strerror ( rc ) ); + goto err_prepend; + } } - unused = ( max_len - len ); - key_xchg.type_length = - ( cpu_to_le32 ( TLS_CLIENT_KEY_EXCHANGE ) | - htonl ( sizeof ( key_xchg ) - - sizeof ( key_xchg.type_length ) - unused ) ); - key_xchg.encrypted_pre_master_secret_len = - htons ( sizeof ( key_xchg.encrypted_pre_master_secret ) - - unused ); /* Transmit Client Key Exchange record */ - if ( ( rc = tls_send_handshake ( tls, &key_xchg, - ( sizeof ( key_xchg ) - - unused ) ) ) != 0 ) { - return rc; + if ( ( rc = tls_send_handshake ( tls, builder.data, + builder.len ) ) != 0 ) { + goto err_send; } /* Generate master secret */ tls_generate_master_secret ( tls, &pre_master_secret, sizeof ( pre_master_secret ) ); - return 0; + err_random: + err_encrypt: + err_prepend: + err_send: + free ( builder.data ); + return rc; } /** Public key exchange algorithm */ diff --git a/src/tests/pubkey_test.c b/src/tests/pubkey_test.c index e3fbc3b3f..d110b2946 100644 --- a/src/tests/pubkey_test.c +++ b/src/tests/pubkey_test.c @@ -50,41 +50,47 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); void pubkey_okx ( struct pubkey_test *test, const char *file, unsigned int line ) { struct pubkey_algorithm *pubkey = test->pubkey; - size_t max_len = pubkey_max_len ( pubkey, &test->private ); - uint8_t encrypted[max_len]; - uint8_t decrypted[max_len]; - int encrypted_len; - int decrypted_len; + struct asn1_builder plaintext; + struct asn1_builder ciphertext; /* Test decrypting with private key to obtain known plaintext */ - decrypted_len = pubkey_decrypt ( pubkey, &test->private, - test->ciphertext, test->ciphertext_len, - decrypted ); - okx ( decrypted_len == ( ( int ) test->plaintext_len ), file, line ); - okx ( memcmp ( decrypted, test->plaintext, test->plaintext_len ) == 0, - file, line ); + plaintext.data = NULL; + plaintext.len = 0; + okx ( pubkey_decrypt ( pubkey, &test->private, &test->ciphertext, + &plaintext ) == 0, file, line ); + okx ( asn1_compare ( asn1_built ( &plaintext ), + &test->plaintext ) == 0, file, line ); + free ( plaintext.data ); /* Test encrypting with private key and decrypting with public key */ - encrypted_len = pubkey_encrypt ( pubkey, &test->private, - test->plaintext, test->plaintext_len, - encrypted ); - okx ( encrypted_len >= 0, file, line ); - decrypted_len = pubkey_decrypt ( pubkey, &test->public, encrypted, - encrypted_len, decrypted ); - okx ( decrypted_len == ( ( int ) test->plaintext_len ), file, line ); - okx ( memcmp ( decrypted, test->plaintext, test->plaintext_len ) == 0, - file, line ); + ciphertext.data = NULL; + ciphertext.len = 0; + plaintext.data = NULL; + plaintext.len = 0; + okx ( pubkey_encrypt ( pubkey, &test->private, &test->plaintext, + &ciphertext ) == 0, file, line ); + okx ( pubkey_decrypt ( pubkey, &test->public, + asn1_built ( &ciphertext ), + &plaintext ) == 0, file, line ); + okx ( asn1_compare ( asn1_built ( &plaintext ), + &test->plaintext ) == 0, file, line ); + free ( ciphertext.data ); + free ( plaintext.data ); /* Test encrypting with public key and decrypting with private key */ - encrypted_len = pubkey_encrypt ( pubkey, &test->public, - test->plaintext, test->plaintext_len, - encrypted ); - okx ( encrypted_len >= 0, file, line ); - decrypted_len = pubkey_decrypt ( pubkey, &test->private, encrypted, - encrypted_len, decrypted ); - okx ( decrypted_len == ( ( int ) test->plaintext_len ), file, line ); - okx ( memcmp ( decrypted, test->plaintext, test->plaintext_len ) == 0, - file, line ); + ciphertext.data = NULL; + ciphertext.len = 0; + plaintext.data = NULL; + plaintext.len = 0; + okx ( pubkey_encrypt ( pubkey, &test->public, &test->plaintext, + &ciphertext ) == 0, file, line ); + okx ( pubkey_decrypt ( pubkey, &test->private, + asn1_built ( &ciphertext ), + &plaintext ) == 0, file, line ); + okx ( asn1_compare ( asn1_built ( &plaintext ), + &test->plaintext ) == 0, file, line ); + free ( ciphertext.data ); + free ( plaintext.data ); } /** diff --git a/src/tests/pubkey_test.h b/src/tests/pubkey_test.h index 1bb6caf51..33b301a6e 100644 --- a/src/tests/pubkey_test.h +++ b/src/tests/pubkey_test.h @@ -16,18 +16,14 @@ struct pubkey_test { /** Public key */ const struct asn1_cursor public; /** Plaintext */ - const void *plaintext; - /** Length of plaintext */ - size_t plaintext_len; + const struct asn1_cursor plaintext; /** Ciphertext * * Note that the encryption process may include some random * padding, so a given plaintext will encrypt to multiple * different ciphertexts. */ - const void *ciphertext; - /** Length of ciphertext */ - size_t ciphertext_len; + const struct asn1_cursor ciphertext; }; /** A public-key signature test */ @@ -90,10 +86,14 @@ struct pubkey_sign_test { .data = name ## _public, \ .len = sizeof ( name ## _public ), \ }, \ - .plaintext = name ## _plaintext, \ - .plaintext_len = sizeof ( name ## _plaintext ), \ - .ciphertext = name ## _ciphertext, \ - .ciphertext_len = sizeof ( name ## _ciphertext ), \ + .plaintext = { \ + .data = name ## _plaintext, \ + .len = sizeof ( name ## _plaintext ), \ + }, \ + .ciphertext = { \ + .data = name ## _ciphertext, \ + .len = sizeof ( name ## _ciphertext ), \ + }, \ } /** -- cgit v1.2.3-55-g7522 From adcaaf9b93f9de14ba93bea54aecef103fe16b5f Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Wed, 14 Jan 2026 14:36:49 +0000 Subject: [build] Mark known reviewed files as permitted for UEFI Secure Boot Some past security reviews carried out for UEFI Secure Boot signing submissions have covered specific drivers or functional areas of iPXE. Mark all of the files comprising these areas as permitted for UEFI Secure Boot. Signed-off-by: Michael Brown --- src/arch/x86/core/cpuid_settings.c | 1 + src/arch/x86/core/rdrand.c | 1 + src/arch/x86/include/bits/bigint.h | 1 + src/arch/x86/include/bits/bitops.h | 1 + src/arch/x86/include/bits/xen.h | 1 + src/config/config_archive.c | 1 + src/config/config_asn1.c | 1 + src/config/config_certs.c | 1 + src/config/config_crypto.c | 1 + src/config/config_digest_cmd.c | 1 + src/config/config_entropy.c | 1 + src/config/config_fc.c | 1 + src/config/config_fdt.c | 1 + src/config/config_infiniband.c | 1 + src/config/config_pixbuf.c | 1 + src/config/config_usb.c | 1 + src/config/crypto.h | 1 + src/config/entropy.h | 1 + src/config/fdt.h | 1 + src/config/usb.h | 1 + src/core/acpi_settings.c | 1 + src/core/acpimac.c | 1 + src/core/ansicoldef.c | 1 + src/core/fbcon.c | 1 + src/core/fdt.c | 1 + src/core/isqrt.c | 1 + src/core/lineconsole.c | 1 + src/core/netbios.c | 1 + src/core/pinger.c | 1 + src/core/pixbuf.c | 1 + src/core/profile.c | 1 + src/crypto/aes.c | 1 + src/crypto/asn1.c | 1 + src/crypto/bigint.c | 1 + src/crypto/cbc.c | 1 + src/crypto/certstore.c | 1 + src/crypto/cms.c | 1 + src/crypto/crypto_null.c | 1 + src/crypto/deflate.c | 1 + src/crypto/dhe.c | 1 + src/crypto/drbg.c | 1 + src/crypto/ecb.c | 1 + src/crypto/ecdhe.c | 1 + src/crypto/ecdsa.c | 1 + src/crypto/entropy.c | 1 + src/crypto/gcm.c | 1 + src/crypto/hash_df.c | 1 + src/crypto/hmac.c | 1 + src/crypto/hmac_drbg.c | 1 + src/crypto/md4.c | 1 + src/crypto/mishmash/cmd_sha224.c | 1 + src/crypto/mishmash/cmd_sha256.c | 1 + src/crypto/mishmash/cmd_sha384.c | 1 + src/crypto/mishmash/cmd_sha512.c | 1 + src/crypto/mishmash/dhe_rsa_aes_cbc_sha1.c | 1 + src/crypto/mishmash/dhe_rsa_aes_cbc_sha256.c | 1 + src/crypto/mishmash/dhe_rsa_aes_gcm_sha256.c | 1 + src/crypto/mishmash/dhe_rsa_aes_gcm_sha384.c | 1 + src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha1.c | 1 + src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha256.c | 1 + src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha384.c | 1 + src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha256.c | 1 + src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha384.c | 1 + src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha1.c | 1 + src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha256.c | 1 + src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha384.c | 1 + src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha256.c | 1 + src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha384.c | 1 + src/crypto/mishmash/ecdsa_sha224.c | 1 + src/crypto/mishmash/ecdsa_sha256.c | 1 + src/crypto/mishmash/ecdsa_sha384.c | 1 + src/crypto/mishmash/ecdsa_sha512.c | 1 + src/crypto/mishmash/oid_aes_cbc.c | 1 + src/crypto/mishmash/oid_aes_gcm.c | 1 + src/crypto/mishmash/oid_p256.c | 1 + src/crypto/mishmash/oid_p384.c | 1 + src/crypto/mishmash/oid_rsa.c | 1 + src/crypto/mishmash/oid_sha1.c | 1 + src/crypto/mishmash/oid_sha224.c | 1 + src/crypto/mishmash/oid_sha256.c | 1 + src/crypto/mishmash/oid_sha384.c | 1 + src/crypto/mishmash/oid_sha512.c | 1 + src/crypto/mishmash/oid_sha512_224.c | 1 + src/crypto/mishmash/oid_sha512_256.c | 1 + src/crypto/mishmash/oid_x25519.c | 1 + src/crypto/mishmash/rsa_aes_cbc_sha1.c | 1 + src/crypto/mishmash/rsa_aes_cbc_sha256.c | 1 + src/crypto/mishmash/rsa_aes_gcm_sha256.c | 1 + src/crypto/mishmash/rsa_aes_gcm_sha384.c | 1 + src/crypto/mishmash/rsa_sha1.c | 1 + src/crypto/mishmash/rsa_sha224.c | 1 + src/crypto/mishmash/rsa_sha256.c | 1 + src/crypto/mishmash/rsa_sha384.c | 1 + src/crypto/mishmash/rsa_sha512.c | 1 + src/crypto/ntlm.c | 1 + src/crypto/ocsp.c | 1 + src/crypto/p256.c | 1 + src/crypto/p384.c | 1 + src/crypto/privkey.c | 1 + src/crypto/random_nz.c | 1 + src/crypto/rbg.c | 1 + src/crypto/rootcert.c | 1 + src/crypto/rsa.c | 1 + src/crypto/sha1.c | 1 + src/crypto/sha224.c | 1 + src/crypto/sha256.c | 1 + src/crypto/sha384.c | 1 + src/crypto/sha512.c | 1 + src/crypto/sha512_224.c | 1 + src/crypto/sha512_256.c | 1 + src/crypto/weierstrass.c | 1 + src/crypto/x25519.c | 1 + src/crypto/x509.c | 1 + src/drivers/bus/cdc.c | 1 + src/drivers/bus/pcibackup.c | 1 + src/drivers/bus/pciextra.c | 1 + src/drivers/bus/pcimsix.c | 1 + src/drivers/bus/usb.c | 1 + src/drivers/bus/usb_settings.c | 1 + src/drivers/net/acm.c | 1 + src/drivers/net/acm.h | 1 + src/drivers/net/axge.c | 1 + src/drivers/net/axge.h | 1 + src/drivers/net/dm96xx.c | 1 + src/drivers/net/dm96xx.h | 1 + src/drivers/net/ecm.c | 1 + src/drivers/net/ecm.h | 1 + src/drivers/net/ice.c | 1 + src/drivers/net/ice.h | 1 + src/drivers/net/intel.c | 1 + src/drivers/net/intel.h | 1 + src/drivers/net/intelvf.c | 1 + src/drivers/net/intelvf.h | 1 + src/drivers/net/intelx.c | 1 + src/drivers/net/intelx.h | 1 + src/drivers/net/intelxl.c | 1 + src/drivers/net/intelxl.h | 1 + src/drivers/net/intelxlvf.c | 1 + src/drivers/net/intelxlvf.h | 1 + src/drivers/net/intelxvf.c | 1 + src/drivers/net/intelxvf.h | 1 + src/drivers/net/iphone.c | 1 + src/drivers/net/iphone.h | 1 + src/drivers/net/lan78xx.c | 1 + src/drivers/net/lan78xx.h | 1 + src/drivers/net/mii.c | 1 + src/drivers/net/ncm.c | 1 + src/drivers/net/ncm.h | 1 + src/drivers/net/netfront.c | 1 + src/drivers/net/netfront.h | 1 + src/drivers/net/smsc75xx.c | 1 + src/drivers/net/smsc75xx.h | 1 + src/drivers/net/smsc95xx.c | 1 + src/drivers/net/smsc95xx.h | 1 + src/drivers/net/smscusb.c | 1 + src/drivers/net/smscusb.h | 1 + src/drivers/net/vmxnet3.c | 1 + src/drivers/net/vmxnet3.h | 1 + src/drivers/usb/ehci.c | 1 + src/drivers/usb/ehci.h | 1 + src/drivers/usb/uhci.c | 1 + src/drivers/usb/uhci.h | 1 + src/drivers/usb/usbblk.c | 1 + src/drivers/usb/usbblk.h | 1 + src/drivers/usb/usbhub.c | 1 + src/drivers/usb/usbhub.h | 1 + src/drivers/usb/usbnet.c | 1 + src/drivers/usb/xhci.c | 1 + src/hci/commands/cert_cmd.c | 1 + src/hci/commands/console_cmd.c | 1 + src/hci/commands/digest_cmd.c | 1 + src/hci/commands/image_trust_cmd.c | 1 + src/hci/commands/ipstat_cmd.c | 1 + src/hci/commands/neighbour_cmd.c | 1 + src/hci/commands/nslookup_cmd.c | 1 + src/hci/commands/ntp_cmd.c | 1 + src/hci/commands/param_cmd.c | 1 + src/hci/commands/ping_cmd.c | 1 + src/hci/commands/poweroff_cmd.c | 1 + src/hci/commands/profstat_cmd.c | 1 + src/hci/commands/vlan_cmd.c | 1 + src/image/der.c | 1 + src/image/efi_siglist.c | 1 + src/image/pem.c | 1 + src/image/png.c | 1 + src/include/hci/digest_cmd.h | 1 + src/include/ipxe/acpimac.h | 1 + src/include/ipxe/aes.h | 1 + src/include/ipxe/bigint.h | 1 + src/include/ipxe/bitops.h | 1 + src/include/ipxe/cbc.h | 1 + src/include/ipxe/cdc.h | 1 + src/include/ipxe/certstore.h | 1 + src/include/ipxe/cms.h | 1 + src/include/ipxe/deflate.h | 1 + src/include/ipxe/der.h | 1 + src/include/ipxe/dhe.h | 1 + src/include/ipxe/drbg.h | 1 + src/include/ipxe/ecb.h | 1 + src/include/ipxe/ecdhe.h | 1 + src/include/ipxe/ecdsa.h | 1 + src/include/ipxe/efi/efi_siglist.h | 1 + src/include/ipxe/efi/efi_usb.h | 3 +++ src/include/ipxe/entropy.h | 1 + src/include/ipxe/fbcon.h | 1 + src/include/ipxe/fdt.h | 1 + src/include/ipxe/gcm.h | 1 + src/include/ipxe/hash_df.h | 1 + src/include/ipxe/hmac.h | 1 + src/include/ipxe/hmac_drbg.h | 1 + src/include/ipxe/isqrt.h | 1 + src/include/ipxe/lineconsole.h | 1 + src/include/ipxe/md4.h | 1 + src/include/ipxe/mii.h | 1 + src/include/ipxe/netbios.h | 1 + src/include/ipxe/ntp.h | 1 + src/include/ipxe/ocsp.h | 1 + src/include/ipxe/p256.h | 1 + src/include/ipxe/p384.h | 1 + src/include/ipxe/pccrc.h | 1 + src/include/ipxe/pccrd.h | 1 + src/include/ipxe/pccrr.h | 1 + src/include/ipxe/pcibackup.h | 1 + src/include/ipxe/pcimsix.h | 1 + src/include/ipxe/peerblk.h | 1 + src/include/ipxe/peerdisc.h | 1 + src/include/ipxe/peermux.h | 1 + src/include/ipxe/pem.h | 1 + src/include/ipxe/pinger.h | 1 + src/include/ipxe/pixbuf.h | 1 + src/include/ipxe/png.h | 1 + src/include/ipxe/privkey.h | 1 + src/include/ipxe/random_nz.h | 1 + src/include/ipxe/rbg.h | 1 + src/include/ipxe/rndis.h | 1 + src/include/ipxe/rootcert.h | 1 + src/include/ipxe/rsa.h | 1 + src/include/ipxe/sha1.h | 1 + src/include/ipxe/sha256.h | 1 + src/include/ipxe/sha512.h | 1 + src/include/ipxe/syslog.h | 1 + src/include/ipxe/tls.h | 1 + src/include/ipxe/usbnet.h | 1 + src/include/ipxe/validator.h | 1 + src/include/ipxe/weierstrass.h | 1 + src/include/ipxe/x25519.h | 1 + src/include/ipxe/x509.h | 1 + src/include/ipxe/xen.h | 1 + src/include/ipxe/xenbus.h | 1 + src/include/ipxe/xenevent.h | 1 + src/include/ipxe/xengrant.h | 1 + src/include/ipxe/xenstore.h | 1 + src/include/ipxe/xhci.h | 1 + src/include/mii.h | 1 + src/include/usr/certmgmt.h | 1 + src/include/usr/imgtrust.h | 1 + src/include/usr/ipstat.h | 1 + src/include/usr/neighmgmt.h | 1 + src/include/usr/nslookup.h | 1 + src/include/usr/ntpmgmt.h | 1 + src/include/usr/pingmgmt.h | 1 + src/include/usr/profstat.h | 1 + src/include/xen/arch-x86/xen-x86_64.h | 1 + src/include/xen/arch-x86/xen.h | 1 + src/include/xen/event_channel.h | 1 + src/include/xen/grant_table.h | 1 + src/include/xen/io/netif.h | 1 + src/include/xen/io/ring.h | 1 + src/include/xen/io/xenbus.h | 1 + src/include/xen/io/xs_wire.h | 1 + src/include/xen/xen-compat.h | 1 + src/include/xen/xen.h | 1 + src/interface/efi/efi_cacert.c | 1 + src/interface/efi/efi_entropy.c | 1 + src/interface/efi/efi_fbcon.c | 1 + src/interface/efi/efi_fdt.c | 1 + src/interface/efi/efi_rng.c | 1 + src/interface/efi/efi_usb.c | 1 + src/interface/xen/xenbus.c | 1 + src/interface/xen/xengrant.c | 1 + src/interface/xen/xenstore.c | 1 + src/net/pccrc.c | 1 + src/net/pccrd.c | 1 + src/net/peerblk.c | 1 + src/net/peerdisc.c | 1 + src/net/peerdist.c | 1 + src/net/peermux.c | 1 + src/net/ping.c | 1 + src/net/rndis.c | 1 + src/net/tcp/httpntlm.c | 1 + src/net/tcp/https.c | 1 + src/net/tcp/syslogs.c | 1 + src/net/tls.c | 1 + src/net/udp/ntp.c | 1 + src/net/udp/syslog.c | 1 + src/net/validator.c | 1 + src/usr/certmgmt.c | 1 + src/usr/imgtrust.c | 1 + src/usr/ipstat.c | 1 + src/usr/neighmgmt.c | 1 + src/usr/nslookup.c | 1 + src/usr/ntpmgmt.c | 1 + src/usr/pingmgmt.c | 1 + src/usr/profstat.c | 1 + 304 files changed, 306 insertions(+) (limited to 'src/net/tls.c') diff --git a/src/arch/x86/core/cpuid_settings.c b/src/arch/x86/core/cpuid_settings.c index 44d38debc..ef0164069 100644 --- a/src/arch/x86/core/cpuid_settings.c +++ b/src/arch/x86/core/cpuid_settings.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/arch/x86/core/rdrand.c b/src/arch/x86/core/rdrand.c index 850ab1f11..05fc3cd23 100644 --- a/src/arch/x86/core/rdrand.c +++ b/src/arch/x86/core/rdrand.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/arch/x86/include/bits/bigint.h b/src/arch/x86/include/bits/bigint.h index c6f097a34..21cffa0cf 100644 --- a/src/arch/x86/include/bits/bigint.h +++ b/src/arch/x86/include/bits/bigint.h @@ -7,6 +7,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/arch/x86/include/bits/bitops.h b/src/arch/x86/include/bits/bitops.h index f697b8c8f..cdbc3b0a2 100644 --- a/src/arch/x86/include/bits/bitops.h +++ b/src/arch/x86/include/bits/bitops.h @@ -14,6 +14,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/arch/x86/include/bits/xen.h b/src/arch/x86/include/bits/xen.h index 3433cea1f..313bec254 100644 --- a/src/arch/x86/include/bits/xen.h +++ b/src/arch/x86/include/bits/xen.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /* Hypercall registers */ #ifdef __x86_64__ diff --git a/src/config/config_archive.c b/src/config/config_archive.c index 746fc7e44..71c883dcc 100644 --- a/src/config/config_archive.c +++ b/src/config/config_archive.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_asn1.c b/src/config/config_asn1.c index 107f99c1d..ad3e95b96 100644 --- a/src/config/config_asn1.c +++ b/src/config/config_asn1.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_certs.c b/src/config/config_certs.c index a325d132c..ad5a2f708 100644 --- a/src/config/config_certs.c +++ b/src/config/config_certs.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_crypto.c b/src/config/config_crypto.c index 4bba147e5..724b95d02 100644 --- a/src/config/config_crypto.c +++ b/src/config/config_crypto.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_digest_cmd.c b/src/config/config_digest_cmd.c index 5a8752ae1..1c4d8dca1 100644 --- a/src/config/config_digest_cmd.c +++ b/src/config/config_digest_cmd.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_entropy.c b/src/config/config_entropy.c index 92aa97884..494b19f20 100644 --- a/src/config/config_entropy.c +++ b/src/config/config_entropy.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_fc.c b/src/config/config_fc.c index 33fc9462a..3aea9b080 100644 --- a/src/config/config_fc.c +++ b/src/config/config_fc.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_fdt.c b/src/config/config_fdt.c index e8d425933..a6fb6f332 100644 --- a/src/config/config_fdt.c +++ b/src/config/config_fdt.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_infiniband.c b/src/config/config_infiniband.c index 4da8fe219..9e0826169 100644 --- a/src/config/config_infiniband.c +++ b/src/config/config_infiniband.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_pixbuf.c b/src/config/config_pixbuf.c index f8ff59daf..b2dbd869a 100644 --- a/src/config/config_pixbuf.c +++ b/src/config/config_pixbuf.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/config_usb.c b/src/config/config_usb.c index 10dec221a..b3fd412e9 100644 --- a/src/config/config_usb.c +++ b/src/config/config_usb.c @@ -20,6 +20,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/config/crypto.h b/src/config/crypto.h index a0774390b..e28ba2777 100644 --- a/src/config/crypto.h +++ b/src/config/crypto.