lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6c7e34b65d73e9fa2ba0fd39b357b9eb42ee0449.camel@huaweicloud.com>
Date: Tue, 10 Sep 2024 16:51:22 +0200
From: Roberto Sassu <roberto.sassu@...weicloud.com>
To: Jonathan McDowell <noodles@...th.li>
Cc: dhowells@...hat.com, dwmw2@...radead.org, herbert@...dor.apana.org.au, 
 davem@...emloft.net, linux-kernel@...r.kernel.org,
 keyrings@...r.kernel.org,  linux-crypto@...r.kernel.org,
 zohar@...ux.ibm.com,  linux-integrity@...r.kernel.org, Roberto Sassu
 <roberto.sassu@...wei.com>,  adrian@...e.de, ro@...e.de
Subject: Re: [PATCH v2 00/14] KEYS: Add support for PGP keys and signatures

On Tue, 2024-09-10 at 16:36 +0200, Roberto Sassu wrote:
> On Tue, 2024-08-20 at 15:12 +0100, Jonathan McDowell wrote:
> > On Mon, Aug 19, 2024 at 05:15:02PM +0200, Roberto Sassu wrote:
> > > On Mon, 2024-08-19 at 16:08 +0100, Jonathan McDowell wrote:
> > > > On Sun, Aug 18, 2024 at 06:57:42PM +0200, Roberto Sassu wrote:
> > > > > From: Roberto Sassu <roberto.sassu@...wei.com>
> > > > > 
> > > > > Support for PGP keys and signatures was proposed by David long time ago,
> > > > > before the decision of using PKCS#7 for kernel modules signatures
> > > > > verification was made. After that, there has been not enough interest to
> > > > > support PGP too.
> > > > 
> > > > You might want to update the RFC/bis references to RFC9580, which was
> > > > published last month and updates things.
> > > 
> > > Yes, makes sense (but probably isn't too much hassle to support more
> > > things for our purposes?)
> > 
> > I'm mostly suggesting that the comments/docs point to the latest
> > standard rather than the draft version, not changing to support the new
> > v6 keys.
> > 
> > > > Also, I see support for v2 + v3 keys, and this doesn't seem like a good
> > > > idea. There are cryptographic issues with fingerprints etc there and I
> > > > can't think of a good reason you'd want the kernel to support them. The
> > > > same could probably be said of DSA key support too.
> > > 
> > > Uhm, if I remember correctly I encountered some old PGP keys used to
> > > verify RPM packages (need to check). DSA keys are not supported, since
> > > the algorithm is not in the kernel.
> > 
> > I would question the benefit gained from using obsolete key/signature
> > types for verification (I was involved in the process of Debian dropping
> > them back in *2010* which was later than it should have been). Dropping
> > the code for that path means a smaller attack surface/maintenance
> > overhead for something that isn't giving a benefit.
> 
> Removed support for v3 PGP signatures... but that broke openSUSE
> Tumbleweed.
> 
> [  295.837602] PGPL: Signature packet with unhandled version 3

To add more context, this patch set adds the ability to the kernel to
verify the PGP signature of RPM packages against Linux distributions
PGP keys.

The purpose of this is to verify the authenticity of such RPM packages,
and to extract from them file digests, which are in turn used as
reference values for integrity check (appraisal) with IMA.

Roberto


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