lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 19 May 2015 17:36:37 -0700
From:	Andy Lutomirski <luto@...nel.org>
To:	David Howells <dhowells@...hat.com>, rusty@...tcorp.com.au
CC:	mmarek@...e.cz, mjg59@...f.ucam.org, keyrings@...ux-nfs.org,
	dmitry.kasatkin@...il.com, mcgrof@...e.com,
	linux-kernel@...r.kernel.org, seth.forshee@...onical.com,
	linux-security-module@...r.kernel.org, dwmw2@...radead.org
Subject: Re: [PATCH 0/8] MODSIGN: Use PKCS#7 for module signatures [ver #4]

I'm not sure I want to get involved here, but...

On 05/15/2015 05:35 AM, David Howells wrote:
>
> Hi Rusty,
>
> Here's a set of patches that does the following:
>
>   (1) Extracts both parts of an X.509 AuthorityKeyIdentifier (AKID) extension.
>       We already extract the bit that can match the subjectKeyIdentifier (SKID)
>       of the parent X.509 cert, but we currently ignore the bits that can match
>       the issuer and serialNumber.
>
>       Looks up an X.509 cert by issuer and serialNumber if those are provided in
>       the AKID.  If the keyIdentifier is also provided, checks that the
>       subjectKeyIdentifier of the cert found matches that also.
>
>       If no issuer and serialNumber are provided in the AKID, looks up an X.509
>       cert by SKID using the AKID keyIdentifier.
>
>       This allows module signing to be done with certificates that don't have an
>       SKID by which they can be looked up.

I think this is way more complicated than it has to be.  Can't we look 
up certificates by their subjectPublicKeyInfo?  Every public key has a 
subjectPublicKeyInfo, and even key types that aren't X.509 at all have 
something equivalent to that.

>
>   (2) Makes use of the PKCS#7 facility to provide module signatures.
>
>       sign-file is replaced with a program that generates a PKCS#7 message that
>       has no X.509 certs embedded and that has detached data (the module
>       content) and adds it onto the message with magic string and descriptor.

Why is PKCS#7 better than whatever we're using now?

>
>   (3) The PKCS#7 message (and matching X.509 cert) supply all the information
>       that is needed to select the X.509 cert to be used to verify the signature
>       by standard means (including selection of digest algorithm and public key
>       algorithm).  No kernel-specific magic values are required.

I would take kernel-specific over PKCS#7 any day.  PKCS#7 is severely 
overcomplicated for what we're doing here.

--Andy

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