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** Minimum TLS version */ #define TLS_VERSION_MIN TLS_VERSION_TLS_1_1 diff --git a/src/config/entropy.h b/src/config/entropy.h index c79060fd5..db180c61a 100644 --- a/src/config/entropy.h +++ b/src/config/entropy.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/fdt.h b/src/config/fdt.h index 4d13e0535..7f3d39768 100644 --- a/src/config/fdt.h +++ b/src/config/fdt.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/config/usb.h b/src/config/usb.h index 4252ec229..09e0b82e6 100644 --- a/src/config/usb.h +++ b/src/config/usb.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/core/acpi_settings.c b/src/core/acpi_settings.c index 63f271855..8dc2a7fd8 100644 --- a/src/core/acpi_settings.c +++ b/src/core/acpi_settings.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** * @file diff --git a/src/core/acpimac.c b/src/core/acpimac.c index 11ac3243e..04fd98836 100644 --- a/src/core/acpimac.c +++ b/src/core/acpimac.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/core/ansicoldef.c b/src/core/ansicoldef.c index 6d8598e11..4555c4e36 100644 --- a/src/core/ansicoldef.c +++ b/src/core/ansicoldef.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/core/fbcon.c b/src/core/fbcon.c index ef158aec7..e07605470 100644 --- a/src/core/fbcon.c +++ b/src/core/fbcon.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/core/fdt.c b/src/core/fdt.c index 08adb166e..8ac781b05 100644 --- a/src/core/fdt.c +++ b/src/core/fdt.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/core/isqrt.c b/src/core/isqrt.c index c4d0571e7..b553c0935 100644 --- a/src/core/isqrt.c +++ b/src/core/isqrt.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/core/lineconsole.c b/src/core/lineconsole.c index 0a72d1434..25eae39dd 100644 --- a/src/core/lineconsole.c +++ b/src/core/lineconsole.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/core/netbios.c b/src/core/netbios.c index 0d4e2086f..299e0d599 100644 --- a/src/core/netbios.c +++ b/src/core/netbios.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/core/pinger.c b/src/core/pinger.c index 0ff7bb9f2..bbfa83f8d 100644 --- a/src/core/pinger.c +++ b/src/core/pinger.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/core/pixbuf.c b/src/core/pixbuf.c index 506a28c38..df187f93d 100644 --- a/src/core/pixbuf.c +++ b/src/core/pixbuf.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/core/profile.c b/src/core/profile.c index 3655108ea..27d481d45 100644 --- a/src/core/profile.c +++ b/src/core/profile.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/aes.c b/src/crypto/aes.c index 5200e7760..fe6ccb222 100644 --- a/src/crypto/aes.c +++ b/src/crypto/aes.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/asn1.c b/src/crypto/asn1.c index dd0b954e1..98d5b638f 100644 --- a/src/crypto/asn1.c +++ b/src/crypto/asn1.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/bigint.c b/src/crypto/bigint.c index 9ccd9ff88..5d2f7b560 100644 --- a/src/crypto/bigint.c +++ b/src/crypto/bigint.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/cbc.c b/src/crypto/cbc.c index 0ba17ee48..ddba7abd9 100644 --- a/src/crypto/cbc.c +++ b/src/crypto/cbc.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/certstore.c b/src/crypto/certstore.c index aad874297..8472a2eed 100644 --- a/src/crypto/certstore.c +++ b/src/crypto/certstore.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/cms.c b/src/crypto/cms.c index 7775e581b..4c0f3f5a6 100644 --- a/src/crypto/cms.c +++ b/src/crypto/cms.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c index e80f2707f..8637987b1 100644 --- a/src/crypto/crypto_null.c +++ b/src/crypto/crypto_null.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** * @file diff --git a/src/crypto/deflate.c b/src/crypto/deflate.c index 5d0101184..1d54749e0 100644 --- a/src/crypto/deflate.c +++ b/src/crypto/deflate.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/dhe.c b/src/crypto/dhe.c index a249f9b40..2785a500b 100644 --- a/src/crypto/dhe.c +++ b/src/crypto/dhe.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/drbg.c b/src/crypto/drbg.c index a3366e806..c4dc7646d 100644 --- a/src/crypto/drbg.c +++ b/src/crypto/drbg.c @@ -34,6 +34,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/ecb.c b/src/crypto/ecb.c index 3c9cf340c..73eef09c2 100644 --- a/src/crypto/ecb.c +++ b/src/crypto/ecb.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/ecdhe.c b/src/crypto/ecdhe.c index 6c86b1c90..016253457 100644 --- a/src/crypto/ecdhe.c +++ b/src/crypto/ecdhe.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/ecdsa.c b/src/crypto/ecdsa.c index cd06d5578..6f10a1a0f 100644 --- a/src/crypto/ecdsa.c +++ b/src/crypto/ecdsa.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/entropy.c b/src/crypto/entropy.c index 419007159..ac0e92c42 100644 --- a/src/crypto/entropy.c +++ b/src/crypto/entropy.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/gcm.c b/src/crypto/gcm.c index b93925d07..b9c9d3a39 100644 --- a/src/crypto/gcm.c +++ b/src/crypto/gcm.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/hash_df.c b/src/crypto/hash_df.c index dc0dc0ce8..ec4bcaebc 100644 --- a/src/crypto/hash_df.c +++ b/src/crypto/hash_df.c @@ -34,6 +34,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/hmac.c b/src/crypto/hmac.c index 7109bbf6a..ed4cefaad 100644 --- a/src/crypto/hmac.c +++ b/src/crypto/hmac.c @@ -34,6 +34,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** * @file diff --git a/src/crypto/hmac_drbg.c b/src/crypto/hmac_drbg.c index 57bde4d1d..bd831e239 100644 --- a/src/crypto/hmac_drbg.c +++ b/src/crypto/hmac_drbg.c @@ -34,6 +34,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/md4.c b/src/crypto/md4.c index dcd86a428..a9184aa57 100644 --- a/src/crypto/md4.c +++ b/src/crypto/md4.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/mishmash/cmd_sha224.c b/src/crypto/mishmash/cmd_sha224.c index 3975a37c5..fd8095937 100644 --- a/src/crypto/mishmash/cmd_sha224.c +++ b/src/crypto/mishmash/cmd_sha224.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/cmd_sha256.c b/src/crypto/mishmash/cmd_sha256.c index 8076e8dbf..259ae3eac 100644 --- a/src/crypto/mishmash/cmd_sha256.c +++ b/src/crypto/mishmash/cmd_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/cmd_sha384.c b/src/crypto/mishmash/cmd_sha384.c index ed7265ab9..c31154d24 100644 --- a/src/crypto/mishmash/cmd_sha384.c +++ b/src/crypto/mishmash/cmd_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/cmd_sha512.c b/src/crypto/mishmash/cmd_sha512.c index 96b8ade88..b6207f86d 100644 --- a/src/crypto/mishmash/cmd_sha512.c +++ b/src/crypto/mishmash/cmd_sha512.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/dhe_rsa_aes_cbc_sha1.c b/src/crypto/mishmash/dhe_rsa_aes_cbc_sha1.c index 05e409f7a..ec2155001 100644 --- a/src/crypto/mishmash/dhe_rsa_aes_cbc_sha1.c +++ b/src/crypto/mishmash/dhe_rsa_aes_cbc_sha1.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/dhe_rsa_aes_cbc_sha256.c b/src/crypto/mishmash/dhe_rsa_aes_cbc_sha256.c index 6ce428642..4e6226e87 100644 --- a/src/crypto/mishmash/dhe_rsa_aes_cbc_sha256.c +++ b/src/crypto/mishmash/dhe_rsa_aes_cbc_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/dhe_rsa_aes_gcm_sha256.c b/src/crypto/mishmash/dhe_rsa_aes_gcm_sha256.c index dc5cad9f8..6bbe4d00d 100644 --- a/src/crypto/mishmash/dhe_rsa_aes_gcm_sha256.c +++ b/src/crypto/mishmash/dhe_rsa_aes_gcm_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/dhe_rsa_aes_gcm_sha384.c b/src/crypto/mishmash/dhe_rsa_aes_gcm_sha384.c index 0448255f3..336feb195 100644 --- a/src/crypto/mishmash/dhe_rsa_aes_gcm_sha384.c +++ b/src/crypto/mishmash/dhe_rsa_aes_gcm_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha1.c b/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha1.c index d6eaf8b0a..0d9fcd15d 100644 --- a/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha1.c +++ b/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha1.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha256.c b/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha256.c index 0fc486fbd..4b7cf1620 100644 --- a/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha256.c +++ b/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha384.c b/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha384.c index 5106c18ce..85373911a 100644 --- a/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha384.c +++ b/src/crypto/mishmash/ecdhe_ecdsa_aes_cbc_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha256.c b/src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha256.c index 2b118e7a5..5aeb2f3d9 100644 --- a/src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha256.c +++ b/src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha384.c b/src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha384.c index b4946df88..3dc6149d7 100644 --- a/src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha384.c +++ b/src/crypto/mishmash/ecdhe_ecdsa_aes_gcm_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha1.c b/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha1.c index c23f65cc0..46b42ac1e 100644 --- a/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha1.c +++ b/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha1.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha256.c b/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha256.c index 431e2e304..dd524ec78 100644 --- a/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha256.c +++ b/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha384.c b/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha384.c index c52976809..7524d1ccc 100644 --- a/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha384.c +++ b/src/crypto/mishmash/ecdhe_rsa_aes_cbc_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha256.c b/src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha256.c index 4f4e38c69..978be2a4c 100644 --- a/src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha256.c +++ b/src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha384.c b/src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha384.c index 0bc7c305f..5ca6f0457 100644 --- a/src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha384.c +++ b/src/crypto/mishmash/ecdhe_rsa_aes_gcm_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdsa_sha224.c b/src/crypto/mishmash/ecdsa_sha224.c index ab42658cb..92aa881cd 100644 --- a/src/crypto/mishmash/ecdsa_sha224.c +++ b/src/crypto/mishmash/ecdsa_sha224.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdsa_sha256.c b/src/crypto/mishmash/ecdsa_sha256.c index 12cbec80c..025d6ec73 100644 --- a/src/crypto/mishmash/ecdsa_sha256.c +++ b/src/crypto/mishmash/ecdsa_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdsa_sha384.c b/src/crypto/mishmash/ecdsa_sha384.c index b52621311..d7a0ca5d6 100644 --- a/src/crypto/mishmash/ecdsa_sha384.c +++ b/src/crypto/mishmash/ecdsa_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/ecdsa_sha512.c b/src/crypto/mishmash/ecdsa_sha512.c index 420c685e7..15391abf2 100644 --- a/src/crypto/mishmash/ecdsa_sha512.c +++ b/src/crypto/mishmash/ecdsa_sha512.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_aes_cbc.c b/src/crypto/mishmash/oid_aes_cbc.c index b5f716574..d5b81541a 100644 --- a/src/crypto/mishmash/oid_aes_cbc.c +++ b/src/crypto/mishmash/oid_aes_cbc.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_aes_gcm.c b/src/crypto/mishmash/oid_aes_gcm.c index af1432d8e..6be1a132d 100644 --- a/src/crypto/mishmash/oid_aes_gcm.c +++ b/src/crypto/mishmash/oid_aes_gcm.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_p256.c b/src/crypto/mishmash/oid_p256.c index d473df09f..81ae1d11e 100644 --- a/src/crypto/mishmash/oid_p256.c +++ b/src/crypto/mishmash/oid_p256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_p384.c b/src/crypto/mishmash/oid_p384.c index 968fb45c1..a7d36aee4 100644 --- a/src/crypto/mishmash/oid_p384.c +++ b/src/crypto/mishmash/oid_p384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_rsa.c b/src/crypto/mishmash/oid_rsa.c index 582022628..02bb59edb 100644 --- a/src/crypto/mishmash/oid_rsa.c +++ b/src/crypto/mishmash/oid_rsa.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_sha1.c b/src/crypto/mishmash/oid_sha1.c index 5dae6d27c..5ddd2aba8 100644 --- a/src/crypto/mishmash/oid_sha1.c +++ b/src/crypto/mishmash/oid_sha1.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_sha224.c b/src/crypto/mishmash/oid_sha224.c index ee7ed22e4..6658bda56 100644 --- a/src/crypto/mishmash/oid_sha224.c +++ b/src/crypto/mishmash/oid_sha224.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_sha256.c b/src/crypto/mishmash/oid_sha256.c index 963fddb63..8da40a70b 100644 --- a/src/crypto/mishmash/oid_sha256.c +++ b/src/crypto/mishmash/oid_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_sha384.c b/src/crypto/mishmash/oid_sha384.c index 81ff48bbf..57c1ab53b 100644 --- a/src/crypto/mishmash/oid_sha384.c +++ b/src/crypto/mishmash/oid_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_sha512.c b/src/crypto/mishmash/oid_sha512.c index 78bae48b4..73d7cb78f 100644 --- a/src/crypto/mishmash/oid_sha512.c +++ b/src/crypto/mishmash/oid_sha512.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_sha512_224.c b/src/crypto/mishmash/oid_sha512_224.c index 6f61f9cac..a6291097b 100644 --- a/src/crypto/mishmash/oid_sha512_224.c +++ b/src/crypto/mishmash/oid_sha512_224.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_sha512_256.c b/src/crypto/mishmash/oid_sha512_256.c index bce4762e4..d36199372 100644 --- a/src/crypto/mishmash/oid_sha512_256.c +++ b/src/crypto/mishmash/oid_sha512_256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/oid_x25519.c b/src/crypto/mishmash/oid_x25519.c index 30b7905ea..2907eb461 100644 --- a/src/crypto/mishmash/oid_x25519.c +++ b/src/crypto/mishmash/oid_x25519.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_aes_cbc_sha1.c b/src/crypto/mishmash/rsa_aes_cbc_sha1.c index 0862fb5ac..35f5f6eb7 100644 --- a/src/crypto/mishmash/rsa_aes_cbc_sha1.c +++ b/src/crypto/mishmash/rsa_aes_cbc_sha1.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_aes_cbc_sha256.c b/src/crypto/mishmash/rsa_aes_cbc_sha256.c index e5928db82..22705df7e 100644 --- a/src/crypto/mishmash/rsa_aes_cbc_sha256.c +++ b/src/crypto/mishmash/rsa_aes_cbc_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_aes_gcm_sha256.c b/src/crypto/mishmash/rsa_aes_gcm_sha256.c index b18bbd844..d3fd00f1e 100644 --- a/src/crypto/mishmash/rsa_aes_gcm_sha256.c +++ b/src/crypto/mishmash/rsa_aes_gcm_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_aes_gcm_sha384.c b/src/crypto/mishmash/rsa_aes_gcm_sha384.c index 06558aaed..908db086a 100644 --- a/src/crypto/mishmash/rsa_aes_gcm_sha384.c +++ b/src/crypto/mishmash/rsa_aes_gcm_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_sha1.c b/src/crypto/mishmash/rsa_sha1.c index 264f871f1..8907ac08a 100644 --- a/src/crypto/mishmash/rsa_sha1.c +++ b/src/crypto/mishmash/rsa_sha1.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_sha224.c b/src/crypto/mishmash/rsa_sha224.c index 1465a033d..b676d41f3 100644 --- a/src/crypto/mishmash/rsa_sha224.c +++ b/src/crypto/mishmash/rsa_sha224.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_sha256.c b/src/crypto/mishmash/rsa_sha256.c index 7283c3e29..8a6a7a5cf 100644 --- a/src/crypto/mishmash/rsa_sha256.c +++ b/src/crypto/mishmash/rsa_sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_sha384.c b/src/crypto/mishmash/rsa_sha384.c index 6f8c29b29..cc1878bd4 100644 --- a/src/crypto/mishmash/rsa_sha384.c +++ b/src/crypto/mishmash/rsa_sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/mishmash/rsa_sha512.c b/src/crypto/mishmash/rsa_sha512.c index bb4463a5a..9c995e1c8 100644 --- a/src/crypto/mishmash/rsa_sha512.c +++ b/src/crypto/mishmash/rsa_sha512.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/ntlm.c b/src/crypto/ntlm.c index fb120f8db..f9ce51bde 100644 --- a/src/crypto/ntlm.c +++ b/src/crypto/ntlm.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/ocsp.c b/src/crypto/ocsp.c index 1712d614e..5d6acb605 100644 --- a/src/crypto/ocsp.c +++ b/src/crypto/ocsp.c @@ -18,6 +18,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/p256.c b/src/crypto/p256.c index 2ba66e72c..a513555b3 100644 --- a/src/crypto/p256.c +++ b/src/crypto/p256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/p384.c b/src/crypto/p384.c index a53a9ce9d..bdd23d460 100644 --- a/src/crypto/p384.c +++ b/src/crypto/p384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/privkey.c b/src/crypto/privkey.c index cbe8deff3..c67a4400b 100644 --- a/src/crypto/privkey.c +++ b/src/crypto/privkey.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/random_nz.c b/src/crypto/random_nz.c index 5fe576e05..96b12359c 100644 --- a/src/crypto/random_nz.c +++ b/src/crypto/random_nz.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/rbg.c b/src/crypto/rbg.c index 5e1c25f53..17914542e 100644 --- a/src/crypto/rbg.c +++ b/src/crypto/rbg.c @@ -34,6 +34,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/rootcert.c b/src/crypto/rootcert.c index b198c1d95..6eb08256a 100644 --- a/src/crypto/rootcert.c +++ b/src/crypto/rootcert.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c index 9c0982cf6..be055d881 100644 --- a/src/crypto/rsa.c +++ b/src/crypto/rsa.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/crypto/sha1.c b/src/crypto/sha1.c index 8eecc75b3..023becec6 100644 --- a/src/crypto/sha1.c +++ b/src/crypto/sha1.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/sha224.c b/src/crypto/sha224.c index e54a0abb0..7e0cfd34e 100644 --- a/src/crypto/sha224.c +++ b/src/crypto/sha224.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/sha256.c b/src/crypto/sha256.c index c30300eb4..742393612 100644 --- a/src/crypto/sha256.c +++ b/src/crypto/sha256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/sha384.c b/src/crypto/sha384.c index f1af6fc6f..3e5e98a31 100644 --- a/src/crypto/sha384.c +++ b/src/crypto/sha384.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/sha512.c b/src/crypto/sha512.c index d7d44b284..724cb71a5 100644 --- a/src/crypto/sha512.c +++ b/src/crypto/sha512.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/sha512_224.c b/src/crypto/sha512_224.c index b6728726c..3b256a3b9 100644 --- a/src/crypto/sha512_224.c +++ b/src/crypto/sha512_224.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/sha512_256.c b/src/crypto/sha512_256.c index 8163631e0..04df3f5bc 100644 --- a/src/crypto/sha512_256.c +++ b/src/crypto/sha512_256.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/weierstrass.c b/src/crypto/weierstrass.c index bb9b50bf8..a64626c85 100644 --- a/src/crypto/weierstrass.c +++ b/src/crypto/weierstrass.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/x25519.c b/src/crypto/x25519.c index 4b4c489da..95c42ea13 100644 --- a/src/crypto/x25519.c +++ b/src/crypto/x25519.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/crypto/x509.c b/src/crypto/x509.c index 1206e4023..6a3fe423b 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/bus/cdc.c b/src/drivers/bus/cdc.c index 373a03072..c3a2a450b 100644 --- a/src/drivers/bus/cdc.c +++ b/src/drivers/bus/cdc.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/bus/pcibackup.c b/src/drivers/bus/pcibackup.c index 4cf126f83..81fcb7e05 100644 --- a/src/drivers/bus/pcibackup.c +++ b/src/drivers/bus/pcibackup.