Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp2358410rdg; Mon, 16 Oct 2023 01:36:24 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHbyECzUeMJ6U+V8pSyV610kg/hDeEBOwElIuYMGf6s5lZgEz0L8EL4gmsT/UoD7HKfEvx2 X-Received: by 2002:a05:6808:1798:b0:3ae:2024:8389 with SMTP id bg24-20020a056808179800b003ae20248389mr46119225oib.36.1697445384390; Mon, 16 Oct 2023 01:36:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697445384; cv=none; d=google.com; s=arc-20160816; b=rI+2qoPOKY1tsDSlaYBPjQNBkV/MVhpO2E/fk07M3E7yuK3qU+7cuwURO6dGTC8ugg dnZkSkJiIMzDjQ2qO/QG2UvPLQKBKXw3PDb1osX0cjJTZ/V8Kp5qacDJ31SKkUfLNmzO ek6/ugxKL/S9NESZsjpp4SzyVenGtuX3SJ6JG9TwFwcdic70XEAeyCEaPljvzXV88UO5 x7eyoTMykcUYF6I/w8AcePL5pMBSBRBIMPiLPy0xf3NJVoqklXcr131XEpEhDMQohY+G r/0adu9M9i9VUXg6AxCSmXylz7zNtF3dhFfFbU5DlImLwiZSh7aoB/P3NWvC5OBVGXJq ZcGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=5DKfnsqPhu80/gweLpckBEF2kIpr57eIFnmo/aSqr0s=; fh=61Uaz+9AIbQuC0X9qMk8Y7OqskPG9oHu1ZAMxpE4KFw=; b=iipSiZwu6RKCPe6nI7qS3hZ+flyF22/FhnHx5tIpyHtWUSlOmfW9h8OF4SF1CIDLiN C1uOn1MIunWcRS+haA/Nj7VpRE2xJ8F7N5LPc+44oxKf1WzpXDL9PGZ+DVBEBCT9YcHJ qeWOVPJyJYic+/zq5spLimxQxsWRXIppldp+6qFrm2BXdNoFP6vcPbtHgBksNYK64GZh p5xtXDqvA/pLVj8HMd3QUs8wGmYWzLkYANzJuEkzdmOvGJrhy2d3dWpElxbxVbX/oRyx KY0ZEe5gQAApOza36DF4YPiN6zjAiPaIxhVXF4OQsmKuZ4jujKKMerdeCi8tMUhCBorC JCNw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id h13-20020a63530d000000b005898b54186esi10080123pgb.96.2023.10.16.01.36.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Oct 2023 01:36:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 438838066BA0; Mon, 16 Oct 2023 01:35:52 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229848AbjJPIfv (ORCPT + 99 others); Mon, 16 Oct 2023 04:35:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52748 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230105AbjJPIfu (ORCPT ); Mon, 16 Oct 2023 04:35:50 -0400 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C669A1; Mon, 16 Oct 2023 01:35:47 -0700 (PDT) Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.94.2 #2 (Debian)) id 1qsJ4V-007Sey-0T; Mon, 16 Oct 2023 16:35:32 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Mon, 16 Oct 2023 16:35:36 +0800 Date: Mon, 16 Oct 2023 16:35:36 +0800 From: Herbert Xu To: Denis Kenzior Cc: Linux Crypto Mailing List , Marcel Holtmann , James Prestwood , David Howells , keyrings@vger.kernel.org, Jarkko Sakkinen Subject: [PATCH] KEYS: asymmetric: Fix sign/verify on pkcs1pad without a hash Message-ID: References: <1d22cd18-bc2a-4273-8087-e74030fbf373@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Mon, 16 Oct 2023 01:35:52 -0700 (PDT) On Thu, Oct 12, 2023 at 10:08:46AM -0500, Denis Kenzior wrote: > > Looks like something took out the ability to run sign/verify without a hash > on asymmetric keys. Indeed this is what it was. Please try this patch. Thanks! ---8<--- The new sign/verify code broke the case of pkcs1pad without a hash algorithm. Fix it by setting issig correctly for this case. Fixes: 63ba4d67594a ("KEYS: asymmetric: Use new crypto interface without scatterlists") Cc: stable@vger.kernel.org # v6.5 Reported-by: Denis Kenzior Signed-off-by: Herbert Xu diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c index abeecb8329b3..2f9181c4cd59 100644 --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -81,14 +81,13 @@ software_key_determine_akcipher(const struct public_key *pkey, * RSA signatures usually use EMSA-PKCS1-1_5 [RFC3447 sec 8.2]. */ if (strcmp(encoding, "pkcs1") == 0) { + *sig = op == kernel_pkey_sign || + op == kernel_pkey_verify; if (!hash_algo) { - *sig = false; n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s)", pkey->pkey_algo); } else { - *sig = op == kernel_pkey_sign || - op == kernel_pkey_verify; n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s,%s)", pkey->pkey_algo, hash_algo); -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt