From e80a975ff9637f19f82f558eb6d68491b983dc79 Mon Sep 17 00:00:00 2001
From: Ivan Hu <ivan.hu@canonical.com>
Date: Tue, 19 Jun 2012 17:07:15 +0800
Subject: [PATCH] sbattach: Check that attached signatures are valid PKCS7 data

Check detached signatures to ensure that we're attaching a valid PKCS7
object. If no, show a warning message and skip the attach action.

Signed-off-by: Ivan Hu <ivan.hu@canonical.com>
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
---
 sbattach.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/sbattach.c b/sbattach.c
index b2c217c..408a6b7 100644
--- a/sbattach.c
+++ b/sbattach.c
@@ -31,6 +31,9 @@
 
 #include <getopt.h>
 
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
 #include <ccan/talloc/talloc.h>
 #include <ccan/read_write_all/read_write_all.h>
 
@@ -83,6 +86,8 @@ static int attach_sig(struct image *image, const char *image_filename,
 	uint8_t *sigbuf;
 	size_t size;
 	int fd, rc;
+	PKCS7 *p7;
+	const uint8_t *tmp_buf;
 
 	sigbuf = NULL;
 
@@ -117,6 +122,23 @@ static int attach_sig(struct image *image, const char *image_filename,
 	image->sigbuf = sigbuf;
 	image->sigsize = size;
 
+	tmp_buf = sigbuf;
+	p7 = d2i_PKCS7(NULL, &tmp_buf, image->sigsize);
+	if (!p7) {
+		fprintf(stderr, "Unable to parse signature data in file: %s\n",
+				sig_filename);
+		ERR_print_errors_fp(stderr);
+		goto out;
+	}
+	rc = PKCS7_verify(p7, NULL, NULL, NULL, NULL,
+				PKCS7_BINARY | PKCS7_NOVERIFY | PKCS7_NOSIGS);
+	if (!rc) {
+		fprintf(stderr, "PKCS7 verification failed for file %s\n",
+				sig_filename);
+		ERR_print_errors_fp(stderr);
+		goto out;
+	}
+
 	rc = image_write(image, image_filename);
 	if (rc)
 		fprintf(stderr, "Error writing %s: %s\n", image_filename,
@@ -208,6 +230,9 @@ int main(int argc, char **argv)
 		return EXIT_FAILURE;
 	}
 
+	ERR_load_crypto_strings();
+	OpenSSL_add_all_digests();
+
 	image = image_load(image_filename);
 	if (!image) {
 		fprintf(stderr, "Can't load image file %s\n", image_filename);