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/bus/pciextra.c b/src/drivers/bus/pciextra.c index 3654a2d1c..f769a3172 100644 --- a/src/drivers/bus/pciextra.c +++ b/src/drivers/bus/pciextra.c @@ -1,4 +1,5 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/bus/pcimsix.c b/src/drivers/bus/pcimsix.c index f55488ad7..008c1c22f 100644 --- a/src/drivers/bus/pcimsix.c +++ b/src/drivers/bus/pcimsix.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/bus/usb.c b/src/drivers/bus/usb.c index b3b361b0d..30c288df9 100644 --- a/src/drivers/bus/usb.c +++ b/src/drivers/bus/usb.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/bus/usb_settings.c b/src/drivers/bus/usb_settings.c index bb01f34d5..e34c79126 100644 --- a/src/drivers/bus/usb_settings.c +++ b/src/drivers/bus/usb_settings.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/acm.c b/src/drivers/net/acm.c index 16dab4be8..0cb2713b2 100644 --- a/src/drivers/net/acm.c +++ b/src/drivers/net/acm.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/acm.h b/src/drivers/net/acm.h index d4944967b..3f10f0fa2 100644 --- a/src/drivers/net/acm.h +++ b/src/drivers/net/acm.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/axge.c b/src/drivers/net/axge.c index fb274d24f..922c94d91 100644 --- a/src/drivers/net/axge.c +++ b/src/drivers/net/axge.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/axge.h b/src/drivers/net/axge.h index e22e0ec47..c30ca5950 100644 --- a/src/drivers/net/axge.h +++ b/src/drivers/net/axge.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/dm96xx.c b/src/drivers/net/dm96xx.c index 61b957be9..193980a40 100644 --- a/src/drivers/net/dm96xx.c +++ b/src/drivers/net/dm96xx.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/dm96xx.h b/src/drivers/net/dm96xx.h index 43a1a4e30..33e404e17 100644 --- a/src/drivers/net/dm96xx.h +++ b/src/drivers/net/dm96xx.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/ecm.c b/src/drivers/net/ecm.c index 7b3e92b9b..9a13b68a5 100644 --- a/src/drivers/net/ecm.c +++ b/src/drivers/net/ecm.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/ecm.h b/src/drivers/net/ecm.h index a7d03cf94..d77b0c64f 100644 --- a/src/drivers/net/ecm.h +++ b/src/drivers/net/ecm.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/ice.c b/src/drivers/net/ice.c index b5d66f1bb..1abc8ecd0 100644 --- a/src/drivers/net/ice.c +++ b/src/drivers/net/ice.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/ice.h b/src/drivers/net/ice.h index 26291a7a1..c4b7b95be 100644 --- a/src/drivers/net/ice.h +++ b/src/drivers/net/ice.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include "intelxl.h" diff --git a/src/drivers/net/intel.c b/src/drivers/net/intel.c index 845ba3e7f..57c0151a4 100644 --- a/src/drivers/net/intel.c +++ b/src/drivers/net/intel.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intel.h b/src/drivers/net/intel.h index 29cf3a7d8..bfd250f00 100644 --- a/src/drivers/net/intel.h +++ b/src/drivers/net/intel.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intelvf.c b/src/drivers/net/intelvf.c index 0d48b4178..e99b67626 100644 --- a/src/drivers/net/intelvf.c +++ b/src/drivers/net/intelvf.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intelvf.h b/src/drivers/net/intelvf.h index ffb18e040..378f9b075 100644 --- a/src/drivers/net/intelvf.h +++ b/src/drivers/net/intelvf.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include "intel.h" diff --git a/src/drivers/net/intelx.c b/src/drivers/net/intelx.c index 343d01374..ceb687e4f 100644 --- a/src/drivers/net/intelx.c +++ b/src/drivers/net/intelx.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intelx.h b/src/drivers/net/intelx.h index d7f3b78e8..d68f50082 100644 --- a/src/drivers/net/intelx.h +++ b/src/drivers/net/intelx.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intelxl.c b/src/drivers/net/intelxl.c index 76b9ff48f..f8d325ead 100644 --- a/src/drivers/net/intelxl.c +++ b/src/drivers/net/intelxl.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intelxl.h b/src/drivers/net/intelxl.h index d23acf96e..4481300d3 100644 --- a/src/drivers/net/intelxl.h +++ b/src/drivers/net/intelxl.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intelxlvf.c b/src/drivers/net/intelxlvf.c index 083195513..ab4df4c47 100644 --- a/src/drivers/net/intelxlvf.c +++ b/src/drivers/net/intelxlvf.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intelxlvf.h b/src/drivers/net/intelxlvf.h index 95ddf9474..63ed0b202 100644 --- a/src/drivers/net/intelxlvf.h +++ b/src/drivers/net/intelxlvf.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include "intelxl.h" diff --git a/src/drivers/net/intelxvf.c b/src/drivers/net/intelxvf.c index d50bac698..70ed8efe3 100644 --- a/src/drivers/net/intelxvf.c +++ b/src/drivers/net/intelxvf.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/intelxvf.h b/src/drivers/net/intelxvf.h index 4663272aa..1dac98699 100644 --- a/src/drivers/net/intelxvf.h +++ b/src/drivers/net/intelxvf.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include "intelvf.h" diff --git a/src/drivers/net/iphone.c b/src/drivers/net/iphone.c index 11f763553..b58017560 100644 --- a/src/drivers/net/iphone.c +++ b/src/drivers/net/iphone.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/iphone.h b/src/drivers/net/iphone.h index 2db6da7bd..3448af37f 100644 --- a/src/drivers/net/iphone.h +++ b/src/drivers/net/iphone.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/lan78xx.c b/src/drivers/net/lan78xx.c index 3f4f21b60..32333e787 100644 --- a/src/drivers/net/lan78xx.c +++ b/src/drivers/net/lan78xx.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/lan78xx.h b/src/drivers/net/lan78xx.h index 39422aec0..ea6d7ce52 100644 --- a/src/drivers/net/lan78xx.h +++ b/src/drivers/net/lan78xx.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include "smscusb.h" #include "smsc75xx.h" diff --git a/src/drivers/net/mii.c b/src/drivers/net/mii.c index 87605f0cb..85749b941 100644 --- a/src/drivers/net/mii.c +++ b/src/drivers/net/mii.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/ncm.c b/src/drivers/net/ncm.c index 2c0f91e21..48f9856b0 100644 --- a/src/drivers/net/ncm.c +++ b/src/drivers/net/ncm.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/ncm.h b/src/drivers/net/ncm.h index 6b0d21cdb..53e96cf72 100644 --- a/src/drivers/net/ncm.h +++ b/src/drivers/net/ncm.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/netfront.c b/src/drivers/net/netfront.c index 12713c5b4..ba6a20002 100644 --- a/src/drivers/net/netfront.c +++ b/src/drivers/net/netfront.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/netfront.h b/src/drivers/net/netfront.h index de16d5291..0520a0b2a 100644 --- a/src/drivers/net/netfront.h +++ b/src/drivers/net/netfront.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/smsc75xx.c b/src/drivers/net/smsc75xx.c index 861669edf..8ae65e42a 100644 --- a/src/drivers/net/smsc75xx.c +++ b/src/drivers/net/smsc75xx.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/smsc75xx.h b/src/drivers/net/smsc75xx.h index 72339df03..51330993d 100644 --- a/src/drivers/net/smsc75xx.h +++ b/src/drivers/net/smsc75xx.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include "smscusb.h" diff --git a/src/drivers/net/smsc95xx.c b/src/drivers/net/smsc95xx.c index 0210e9240..16086b33e 100644 --- a/src/drivers/net/smsc95xx.c +++ b/src/drivers/net/smsc95xx.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/smsc95xx.h b/src/drivers/net/smsc95xx.h index 0cdf38248..0cb6ab4c7 100644 --- a/src/drivers/net/smsc95xx.h +++ b/src/drivers/net/smsc95xx.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include "smscusb.h" diff --git a/src/drivers/net/smscusb.c b/src/drivers/net/smscusb.c index 93007e386..486b5953b 100644 --- a/src/drivers/net/smscusb.c +++ b/src/drivers/net/smscusb.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/smscusb.h b/src/drivers/net/smscusb.h index e866bb747..e4ad61915 100644 --- a/src/drivers/net/smscusb.h +++ b/src/drivers/net/smscusb.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/vmxnet3.c b/src/drivers/net/vmxnet3.c index 2cc6738f2..95e4f79c2 100644 --- a/src/drivers/net/vmxnet3.c +++ b/src/drivers/net/vmxnet3.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/net/vmxnet3.h b/src/drivers/net/vmxnet3.h index 5e1e0cb6e..b6c3bc50d 100644 --- a/src/drivers/net/vmxnet3.h +++ b/src/drivers/net/vmxnet3.h @@ -25,6 +25,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** * @file diff --git a/src/drivers/usb/ehci.c b/src/drivers/usb/ehci.c index 77022a47d..9f9d94175 100644 --- a/src/drivers/usb/ehci.c +++ b/src/drivers/usb/ehci.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/ehci.h b/src/drivers/usb/ehci.h index 42e282e92..a0166bc63 100644 --- a/src/drivers/usb/ehci.h +++ b/src/drivers/usb/ehci.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/uhci.c b/src/drivers/usb/uhci.c index 47474bdc7..2c70a11bd 100644 --- a/src/drivers/usb/uhci.c +++ b/src/drivers/usb/uhci.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/uhci.h b/src/drivers/usb/uhci.h index ba4c28f7e..629f6ae3b 100644 --- a/src/drivers/usb/uhci.h +++ b/src/drivers/usb/uhci.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/usbblk.c b/src/drivers/usb/usbblk.c index cb377efb0..b42c70645 100644 --- a/src/drivers/usb/usbblk.c +++ b/src/drivers/usb/usbblk.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/usbblk.h b/src/drivers/usb/usbblk.h index 65d0705e3..1fa0ebad8 100644 --- a/src/drivers/usb/usbblk.h +++ b/src/drivers/usb/usbblk.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/usbhub.c b/src/drivers/usb/usbhub.c index 28d6cb33d..1d7b03e77 100644 --- a/src/drivers/usb/usbhub.c +++ b/src/drivers/usb/usbhub.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/usbhub.h b/src/drivers/usb/usbhub.h index a5f123acc..9768b81a9 100644 --- a/src/drivers/usb/usbhub.h +++ b/src/drivers/usb/usbhub.