From patchwork Wed Sep 20 18:22:51 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: amy.fong.3142@gmail.com
X-Patchwork-Id: 1837368
X-Patchwork-Delegate: sbabic@denx.de
Return-Path: <swupdate+bncBDU4FE6QRMGRBB7RVSUAMGQEAAV66JY@googlegroups.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=googlegroups.com header.i=@googlegroups.com
 header.a=rsa-sha256 header.s=20230601 header.b=cj0bICww;
	dkim=pass (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20230601 header.b=YQ3heTsF;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=googlegroups.com
 (client-ip=2607:f8b0:4864:20::440; helo=mail-pf1-x440.google.com;
 envelope-from=swupdate+bncbdu4fe6qrmgrbb7rvsuamgqeaav66jy@googlegroups.com;
 receiver=patchwork.ozlabs.org)
Received: from mail-pf1-x440.google.com (mail-pf1-x440.google.com
 [IPv6:2607:f8b0:4864:20::440])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4RrRjV502Nz1yhR
	for <incoming@patchwork.ozlabs.org>; Thu, 21 Sep 2023 04:23:09 +1000 (AEST)
Received: by mail-pf1-x440.google.com with SMTP id
 d2e1a72fcca58-690bcc80694sf89830b3a.3
        for <incoming@patchwork.ozlabs.org>;
 Wed, 20 Sep 2023 11:23:09 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1695234184; cv=pass;
        d=google.com; s=arc-20160816;
        b=Dqg/3mNKYDTEcYNGJvehaeUwgs/yPVktOPMMgfpTQEqTaTC67VV7z563xmkWwgSGCH
         yKLA3j/TOKn0nlA9FwQpKpQxOLWdpGogXgFpdWp4BmpVsKIXsQcDqWYIjl+1gT3ROazF
         bdBzeTXeQdXxePOsm5sLlILVb82z9n8622p+yCMiTPuG2N1iGPFDX2uTkDHOKa1Z4LvG
         w+qm5/bVm9REpT2xDLX3yDKGFyMQ1IFh3fQ4MYUF9SDRDfdNNHezK95WUdKdgXmOvdwY
         ZlujifGRuNjb9yGBiSMwASoRIGoKSX9wuc5llT4Vn0X4pYJ7m+mzeYpAc71Q0kducuWf
         xhUQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:mime-version:reply-to:message-id
         :date:subject:cc:to:from:sender:dkim-signature:dkim-signature;
        bh=qeUSN/Uh4bGuJCQl+/QZgS79Ydg2VxnAqU/t7fB2nOc=;
        fh=tUC4qYxnJeA7+O+/WQCoFUmd+pUfHX4EpA/OX8BQcSU=;
        b=Ly2TUobzyg0Fi/xhwVXSN5mkYkjOfnyMtJF1fs6UFp2gvMgPyOoB7LEpOhudw4BfNX
         xmPG6Pt6A1prhqPzBdwRVF34+EOzhKo/0fWjVFkndqDNW7to9U5+Y1ILRIQk8TVVxmQF
         v8d9p/KOXxmbZXyMcjtcd7UOPF3SM2a9lUwsfkhYgbrCJ6QEA71q9djwae/fBieGr73/
         Hu05azsbKeE6FtA81HUn4c2q4pPC5y5tYMf+nFop5mDYEo1RAbZMPtJtutIAtFI7UPXX
         nVwlTxCoovCU1pzDcLEgW3PT2l/zuDCrqI3kVLWg2Lh7tdHEPX52G4uF2LeUMU02uFrw
         jb7g==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=XYNctDcE;
       spf=pass (google.com: domain of amy.fong.3142@gmail.com designates
 2607:f8b0:4864:20::434 as permitted sender)
 smtp.mailfrom=amy.fong.3142@gmail.com;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1695234184; x=1695838984;
 darn=patchwork.ozlabs.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:reply-to:message-id:date:subject:cc
         :to:from:sender:from:to:cc:subject:date:message-id:reply-to;
        bh=qeUSN/Uh4bGuJCQl+/QZgS79Ydg2VxnAqU/t7fB2nOc=;
        b=cj0bICwwaOUw9Ld6NA5ihYIqES1iclX7fTVAGBiSOnhBQWQUQeCCzaEKmznzrUGSTV
         tDWZNJIyE8Rb5rrK/BXyW66ck4STvV4HZABm3+OOFzD+NVOLY/IrnDIbZuT6BCNOBVLt
         dh+a4dUPR+9gG2kVWhe3JpwvlR9ufZYOPjzB/lv8+nb2npNI9yECFQQM7N+QiZGe1RMz
         02+D29dhMq/j5ACIrYJXo2wmDtDiWjVZr4wWKagcZsAUwE1IrF7binJbW0eqvuS5v2Wr
         3ULqHp8dY6LhU4bYRpBw7b78lEyB5VF3NAQrvJlbnHGWV9ghKWgsOsc9B8EPoHuyrvTi
         ucoA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1695234184; x=1695838984;
 darn=patchwork.ozlabs.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:reply-to:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=qeUSN/Uh4bGuJCQl+/QZgS79Ydg2VxnAqU/t7fB2nOc=;
        b=YQ3heTsF8ZakqGv9NdhRH0VkzztNSg9eq6sfWwLZZXT8Q0ZGIvLdFHhia7+h4O9xGi
         FcQmZV7WXf5v1GMCV93HYk5Tw5u4gwSds5MIoFLZ9Bv9W/XdLIpbyUNjLOkADHUmhMdW
         iKMqDXFeBqBK/Bfd01hcZjBRG797hwfA6C6CQJw2gsMqu8topc5mrXzW8UP578UEBJCt
         vrFD4pMyKszrKVIP5/auw26o29DQnRjkKh6In0+6dY1wPROny0InuM4tZxGdGCnbIdWb
         ZYvvTC5cC3g9RM+U+8qD3CegzXJmrFGy0vlTkALx3BJImy72QCvQkv9+4K0vjjHHiUJj
         Szig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1695234184; x=1695838984;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :x-spam-checked-in-group:list-id:mailing-list:precedence
         :x-original-authentication-results:x-original-sender:mime-version
         :reply-to:message-id:date:subject:cc:to:from:x-beenthere
         :x-gm-message-state:sender:from:to:cc:subject:date:message-id
         :reply-to;
        bh=qeUSN/Uh4bGuJCQl+/QZgS79Ydg2VxnAqU/t7fB2nOc=;
        b=RCam8DUlcEZ4z/TnmpTh0opJwT9MwvoMExSzhxf4hI/rfFoCdwRDUfkDs1OJBuMfGA
         R7eqP++vUc3p//Nb+nJd9yvoyUn3XAJUVnVfam3GKqQlevBTmd7sffFuOFN1DpN80K4j
         OPU1tvN19QsXRgBdkQiwF2LQm/+DL9rV8MoNANYCx3DZJ8SZnA9gAja5M3qeIZA1hyM/
         p+yQtQojWEafQfRdIR7+3g+xREkt8e3dWsyy7U+2q85w3M/8Ay4cYMiuu4+PfCI/Ckbu
