Checker.php 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  6. * SPDX-License-Identifier: AGPL-3.0-only
  7. */
  8. namespace OC\IntegrityCheck;
  9. use OC\Core\Command\Maintenance\Mimetype\GenerateMimetypeFileBuilder;
  10. use OC\IntegrityCheck\Exceptions\InvalidSignatureException;
  11. use OC\IntegrityCheck\Helpers\AppLocator;
  12. use OC\IntegrityCheck\Helpers\EnvironmentHelper;
  13. use OC\IntegrityCheck\Helpers\FileAccessHelper;
  14. use OC\IntegrityCheck\Iterator\ExcludeFileByNameFilterIterator;
  15. use OC\IntegrityCheck\Iterator\ExcludeFoldersByPathFilterIterator;
  16. use OCP\App\IAppManager;
  17. use OCP\Files\IMimeTypeDetector;
  18. use OCP\IAppConfig;
  19. use OCP\ICache;
  20. use OCP\ICacheFactory;
  21. use OCP\IConfig;
  22. use phpseclib\Crypt\RSA;
  23. use phpseclib\File\X509;
  24. /**
  25. * Class Checker handles the code signing using X.509 and RSA. ownCloud ships with
  26. * a public root certificate certificate that allows to issue new certificates that
  27. * will be trusted for signing code. The CN will be used to verify that a certificate
  28. * given to a third-party developer may not be used for other applications. For
  29. * example the author of the application "calendar" would only receive a certificate
  30. * only valid for this application.
  31. *
  32. * @package OC\IntegrityCheck
  33. */
  34. class Checker {
  35. public const CACHE_KEY = 'oc.integritycheck.checker';
  36. private ICache $cache;
  37. public function __construct(
  38. private EnvironmentHelper $environmentHelper,
  39. private FileAccessHelper $fileAccessHelper,
  40. private AppLocator $appLocator,
  41. private ?IConfig $config,
  42. private ?IAppConfig $appConfig,
  43. ICacheFactory $cacheFactory,
  44. private ?IAppManager $appManager,
  45. private IMimeTypeDetector $mimeTypeDetector,
  46. ) {
  47. $this->cache = $cacheFactory->createDistributed(self::CACHE_KEY);
  48. }
  49. /**
  50. * Whether code signing is enforced or not.
  51. *
  52. * @return bool
  53. */
  54. public function isCodeCheckEnforced(): bool {
  55. $notSignedChannels = [ '', 'git'];
  56. if (\in_array($this->environmentHelper->getChannel(), $notSignedChannels, true)) {
  57. return false;
  58. }
  59. /**
  60. * This config option is undocumented and supposed to be so, it's only
  61. * applicable for very specific scenarios and we should not advertise it
  62. * too prominent. So please do not add it to config.sample.php.
  63. */
  64. return !($this->config?->getSystemValueBool('integrity.check.disabled', false) ?? false);
  65. }
  66. /**
  67. * Enumerates all files belonging to the folder. Sensible defaults are excluded.
  68. *
  69. * @param string $folderToIterate
  70. * @param string $root
  71. * @return \RecursiveIteratorIterator
  72. * @throws \Exception
  73. */
  74. private function getFolderIterator(string $folderToIterate, string $root = ''): \RecursiveIteratorIterator {
  75. $dirItr = new \RecursiveDirectoryIterator(
  76. $folderToIterate,
  77. \RecursiveDirectoryIterator::SKIP_DOTS
  78. );
  79. if ($root === '') {
  80. $root = \OC::$SERVERROOT;
  81. }
  82. $root = rtrim($root, '/');
  83. $excludeGenericFilesIterator = new ExcludeFileByNameFilterIterator($dirItr);
  84. $excludeFoldersIterator = new ExcludeFoldersByPathFilterIterator($excludeGenericFilesIterator, $root);
  85. return new \RecursiveIteratorIterator(
  86. $excludeFoldersIterator,
  87. \RecursiveIteratorIterator::SELF_FIRST
  88. );
  89. }
  90. /**
  91. * Returns an array of ['filename' => 'SHA512-hash-of-file'] for all files found
  92. * in the iterator.
  93. *
  94. * @param \RecursiveIteratorIterator $iterator
  95. * @param string $path
  96. * @return array Array of hashes.
