Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp1591949pxb; Tue, 8 Feb 2022 23:24:19 -0800 (PST) X-Google-Smtp-Source: ABdhPJw4qMAUgCtLFZASH0PCz0ZK5M/B+NMyj4/1X5ma8ek3Y2GfzrqHUKgKCDC0aWIRCWHd7Hhm X-Received: by 2002:a65:48c5:: with SMTP id o5mr882980pgs.284.1644391458782; Tue, 08 Feb 2022 23:24:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644391458; cv=none; d=google.com; s=arc-20160816; b=arXDAt8p6pM5dFPGWdogR8UUZQ6TZ6ji2GFo4LogIViksP6FzKpAWCXUra0cUZoozy HUDpEuBRUjaE0TI9tUkl9160IKBflcpQ9MvrheukH6zrRMdnsYNUSG4F1b/JCrrLWBmb slV9aKVJuHdLWU8MfuLn5UAYb5plxQ3oMCnrhxy9Qt4w6q8Pe5P1MMSeOCQBCVGBP20U ifIkd1LHoToALn8K7Iy3B/HbHCNYhRuazeVAvVZgDoMcAN0h15M2GOY/kitUSUPAsvuo Y577q/hvMYuAHnF8JBjkWffSvkd6LescovPTVepGJfRxfWJmHM7be+HY3o88QNwAMCJH BAQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=xsHbnUSeS/bT6Vq/WF7D5RtjXYizWcEGPrs0VjAuhA0=; b=qVaEvGItQyd1qEjSbn82Cee3oQYR3fNlK58enuF9XtPj70HAMxcpNiPchuImTh0aD6 Dbzuc6ftdEZdEUhoYFatr57f0Y7tpRhkXzLj7GP5227fMov+RGQxOseSGyOhObToqLZU 1TDzKNKlDbixxGZp3XcMeZstaOEr++8gfotR7ml0M0LqAxs4UFXisypm8O42cEXHL3hU uY8jW9AWvJdepy7omReEQ5JrDR4ODvovVpyPfX6IsyKRw01pmF303pchTGP5UkROvBAE MSOgunoNW5BbAntY4JDEfdff4MNFoB0vV0Uk2G+CEQsIEtKCyM5WuWlYFcqzmYENkXh9 bn6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fxHRalrL; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id 2si14020014pli.34.2022.02.08.23.24.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Feb 2022 23:24:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fxHRalrL; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 7E0BCE0172CD; Tue, 8 Feb 2022 22:36:30 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347396AbiBHFdP (ORCPT + 99 others); Tue, 8 Feb 2022 00:33:15 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233024AbiBHF1d (ORCPT ); Tue, 8 Feb 2022 00:27:33 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 089EFC0401EA; Mon, 7 Feb 2022 21:27:32 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id B2998B811FE; Tue, 8 Feb 2022 05:27:30 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2903BC004E1; Tue, 8 Feb 2022 05:27:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1644298049; bh=7Dhmi0fDloRgnQaPor8Zd0439Cs3wRrBjobJqNsKzeY=; h=From:To:Cc:Subject:Date:From; b=fxHRalrLwyTa5E605/mjps/Nax4k8EDEjMJ/BVnpCEqFKcUqZ22u6O5MPwP5EWGvE ztM3hcLWDSoJt2sY4/mfDvfoCdNv+D+o80i0BOXqQHLb/vMy9LXbGVcGBdEnLgmgbK nbyHkO7VNJtNZpjde8YKyL4J5L6uJ+EbGRn0mX+cZX7gT2jzVwQkfDkxPEzYKCT8Al qvZFKwHCarkIiBR4V8iLbQJ0G8fipksmnRWU2VvGtuYJSEvoBnjWOWTKa3yFeae5vT 5lHElwyLH1d3JndCNAbR1ru9tlEMj8HiZr7ZOM0itymkoH5simhTVtfNlqhecK1LIH g4wZAUusTNGXA== From: Eric Biggers To: keyrings@vger.kernel.org, Jarkko Sakkinen , David Howells Cc: linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, Stefan Berger , Gilad Ben-Yossef , Tianjia Zhang , Vitaly Chikunov , Mimi Zohar Subject: [PATCH v2 0/2] Fix bugs in public_key_verify_signature() Date: Mon, 7 Feb 2022 21:24:46 -0800 Message-Id: <20220208052448.409152-1-ebiggers@kernel.org> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-8.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI,SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org This patchset fixes some bugs in public_key_verify_signature() where it could be tricked into using the wrong algorithm, as was discussed at https://lore.kernel.org/linux-integrity/20211202215507.298415-1-zohar@linux.ibm.com/T/#t I'd appreciate it if the people who care about each of the supported public key algorithms (RSA, ECDSA, ECRDSA, and SM2) would test this patchset to make sure it still works for their use case(s). I've tested that X.509 and PKCS#7 with RSA still work. Note, I have *not* included a fix for SM2 being implemented incorrectly. That is another bug that I pointed out in the above thread. I think that bug is for the people who actually care about SM2. This applies to v5.17-rc3. Changed v1 => v2: - Changed patch 1 to continue allowing a NULL sig->pkey_algo. Eric Biggers (2): KEYS: asymmetric: enforce that sig algo matches key algo KEYS: asymmetric: properly validate hash_algo and encoding crypto/asymmetric_keys/pkcs7_verify.c | 6 -- crypto/asymmetric_keys/public_key.c | 126 ++++++++++++++++------- crypto/asymmetric_keys/x509_public_key.c | 6 -- 3 files changed, 91 insertions(+), 47 deletions(-) base-commit: dfd42facf1e4ada021b939b4e19c935dcdd55566 -- 2.35.1