|
 |
1be8c9 |
From acf8c4a91a76bf8049f6bfbd95b04e2e36bae4ea Mon Sep 17 00:00:00 2001
|
|
|
1be8c9 |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
1be8c9 |
Date: Thu, 18 May 2017 10:45:26 +0200
|
|
|
1be8c9 |
Subject: [PATCH 1/2] Revert "trust: Honor "modifiable" setting in persist
|
|
|
1be8c9 |
file"
|
|
|
1be8c9 |
|
|
|
1be8c9 |
This reverts commit 8eed1e60b0921d05872e2f43eee9088cef038d7e, which
|
|
|
1be8c9 |
broke "trust anchor --remove".
|
|
|
1be8c9 |
---
|
|
|
1be8c9 |
trust/input/verisign-v1.p11-kit | 1 -
|
|
|
1be8c9 |
trust/parser.c | 10 +---------
|
|
|
1be8c9 |
trust/test-parser.c | 1 -
|
|
|
1be8c9 |
3 files changed, 1 insertion(+), 11 deletions(-)
|
|
|
1be8c9 |
|
|
|
1be8c9 |
diff --git a/trust/input/verisign-v1.p11-kit b/trust/input/verisign-v1.p11-kit
|
|
|
1be8c9 |
index aea49ea..eaa080d 100644
|
|
|
1be8c9 |
--- a/trust/input/verisign-v1.p11-kit
|
|
|
1be8c9 |
+++ b/trust/input/verisign-v1.p11-kit
|
|
|
1be8c9 |
@@ -1,6 +1,5 @@
|
|
|
1be8c9 |
[p11-kit-object-v1]
|
|
|
1be8c9 |
trusted: true
|
|
|
1be8c9 |
-modifiable: false
|
|
|
1be8c9 |
|
|
|
1be8c9 |
-----BEGIN CERTIFICATE-----
|
|
|
1be8c9 |
MIICPDCCAaUCED9pHoGc8JpK83P/uUii5N0wDQYJKoZIhvcNAQEFBQAwXzELMAkG
|
|
|
1be8c9 |
diff --git a/trust/parser.c b/trust/parser.c
|
|
|
1be8c9 |
index 52d1128..41513d4 100644
|
|
|
1be8c9 |
--- a/trust/parser.c
|
|
|
1be8c9 |
+++ b/trust/parser.c
|
|
|
1be8c9 |
@@ -610,7 +610,6 @@ p11_parser_format_persist (p11_parser *parser,
|
|
|
1be8c9 |
{
|
|
|
1be8c9 |
CK_BBOOL modifiablev = CK_TRUE;
|
|
|
1be8c9 |
CK_ATTRIBUTE *attrs;
|
|
|
1be8c9 |
- CK_ATTRIBUTE *attr;
|
|
|
1be8c9 |
p11_array *objects;
|
|
|
1be8c9 |
bool ret;
|
|
|
1be8c9 |
int i;
|
|
|
1be8c9 |
@@ -631,14 +630,7 @@ p11_parser_format_persist (p11_parser *parser,
|
|
|
1be8c9 |
ret = p11_persist_read (parser->persist, parser->basename, data, length, objects);
|
|
|
1be8c9 |
if (ret) {
|
|
|
1be8c9 |
for (i = 0; i < objects->num; i++) {
|
|
|
1be8c9 |
- /* By default, we mark objects read from a persist
|
|
|
1be8c9 |
- * file as modifiable, as the persist format is
|
|
|
1be8c9 |
- * writable. However, if CKA_MODIFIABLE is explictly
|
|
|
1be8c9 |
- * set in the file, respect the setting. */
|
|
|
1be8c9 |
- attrs = objects->elem[i];
|
|
|
1be8c9 |
- attr = p11_attrs_find_valid (objects->elem[i], CKA_MODIFIABLE);
|
|
|
1be8c9 |
- if (!attr)
|
|
|
1be8c9 |
- attrs = p11_attrs_build (attrs, &modifiable, NULL);
|
|
|
1be8c9 |
+ attrs = p11_attrs_build (objects->elem[i], &modifiable, NULL);
|
|
|
1be8c9 |
sink_object (parser, attrs);
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
diff --git a/trust/test-parser.c b/trust/test-parser.c
|
|
|
1be8c9 |
index 088cff9..b5c2525 100644
|
|
|
1be8c9 |
--- a/trust/test-parser.c
|
|
|
1be8c9 |
+++ b/trust/test-parser.c
|
|
|
1be8c9 |
@@ -168,7 +168,6 @@ test_parse_p11_kit_persist (void)
|
|
|
1be8c9 |
{ CKA_CLASS, &certificate, sizeof (certificate) },
|
|
|
1be8c9 |
{ CKA_VALUE, (void *)verisign_v1_ca, sizeof (verisign_v1_ca) },
|
|
|
1be8c9 |
{ CKA_TRUSTED, &truev, sizeof (truev) },
|
|
|
1be8c9 |
- { CKA_MODIFIABLE, &falsev, sizeof (falsev) },
|
|
|
1be8c9 |
{ CKA_X_DISTRUSTED, &falsev, sizeof (falsev) },
|
|
|
1be8c9 |
{ CKA_INVALID },
|
|
|
1be8c9 |
};
|
|
|
1be8c9 |
--
|
|
|
1be8c9 |
2.9.4
|
|
|
1be8c9 |
|
|
|
1be8c9 |
|
|
|
1be8c9 |
From 66c6a7e912d39d66cd4cc91375ac7be418bf7176 Mon Sep 17 00:00:00 2001
|
|
|
1be8c9 |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
1be8c9 |
Date: Thu, 18 May 2017 11:11:45 +0200
|
|
|
1be8c9 |
Subject: [PATCH 2/2] trust: Check magic comment in persist file for
|
|
|
1be8c9 |
modifiablity
|
|
|
1be8c9 |
|
|
|
1be8c9 |
A persistent file written by the trust module starts with the line "#
|
|
|
1be8c9 |
This file has been auto-generated and written by p11-kit". This can
|
|
|
1be8c9 |
be used as a magic word to determine whether the objects read from a
|
|
|
1be8c9 |
.p11-kit file are read-only.
|
|
|
1be8c9 |
---
|
|
|
1be8c9 |
trust/parser.c | 6 +++++-
|
|
|
1be8c9 |
trust/persist.c | 9 ++++++++-
|
|
|
1be8c9 |
trust/test-token.c | 1 +
|
|
|
1be8c9 |
3 files changed, 14 insertions(+), 2 deletions(-)
|
|
|
1be8c9 |
|
|
|
1be8c9 |
diff --git a/trust/parser.c b/trust/parser.c
|
|
|
1be8c9 |
index 41513d4..abe86fc 100644
|
|
|
1be8c9 |
--- a/trust/parser.c
|
|
|
1be8c9 |
+++ b/trust/parser.c
|
|
|
1be8c9 |
@@ -49,6 +49,7 @@
|
|
|
1be8c9 |
#include "pem.h"
|
|
|
1be8c9 |
#include "pkcs11x.h"
|
|
|
1be8c9 |
#include "persist.h"
|
|
|
1be8c9 |
+#include "types.h"
|
|
|
1be8c9 |
#include "x509.h"
|
|
|
1be8c9 |
|
|
|
1be8c9 |
#include <libtasn1.h>
|
|
|
1be8c9 |
@@ -630,7 +631,10 @@ p11_parser_format_persist (p11_parser *parser,
|
|
|
1be8c9 |
ret = p11_persist_read (parser->persist, parser->basename, data, length, objects);
|
|
|
1be8c9 |
if (ret) {
|
|
|
1be8c9 |
for (i = 0; i < objects->num; i++) {
|
|
|
1be8c9 |
- attrs = p11_attrs_build (objects->elem[i], &modifiable, NULL);
|
|
|
1be8c9 |
+ CK_BBOOL generatedv;
|
|
|
1be8c9 |
+ attrs = objects->elem[i];
|
|
|
1be8c9 |
+ if (p11_attrs_find_bool (attrs, CKA_X_GENERATED, &generatedv) && generatedv)
|
|
|
1be8c9 |
+ attrs = p11_attrs_build (attrs, &modifiable, NULL);
|
|
|
1be8c9 |
sink_object (parser, attrs);
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
diff --git a/trust/persist.c b/trust/persist.c
|
|
|
1be8c9 |
index 63a531e..928260e 100644
|
|
|
1be8c9 |
--- a/trust/persist.c
|
|
|
1be8c9 |
+++ b/trust/persist.c
|
|
|
1be8c9 |
@@ -631,6 +631,9 @@ p11_persist_read (p11_persist *persist,
|
|
|
1be8c9 |
CK_ATTRIBUTE *attrs;
|
|
|
1be8c9 |
bool failed;
|
|
|
1be8c9 |
bool skip;
|
|
|
1be8c9 |
+ CK_BBOOL generatedv = CK_FALSE;
|
|
|
1be8c9 |
+ CK_ATTRIBUTE generated = { CKA_X_GENERATED, &generatedv, sizeof (generatedv) };
|
|
|
1be8c9 |
+ static const char comment[] = "# This file has been auto-generated and written by p11-kit.";
|
|
|
1be8c9 |
|
|
|
1be8c9 |
return_val_if_fail (persist != NULL, false);
|
|
|
1be8c9 |
return_val_if_fail (objects != NULL, false);
|
|
|
1be8c9 |
@@ -639,6 +642,10 @@ p11_persist_read (p11_persist *persist,
|
|
|
1be8c9 |
attrs = NULL;
|
|
|
1be8c9 |
failed = false;
|
|
|
1be8c9 |
|
|
|
1be8c9 |
+ if (length >= sizeof (comment) - 1 &&
|
|
|
1be8c9 |
+ memcmp ((const char *)data, comment, sizeof (comment) - 1) == 0)
|
|
|
1be8c9 |
+ generatedv = CK_TRUE;
|
|
|
1be8c9 |
+
|
|
|
1be8c9 |
p11_lexer_init (&lexer, filename, (const char *)data, length);
|
|
|
1be8c9 |
while (p11_lexer_next (&lexer, &failed)) {
|
|
|
1be8c9 |
switch (lexer.tok_type) {
|
|
|
1be8c9 |
@@ -650,7 +657,7 @@ p11_persist_read (p11_persist *persist,
|
|
|
1be8c9 |
p11_lexer_msg (&lexer, "unrecognized or invalid section header");
|
|
|
