From patchwork Fri Jan 14 00:29:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 532483 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8AF65C433F5 for ; Fri, 14 Jan 2022 00:30:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238424AbiANAax (ORCPT ); Thu, 13 Jan 2022 19:30:53 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:40034 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230491AbiANAaw (ORCPT ); Thu, 13 Jan 2022 19:30:52 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 4F24161D50; Fri, 14 Jan 2022 00:30:52 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8CBC9C36AEF; Fri, 14 Jan 2022 00:30:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1642120251; bh=31ObngJIWRlK96KNN1SCehwf7gev5VKl+XnN67ihKiY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Pt7yE0iVvBipSScUJ96hfSjYvqCvkagbShfokre5nz43pdtdnR+HQ8QP5MZyU+kTI aHjwD0n87S2Pq3jsVS9o2Wx5gI1QrpHlNpSKjV4f0wnKBaeVG0oNKnIKfKmQQClasN OTybyqzbMbG3fClmNwWkLmOqfTYx+UxPq64nFtjDPRt5Iala+0vGiMQ1TI1XirFcDr 00vYtBi4F1odQkzgQ+bbUdFYJrQl2vAEFQ087MUEeHE9r69QeV6aACCsr9vNPjbWZV LEDV47zxAkzW8iW0svEC/mJNHeamgA6YZIgv6XbaIGkNWTI7y9SgOxKIUAZvC+lYRz Qpvjurj5GMipw== From: Eric Biggers To: keyrings@vger.kernel.org, David Howells , Jarkko Sakkinen Cc: linux-crypto@vger.kernel.org Subject: [PATCH 1/4] KEYS: x509: clearly distinguish between key and signature algorithms Date: Thu, 13 Jan 2022 16:29:17 -0800 Message-Id: <20220114002920.103858-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220114002920.103858-1-ebiggers@kernel.org> References: <20220114002920.103858-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Eric Biggers An X.509 certificate has two, potentially different public key algorithms: the one used by the certificate's key, and the one that was used to sign the certificate. Some of the naming made it unclear which algorithm was meant. Rename things appropriately: - x509_note_pkey_algo() => x509_note_sig_algo() - algo_oid => sig_algo Signed-off-by: Eric Biggers --- crypto/asymmetric_keys/x509.asn1 | 2 +- crypto/asymmetric_keys/x509_cert_parser.c | 32 +++++++++++++---------- 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/crypto/asymmetric_keys/x509.asn1 b/crypto/asymmetric_keys/x509.asn1 index 5c9f4e4a5231..92d59c32f96a 100644 --- a/crypto/asymmetric_keys/x509.asn1 +++ b/crypto/asymmetric_keys/x509.asn1 @@ -7,7 +7,7 @@ Certificate ::= SEQUENCE { TBSCertificate ::= SEQUENCE { version [ 0 ] Version DEFAULT, serialNumber CertificateSerialNumber ({ x509_note_serial }), - signature AlgorithmIdentifier ({ x509_note_pkey_algo }), + signature AlgorithmIdentifier ({ x509_note_sig_algo }), issuer Name ({ x509_note_issuer }), validity Validity, subject Name ({ x509_note_subject }), diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 083405eb80c3..aec2396a7f7e 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -24,9 +24,9 @@ struct x509_parse_context { size_t key_size; /* Size of key data */ const void *params; /* Key parameters */ size_t params_size; /* Size of key parameters */ - enum OID key_algo; /* Public key algorithm */ + enum OID key_algo; /* Algorithm used by the cert's key */ enum OID last_oid; /* Last OID encountered */ - enum OID algo_oid; /* Algorithm OID */ + enum OID sig_algo; /* Algorithm used to sign the cert */ unsigned char nr_mpi; /* Number of MPIs stored */ u8 o_size; /* Size of organizationName (O) */ u8 cn_size; /* Size of commonName (CN) */ @@ -187,11 +187,10 @@ int x509_note_tbs_certificate(void *context, size_t hdrlen, } /* - * Record the public key algorithm + * Record the algorithm that was used to sign this certificate. */ -int x509_note_pkey_algo(void *context, size_t hdrlen, - unsigned char tag, - const void *value, size_t vlen) +int x509_note_sig_algo(void *context, size_t hdrlen, unsigned char tag, + const void *value, size_t vlen) { struct x509_parse_context *ctx = context; @@ -263,22 +262,22 @@ int x509_note_pkey_algo(void *context, size_t hdrlen, rsa_pkcs1: ctx->cert->sig->pkey_algo = "rsa"; ctx->cert->sig->encoding = "pkcs1"; - ctx->algo_oid = ctx->last_oid; + ctx->sig_algo = ctx->last_oid; return 0; ecrdsa: ctx->cert->sig->pkey_algo = "ecrdsa"; ctx->cert->sig->encoding = "raw"; - ctx->algo_oid = ctx->last_oid; + ctx->sig_algo = ctx->last_oid; return 0; sm2: ctx->cert->sig->pkey_algo = "sm2"; ctx->cert->sig->encoding = "raw"; - ctx->algo_oid = ctx->last_oid; + ctx->sig_algo = ctx->last_oid; return 0; ecdsa: ctx->cert->sig->pkey_algo = "ecdsa"; ctx->cert->sig->encoding = "x962"; - ctx->algo_oid = ctx->last_oid; + ctx->sig_algo = ctx->last_oid; return 0; } @@ -291,11 +290,16 @@ int x509_note_signature(void *context, size_t hdrlen, { struct