lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1454688979.2648.97.camel@linux.vnet.ibm.com>
Date:	Fri, 05 Feb 2016 11:16:19 -0500
From:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
To:	David Howells <dhowells@...hat.com>
Cc:	linux-security-module@...r.kernel.org, keyrings@...r.kernel.org,
	petkan@...-labs.com, linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH 03/20] X.509: Allow X.509 certs to be blacklisted
 [ver #2]

Hi David,

On Wed, 2016-02-03 at 15:46 +0000, David Howells wrote:
> Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote:
> 
> > > Allow X.509 certs to be blacklisted based on their TBS hash. 
> > 
> > What is the TBS hash?  This doesn't seem to be the key identifier.
> 
> It's the TBSCertificate hash (I'll change to calling it that in the patch
> description).  "TBS" stands for "To Be Signed".  This is what is hashed for
> the signature to be generated upon - so it's something we have to expend
> resources calculating anyway.
> 
> The reason I'm using this is this is what UEFI puts into its blacklist.  See:
> 
> 	http://uefi.blogspot.co.uk/2013/09/uefi-24-review-part-13-hash-of.html
> 
> To quote:
> 
> 	Now, in the UEFI 2.4 specification, three new types of signatures for
> 	the black list were added. Specifically, the various recommended forms
> 	of the To-Be-Signed hash value (160, 256 and 512-bits) which are
> 	created during the creation of a certificate could be added to the
> 	black list instead of the certificate itself.
> 
> > The cert associated with this key identifier is loaded onto the .ima
> > keyring.
> 
> We could also check that.  There's no requirement that we only check the TBS -
> but the TBS hash is something we must check.

Ok, but before "IMA: Use the system blacklist keyring" patch, this needs
to be addressed.

> I wonder if I should mark the blacklist key as to what the value it holds
> should be checked against.  There's a number of different things we could put
> in there:
> 
>  (1) TBSCertificate hash.
> 
>  (2) Subject Key Identifier content.
> 
>  (3) Authenticode Binary hash (for PE files).
> 
>  (4) PKCS#7 component digest.

Ok

> > eg:  openssl x509 -in <pathname> -inform DER -notext -out
> > 
> > <snip>
> > 
> >         X509v3 extensions:
> >             X509v3 Subject Key Identifier: 
> > 
> > 71:12:39:B3:AB:E6:8D:BF:70:E7:26:DE:C8:4A:3F:5F:17:EF:00:6C
> 
> Note that this isn't a mandatoryy field and if it's not present, we have no way
> to calculate it as there's no one standard-defined method.

The hex string appears when displaying the keys.  For example, 
 keyctl show %keyring:.ima shows:

734429129 --als--v      0     0   \_ asymmetric: : local: signing key:
711239b3abe68dbf70e726dec84a3f5f17ef006c

Mimi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