1be8c9 |
skip = true;
|
|
|
1be8c9 |
} else {
|
|
|
1be8c9 |
- attrs = p11_attrs_build (NULL, NULL);
|
|
|
1be8c9 |
+ attrs = p11_attrs_build (NULL, &generated, NULL);
|
|
|
1be8c9 |
return_val_if_fail (attrs != NULL, false);
|
|
|
1be8c9 |
skip = false;
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
diff --git a/trust/test-token.c b/trust/test-token.c
|
|
|
1be8c9 |
index ad22fcb..3e7d735 100644
|
|
|
1be8c9 |
--- a/trust/test-token.c
|
|
|
1be8c9 |
+++ b/trust/test-token.c
|
|
|
1be8c9 |
@@ -610,6 +610,7 @@ static void
|
|
|
1be8c9 |
test_modify_multiple (void)
|
|
|
1be8c9 |
{
|
|
|
1be8c9 |
const char *test_data =
|
|
|
1be8c9 |
+ "# This file has been auto-generated and written by p11-kit.\n"
|
|
|
1be8c9 |
"[p11-kit-object-v1]\n"
|
|
|
1be8c9 |
"class: data\n"
|
|
|
1be8c9 |
"label: \"first\"\n"
|
|
|
1be8c9 |
--
|
|
|
1be8c9 |
2.9.4
|
|
|
1be8c9 |
|
|
|
1be8c9 |
From d661194319f2375c1764125b449bf924c0cbc8a1 Mon Sep 17 00:00:00 2001
|
|
|
1be8c9 |
From: Daiki Ueno <dueno@redhat.com>
|
|
|
1be8c9 |
Date: Thu, 18 May 2017 14:27:36 +0200
|
|
|
1be8c9 |
Subject: [PATCH] trust: Simplify the check for the magic
|
|
|
1be8c9 |
|
|
|
1be8c9 |
Instead of reusing the CKA_X_GENERATED attribute, check the file
|
|
|
1be8c9 |
contents directly in the caller side.
|
|
|
1be8c9 |
---
|
|
|
1be8c9 |
trust/parser.c | 7 +++----
|
|
|
1be8c9 |
trust/persist.c | 19 +++++++++++--------
|
|
|
1be8c9 |
trust/persist.h | 3 +++
|
|
|
1be8c9 |
3 files changed, 17 insertions(+), 12 deletions(-)
|
|
|
1be8c9 |
|
|
|
1be8c9 |
diff --git a/trust/parser.c b/trust/parser.c
|
|
|
1be8c9 |
index abe86fc..f92cdc9 100644
|
|
|
1be8c9 |
--- a/trust/parser.c
|
|
|
1be8c9 |
+++ b/trust/parser.c
|
|
|
1be8c9 |
@@ -630,11 +630,10 @@ p11_parser_format_persist (p11_parser *parser,
|
|
|
1be8c9 |
|
|
|
1be8c9 |
ret = p11_persist_read (parser->persist, parser->basename, data, length, objects);
|
|
|
1be8c9 |
if (ret) {
|
|
|
1be8c9 |
+ if (!p11_persist_is_generated (data, length))
|
|
|
1be8c9 |
+ modifiablev = CK_FALSE;
|
|
|
1be8c9 |
for (i = 0; i < objects->num; i++) {
|
|
|
1be8c9 |
- CK_BBOOL generatedv;
|
|
|
1be8c9 |
- attrs = objects->elem[i];
|
|
|
1be8c9 |
- if (p11_attrs_find_bool (attrs, CKA_X_GENERATED, &generatedv) && generatedv)
|
|
|
1be8c9 |
- attrs = p11_attrs_build (attrs, &modifiable, NULL);
|
|
|
1be8c9 |
+ attrs = p11_attrs_build (objects->elem[i], &modifiable, NULL);
|
|
|
1be8c9 |
sink_object (parser, attrs);
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
diff --git a/trust/persist.c b/trust/persist.c
|
|
|
1be8c9 |
index 928260e..887b316 100644
|
|
|
1be8c9 |
--- a/trust/persist.c
|
|
|
1be8c9 |
+++ b/trust/persist.c
|
|
|
1be8c9 |
@@ -70,6 +70,16 @@ p11_persist_magic (const unsigned char *data,
|
|
