lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 21 Jul 2023 09:04:04 +0200
From:   Roberto Sassu <roberto.sassu@...weicloud.com>
To:     Jarkko Sakkinen <jarkko@...nel.org>, dhowells@...hat.com,
        dwmw2@...radead.org, herbert@...dor.apana.org.au,
        davem@...emloft.net, zohar@...ux.ibm.com,
        dmitry.kasatkin@...il.com, paul@...l-moore.com, jmorris@...ei.org,
        serge@...lyn.com
Cc:     linux-kernel@...r.kernel.org, keyrings@...r.kernel.org,
        linux-crypto@...r.kernel.org, linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org, pbrobinson@...il.com,
        zbyszek@...waw.pl, wiktor@...acode.biz,
        devel@...ts.sequoia-pgp.org, gnupg-devel@...pg.org,
        ebiggers@...nel.org, Jason@...c4.com, mail@...iej.szmigiero.name,
        antony@...nard.ch, konstantin@...uxfoundation.org,
        James.Bottomley@...senPartnership.com,
        Roberto Sassu <roberto.sassu@...wei.com>
Subject: Re: [RFC][PATCH v3 0/9] KEYS: Introduce user asymmetric keys and
 signatures

On Thu, 2023-07-20 at 20:38 +0300, Jarkko Sakkinen wrote:
> On Thu Jul 20, 2023 at 6:32 PM EEST, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu@...wei.com>
> > 
> > Define a new TLV-based format for keys and signatures, aiming to store and
> 
> "type-length-value (TLV) based"

Ok.

> > use in the kernel the crypto material from other unsupported formats
> > (e.g. PGP).
> 
> Where's the motivation part and where is this defined?

Ah, thanks for the reminder. Will add it in the next version.

The motivations are:

- Avoid adding complex parsers in the kernel that might introduce
  vulnerabilities
- Avoid adding support for key and signature formats that some consider
  weak

That was basically the summary of the review of my attempt to add
support for PGP keys and signatures in the kernel.

This patch set adds support for only one format, which other formats
are converted from.

This is useful for the mere extraction of crypto material, and use it
with the kernel crypto API.

If there is a trust relationships between the original keys, converting
keys would lose the ability to verify that trust relationship.


Example

Suppose that there is a PGP key in the built-in keyring, and that
signed another PGP key.

If I want to add the second PGP key to the secondary keyring, I would
have to verify the signature of that key with the first key.

But the signature is on a PGP packet, so if the kernel verifies that
signature it would have also to ensure that the public key extracted
from the signed packet is the same as the converted key.

Originally I thought that we could do the conversion in a fully
isolated user space process (trustworthy User Mode Driver), so that
there is the guarantee that the key has not been modified during the
conversion. However, since it is difficult to achieve perfect
isolation, that approach has been put on hold.

So, at the moment, verifying trust with user asymmetric keys is not
possible, but this is not a problem with my use case, as a Linux
distributions can embed in the kernel all their (converted) public keys
directly usable for signature verification.

Thanks

Roberto

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