Checker.php 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  6. * SPDX-License-Identifier: AGPL-3.0-only
  7. */
  8. namespace OC\IntegrityCheck;
  9. use OC\Core\Command\Maintenance\Mimetype\GenerateMimetypeFileBuilder;
  10. use OC\IntegrityCheck\Exceptions\InvalidSignatureException;
  11. use OC\IntegrityCheck\Helpers\AppLocator;
  12. use OC\IntegrityCheck\Helpers\EnvironmentHelper;
  13. use OC\IntegrityCheck\Helpers\FileAccessHelper;
  14. use OC\IntegrityCheck\Iterator\ExcludeFileByNameFilterIterator;
  15. use OC\IntegrityCheck\Iterator\ExcludeFoldersByPathFilterIterator;
  16. use OCP\App\IAppManager;
  17. use OCP\Files\IMimeTypeDetector;
  18. use OCP\IAppConfig;
  19. use OCP\ICache;
  20. use OCP\ICacheFactory;
  21. use OCP\IConfig;
  22. use phpseclib\Crypt\RSA;
  23. use phpseclib\File\X509;
  24. /**
  25. * Class Checker handles the code signing using X.509 and RSA. ownCloud ships with
  26. * a public root certificate certificate that allows to issue new certificates that
  27. * will be trusted for signing code. The CN will be used to verify that a certificate
  28. * given to a third-party developer may not be used for other applications. For
  29. * example the author of the application "calendar" would only receive a certificate
  30. * only valid for this application.
  31. *
  32. * @package OC\IntegrityCheck
  33. */
  34. class Checker {
  35. public const CACHE_KEY = 'oc.integritycheck.checker';
  36. private ICache $cache;
  37. public function __construct(
  38. private EnvironmentHelper $environmentHelper,
  39. private FileAccessHelper $fileAccessHelper,
  40. private AppLocator $appLocator,
  41. private ?IConfig $config,
  42. private ?IAppConfig $appConfig,
  43. ICacheFactory $cacheFactory,
  44. private ?IAppManager $appManager,
  45. private IMimeTypeDetector $mimeTypeDetector,
  46. ) {
  47. $this->cache = $cacheFactory->createDistributed(self::CACHE_KEY);
  48. }
  49. /**
  50. * Whether code signing is enforced or not.
  51. *
  52. * @return bool
  53. */
  54. public function isCodeCheckEnforced(): bool {
  55. $notSignedChannels = [ '', 'git'];
  56. if (\in_array($this->environmentHelper->getChannel(), $notSignedChannels, true)) {
  57. return false;
  58. }
  59. /**
  60. * This config option is undocumented and supposed to be so, it's only
  61. * applicable for very specific scenarios and we should not advertise it
  62. * too prominent. So please do not add it to config.sample.php.
  63. */
  64. return !($this->config?->getSystemValueBool('integrity.check.disabled', false) ?? false);
  65. }
  66. /**
  67. * Enumerates all files belonging to the folder. Sensible defaults are excluded.
  68. *
  69. * @param string $folderToIterate
  70. * @param string $root
  71. * @return \RecursiveIteratorIterator
  72. * @throws \Exception
  73. */
  74. private function getFolderIterator(string $folderToIterate, string $root = ''): \RecursiveIteratorIterator {
  75. $dirItr = new \RecursiveDirectoryIterator(
  76. $folderToIterate,
  77. \RecursiveDirectoryIterator::SKIP_DOTS
  78. );
  79. if ($root === '') {
  80. $root = \OC::$SERVERROOT;
  81. }
  82. $root = rtrim($root, '/');
  83. $excludeGenericFilesIterator = new ExcludeFileByNameFilterIterator($dirItr);
  84. $excludeFoldersIterator = new ExcludeFoldersByPathFilterIterator($excludeGenericFilesIterator, $root);
  85. return new \RecursiveIteratorIterator(
  86. $excludeFoldersIterator,
  87. \RecursiveIteratorIterator::SELF_FIRST
  88. );
  89. }
  90. /**
  91. * Returns an array of ['filename' => 'SHA512-hash-of-file'] for all files found
  92. * in the iterator.
  93. *
  94. * @param \RecursiveIteratorIterator $iterator
  95. * @param string $path
  96. * @return array Array of hashes.
  97. */
  98. private function generateHashes(\RecursiveIteratorIterator $iterator,
  99. string $path): array {
  100. $hashes = [];
  101. $baseDirectoryLength = \strlen($path);
  102. foreach ($iterator as $filename => $data) {
  103. /** @var \DirectoryIterator $data */
  104. if ($data->isDir()) {
  105. continue;
  106. }
  107. $relativeFileName = substr($filename, $baseDirectoryLength);
  108. $relativeFileName = ltrim($relativeFileName, '/');
  109. // Exclude signature.json files in the appinfo and root folder
  110. if ($relativeFileName === 'appinfo/signature.json') {
  111. continue;
  112. }
  113. // Exclude signature.json files in the appinfo and core folder
  114. if ($relativeFileName === 'core/signature.json') {
  115. continue;
  116. }
  117. // The .htaccess file in the root folder of ownCloud can contain
  118. // custom content after the installation due to the fact that dynamic
  119. // content is written into it at installation time as well. This
  120. // includes for example the 404 and 403 instructions.
  121. // Thus we ignore everything below the first occurrence of
  122. // "#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####" and have the
  123. // hash generated based on this.
  124. if ($filename === $this->environmentHelper->getServerRoot() . '/.htaccess') {
  125. $fileContent = file_get_contents($filename);
  126. $explodedArray = explode('#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####', $fileContent);
  127. if (\count($explodedArray) === 2) {
  128. $hashes[$relativeFileName] = hash('sha512', $explodedArray[0]);
  129. continue;
  130. }
  131. }
  132. if ($filename === $this->environmentHelper->getServerRoot() . '/core/js/mimetypelist.js') {
  133. $oldMimetypeList = new GenerateMimetypeFileBuilder();
  134. $newFile = $oldMimetypeList->generateFile($this->mimeTypeDetector->getAllAliases());
  135. $oldFile = $this->fileAccessHelper->file_get_contents($filename);
  136. if ($newFile === $oldFile) {
  137. $hashes[$relativeFileName] = hash('sha512', $oldMimetypeList->generateFile($this->mimeTypeDetector->getOnlyDefaultAliases()));
  138. continue;
  139. }
  140. }
  141. $hashes[$relativeFileName] = hash_file('sha512', $filename);
  142. }
  143. return $hashes;
  144. }
  145. /**
  146. * Creates the signature data
  147. *
  148. * @param array $hashes
  149. * @param X509 $certificate
  150. * @param RSA $privateKey
  151. * @return array
  152. */
  153. private function createSignatureData(array $hashes,
  154. X509 $certificate,
  155. RSA $privateKey): array {
  156. ksort($hashes);
  157. $privateKey->setSignatureMode(RSA::SIGNATURE_PSS);
  158. $privateKey->setMGFHash('sha512');
  159. // See https://tools.ietf.org/html/rfc3447#page-38
  160. $privateKey->setSaltLength(0);
  161. $signature = $privateKey->sign(json_encode($hashes));
  162. return [
  163. 'hashes' => $hashes,
  164. 'signature' => base64_encode($signature),
  165. 'certificate' => $certificate->saveX509($certificate->currentCert),
  166. ];
  167. }
  168. /**
  169. * Write the signature of the app in the specified folder
  170. *
  171. * @param string $path
  172. * @param X509 $certificate
  173. * @param RSA $privateKey
  174. * @throws \Exception
  175. */
  176. public function writeAppSignature($path,
  177. X509 $certificate,
  178. RSA $privateKey) {
  179. $appInfoDir = $path . '/appinfo';
  180. try {
  181. $this->fileAccessHelper->assertDirectoryExists($appInfoDir);
  182. $iterator = $this->getFolderIterator($path);
  183. $hashes = $this->generateHashes($iterator, $path);
  184. $signature = $this->createSignatureData($hashes, $certificate, $privateKey);
  185. $this->fileAccessHelper->file_put_contents(
  186. $appInfoDir . '/signature.json',
  187. json_encode($signature, JSON_PRETTY_PRINT)
  188. );
  189. } catch (\Exception $e) {
  190. if (!$this->fileAccessHelper->is_writable($appInfoDir)) {