|
1be8c9 |
return (strnstr ((char *)data, "[" PERSIST_HEADER "]", length) != NULL);
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
|
|
|
1be8c9 |
+bool
|
|
|
1be8c9 |
+p11_persist_is_generated (const unsigned char *data,
|
|
|
1be8c9 |
+ size_t length)
|
|
|
1be8c9 |
+{
|
|
|
1be8c9 |
+ static const char comment[] =
|
|
|
1be8c9 |
+ "# This file has been auto-generated and written by p11-kit.";
|
|
|
1be8c9 |
+ return length >= sizeof (comment) - 1 &&
|
|
|
1be8c9 |
+ memcmp ((const char *)data, comment, sizeof (comment) - 1) == 0;
|
|
|
1be8c9 |
+}
|
|
|
1be8c9 |
+
|
|
|
1be8c9 |
p11_persist *
|
|
|
1be8c9 |
p11_persist_new (void)
|
|
|
1be8c9 |
{
|
|
|
1be8c9 |
@@ -631,9 +641,6 @@ p11_persist_read (p11_persist *persist,
|
|
|
1be8c9 |
CK_ATTRIBUTE *attrs;
|
|
|
1be8c9 |
bool failed;
|
|
|
1be8c9 |
bool skip;
|
|
|
1be8c9 |
- CK_BBOOL generatedv = CK_FALSE;
|
|
|
1be8c9 |
- CK_ATTRIBUTE generated = { CKA_X_GENERATED, &generatedv, sizeof (generatedv) };
|
|
|
1be8c9 |
- static const char comment[] = "# This file has been auto-generated and written by p11-kit.";
|
|
|
1be8c9 |
|
|
|
1be8c9 |
return_val_if_fail (persist != NULL, false);
|
|
|
1be8c9 |
return_val_if_fail (objects != NULL, false);
|
|
|
1be8c9 |
@@ -642,10 +649,6 @@ p11_persist_read (p11_persist *persist,
|
|
|
1be8c9 |
attrs = NULL;
|
|
|
1be8c9 |
failed = false;
|
|
|
1be8c9 |
|
|
|
1be8c9 |
- if (length >= sizeof (comment) - 1 &&
|
|
|
1be8c9 |
- memcmp ((const char *)data, comment, sizeof (comment) - 1) == 0)
|
|
|
1be8c9 |
- generatedv = CK_TRUE;
|
|
|
1be8c9 |
-
|
|
|
1be8c9 |
p11_lexer_init (&lexer, filename, (const char *)data, length);
|
|
|
1be8c9 |
while (p11_lexer_next (&lexer, &failed)) {
|
|
|
1be8c9 |
switch (lexer.tok_type) {
|
|
|
1be8c9 |
@@ -657,7 +660,7 @@ p11_persist_read (p11_persist *persist,
|
|
|
1be8c9 |
p11_lexer_msg (&lexer, "unrecognized or invalid section header");
|
|
|
1be8c9 |
skip = true;
|
|
|
1be8c9 |
} else {
|
|
|
1be8c9 |
- attrs = p11_attrs_build (NULL, &generated, NULL);
|
|
|
1be8c9 |
+ attrs = p11_attrs_build (NULL, NULL);
|
|
|
1be8c9 |
return_val_if_fail (attrs != NULL, false);
|
|
|
1be8c9 |
skip = false;
|
|
|
1be8c9 |
}
|
|
|
1be8c9 |
diff --git a/trust/persist.h b/trust/persist.h
|
|
|
1be8c9 |
index 0ef142c..6344e4e 100644
|
|
|
1be8c9 |
--- a/trust/persist.h
|
|
|
1be8c9 |
+++ b/trust/persist.h
|
|
|
1be8c9 |
@@ -60,4 +60,7 @@ bool p11_persist_write (p11_persist *persist,
|
|
|
1be8c9 |
|
|
|
1be8c9 |
void p11_persist_free (p11_persist *persist);
|
|
|
1be8c9 |
|
|
|
1be8c9 |
+bool p11_persist_is_generated (const unsigned char *data,
|
|
|
1be8c9 |
+ size_t length);
|
|
|
1be8c9 |
+
|
|
|
1be8c9 |
#endif /* P11_PERSIST_H_ */
|
|
|
1be8c9 |
--
|
|
|
1be8c9 |
2.9.4
|
|
|
1be8c9 |
|