  97. */
  98. private function generateHashes(\RecursiveIteratorIterator $iterator,
  99. string $path): array {
  100. $hashes = [];
  101. $baseDirectoryLength = \strlen($path);
  102. foreach ($iterator as $filename => $data) {
  103. /** @var \DirectoryIterator $data */
  104. if ($data->isDir()) {
  105. continue;
  106. }
  107. $relativeFileName = substr($filename, $baseDirectoryLength);
  108. $relativeFileName = ltrim($relativeFileName, '/');
  109. // Exclude signature.json files in the appinfo and root folder
  110. if ($relativeFileName === 'appinfo/signature.json') {
  111. continue;
  112. }
  113. // Exclude signature.json files in the appinfo and core folder
  114. if ($relativeFileName === 'core/signature.json') {
  115. continue;
  116. }
  117. // The .htaccess file in the root folder of ownCloud can contain
  118. // custom content after the installation due to the fact that dynamic
  119. // content is written into it at installation time as well. This
  120. // includes for example the 404 and 403 instructions.
  121. // Thus we ignore everything below the first occurrence of
  122. // "#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####" and have the
  123. // hash generated based on this.
  124. if ($filename === $this->environmentHelper->getServerRoot() . '/.htaccess') {
  125. $fileContent = file_get_contents($filename);
  126. $explodedArray = explode('#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####', $fileContent);
  127. if (\count($explodedArray) === 2) {
  128. $hashes[$relativeFileName] = hash('sha512', $explodedArray[0]);
  129. continue;
  130. }
  131. }
  132. if ($filename === $this->environmentHelper->getServerRoot() . '/core/js/mimetypelist.js') {
  133. $oldMimetypeList = new GenerateMimetypeFileBuilder();
  134. $newFile = $oldMimetypeList->generateFile($this->mimeTypeDetector->getAllAliases());
  135. $oldFile = $this->fileAccessHelper->file_get_contents($filename);
  136. if ($newFile === $oldFile) {
  137. $hashes[$relativeFileName] = hash('sha512', $oldMimetypeList->generateFile($this->mimeTypeDetector->getOnlyDefaultAliases()));
  138. continue;
  139. }
  140. }
  141. $hashes[$relativeFileName] = hash_file('sha512', $filename);
  142. }
  143. return $hashes;
  144. }
  145. /**
  146. * Creates the signature data
  147. *
  148. * @param array $hashes
  149. * @param X509 $certificate
  150. * @param RSA $privateKey
  151. * @return array
  152. */
  153. private function createSignatureData(array $hashes,
  154. X509 $certificate,
  155. RSA $privateKey): array {
  156. ksort($hashes);
  157. $privateKey->setSignatureMode(RSA::SIGNATURE_PSS);
  158. $privateKey->setMGFHash('sha512');
  159. // See https://tools.ietf.org/html/rfc3447#page-38
  160. $privateKey->setSaltLength(0);
  161. $signature = $privateKey->sign(json_encode($hashes));
  162. return [
  163. 'hashes' => $hashes,
  164. 'signature' => base64_encode($signature),
  165. 'certificate' => $certificate->saveX509($certificate->currentCert),
  166. ];
  167. }
  168. /**
  169. * Write the signature of the app in the specified folder
  170. *
  171. * @param string $path
  172. * @param X509 $certificate
  173. * @param RSA $privateKey
  174. * @throws \Exception
  175. */
  176. public function writeAppSignature($path,
  177. X509 $certificate,
  178. RSA $privateKey) {
  179. $appInfoDir = $path . '/appinfo';
  180. try {
  181. $this->fileAccessHelper->assertDirectoryExists($appInfoDir);
  182. $iterator = $this->getFolderIterator($path);
  183. $hashes = $this->generateHashes($iterator, $path);
  184. $signature = $this->createSignatureData($hashes, $certificate, $privateKey);
  185. $this->fileAccessHelper->file_put_contents(
  186. $appInfoDir . '/signature.json',
  187. json_encode($signature, JSON_PRETTY_PRINT)
  188. );
  189. } catch (\Exception $e) {
  190. if (!$this->fileAccessHelper->is_writable($appInfoDir)) {
  191. throw new \Exception($appInfoDir . ' is not writable');
  192. }
  193. throw $e;