  191. throw new \Exception($appInfoDir . ' is not writable');
  192. }
  193. throw $e;
  194. }
  195. }
  196. /**
  197. * Write the signature of core
  198. *
  199. * @param X509 $certificate
  200. * @param RSA $rsa
  201. * @param string $path
  202. * @throws \Exception
  203. */
  204. public function writeCoreSignature(X509 $certificate,
  205. RSA $rsa,
  206. $path) {
  207. $coreDir = $path . '/core';
  208. try {
  209. $this->fileAccessHelper->assertDirectoryExists($coreDir);
  210. $iterator = $this->getFolderIterator($path, $path);
  211. $hashes = $this->generateHashes($iterator, $path);
  212. $signatureData = $this->createSignatureData($hashes, $certificate, $rsa);
  213. $this->fileAccessHelper->file_put_contents(
  214. $coreDir . '/signature.json',
  215. json_encode($signatureData, JSON_PRETTY_PRINT)
  216. );
  217. } catch (\Exception $e) {
  218. if (!$this->fileAccessHelper->is_writable($coreDir)) {
  219. throw new \Exception($coreDir . ' is not writable');
  220. }
  221. throw $e;
  222. }
  223. }
  224. /**
  225. * Split the certificate file in individual certs
  226. *
  227. * @param string $cert
  228. * @return string[]
  229. */
  230. private function splitCerts(string $cert): array {
  231. preg_match_all('([\-]{3,}[\S\ ]+?[\-]{3,}[\S\s]+?[\-]{3,}[\S\ ]+?[\-]{3,})', $cert, $matches);
  232. return $matches[0];
  233. }
  234. /**
  235. * Verifies the signature for the specified path.
  236. *
  237. * @param string $signaturePath
  238. * @param string $basePath
  239. * @param string $certificateCN
  240. * @param bool $forceVerify
  241. * @return array
  242. * @throws InvalidSignatureException
  243. * @throws \Exception
  244. */
  245. private function verify(string $signaturePath, string $basePath, string $certificateCN, bool $forceVerify = false): array {
  246. if (!$forceVerify && !$this->isCodeCheckEnforced()) {
  247. return [];
  248. }
  249. $content = $this->fileAccessHelper->file_get_contents($signaturePath);
  250. $signatureData = null;
  251. if (\is_string($content)) {
  252. $signatureData = json_decode($content, true);
  253. }
  254. if (!\is_array($signatureData)) {
  255. throw new InvalidSignatureException('Signature data not found.');
  256. }
  257. $expectedHashes = $signatureData['hashes'];
  258. ksort($expectedHashes);
  259. $signature = base64_decode($signatureData['signature']);
  260. $certificate = $signatureData['certificate'];
  261. // Check if certificate is signed by Nextcloud Root Authority
  262. $x509 = new \phpseclib\File\X509();
  263. $rootCertificatePublicKey = $this->fileAccessHelper->file_get_contents($this->environmentHelper->getServerRoot().'/resources/codesigning/root.crt');
  264. $rootCerts = $this->splitCerts($rootCertificatePublicKey);
  265. foreach ($rootCerts as $rootCert) {
  266. $x509->loadCA($rootCert);
  267. }
  268. $x509->loadX509($certificate);
  269. if (!$x509->validateSignature()) {
  270. throw new InvalidSignatureException('Certificate is not valid.');
  271. }
  272. // Verify if certificate has proper CN. "core" CN is always trusted.
  273. if ($x509->getDN(X509::DN_OPENSSL)['CN'] !== $certificateCN && $x509->getDN(X509::DN_OPENSSL)['CN'] !== 'core') {
  274. throw new InvalidSignatureException(
  275. sprintf('Certificate is not valid for required scope. (Requested: %s, current: CN=%s)', $certificateCN, $x509->getDN(true)['CN'])
  276. );
  277. }
  278. // Check if the signature of the files is valid
  279. $rsa = new \phpseclib\Crypt\RSA();
  280. $rsa->loadKey($x509->currentCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']);
  281. $rsa->setSignatureMode(RSA::SIGNATURE_PSS);
  282. $rsa->setMGFHash('sha512');
  283. // See https://tools.ietf.org/html/rfc3447#page-38
  284. $rsa->setSaltLength(0);
  285. if (!$rsa->verify(json_encode($expectedHashes), $signature)) {
  286. throw new InvalidSignatureException('Signature could not get verified.');
  287. }
  288. // Fixes for the updater as shipped with ownCloud 9.0.x: The updater is
  289. // replaced after the code integrity check is performed.