         6/avNS1C05heNr3qltqMqwRBkUzj69nHAr5qeeg1oKTHqNlXbQxZjM+qSvR6mMJ+TiVO
         x5fw==
Sender: swupdate@googlegroups.com
X-Gm-Message-State: AOJu0YxGZCXOanPK6OMVi9ZJmhba3OPyPfuNeq4cYhn7uAQfUiZGeFY9
	matFZeZupwgoAjKDg6kJoag=
X-Google-Smtp-Source: 
 AGHT+IG2oNKyucmvW02jgear4XWq/xioqCILH52b16CV6fDuZohliXzktpcq7DFKq3DBk4C0ZIsneQ==
X-Received: by 2002:a05:6a00:1823:b0:68e:351b:15b8 with SMTP id
 y35-20020a056a00182300b0068e351b15b8mr3387606pfa.12.1695234184406;
        Wed, 20 Sep 2023 11:23:04 -0700 (PDT)
X-BeenThere: swupdate@googlegroups.com
Received: by 2002:aa7:942f:0:b0:690:73f5:94d with SMTP id
 y15-20020aa7942f000000b0069073f5094dls107879pfo.0.-pod-prod-04-us;
 Wed, 20 Sep 2023 11:23:03 -0700 (PDT)
X-Received: by 2002:a05:6a00:1ac7:b0:68c:b30:8fcc with SMTP id
 f7-20020a056a001ac700b0068c0b308fccmr3465681pfv.20.1695234183095;
        Wed, 20 Sep 2023 11:23:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695234183; cv=none;
        d=google.com; s=arc-20160816;
        b=m66GiRi99E3o0GfqDCFvaRfX5pG+jF4KKtMtzRH28AiOELIigglH9x9wKIFi1XFaq1
         Yszc4VL60u/7d3oQgsvp1JWpjwSmh2A1xDFm9dT/Vwp8V64JuqLGfbTHSKXYYW9fW2ST
         LhIyGkFs+u2UUCl3a3WbSaiPbEGdfcCfuMxcyL6bEADhQqYpMM5j663Hsb1CsqpOkBIw
         KAeFfodhmE7TscA5LuIUJ6BQK3CoUqhfDJEfKwp9Mkh2ypstT7ctR83AvFDfCbod6M8d
         ibC8qpy/c6pBxd+hzlW81YP0e3kTzcudEUPEW0l7XtYptjcf2Z9g/qeksqVl57peyn43
         teSQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:reply-to:message-id:date
         :subject:cc:to:from:dkim-signature;
        bh=LZgtIZou/Qkx8Xg6x4Cm3nwrXwfAwG9RuUj+zwkcTfo=;
        fh=tUC4qYxnJeA7+O+/WQCoFUmd+pUfHX4EpA/OX8BQcSU=;
        b=IpzUJP16bbOyLawfZ7GyI0zOVUo3CBWbZv+9x+Fty0u+fmFoIGhmJO7UkjcKqRKtYd
         vO/3UOb328Yse8Or+SMYSI5gI9DcNUk6UOLhZ7PvbBlgzL99eVECefCiyQJzdruvZRKx
         BXVBqajO89ZzoqQPgsQoPfBhZXxfQGXARnRA/owUP2nmcOmv7AdEmqvS1TfvVcBY/v3T
         GfBY+uZhOJIFj1bWNLgjo/K44r0KitEo8rPWKlw08e9Lc+8qUsx5IgW8JDy84TGV9P0o
         n3wzxY/0aP3jH+kHrmI67mjhzlrd64YOPxAepkToBsdvdQc6Fhy98zpUG5a8zpNCVA7a
         ECwA==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=XYNctDcE;
       spf=pass (google.com: domain of amy.fong.3142@gmail.com designates
 2607:f8b0:4864:20::434 as permitted sender)
 smtp.mailfrom=amy.fong.3142@gmail.com;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com.