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/usbnet.c b/src/drivers/usb/usbnet.c index 0fac00b56..e773ab882 100644 --- a/src/drivers/usb/usbnet.c +++ b/src/drivers/usb/usbnet.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/drivers/usb/xhci.c b/src/drivers/usb/xhci.c index 440c347c8..f812ed338 100644 --- a/src/drivers/usb/xhci.c +++ b/src/drivers/usb/xhci.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/cert_cmd.c b/src/hci/commands/cert_cmd.c index efa4c3c12..ebd9a25cd 100644 --- a/src/hci/commands/cert_cmd.c +++ b/src/hci/commands/cert_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/console_cmd.c b/src/hci/commands/console_cmd.c index 19d19ef1b..29347bbba 100644 --- a/src/hci/commands/console_cmd.c +++ b/src/hci/commands/console_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/hci/commands/digest_cmd.c b/src/hci/commands/digest_cmd.c index a7f43f69e..4d7da0385 100644 --- a/src/hci/commands/digest_cmd.c +++ b/src/hci/commands/digest_cmd.c @@ -18,6 +18,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/image_trust_cmd.c b/src/hci/commands/image_trust_cmd.c index 314aa0998..a8ec5784e 100644 --- a/src/hci/commands/image_trust_cmd.c +++ b/src/hci/commands/image_trust_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/ipstat_cmd.c b/src/hci/commands/ipstat_cmd.c index 488016e3a..fc454c57d 100644 --- a/src/hci/commands/ipstat_cmd.c +++ b/src/hci/commands/ipstat_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/neighbour_cmd.c b/src/hci/commands/neighbour_cmd.c index 520d5aa06..870024ee0 100644 --- a/src/hci/commands/neighbour_cmd.c +++ b/src/hci/commands/neighbour_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/hci/commands/nslookup_cmd.c b/src/hci/commands/nslookup_cmd.c index dc9d61704..b13127dd4 100644 --- a/src/hci/commands/nslookup_cmd.c +++ b/src/hci/commands/nslookup_cmd.c @@ -18,6 +18,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/ntp_cmd.c b/src/hci/commands/ntp_cmd.c index fed126f4c..d7604227a 100644 --- a/src/hci/commands/ntp_cmd.c +++ b/src/hci/commands/ntp_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/param_cmd.c b/src/hci/commands/param_cmd.c index 0924df597..ed57c5eaa 100644 --- a/src/hci/commands/param_cmd.c +++ b/src/hci/commands/param_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/hci/commands/ping_cmd.c b/src/hci/commands/ping_cmd.c index 4e86ae1c0..e132fb457 100644 --- a/src/hci/commands/ping_cmd.c +++ b/src/hci/commands/ping_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/poweroff_cmd.c b/src/hci/commands/poweroff_cmd.c index 2c6f1369a..63aeb3d5b 100644 --- a/src/hci/commands/poweroff_cmd.c +++ b/src/hci/commands/poweroff_cmd.c @@ -29,6 +29,7 @@ #include FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/hci/commands/profstat_cmd.c b/src/hci/commands/profstat_cmd.c index da01068b2..3303ebcf3 100644 --- a/src/hci/commands/profstat_cmd.c +++ b/src/hci/commands/profstat_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/hci/commands/vlan_cmd.c b/src/hci/commands/vlan_cmd.c index 636e5927f..69aef9f3c 100644 --- a/src/hci/commands/vlan_cmd.c +++ b/src/hci/commands/vlan_cmd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/image/der.c b/src/image/der.c index 67117d43b..ace106b84 100644 --- a/src/image/der.c +++ b/src/image/der.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/image/efi_siglist.c b/src/image/efi_siglist.c index b264ac558..71d597006 100644 --- a/src/image/efi_siglist.c +++ b/src/image/efi_siglist.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/image/pem.c b/src/image/pem.c index caff822ad..0fea5fbea 100644 --- a/src/image/pem.c +++ b/src/image/pem.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/image/png.c b/src/image/png.c index b7864f770..ab279eae5 100644 --- a/src/image/png.c +++ b/src/image/png.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/hci/digest_cmd.h b/src/include/hci/digest_cmd.h index 0986f775e..9cb4fde1a 100644 --- a/src/include/hci/digest_cmd.h +++ b/src/include/hci/digest_cmd.h @@ -25,6 +25,7 @@ #define _DIGEST_CMD_H FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/acpimac.h b/src/include/ipxe/acpimac.h index de673eb28..074165a92 100644 --- a/src/include/ipxe/acpimac.h +++ b/src/include/ipxe/acpimac.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); extern int acpi_mac ( uint8_t *hw_addr ); diff --git a/src/include/ipxe/aes.h b/src/include/ipxe/aes.h index 8731de6ba..1c0024ccb 100644 --- a/src/include/ipxe/aes.h +++ b/src/include/ipxe/aes.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/bigint.h b/src/include/ipxe/bigint.h index 9eab89d25..9c31f4540 100644 --- a/src/include/ipxe/bigint.h +++ b/src/include/ipxe/bigint.h @@ -7,6 +7,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/bitops.h b/src/include/ipxe/bitops.h index 7366cd9f1..59a4fb442 100644 --- a/src/include/ipxe/bitops.h +++ b/src/include/ipxe/bitops.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/cbc.h b/src/include/ipxe/cbc.h index f02e51937..154fc5666 100644 --- a/src/include/ipxe/cbc.h +++ b/src/include/ipxe/cbc.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/cdc.h b/src/include/ipxe/cdc.h index b8b4a59d9..a61fe61ea 100644 --- a/src/include/ipxe/cdc.h +++ b/src/include/ipxe/cdc.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/certstore.h b/src/include/ipxe/certstore.h index e276d6792..293f6dec7 100644 --- a/src/include/ipxe/certstore.h +++ b/src/include/ipxe/certstore.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/cms.h b/src/include/ipxe/cms.h index 084cd81f8..d2e426c5c 100644 --- a/src/include/ipxe/cms.h +++ b/src/include/ipxe/cms.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/deflate.h b/src/include/ipxe/deflate.h index 67292d77e..7e5ae01b9 100644 --- a/src/include/ipxe/deflate.h +++ b/src/include/ipxe/deflate.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/der.h b/src/include/ipxe/der.h index 512bc0853..17e96405e 100644 --- a/src/include/ipxe/der.h +++ b/src/include/ipxe/der.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/dhe.h b/src/include/ipxe/dhe.h index 3cd24a880..f89e7bd02 100644 --- a/src/include/ipxe/dhe.h +++ b/src/include/ipxe/dhe.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/drbg.h b/src/include/ipxe/drbg.h index ed2b3757a..0512f0833 100644 --- a/src/include/ipxe/drbg.h +++ b/src/include/ipxe/drbg.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/ecb.h b/src/include/ipxe/ecb.h index db22d996d..c29602fca 100644 --- a/src/include/ipxe/ecb.h +++ b/src/include/ipxe/ecb.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/ecdhe.h b/src/include/ipxe/ecdhe.h index 36fc0a1ee..c6575678c 100644 --- a/src/include/ipxe/ecdhe.h +++ b/src/include/ipxe/ecdhe.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/ecdsa.h b/src/include/ipxe/ecdsa.h index f55af3973..fdf8c6159 100644 --- a/src/include/ipxe/ecdsa.h +++ b/src/include/ipxe/ecdsa.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/efi/efi_siglist.h b/src/include/ipxe/efi/efi_siglist.h index cbc835dc0..f2a2fcfd0 100644 --- a/src/include/ipxe/efi/efi_siglist.h +++ b/src/include/ipxe/efi/efi_siglist.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/efi/efi_usb.h b/src/include/ipxe/efi/efi_usb.h index 06baff529..cbcef0e52 100644 --- a/src/include/ipxe/efi/efi_usb.h +++ b/src/include/ipxe/efi/efi_usb.h @@ -7,6 +7,9 @@ * */ +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); + #include #include #include diff --git a/src/include/ipxe/entropy.h b/src/include/ipxe/entropy.h index 82bb11826..8ec8f1047 100644 --- a/src/include/ipxe/entropy.h +++ b/src/include/ipxe/entropy.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/fbcon.h b/src/include/ipxe/fbcon.h index 5233b4d0e..75cda3390 100644 --- a/src/include/ipxe/fbcon.h +++ b/src/include/ipxe/fbcon.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/fdt.h b/src/include/ipxe/fdt.h index e951aea59..6aa078ff6 100644 --- a/src/include/ipxe/fdt.h +++ b/src/include/ipxe/fdt.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/gcm.h b/src/include/ipxe/gcm.h index 2c785a977..5635a1031 100644 --- a/src/include/ipxe/gcm.h +++ b/src/include/ipxe/gcm.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/hash_df.h b/src/include/ipxe/hash_df.h index e57682446..61c3420ce 100644 --- a/src/include/ipxe/hash_df.h +++ b/src/include/ipxe/hash_df.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/hmac.h b/src/include/ipxe/hmac.h index cf9d08677..12312c540 100644 --- a/src/include/ipxe/hmac.h +++ b/src/include/ipxe/hmac.h @@ -7,6 +7,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/hmac_drbg.h b/src/include/ipxe/hmac_drbg.h index a0f22da75..e9113807c 100644 --- a/src/include/ipxe/hmac_drbg.h +++ b/src/include/ipxe/hmac_drbg.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/isqrt.h b/src/include/ipxe/isqrt.h index 68255d1bc..4308cebd2 100644 --- a/src/include/ipxe/isqrt.h +++ b/src/include/ipxe/isqrt.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); extern unsigned long isqrt ( unsigned long value ); diff --git a/src/include/ipxe/lineconsole.h b/src/include/ipxe/lineconsole.h index 31117e73c..b02822dcf 100644 --- a/src/include/ipxe/lineconsole.h +++ b/src/include/ipxe/lineconsole.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/md4.h b/src/include/ipxe/md4.h index 9f6cb8a5f..60512993b 100644 --- a/src/include/ipxe/md4.h +++ b/src/include/ipxe/md4.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/mii.h b/src/include/ipxe/mii.h index 89fc92a4a..061aeb24e 100644 --- a/src/include/ipxe/mii.h +++ b/src/include/ipxe/mii.