  290. //
  291. // Due to this reason we exclude the whole updater/ folder from the code
  292. // integrity check.
  293. if ($basePath === $this->environmentHelper->getServerRoot()) {
  294. foreach ($expectedHashes as $fileName => $hash) {
  295. if (str_starts_with($fileName, 'updater/')) {
  296. unset($expectedHashes[$fileName]);
  297. }
  298. }
  299. }
  300. // Compare the list of files which are not identical
  301. $currentInstanceHashes = $this->generateHashes($this->getFolderIterator($basePath), $basePath);
  302. $differencesA = array_diff($expectedHashes, $currentInstanceHashes);
  303. $differencesB = array_diff($currentInstanceHashes, $expectedHashes);
  304. $differences = array_unique(array_merge($differencesA, $differencesB));
  305. $differenceArray = [];
  306. foreach ($differences as $filename => $hash) {
  307. // Check if file should not exist in the new signature table
  308. if (!array_key_exists($filename, $expectedHashes)) {
  309. $differenceArray['EXTRA_FILE'][$filename]['expected'] = '';
  310. $differenceArray['EXTRA_FILE'][$filename]['current'] = $hash;
  311. continue;
  312. }
  313. // Check if file is missing
  314. if (!array_key_exists($filename, $currentInstanceHashes)) {
  315. $differenceArray['FILE_MISSING'][$filename]['expected'] = $expectedHashes[$filename];
  316. $differenceArray['FILE_MISSING'][$filename]['current'] = '';
  317. continue;
  318. }
  319. // Check if hash does mismatch
  320. if ($expectedHashes[$filename] !== $currentInstanceHashes[$filename]) {
  321. $differenceArray['INVALID_HASH'][$filename]['expected'] = $expectedHashes[$filename];
  322. $differenceArray['INVALID_HASH'][$filename]['current'] = $currentInstanceHashes[$filename];
  323. continue;
  324. }
  325. // Should never happen.
  326. throw new \Exception('Invalid behaviour in file hash comparison experienced. Please report this error to the developers.');
  327. }
  328. return $differenceArray;
  329. }
  330. /**
  331. * Whether the code integrity check has passed successful or not
  332. *
  333. * @return bool
  334. */
  335. public function hasPassedCheck(): bool {
  336. $results = $this->getResults();
  337. if (empty($results)) {
  338. return true;
  339. }
  340. return false;
  341. }
  342. /**
  343. * @return array
  344. */
  345. public function getResults(): array {
  346. $cachedResults = $this->cache->get(self::CACHE_KEY);
  347. if (!\is_null($cachedResults) and $cachedResults !== false) {
  348. return json_decode($cachedResults, true);
  349. }
  350. return $this->appConfig?->getValueArray('core', self::CACHE_KEY, lazy: true) ?? [];
  351. }
  352. /**
  353. * Stores the results in the app config as well as cache
  354. *
  355. * @param string $scope
  356. * @param array $result
  357. */
  358. private function storeResults(string $scope, array $result) {
  359. $resultArray = $this->getResults();
  360. unset($resultArray[$scope]);
  361. if (!empty($result)) {
  362. $resultArray[$scope] = $result;
  363. }
  364. $this->appConfig?->setValueArray('core', self::CACHE_KEY, $resultArray, lazy: true);
  365. $this->cache->set(self::CACHE_KEY, json_encode($resultArray));
  366. }
  367. /**
  368. *
  369. * Clean previous results for a proper rescanning. Otherwise
  370. */
  371. private function cleanResults() {
  372. $this->appConfig->deleteKey('core', self::CACHE_KEY);
  373. $this->cache->remove(self::CACHE_KEY);
  374. }
  375. /**
  376. * Verify the signature of $appId. Returns an array with the following content:
  377. * [
  378. * 'FILE_MISSING' =>
  379. * [
  380. * 'filename' => [
  381. * 'expected' => 'expectedSHA512',
  382. * 'current' => 'currentSHA512',
  383. * ],
  384. * ],
  385. * 'EXTRA_FILE' =>
  386. * [
  387. * 'filename' => [
  388. * 'expected' => 'expectedSHA512',
  389. * 'current' => 'currentSHA512',
  390. * ],
  391. * ],
  392. * 'INVALID_HASH' =>
  393. * [
  394. * 'filename' => [
  395. * 'expected' => 'expectedSHA512',
  396. * 'current' => 'currentSHA512',
  397. * ],
  398. * ],
  399. * ]
  400. *
  401. * Array may be empty in case no problems have been found.