 [2607:f8b0:4864:20::434])
        by gmr-mx.google.com with ESMTPS id
 n127-20020a632785000000b00578e032733fsi275483pgn.5.2023.09.20.11.23.03
        for <swupdate@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Wed, 20 Sep 2023 11:23:03 -0700 (PDT)
Received-SPF: pass (google.com: domain of amy.fong.3142@gmail.com designates
 2607:f8b0:4864:20::434 as permitted sender) client-ip=2607:f8b0:4864:20::434;
Received: by mail-pf1-x434.google.com with SMTP id
 d2e1a72fcca58-690f9c787baso75127b3a.1
        for <swupdate@googlegroups.com>; Wed, 20 Sep 2023 11:23:03 -0700 (PDT)
X-Received: by 2002:a05:6a20:9381:b0:14c:de3:95d6 with SMTP id
 x1-20020a056a20938100b0014c0de395d6mr3743963pzh.45.1695234182451;
        Wed, 20 Sep 2023 11:23:02 -0700 (PDT)
Received: from cat.world.mentorg.com (nat-wv.mentorg.com. [192.94.38.34])
        by smtp.gmail.com with ESMTPSA id
 l12-20020a63be0c000000b00565d93a1225sm8754889pgf.23.2023.09.20.11.23.01
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 20 Sep 2023 11:23:02 -0700 (PDT)
From: amy.fong.3142@gmail.com
To: swupdate@googlegroups.com
Cc: Amy Fong <amy.fong@siemens.com>
Subject: [swupdate] [PATCH] gpg: add optional gpg signing verification
Date: Wed, 20 Sep 2023 14:22:51 -0400
Message-Id: <20230920182251.1156432-1-amy.fong@siemens.com>
X-Mailer: git-send-email 2.39.2
Reply-To: amy.fong@siemens.com
MIME-Version: 1.0
X-Original-Sender: amy.fong.3142@gmail.com
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@gmail.com header.s=20230601 header.b=XYNctDcE;       spf=pass
 (google.com: domain of amy.fong.3142@gmail.com designates
 2607:f8b0:4864:20::434
 as permitted sender) smtp.mailfrom=amy.fong.3142@gmail.com;       dmarc=pass
 (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
 contact swupdate+owners@googlegroups.com
List-ID: <swupdate.googlegroups.com>
X-Spam-Checked-In-Group: swupdate@googlegroups.com
X-Google-Group-Id: 605343134186
List-Post: <https://groups.google.com/group/swupdate/post>,
 <mailto:swupdate@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
 <mailto:swupdate+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/swupdate
List-Subscribe: <https://groups.google.com/group/swupdate/subscribe>,
 <mailto:swupdate+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+605343134186+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/swupdate/subscribe>

From: Amy Fong <amy.fong@siemens.com>

This change introduces a Kconfig parameter allowing gpg verification.
The environment variable GPG_HOMEDIR, if set, is used to specify the
home directory.

Signed-off-by: Amy Fong <amy.fong@siemens.com>
---
 Kconfig                       |   2 +
 Makefile.flags                |   5 ++
 corelib/Makefile              |   1 +
 corelib/swupdate_gpg_verify.c | 126 ++++++++++++++++++++++++++++++++++
 4 files changed, 134 insertions(+)
 create mode 100644 corelib/swupdate_gpg_verify.c

diff --git a/Kconfig b/Kconfig
index 636c4ac..187a656 100644
--- a/Kconfig
+++ b/Kconfig
@@ -431,6 +431,8 @@ choice
 		bool "mbedTLS"
 		depends on HAVE_MBEDTLS
 
+	config SIGALG_GPG
+		bool "GPG signing"
 endchoice
 
 