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/netbios.h b/src/include/ipxe/netbios.h index c11552556..80f791738 100644 --- a/src/include/ipxe/netbios.h +++ b/src/include/ipxe/netbios.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); extern const char * netbios_domain ( char **username ); diff --git a/src/include/ipxe/ntp.h b/src/include/ipxe/ntp.h index f5b3d2326..7f83c6d4f 100644 --- a/src/include/ipxe/ntp.h +++ b/src/include/ipxe/ntp.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/ocsp.h b/src/include/ipxe/ocsp.h index a973f6f5e..9302506f8 100644 --- a/src/include/ipxe/ocsp.h +++ b/src/include/ipxe/ocsp.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/p256.h b/src/include/ipxe/p256.h index 0c4e81665..14d429cd9 100644 --- a/src/include/ipxe/p256.h +++ b/src/include/ipxe/p256.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/p384.h b/src/include/ipxe/p384.h index f4631b5f2..2fdd8d13c 100644 --- a/src/include/ipxe/p384.h +++ b/src/include/ipxe/p384.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/pccrc.h b/src/include/ipxe/pccrc.h index bec2b271a..6d0e3f194 100644 --- a/src/include/ipxe/pccrc.h +++ b/src/include/ipxe/pccrc.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/pccrd.h b/src/include/ipxe/pccrd.h index 3daa92f29..453ef666d 100644 --- a/src/include/ipxe/pccrd.h +++ b/src/include/ipxe/pccrd.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** PeerDist discovery port */ #define PEERDIST_DISCOVERY_PORT 3702 diff --git a/src/include/ipxe/pccrr.h b/src/include/ipxe/pccrr.h index 4de94fda3..92522d0b7 100644 --- a/src/include/ipxe/pccrr.h +++ b/src/include/ipxe/pccrr.h @@ -10,6 +10,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/pcibackup.h b/src/include/ipxe/pcibackup.h index e5249df99..a25421d7d 100644 --- a/src/include/ipxe/pcibackup.h +++ b/src/include/ipxe/pcibackup.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/pcimsix.h b/src/include/ipxe/pcimsix.h index b40c6c357..a7a6899a9 100644 --- a/src/include/ipxe/pcimsix.h +++ b/src/include/ipxe/pcimsix.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/peerblk.h b/src/include/ipxe/peerblk.h index f16f207b0..596c78b57 100644 --- a/src/include/ipxe/peerblk.h +++ b/src/include/ipxe/peerblk.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/peerdisc.h b/src/include/ipxe/peerdisc.h index 45d592e76..9a8f13ecf 100644 --- a/src/include/ipxe/peerdisc.h +++ b/src/include/ipxe/peerdisc.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/peermux.h b/src/include/ipxe/peermux.h index 54acbfec9..849488d0a 100644 --- a/src/include/ipxe/peermux.h +++ b/src/include/ipxe/peermux.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/pem.h b/src/include/ipxe/pem.h index d9ca017d5..95c55408b 100644 --- a/src/include/ipxe/pem.h +++ b/src/include/ipxe/pem.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/pinger.h b/src/include/ipxe/pinger.h index 227f002dc..ade12ec12 100644 --- a/src/include/ipxe/pinger.h +++ b/src/include/ipxe/pinger.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/pixbuf.h b/src/include/ipxe/pixbuf.h index 47ea0065e..e2cbcdca7 100644 --- a/src/include/ipxe/pixbuf.h +++ b/src/include/ipxe/pixbuf.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/png.h b/src/include/ipxe/png.h index 3505eefc8..31cac0534 100644 --- a/src/include/ipxe/png.h +++ b/src/include/ipxe/png.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/privkey.h b/src/include/ipxe/privkey.h index a65cf6106..56f23143e 100644 --- a/src/include/ipxe/privkey.h +++ b/src/include/ipxe/privkey.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/random_nz.h b/src/include/ipxe/random_nz.h index 4c433fa38..2de1a1a33 100644 --- a/src/include/ipxe/random_nz.h +++ b/src/include/ipxe/random_nz.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/rbg.h b/src/include/ipxe/rbg.h index 4bf3055d1..0b65a408c 100644 --- a/src/include/ipxe/rbg.h +++ b/src/include/ipxe/rbg.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/rndis.h b/src/include/ipxe/rndis.h index e8ece1e85..bd64eddfe 100644 --- a/src/include/ipxe/rndis.h +++ b/src/include/ipxe/rndis.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/rootcert.h b/src/include/ipxe/rootcert.h index d1a69723d..f07c612ff 100644 --- a/src/include/ipxe/rootcert.h +++ b/src/include/ipxe/rootcert.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/rsa.h b/src/include/ipxe/rsa.h index e36a75edf..c5ae919ae 100644 --- a/src/include/ipxe/rsa.h +++ b/src/include/ipxe/rsa.h @@ -7,6 +7,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/sha1.h b/src/include/ipxe/sha1.h index 9cbbebdee..33b07ecc3 100644 --- a/src/include/ipxe/sha1.h +++ b/src/include/ipxe/sha1.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/sha256.h b/src/include/ipxe/sha256.h index f226ad07b..e8a81b889 100644 --- a/src/include/ipxe/sha256.h +++ b/src/include/ipxe/sha256.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/sha512.h b/src/include/ipxe/sha512.h index 82a9e4e69..74cdb413c 100644 --- a/src/include/ipxe/sha512.h +++ b/src/include/ipxe/sha512.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/syslog.h b/src/include/ipxe/syslog.h index 138440d66..67f45fdb4 100644 --- a/src/include/ipxe/syslog.h +++ b/src/include/ipxe/syslog.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h index 1a1d9c982..b4a92a044 100644 --- a/src/include/ipxe/tls.h +++ b/src/include/ipxe/tls.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/usbnet.h b/src/include/ipxe/usbnet.h index a7276eba5..937a26d9a 100644 --- a/src/include/ipxe/usbnet.h +++ b/src/include/ipxe/usbnet.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/validator.h b/src/include/ipxe/validator.h index 367e4045d..4d95766fa 100644 --- a/src/include/ipxe/validator.h +++ b/src/include/ipxe/validator.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/weierstrass.h b/src/include/ipxe/weierstrass.h index 15dd9ce03..ced99b4fc 100644 --- a/src/include/ipxe/weierstrass.h +++ b/src/include/ipxe/weierstrass.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/x25519.h b/src/include/ipxe/x25519.h index d570282c5..ef294f7b2 100644 --- a/src/include/ipxe/x25519.h +++ b/src/include/ipxe/x25519.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/x509.h b/src/include/ipxe/x509.h index 4903eb656..360e2b19a 100644 --- a/src/include/ipxe/x509.h +++ b/src/include/ipxe/x509.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/xen.h b/src/include/ipxe/xen.h index 382901ff3..9ddfcdf81 100644 --- a/src/include/ipxe/xen.h +++ b/src/include/ipxe/xen.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /* Define Xen interface version before including any Xen header files */ #define __XEN_INTERFACE_VERSION__ 0x00040400 diff --git a/src/include/ipxe/xenbus.h b/src/include/ipxe/xenbus.h index ec5782eed..d73f29781 100644 --- a/src/include/ipxe/xenbus.h +++ b/src/include/ipxe/xenbus.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/xenevent.h b/src/include/ipxe/xenevent.h index f0bd3465e..8be9e2b2f 100644 --- a/src/include/ipxe/xenevent.h +++ b/src/include/ipxe/xenevent.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/xengrant.h b/src/include/ipxe/xengrant.h index fcb7a7157..8af27f3e3 100644 --- a/src/include/ipxe/xengrant.h +++ b/src/include/ipxe/xengrant.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/ipxe/xenstore.h b/src/include/ipxe/xenstore.h index 892640755..c2079cec5 100644 --- a/src/include/ipxe/xenstore.h +++ b/src/include/ipxe/xenstore.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/ipxe/xhci.h b/src/include/ipxe/xhci.h index 586d5d320..2f5c256a0 100644 --- a/src/include/ipxe/xhci.h +++ b/src/include/ipxe/xhci.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/include/mii.h b/src/include/mii.h index 515ba224d..9d6b2b3b7 100644 --- a/src/include/mii.h +++ b/src/include/mii.h @@ -12,6 +12,7 @@ */ FILE_LICENCE ( GPL2_ONLY ); +FILE_SECBOOT ( PERMITTED ); /* Generic MII registers. */ #define MII_BMCR 0x00 /* Basic mode control register */ diff --git a/src/include/usr/certmgmt.h b/src/include/usr/certmgmt.h index 4363b03e1..ff646236b 100644 --- a/src/include/usr/certmgmt.h +++ b/src/include/usr/certmgmt.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/usr/imgtrust.h b/src/include/usr/imgtrust.h index 414e07a80..1e43f5d3d 100644 --- a/src/include/usr/imgtrust.h +++ b/src/include/usr/imgtrust.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/usr/ipstat.h b/src/include/usr/ipstat.h index 803254bcb..2399446eb 100644 --- a/src/include/usr/ipstat.h +++ b/src/include/usr/ipstat.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); extern void ipstat ( void ); diff --git a/src/include/usr/neighmgmt.h b/src/include/usr/neighmgmt.h index 06f03716e..5ed5829c4 100644 --- a/src/include/usr/neighmgmt.h +++ b/src/include/usr/neighmgmt.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); extern void nstat ( void ); diff --git a/src/include/usr/nslookup.h b/src/include/usr/nslookup.h index d34649e9f..3b2bb504d 100644 --- a/src/include/usr/nslookup.h +++ b/src/include/usr/nslookup.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER ); +FILE_SECBOOT ( PERMITTED ); extern int nslookup ( const char *name, const char *setting_name ); diff --git a/src/include/usr/ntpmgmt.h b/src/include/usr/ntpmgmt.h index 284e668e6..6d90ec749 100644 --- a/src/include/usr/ntpmgmt.h +++ b/src/include/usr/ntpmgmt.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); extern int ntp ( const char *hostname ); diff --git a/src/include/usr/pingmgmt.h b/src/include/usr/pingmgmt.h index c7a8434be..d15a748d8 100644 --- a/src/include/usr/pingmgmt.h +++ b/src/include/usr/pingmgmt.