  194. }
  195. }
  196. /**
  197. * Write the signature of core
  198. *
  199. * @param X509 $certificate
  200. * @param RSA $rsa
  201. * @param string $path
  202. * @throws \Exception
  203. */
  204. public function writeCoreSignature(X509 $certificate,
  205. RSA $rsa,
  206. $path) {
  207. $coreDir = $path . '/core';
  208. try {
  209. $this->fileAccessHelper->assertDirectoryExists($coreDir);
  210. $iterator = $this->getFolderIterator($path, $path);
  211. $hashes = $this->generateHashes($iterator, $path);
  212. $signatureData = $this->createSignatureData($hashes, $certificate, $rsa);
  213. $this->fileAccessHelper->file_put_contents(
  214. $coreDir . '/signature.json',
  215. json_encode($signatureData, JSON_PRETTY_PRINT)
  216. );
  217. } catch (\Exception $e) {
  218. if (!$this->fileAccessHelper->is_writable($coreDir)) {
  219. throw new \Exception($coreDir . ' is not writable');
  220. }
  221. throw $e;
  222. }
  223. }
  224. /**
  225. * Split the certificate file in individual certs
  226. *
  227. * @param string $cert
  228. * @return string[]
  229. */
  230. private function splitCerts(string $cert): array {
  231. preg_match_all('([\-]{3,}[\S\ ]+?[\-]{3,}[\S\s]+?[\-]{3,}[\S\ ]+?[\-]{3,})', $cert, $matches);
  232. return $matches[0];
  233. }
  234. /**
  235. * Verifies the signature for the specified path.
  236. *
  237. * @param string $signaturePath
  238. * @param string $basePath
  239. * @param string $certificateCN
  240. * @param bool $forceVerify
  241. * @return array
  242. * @throws InvalidSignatureException
  243. * @throws \Exception
  244. */
  245. private function verify(string $signaturePath, string $basePath, string $certificateCN, bool $forceVerify = false): array {
  246. if (!$forceVerify && !$this->isCodeCheckEnforced()) {
  247. return [];
  248. }
  249. $content = $this->fileAccessHelper->file_get_contents($signaturePath);
  250. $signatureData = null;
  251. if (\is_string($content)) {
  252. $signatureData = json_decode($content, true);
  253. }
  254. if (!\is_array($signatureData)) {
  255. throw new InvalidSignatureException('Signature data not found.');
  256. }
  257. $expectedHashes = $signatureData['hashes'];
  258. ksort($expectedHashes);
  259. $signature = base64_decode($signatureData['signature']);
  260. $certificate = $signatureData['certificate'];
  261. // Check if certificate is signed by Nextcloud Root Authority
  262. $x509 = new \phpseclib\File\X509();
  263. $rootCertificatePublicKey = $this->fileAccessHelper->file_get_contents($this->environmentHelper->getServerRoot().'/resources/codesigning/root.crt');
  264. $rootCerts = $this->splitCerts($rootCertificatePublicKey);
  265. foreach ($rootCerts as $rootCert) {
  266. $x509->loadCA($rootCert);
  267. }
  268. $x509->loadX509($certificate);
  269. if (!$x509->validateSignature()) {
  270. throw new InvalidSignatureException('Certificate is not valid.');
  271. }
  272. // Verify if certificate has proper CN. "core" CN is always trusted.
  273. if ($x509->getDN(X509::DN_OPENSSL)['CN'] !== $certificateCN && $x509->getDN(X509::DN_OPENSSL)['CN'] !== 'core') {
  274. throw new InvalidSignatureException(
  275. sprintf('Certificate is not valid for required scope. (Requested: %s, current: CN=%s)', $certificateCN, $x509->getDN(true)['CN'])
  276. );
  277. }
  278. // Check if the signature of the files is valid
  279. $rsa = new \phpseclib\Crypt\RSA();
  280. $rsa->loadKey($x509->currentCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']);
  281. $rsa->setSignatureMode(RSA::SIGNATURE_PSS);
  282. $rsa->setMGFHash('sha512');
  283. // See https://tools.ietf.org/html/rfc3447#page-38
  284. $rsa->setSaltLength(0);
  285. if (!$rsa->verify(json_encode($expectedHashes), $signature)) {
  286. throw new InvalidSignatureException('Signature could not get verified.');
  287. }
  288. // Fixes for the updater as shipped with ownCloud 9.0.x: The updater is
  289. // replaced after the code integrity check is performed.