diff --git a/Makefile.flags b/Makefile.flags
index 2d27a8f..5046a69 100644
--- a/Makefile.flags
+++ b/Makefile.flags
@@ -305,3 +305,8 @@ endif
 # (we stole scripts/checkstack.pl from the kernel... thanks guys!)
 # Reduced from 20k to 16k in 1.9.0.
 FLTFLAGS += -s 16000
+
+ifeq ($(CONFIG_SIGALG_GPG),y)
+LDLIBS += gpgme
+endif
+
diff --git a/corelib/Makefile b/corelib/Makefile
index 5f6f8e9..f5dda73 100644
--- a/corelib/Makefile
+++ b/corelib/Makefile
@@ -32,6 +32,7 @@ endif
 lib-$(CONFIG_SIGALG_RAWRSA)	+= swupdate_rsa_verify_mbedtls.o
 lib-$(CONFIG_SIGALG_RSAPSS)	+= swupdate_rsa_verify_mbedtls.o
 endif
+lib-$(CONFIG_SIGALG_GPG)	+= swupdate_gpg_verify.o
 lib-$(CONFIG_LIBCONFIG)		+= swupdate_settings.o \
 				   parsing_library_libconfig.o
 lib-$(CONFIG_JSON)		+= parsing_library_libjson.o server_utils.o
diff --git a/corelib/swupdate_gpg_verify.c b/corelib/swupdate_gpg_verify.c
new file mode 100644
index 0000000..781c3bc
--- /dev/null
+++ b/corelib/swupdate_gpg_verify.c
@@ -0,0 +1,126 @@
+/*
+ * Author: Amy Fong
+ * Copyright (C) 2023, Siemens AG
+ *
+ * SPDX-License-Identifier:     GPL-2.0-only
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdbool.h>
+#include "swupdate.h"
+#include "sslapi.h"
+#include "util.h"
+
+#include <errno.h>
+#include <locale.h>
+#include <gpgme.h>
+
+static gpg_error_t
+status_cb(void *opaque, const char *keyword, const char *value)
+{
+	(void)opaque;
+	TRACE("status_cb: %s %s\n", keyword, value);
+	return 0;
+}
+
+int swupdate_verify_file(struct swupdate_digest *dgst, const char *sigfile,
+			 const char *file, const char *signer_name)
+{
+	gpgme_ctx_t ctx;
+	gpgme_error_t err;
+	gpgme_data_t image_sig, image;
+	FILE *fp_sig = NULL;
+	FILE *fp = NULL;
+	gpgme_signature_t sig;
+	char *gpg_home_dir = NULL;
+	int status = 0;
+	gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP;
+	gpgme_verify_result_t result;
+
+	TRACE("Enter swupdate_verify_file: gpg verify");
+	/* Initialize the locale environment.  */
+	setlocale(LC_ALL, "");
+	(void)gpgme_check_version(NULL);
+
+	err = gpgme_new(&ctx);
+	if (err) {
+		ERROR("Failed to create new gpg context: %s",
+		      gpgme_strerror(err));
+		status = -EFAULT;
+		goto out;
+	}
+
+	gpgme_set_protocol(ctx, protocol);
+	gpgme_set_status_cb(ctx, status_cb, NULL);
+	gpgme_set_ctx_flag(ctx, "full-status", "1");
+
+	fp_sig = fopen(sigfile, "rb");
+	if (!fp_sig) {
+		ERROR("Failed to open %s", sigfile);
+		status = -EBADF;
+		goto out;
+	}
+	err = gpgme_data_new_from_stream(&image_sig, fp_sig);
+	if (err) {
+		ERROR("error allocating data object: %s", gpgme_strerror(err));
+		status = -ENOMEM;
+		goto out;
+	}
+
+	fp = fopen(file, "rb");
+	if (!fp) {
+		ERROR("Failed to open %s", file);
+		status = -EBADF;
+		goto out;
+	}
+	err = gpgme_data_new_from_stream(&image, fp);
+	if (err) {
+		ERROR("error allocating data object: %s", gpgme_strerror(err));
+		status = -ENOMEM;
+		goto out;
+	}
+
+	gpg_home_dir = getenv("GPG_HOMEDIR");
+	if (gpg_home_dir != NULL) {
+		err = gpgme_ctx_set_engine_info(ctx, protocol, NULL, gpg_home_dir);
+		if (err) {
+			ERROR("Something went wrong while setting the engine info: %s",
+			      gpgme_strerror(err));
+			status = -EFAULT;
+			goto out;
+		}
+	}
+
+	err = gpgme_op_verify(ctx, image_sig, image, NULL);
+	result = gpgme_op_verify_result(ctx);
+	if (err) {
+		ERROR("verify failed: %s\n", gpgme_strerror(err));
+		status = -EBADMSG;
+		goto out;
+	}
+
+	if (result) {
+		for (sig = result->signatures; sig; sig = sig->next) {
+			if (sig->status == GPG_ERR_NO_ERROR) {
+				TRACE("Verified OK\n");
+				status = 0;
+				goto out;
+			}
+		}
+	}
+	TRACE(" Verification failed\n");
+	status = -EBADMSG;
+
+ out:
+	gpgme_data_release(image);
+	gpgme_data_release(image_sig);
+	gpgme_release(ctx);
+
+	if (fp)
+		fclose(fp);
+	if (fp_sig)
+		fclose(fp_sig);
+
+	return status;
+}