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include diff --git a/src/include/usr/profstat.h b/src/include/usr/profstat.h index b7812ca7f..c5d545a86 100644 --- a/src/include/usr/profstat.h +++ b/src/include/usr/profstat.h @@ -8,6 +8,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); extern void profstat ( void ); diff --git a/src/include/xen/arch-x86/xen-x86_64.h b/src/include/xen/arch-x86/xen-x86_64.h index 8287fd20f..618bf07d7 100644 --- a/src/include/xen/arch-x86/xen-x86_64.h +++ b/src/include/xen/arch-x86/xen-x86_64.h @@ -11,6 +11,7 @@ #define __XEN_PUBLIC_ARCH_X86_XEN_X86_64_H__ FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); /* * Hypercall interface: diff --git a/src/include/xen/arch-x86/xen.h b/src/include/xen/arch-x86/xen.h index 2b7afb2f4..7df850650 100644 --- a/src/include/xen/arch-x86/xen.h +++ b/src/include/xen/arch-x86/xen.h @@ -13,6 +13,7 @@ #define __XEN_PUBLIC_ARCH_X86_XEN_H__ FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); /* Structural guest handles introduced in 0x00030201. */ #if __XEN_INTERFACE_VERSION__ >= 0x00030201 diff --git a/src/include/xen/event_channel.h b/src/include/xen/event_channel.h index 0c3752723..a3145d76f 100644 --- a/src/include/xen/event_channel.h +++ b/src/include/xen/event_channel.h @@ -11,6 +11,7 @@ #define __XEN_PUBLIC_EVENT_CHANNEL_H__ FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); #include "xen.h" diff --git a/src/include/xen/grant_table.h b/src/include/xen/grant_table.h index f0ae17c41..141a17f56 100644 --- a/src/include/xen/grant_table.h +++ b/src/include/xen/grant_table.h @@ -12,6 +12,7 @@ #define __XEN_PUBLIC_GRANT_TABLE_H__ FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); #include "xen.h" diff --git a/src/include/xen/io/netif.h b/src/include/xen/io/netif.h index bec61ab3e..59887a80f 100644 --- a/src/include/xen/io/netif.h +++ b/src/include/xen/io/netif.h @@ -11,6 +11,7 @@ #define __XEN_PUBLIC_IO_NETIF_H__ FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); #include "ring.h" #include "../grant_table.h" diff --git a/src/include/xen/io/ring.h b/src/include/xen/io/ring.h index 41b50e2cf..3451bbb52 100644 --- a/src/include/xen/io/ring.h +++ b/src/include/xen/io/ring.h @@ -11,6 +11,7 @@ #define __XEN_PUBLIC_IO_RING_H__ FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); /* * When #include'ing this header, you need to provide the following diff --git a/src/include/xen/io/xenbus.h b/src/include/xen/io/xenbus.h index 473f538b8..3bf417c3a 100644 --- a/src/include/xen/io/xenbus.h +++ b/src/include/xen/io/xenbus.h @@ -11,6 +11,7 @@ #define _XEN_PUBLIC_IO_XENBUS_H FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); /* * The state of either end of the Xenbus, i.e. the current communication diff --git a/src/include/xen/io/xs_wire.h b/src/include/xen/io/xs_wire.h index cffd75cde..99dc91781 100644 --- a/src/include/xen/io/xs_wire.h +++ b/src/include/xen/io/xs_wire.h @@ -10,6 +10,7 @@ #define _XS_WIRE_H FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); enum xsd_sockmsg_type { diff --git a/src/include/xen/xen-compat.h b/src/include/xen/xen-compat.h index 8b2361807..8e4ed2434 100644 --- a/src/include/xen/xen-compat.h +++ b/src/include/xen/xen-compat.h @@ -11,6 +11,7 @@ #define __XEN_PUBLIC_XEN_COMPAT_H__ FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); #define __XEN_LATEST_INTERFACE_VERSION__ 0x00040e00 diff --git a/src/include/xen/xen.h b/src/include/xen/xen.h index c35008aa0..6d8192f8d 100644 --- a/src/include/xen/xen.h +++ b/src/include/xen/xen.h @@ -11,6 +11,7 @@ #define __XEN_PUBLIC_XEN_H__ FILE_LICENCE ( MIT ); +FILE_SECBOOT ( PERMITTED ); #include "xen-compat.h" diff --git a/src/interface/efi/efi_cacert.c b/src/interface/efi/efi_cacert.c index 64bb0bae2..3e941ddc5 100644 --- a/src/interface/efi/efi_cacert.c +++ b/src/interface/efi/efi_cacert.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/interface/efi/efi_entropy.c b/src/interface/efi/efi_entropy.c index cda1c3640..b6bd12ccc 100644 --- a/src/interface/efi/efi_entropy.c +++ b/src/interface/efi/efi_entropy.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/interface/efi/efi_fbcon.c b/src/interface/efi/efi_fbcon.c index 9c5d7063d..3896fd4d1 100644 --- a/src/interface/efi/efi_fbcon.c +++ b/src/interface/efi/efi_fbcon.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** * @file diff --git a/src/interface/efi/efi_fdt.c b/src/interface/efi/efi_fdt.c index 3c249693e..cd8580fcb 100644 --- a/src/interface/efi/efi_fdt.c +++ b/src/interface/efi/efi_fdt.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/interface/efi/efi_rng.c b/src/interface/efi/efi_rng.c index 058f0ee7d..66b37fe89 100644 --- a/src/interface/efi/efi_rng.c +++ b/src/interface/efi/efi_rng.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/interface/efi/efi_usb.c b/src/interface/efi/efi_usb.c index b09272f58..a3b153c88 100644 --- a/src/interface/efi/efi_usb.c +++ b/src/interface/efi/efi_usb.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/interface/xen/xenbus.c b/src/interface/xen/xenbus.c index 8b5ee0a0d..95bfdf7da 100644 --- a/src/interface/xen/xenbus.c +++ b/src/interface/xen/xenbus.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/interface/xen/xengrant.c b/src/interface/xen/xengrant.c index 269cd5836..b0a15010b 100644 --- a/src/interface/xen/xengrant.c +++ b/src/interface/xen/xengrant.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/interface/xen/xenstore.c b/src/interface/xen/xenstore.c index caeb4e934..a076cd046 100644 --- a/src/interface/xen/xenstore.c +++ b/src/interface/xen/xenstore.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/pccrc.c b/src/net/pccrc.c index 0db6e3cb5..4bf2f441e 100644 --- a/src/net/pccrc.c +++ b/src/net/pccrc.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/pccrd.c b/src/net/pccrd.c index 04b5dd86c..a7182c8ee 100644 --- a/src/net/pccrd.c +++ b/src/net/pccrd.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/peerblk.c b/src/net/peerblk.c index 58b185102..6efd4ebf6 100644 --- a/src/net/peerblk.c +++ b/src/net/peerblk.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/peerdisc.c b/src/net/peerdisc.c index 86ff94a87..2ba733697 100644 --- a/src/net/peerdisc.c +++ b/src/net/peerdisc.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/peerdist.c b/src/net/peerdist.c index 3210ac0ec..8e0f5dc13 100644 --- a/src/net/peerdist.c +++ b/src/net/peerdist.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/peermux.c b/src/net/peermux.c index 5c814b03e..7160d1c43 100644 --- a/src/net/peermux.c +++ b/src/net/peermux.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/ping.c b/src/net/ping.c index f0729e159..5782813e1 100644 --- a/src/net/ping.c +++ b/src/net/ping.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/rndis.c b/src/net/rndis.c index a3b562bc2..f04bc775f 100644 --- a/src/net/rndis.c +++ b/src/net/rndis.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/net/tcp/httpntlm.c b/src/net/tcp/httpntlm.c index 25187bd19..a7e44d5f6 100644 --- a/src/net/tcp/httpntlm.c +++ b/src/net/tcp/httpntlm.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** * @file diff --git a/src/net/tcp/https.c b/src/net/tcp/https.c index 85f1f124f..bccfafe15 100644 --- a/src/net/tcp/https.c +++ b/src/net/tcp/https.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** * @file diff --git a/src/net/tcp/syslogs.c b/src/net/tcp/syslogs.c index 5676f3e3e..eff53ea94 100644 --- a/src/net/tcp/syslogs.c +++ b/src/net/tcp/syslogs.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/net/tls.c b/src/net/tls.c index 6140ca58a..4f8ea2692 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -18,6 +18,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER ); +FILE_SECBOOT ( PERMITTED ); /** * @file diff --git a/src/net/udp/ntp.c b/src/net/udp/ntp.c index 559233575..b3056184d 100644 --- a/src/net/udp/ntp.c +++ b/src/net/udp/ntp.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/net/udp/syslog.c b/src/net/udp/syslog.c index 198c86ef7..07ab3ed0c 100644 --- a/src/net/udp/syslog.c +++ b/src/net/udp/syslog.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); /** @file * diff --git a/src/net/validator.c b/src/net/validator.c index e1371d2e6..c1f353b2a 100644 --- a/src/net/validator.c +++ b/src/net/validator.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/usr/certmgmt.c b/src/usr/certmgmt.c index e6bf51fd8..9056a917c 100644 --- a/src/usr/certmgmt.c +++ b/src/usr/certmgmt.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/usr/imgtrust.c b/src/usr/imgtrust.c index e60854c9f..fa8282da0 100644 --- a/src/usr/imgtrust.c +++ b/src/usr/imgtrust.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/usr/ipstat.c b/src/usr/ipstat.c index b9c5e02a7..c0d9739fa 100644 --- a/src/usr/ipstat.c +++ b/src/usr/ipstat.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/usr/neighmgmt.c b/src/usr/neighmgmt.c index fcdcbbfbb..79f62e6d3 100644 --- a/src/usr/neighmgmt.c +++ b/src/usr/neighmgmt.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/usr/nslookup.c b/src/usr/nslookup.c index eb2b08b42..e4386e2c0 100644 --- a/src/usr/nslookup.c +++ b/src/usr/nslookup.c @@ -18,6 +18,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/usr/ntpmgmt.c b/src/usr/ntpmgmt.c index 765c6dc9e..8b61662a0 100644 --- a/src/usr/ntpmgmt.c +++ b/src/usr/ntpmgmt.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/usr/pingmgmt.c b/src/usr/pingmgmt.c index bb33c5d47..fee6b438b 100644 --- a/src/usr/pingmgmt.c +++ b/src/usr/pingmgmt.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include diff --git a/src/usr/profstat.c b/src/usr/profstat.c index d80fa26b2..7fafd7b5f 100644 --- a/src/usr/profstat.c +++ b/src/usr/profstat.c @@ -22,6 +22,7 @@ */ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); +FILE_SECBOOT ( PERMITTED ); #include #include -- cgit v1.2.3-55-g7522