| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 05 Jan 2016 16:21:05 +0000
From: David Howells <dhowells@...hat.com>
To: dwmw2@...radead.org
Cc: David Woodhouse <David.Woodhouse@...el.com>,
linux-kernel@...r.kernel.org, dhowells@...hat.com,
linux-security-module@...r.kernel.org, keyrings@...r.kernel.org,
Mimi Zohar <zohar@...ux.vnet.ibm.com>
Subject: [RFC PATCH] X.509: Don't treat self-signed keys specially
Trust for a self-signed certificate can normally only be determined by
whether we obtained it from a trusted location (ie. it was built into the
kernel at compile time), so there's not really any point in checking it -
we could verify that the signature is valid, but it doesn't really tell us
anything if the signature checks out.
However, there's a bug in the code determining whether a certificate is
self-signed or not - if they have neither AKID nor SKID then we just assume
that the cert is self-signed, which may not be true.
Given this, remove the code that treats self-signed certs specially when it
comes to evaluating trustability and attempt to evaluate them as ordinary
signed certificates. We then expect self-signed certificates to fail the
trustability check and be marked as untrustworthy in x509_key_preparse().
Note that there is the possibility of the trustability check on a
self-signed cert then succeeding. This is most likely to happen when a
duplicate of the certificate is already on the trust keyring - in which
case it shouldn't be a problem.
Signed-off-by: David Howells <dhowells@...hat.com>
cc: David Woodhouse <David.Woodhouse@...el.com>
cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>
---
crypto/asymmetric_keys/x509_public_key.c | 25 ++++++++++++++++---------
1 file changed, 16 insertions(+), 9 deletions(-)
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index 2a44b3752471..26e1937af7f4 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -255,6 +255,9 @@ static int x509_validate_trust(struct x509_certificate *cert,
struct key *key;
int ret = 1;
+ if (!cert->akid_id || !cert->akid_skid)
+ return 1;
+
if (!trust_keyring)
return -EOPNOTSUPP;
@@ -312,17 +315,21 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
cert->pub->algo = pkey_algo[cert->pub->pkey_algo];
cert->pub->id_type = PKEY_ID_X509;
- /* Check the signature on the key if it appears to be self-signed */
- if ((!cert->akid_skid && !cert->akid_id) ||
- asymmetric_key_id_same(cert->skid, cert->akid_skid) ||
- asymmetric_key_id_same(cert->id, cert->akid_id)) {
- ret = x509_check_signature(cert->pub, cert); /* self-signed */
- if (ret < 0)
- goto error_free_cert;
- } else if (!prep->trusted) {
+ /* See if we can derive the trustability of this certificate.
+ *
+ * When it comes to self-signed certificates, we cannot evaluate
+ * trustedness except by the fact that we obtained it from a trusted
+ * location. So we just rely on x509_validate_trust() failing in this
+ * case.
+ *
+ * Note that there's a possibility of a self-signed cert matching a
+ * cert that we have (most likely a duplicate that we already trust) -
+ * in which case it will be marked trusted.
+ */
+ if (!prep->trusted) {
ret = x509_validate_trust(cert, get_system_trusted_keyring());
if (!ret)
- prep->trusted = 1;
+ prep->trusted = true;
}
/* Propose a description */
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists