| Message ID | 20220201003414.55380-1-ebiggers@kernel.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | Fix bugs in public_key_verify_signature() | expand |
On 1/31/22 19:34, Eric Biggers wrote: > This patchset fixes some bugs in public_key_verify_signature() where it > could be tricked into using the wrong algorithm, as was discussed at > https://lore.kernel.org/linux-integrity/20211202215507.298415-1-zohar@linux.ibm.com/T/#t > > I'd appreciate it if the people who care about each of the supported > public key algorithms (RSA, ECDSA, ECRDSA, and SM2) would test this > patchset to make sure it still works for their use case(s). I've tested > that X.509 and PKCS#7 with RSA still work. I have tested that self-ECDSA-signed x.509 certs can still be loaded and ECDSA-signed files are still verified by IMA. It works for NIST P256 and P384. Tested-by: Stefan Berger <stefanb@linux.ibm.com> > > Note, I have *not* included a fix for SM2 being implemented incorrectly. > That is another bug that I pointed out in the above thread. I think > that bug is for the people who actually care about SM2. > > This applies to v5.17-rc2. > > Eric Biggers (2): > KEYS: asymmetric: enforce that sig algo matches key algo > KEYS: asymmetric: properly validate hash_algo and encoding > > crypto/asymmetric_keys/pkcs7_verify.c | 6 -- > crypto/asymmetric_keys/public_key.c | 126 ++++++++++++++++------- > crypto/asymmetric_keys/x509_public_key.c | 6 -- > 3 files changed, 91 insertions(+), 47 deletions(-) > > > base-commit: 26291c54e111ff6ba87a164d85d4a4e134b7315c
Hi Eric, On 2/1/22 8:34 AM, Eric Biggers wrote: > This patchset fixes some bugs in public_key_verify_signature() where it > could be tricked into using the wrong algorithm, as was discussed at > https://lore.kernel.org/linux-integrity/20211202215507.298415-1-zohar@linux.ibm.com/T/#t > > I'd appreciate it if the people who care about each of the supported > public key algorithms (RSA, ECDSA, ECRDSA, and SM2) would test this > patchset to make sure it still works for their use case(s). I've tested > that X.509 and PKCS#7 with RSA still work. > > Note, I have *not* included a fix for SM2 being implemented incorrectly. > That is another bug that I pointed out in the above thread. I think > that bug is for the people who actually care about SM2. > > This applies to v5.17-rc2. > Sorry for the late reply, thanks for your work. I did the test and the x509 certificate for SM2-with-SM3 is working fine. Tested-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Regarding the algorithm information in the signature data used by SM2, I will add a patch to fix this issue, thanks for pointing it out. Best regards, Tianjia > Eric Biggers (2): > KEYS: asymmetric: enforce that sig algo matches key algo > KEYS: asymmetric: properly validate hash_algo and encoding > > crypto/asymmetric_keys/pkcs7_verify.c | 6 -- > crypto/asymmetric_keys/public_key.c | 126 ++++++++++++++++------- > crypto/asymmetric_keys/x509_public_key.c | 6 -- > 3 files changed, 91 insertions(+), 47 deletions(-) > > > base-commit: 26291c54e111ff6ba87a164d85d4a4e134b7315c