Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp1316183pxb; Tue, 8 Feb 2022 14:30:22 -0800 (PST) X-Google-Smtp-Source: ABdhPJy0sakYowfQ+hhHcxacaDsU4Ebx0wTIHnqRhiucOleSD6st7uXErSabkE+YJKH00suCkcw7 X-Received: by 2002:a63:371b:: with SMTP id e27mr5192347pga.618.1644359422501; Tue, 08 Feb 2022 14:30:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644359422; cv=none; d=google.com; s=arc-20160816; b=nWL2qMmQlzIToibcFZhfRKiZgqneR7ziQOqDoUJYh60pOM27drksW9mx5mo1ODiMuK iHyPbksyeHPTHL2m3uB0FqChmcL+znqtXERoN+d0uQZkVEXEnmcfFH8/XKbWa9qKii8q UGbdnFb/W8Jv6BENANfA4+m3u+WyJH3YUzTlf4ZOQ4p4Kxrmijq+si5eCOSXbNpRbIWc +SXS0fP4ZS6AlCIPLG80wpze3oGPh6JtSv30IXZOZervLsNxLaamnePvWmOqJyuSXa2U y6BMrllqmcG5mYQuiy3AtK4O7Z28myQEjcBECFbmIMmfcgZl6lfCuvprE/8fTc8btLAY 3euw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id; bh=AowmV19lqBYjI5gOTQbJIaMXWFyUH8N0dWzgTAFOLo4=; b=x75G8wkzwGDfpcuJpHfd3rVR1imCjkFyuKBDYOpzzK/01K+v+Xo2ZqCoksSiV0+zn/ PfENZkptoS2SRMS2aYq+hJTEC2PwV9t6S8bGkxkXHLYhLAjK8HQO2/p0hH7lYkWuQQ23 qXcQTRoAlPoGlGsyeQVbkFXDumXx0uF5eGUzT/Fll+kYuZrWeZTreoPeWRlq3OraFUMV AaoZLG0aBuG54fEn+gYYVvCCe2mVY9zMOtHV0P8fOOWHzrWcetv6ougx+m2iT9VLHCTO 9Su6IyXDgstFMpDVpZVXKUStpB6GaCxQg3HbKiyqkAORizDOY29VsODZLVh83sgr8Wn3 TVtQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id lw12si4546361pjb.174.2022.02.08.14.29.59; Tue, 08 Feb 2022 14:30:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234898AbiBGHxc (ORCPT + 99 others); Mon, 7 Feb 2022 02:53:32 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39118 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S243745AbiBGHpQ (ORCPT ); Mon, 7 Feb 2022 02:45:16 -0500 Received: from out199-16.us.a.mail.aliyun.com (out199-16.us.a.mail.aliyun.com [47.90.199.16]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 33104C043181; Sun, 6 Feb 2022 23:45:13 -0800 (PST) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R101e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e01424;MF=tianjia.zhang@linux.alibaba.com;NM=1;PH=DS;RN=10;SR=0;TI=SMTPD_---0V3leFSM_1644219908; Received: from 30.240.99.213(mailfrom:tianjia.zhang@linux.alibaba.com fp:SMTPD_---0V3leFSM_1644219908) by smtp.aliyun-inc.com(127.0.0.1); Mon, 07 Feb 2022 15:45:09 +0800 Message-ID: Date: Mon, 7 Feb 2022 15:45:07 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: [PATCH 0/2] Fix bugs in public_key_verify_signature() Content-Language: en-US To: Eric Biggers , keyrings@vger.kernel.org, Jarkko Sakkinen , David Howells Cc: linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, Stefan Berger , Gilad Ben-Yossef , Vitaly Chikunov , Mimi Zohar References: <20220201003414.55380-1-ebiggers@kernel.org> From: Tianjia Zhang In-Reply-To: <20220201003414.55380-1-ebiggers@kernel.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-9.9 required=5.0 tests=BAYES_00, ENV_AND_HDR_SPF_MATCH,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,UNPARSEABLE_RELAY,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Eric, On 2/1/22 8:34 AM, Eric Biggers wrote: > This patchset fixes some bugs in public_key_verify_signature() where it > could be tricked into using the wrong algorithm, as was discussed at > https://lore.kernel.org/linux-integrity/20211202215507.298415-1-zohar@linux.ibm.com/T/#t > > I'd appreciate it if the people who care about each of the supported > public key algorithms (RSA, ECDSA, ECRDSA, and SM2) would test this > patchset to make sure it still works for their use case(s). I've tested > that X.509 and PKCS#7 with RSA still work. > > Note, I have *not* included a fix for SM2 being implemented incorrectly. > That is another bug that I pointed out in the above thread. I think > that bug is for the people who actually care about SM2. > > This applies to v5.17-rc2. > Sorry for the late reply, thanks for your work. I did the test and the x509 certificate for SM2-with-SM3 is working fine. Tested-by: Tianjia Zhang Regarding the algorithm information in the signature data used by SM2, I will add a patch to fix this issue, thanks for pointing it out. Best regards, Tianjia > Eric Biggers (2): > KEYS: asymmetric: enforce that sig algo matches key algo > KEYS: asymmetric: properly validate hash_algo and encoding > > crypto/asymmetric_keys/pkcs7_verify.c | 6 -- > crypto/asymmetric_keys/public_key.c | 126 ++++++++++++++++------- > crypto/asymmetric_keys/x509_public_key.c | 6 -- > 3 files changed, 91 insertions(+), 47 deletions(-) > > > base-commit: 26291c54e111ff6ba87a164d85d4a4e134b7315c