  290. //
  291. // Due to this reason we exclude the whole updater/ folder from the code
  292. // integrity check.
  293. if ($basePath === $this->environmentHelper->getServerRoot()) {
  294. foreach ($expectedHashes as $fileName => $hash) {
  295. if (str_starts_with($fileName, 'updater/')) {
  296. unset($expectedHashes[$fileName]);
  297. }
  298. }
  299. }
  300. // Compare the list of files which are not identical
  301. $currentInstanceHashes = $this->generateHashes($this->getFolderIterator($basePath), $basePath);
  302. $differencesA = array_diff($expectedHashes, $currentInstanceHashes);
  303. $differencesB = array_diff($currentInstanceHashes, $expectedHashes);
  304. $differences = array_unique(array_merge($differencesA, $differencesB));
  305. $differenceArray = [];
  306. foreach ($differences as $filename => $hash) {
  307. // Check if file should not exist in the new signature table
  308. if (!array_key_exists($filename, $expectedHashes)) {
  309. $differenceArray['EXTRA_FILE'][$filename]['expected'] = '';
  310. $differenceArray['EXTRA_FILE'][$filename]['current'] = $hash;
  311. continue;
  312. }
  313. // Check if file is missing
  314. if (!array_key_exists($filename, $currentInstanceHashes)) {
  315. $differenceArray['FILE_MISSING'][$filename]['expected'] = $expectedHashes[$filename];
  316. $differenceArray['FILE_MISSING'][$filename]['current'] = '';
  317. continue;
  318. }
  319. // Check if hash does mismatch
  320. if ($expectedHashes[$filename] !== $currentInstanceHashes[$filename]) {
  321. $differenceArray['INVALID_HASH'][$filename]['expected'] = $expectedHashes[$filename];
  322. $differenceArray['INVALID_HASH'][$filename]['current'] = $currentInstanceHashes[$filename];
  323. continue;
  324. }
  325. // Should never happen.
  326. throw new \Exception('Invalid behaviour in file hash comparison experienced. Please report this error to the developers.');
  327. }
  328. return $differenceArray;
  329. }
  330. /**
  331. * Whether the code integrity check has passed successful or not
  332. *
  333. * @return bool
  334. */
  335. public function hasPassedCheck(): bool {
  336. $results = $this->getResults();
  337. if ($results !== null && empty($results)) {
  338. return true;
  339. }
  340. return false;
  341. }
  342. /**
  343. * @return array|null Either the results or null if no results available
  344. */
  345. public function getResults(): array|null {
  346. $cachedResults = $this->cache->get(self::CACHE_KEY);
  347. if (!\is_null($cachedResults) and $cachedResults !== false) {
  348. return json_decode($cachedResults, true);
  349. }
  350. if ($this->appConfig?->hasKey('core', self::CACHE_KEY, lazy: true)) {
  351. return $this->appConfig->getValueArray('core', self::CACHE_KEY, lazy: true);
  352. }
  353. // No results available
  354. return null;
  355. }
  356. /**
  357. * Stores the results in the app config as well as cache
  358. *
  359. * @param string $scope
  360. * @param array $result
  361. */
  362. private function storeResults(string $scope, array $result) {
  363. $resultArray = $this->getResults() ?? [];
  364. unset($resultArray[$scope]);
  365. if (!empty($result)) {
  366. $resultArray[$scope] = $result;
  367. }
  368. $this->appConfig?->setValueArray('core', self::CACHE_KEY, $resultArray, lazy: true);
  369. $this->cache->set(self::CACHE_KEY, json_encode($resultArray));
  370. }
  371. /**
  372. *
  373. * Clean previous results for a proper rescanning. Otherwise
  374. */
  375. private function cleanResults() {
  376. $this->appConfig->deleteKey('core', self::CACHE_KEY);
  377. $this->cache->remove(self::CACHE_KEY);
  378. }
  379. /**
  380. * Verify the signature of $appId. Returns an array with the following content:
  381. * [
  382. * 'FILE_MISSING' =>
  383. * [
  384. * 'filename' => [
  385. * 'expected' => 'expectedSHA512',
  386. * 'current' => 'currentSHA512',
  387. * ],
  388. * ],
  389. * 'EXTRA_FILE' =>
  390. * [
  391. * 'filename' => [
  392. * 'expected' => 'expectedSHA512',
  393. * 'current' => 'currentSHA512',
  394. * ],
  395. * ],
  396. * 'INVALID_HASH' =>
  397. * [
  398. * 'filename' => [
  399. * 'expected' => 'expectedSHA512',
  400. * 'current' => 'currentSHA512',
  401. * ],
  402. * ],
  403. * ]
  404. *
  405. * Array may be empty in case no problems have been found.
