Add Plugin Digital Signature Feature #6112
Conversation
…into plugin_sign_test
…into plugin_sign_test
glennsong09
requested review from
byrnHDF,
derobins,
fortnern,
jhendersonHDF and
lrknox
as code owners
glennsong09
requested review from
bmribler,
mattjala,
qkoziol and
vchoi-hdfgroup
as code owners
glennsong09
changed the title
![ellipsis-dev[bot]](https://avatars.githubusercontent.com/in/64358?s=60&v=4){kind=small}
| HGOTO_ERROR(H5E_PLUGIN, H5E_CANTGET, FAIL, "verification check failed"); | ||
| } | ||
| #ifdef H5_HAVE_PARALLEL | ||
| MPI_Finalize(); |
There was a problem hiding this comment.
Avoid calling MPI_Finalize() inside H5PL__open; MPI lifetime must be managed by the application.
| MPI_Finalize(); |
| *authentic = 0; | ||
|
|
||
| /* Create EVP_PKEY structure and assign RSA key to it */ | ||
| if (NULL == (pub_key = EVP_PKEY_new())) |
There was a problem hiding this comment.
Memory leak: The EVP_PKEY allocated in H5PL__RSA_verify_signature is never freed.
| snprintf(remove_sig, maxPathLen, "objcopy %s --remove-section=sig", copied_file_name); | ||
|
|
||
| /* Execute commands to extract signature from plugin binary */ | ||
| system(copy_elf_file); |
There was a problem hiding this comment.
Check and validate all system() call results in H5PL__openssl_verify_signature to mitigate potential command injection and ensure proper error handling.
| H5_DLL int H5PL__RSA_verify_signature(RSA *rsa, unsigned char *msg_hash, size_t msg_hash_len, const char *msg, | ||
| size_t msg_len, int *authentic); | ||
| H5_DLL RSA *H5PL__create_public_RSA(const char *key); | ||
| H5_DLL char *H5PL__openSSL_read_file(const char *file_path, int *file_length); |
There was a problem hiding this comment.
Typographical: The function name H5PL__openSSL_read_file uses an inconsistent case (openSSL) compared to H5PL__openssl_verify_signature in the following line. Consider renaming it to H5PL__openssl_read_file for consistency.
|
You will also want to add documentation about the feature to the user's guide. I added a task. |
…into glennsong09-plugin_sign_test
github-project-automation
bot
moved this from To be triaged
to In progress
in HDF5 - TRIAGE & TRACK
3 participants
Here are the current changes to the code, this does not include the tests I'm working on yet, and parallel might not be fully functional yet, but it is close.
Tasks:
Important
Add digital signature verification for plugins in HDF5, with build configuration and new functions for handling signatures using OpenSSL.
HDF5_REQUIRE_SIGNED_PLUGINSoption inCMakeLists.txtto require digitally signed plugins.sslandcryptolibraries whenHDF5_REQUIRE_SIGNED_PLUGINSis enabled.H5PLint.c, added digital signature verification inH5PL__open()usingH5PL__openssl_verify_signature().H5PL__get_sig_name_from_path(),H5PL__create_public_RSA(),H5PL__RSA_verify_signature(),H5PL__openSSL_read_file(),H5PL__check_filename(), andH5PL__openssl_verify_signature().H5PLprivate.hto declare new functions for digital signature verification.H5_REQUIRE_DIGITAL_SIGNATURE.This description was created by
for f2ae9ef. You can customize this summary. It will automatically update as commits are pushed.