  402. *
  403. * @param string $appId
  404. * @param string $path Optional path. If none is given it will be guessed.
  405. * @param bool $forceVerify
  406. * @return array
  407. */
  408. public function verifyAppSignature(string $appId, string $path = '', bool $forceVerify = false): array {
  409. try {
  410. if ($path === '') {
  411. $path = $this->appLocator->getAppPath($appId);
  412. }
  413. $result = $this->verify(
  414. $path . '/appinfo/signature.json',
  415. $path,
  416. $appId,
  417. $forceVerify
  418. );
  419. } catch (\Exception $e) {
  420. $result = [
  421. 'EXCEPTION' => [
  422. 'class' => \get_class($e),
  423. 'message' => $e->getMessage(),
  424. ],
  425. ];
  426. }
  427. $this->storeResults($appId, $result);
  428. return $result;
  429. }
  430. /**
  431. * Verify the signature of core. Returns an array with the following content:
  432. * [
  433. * 'FILE_MISSING' =>
  434. * [
  435. * 'filename' => [
  436. * 'expected' => 'expectedSHA512',
  437. * 'current' => 'currentSHA512',
  438. * ],
  439. * ],
  440. * 'EXTRA_FILE' =>
  441. * [
  442. * 'filename' => [
  443. * 'expected' => 'expectedSHA512',
  444. * 'current' => 'currentSHA512',
  445. * ],
  446. * ],
  447. * 'INVALID_HASH' =>
  448. * [
  449. * 'filename' => [
  450. * 'expected' => 'expectedSHA512',
  451. * 'current' => 'currentSHA512',
  452. * ],
  453. * ],
  454. * ]
  455. *
  456. * Array may be empty in case no problems have been found.
  457. *
  458. * @return array
  459. */
  460. public function verifyCoreSignature(): array {
  461. try {
  462. $result = $this->verify(
  463. $this->environmentHelper->getServerRoot() . '/core/signature.json',
  464. $this->environmentHelper->getServerRoot(),
  465. 'core'
  466. );
  467. } catch (\Exception $e) {
  468. $result = [
  469. 'EXCEPTION' => [
  470. 'class' => \get_class($e),
  471. 'message' => $e->getMessage(),
  472. ],
  473. ];
  474. }
  475. $this->storeResults('core', $result);
  476. return $result;
  477. }
  478. /**
  479. * Verify the core code of the instance as well as all applicable applications
  480. * and store the results.
  481. */
  482. public function runInstanceVerification() {
  483. $this->cleanResults();
  484. $this->verifyCoreSignature();
  485. $appIds = $this->appLocator->getAllApps();
  486. foreach ($appIds as $appId) {
  487. // If an application is shipped a valid signature is required
  488. $isShipped = $this->appManager->isShipped($appId);
  489. $appNeedsToBeChecked = false;
  490. if ($isShipped) {
  491. $appNeedsToBeChecked = true;
  492. } elseif ($this->fileAccessHelper->file_exists($this->appLocator->getAppPath($appId) . '/appinfo/signature.json')) {
  493. // Otherwise only if the application explicitly ships a signature.json file
  494. $appNeedsToBeChecked = true;
  495. }
  496. if ($appNeedsToBeChecked) {
  497. $this->verifyAppSignature($appId);
  498. }
  499. }
  500. }
  501. }