  406. *
  407. * @param string $appId
  408. * @param string $path Optional path. If none is given it will be guessed.
  409. * @param bool $forceVerify
  410. * @return array
  411. */
  412. public function verifyAppSignature(string $appId, string $path = '', bool $forceVerify = false): array {
  413. try {
  414. if ($path === '') {
  415. $path = $this->appLocator->getAppPath($appId);
  416. }
  417. $result = $this->verify(
  418. $path . '/appinfo/signature.json',
  419. $path,
  420. $appId,
  421. $forceVerify
  422. );
  423. } catch (\Exception $e) {
  424. $result = [
  425. 'EXCEPTION' => [
  426. 'class' => \get_class($e),
  427. 'message' => $e->getMessage(),
  428. ],
  429. ];
  430. }
  431. $this->storeResults($appId, $result);
  432. return $result;
  433. }
  434. /**
  435. * Verify the signature of core. Returns an array with the following content:
  436. * [
  437. * 'FILE_MISSING' =>
  438. * [
  439. * 'filename' => [
  440. * 'expected' => 'expectedSHA512',
  441. * 'current' => 'currentSHA512',
  442. * ],
  443. * ],
  444. * 'EXTRA_FILE' =>
  445. * [
  446. * 'filename' => [
  447. * 'expected' => 'expectedSHA512',
  448. * 'current' => 'currentSHA512',
  449. * ],
  450. * ],
  451. * 'INVALID_HASH' =>
  452. * [
  453. * 'filename' => [
  454. * 'expected' => 'expectedSHA512',
  455. * 'current' => 'currentSHA512',
  456. * ],
  457. * ],
  458. * ]
  459. *
  460. * Array may be empty in case no problems have been found.
  461. *
  462. * @return array
  463. */
  464. public function verifyCoreSignature(): array {
  465. try {
  466. $result = $this->verify(
  467. $this->environmentHelper->getServerRoot() . '/core/signature.json',
  468. $this->environmentHelper->getServerRoot(),
  469. 'core'
  470. );
  471. } catch (\Exception $e) {
  472. $result = [
  473. 'EXCEPTION' => [
  474. 'class' => \get_class($e),
  475. 'message' => $e->getMessage(),
  476. ],
  477. ];
  478. }
  479. $this->storeResults('core', $result);
  480. return $result;
  481. }
  482. /**
  483. * Verify the core code of the instance as well as all applicable applications
  484. * and store the results.
  485. */
  486. public function runInstanceVerification() {
  487. $this->cleanResults();
  488. $this->verifyCoreSignature();
  489. $appIds = $this->appLocator->getAllApps();
  490. foreach ($appIds as $appId) {
  491. // If an application is shipped a valid signature is required
  492. $isShipped = $this->appManager->isShipped($appId);
  493. $appNeedsToBeChecked = false;
  494. if ($isShipped) {
  495. $appNeedsToBeChecked = true;
  496. } elseif ($this->fileAccessHelper->file_exists($this->appLocator->getAppPath($appId) . '/appinfo/signature.json')) {
  497. // Otherwise only if the application explicitly ships a signature.json file
  498. $appNeedsToBeChecked = true;
  499. }
  500. if ($appNeedsToBeChecked) {
  501. $this->verifyAppSignature($appId);
  502. }
  503. }
  504. }
  505. }