x509_parse_context *ctx = context; - pr_debug("Signature type: %u size %zu\n", ctx->last_oid, vlen); + pr_debug("Signature: alg=%u, size=%zu\n", ctx->last_oid, vlen); - if (ctx->last_oid != ctx->algo_oid) { - pr_warn("Got cert with pkey (%u) and sig (%u) algorithm OIDs\n", - ctx->algo_oid, ctx->last_oid); + /* + * In X.509 certificates, the signature's algorithm is stored in two + * places: inside the TBSCertificate (the data that is signed), and + * alongside the signature. These *must* match. + */ + if (ctx->last_oid != ctx->sig_algo) { + pr_warn("signatureAlgorithm (%u) differs from tbsCertificate.signature (%u)\n", + ctx->last_oid, ctx->sig_algo); return -EINVAL; } From patchwork Fri Jan 14 00:29:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 532099 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 694F4C4332F for ; Fri, 14 Jan 2022 00:30:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238431AbiANAax (ORCPT ); Thu, 13 Jan 2022 19:30:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59254 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230491AbiANAax (ORCPT ); Thu, 13 Jan 2022 19:30:53 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0060EC061574; Thu, 13 Jan 2022 16:30:52 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 91CDC61D56; Fri, 14 Jan 2022 00:30:52 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D464CC36AF2; Fri, 14 Jan 2022 00:30:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1642120252; bh=rwCDnubWfEx4pJC1wzdIQEzshROf9zYzr5NaTwIbkWI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=tdlYQMswFl8WIpzLwtZMYXyVGhOr0vlozFp6DmxftWg4YT+H2rvRu4QA2Pw59HxQR 6XxosGER0cBSMqpG2erWmjoHg4E2EjYqJP5WUKYiIfLSONUepnNwNh5DiyDKAum7h/ TUF5Blmm6mbPWI/v1Mx8pBPj8GxTPZ+sJTOm5htQol1ShWz/Q1A6bRt86K/js4WrKJ Wpj+iKACcpYpWaJ96DDjZNNs1V/liv1WnxilSXd+afy+YdRl14UNFYLxUeLjg7Emib 9Xex/nAkgj9Ps3OFiy0pwqPSNMvY9SbWZvVo02k3puZTQw9A1FKJu8kU2Fp/qqDf7K CDpPWAIAK3ZhA== From: Eric Biggers To: keyrings@vger.kernel.org, David Howells , Jarkko Sakkinen Cc: linux-crypto@vger.kernel.org Subject: [PATCH 2/4] KEYS: x509: remove unused fields Date: Thu, 13 Jan 2022 16:29:18 -0800 Message-Id: <20220114002920.103858-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220114002920.103858-1-ebiggers@kernel.org> References: <20220114002920.103858-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Eric Biggers Remove unused fields from struct x509_parse_context. Signed-off-by: Eric Biggers Acked-by: Jarkko Sakkinen --- crypto/asymmetric_keys/x509_cert_parser.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index aec2396a7f7e..2899ed80bb18 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -19,7 +19,6 @@ struct x509_parse_context { struct x509_certificate *cert; /* Certificate being constructed */ unsigned long data; /* Start of data */ - const void *cert_start; /* Start of cert content */ const void *key; /* Key data */ size_t key_size; /* Size of key data */ const void *params; /* Key parameters */ @@ -27,7 +26,6 @@ struct x509_parse_context { enum OID key_algo; /* Algorithm used by the cert's key */ enum OID last_oid; /* Last OID encountered */ enum OID sig_algo; /* Algorithm used to sign the cert */ - unsigned char nr_mpi; /* Number of MPIs stored */ u8 o_size; /* Size of organizationName (O) */ u8 cn_size; /* Size of commonName (CN) */ u8 email_size; /* Size of emailAddress */ From patchwork Fri Jan 14 00:29:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 532482 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 184B2C43217 for ; Fri, 14 Jan 2022 00:30:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238434AbiANAay (ORCPT ); Thu, 13 Jan 2022 19:30:54 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:40044 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238425AbiANAax (ORCPT ); Thu, 13 Jan 2022 19:30:53 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id DC11061D57; Fri, 14 Jan 2022 00:30:52 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 26835C36AF4; Fri, 14 Jan 2022 00:30:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1642120252; bh=wWrqhjxF6/B5Te+0tmxllxZ8AJQKWi0XAvwb1fMf444=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=V/lhSbr1iH8v2v7Wgav8LD3/gM69xIMI6FiHub4AVcRIsVatoCQbw3/Fa52EEWiLL FyCRzofayUzhefJTfBvUaq9hNT1aVbIibCyzbPq9x+aACFmroILAgYmsiKGgXtwK3L 5hreRfdizj2zrDRRjoCr7Yzq9bsijNbOkpyVKx3BRaqE+2cKdZNnwXGybQg1k/WNZq ShjeoD/i1hw7qgkN1BhCURvFq141oeol8qMm/lac6JgEIae74NWd2akKdPv1Fdi+dd Uy5X9CpZhxUx2pZxOLS2tgH1QxzNaoHYzS5rYlnRaQEaUemY1OjaHW7TZcU9CXxDm4 8Q9VOutQH17Mg== From: Eric Biggers To: keyrings@vger.kernel.org, David Howells , Jarkko Sakkinen Cc: linux-crypto@vger.kernel.org Subject: [PATCH 3/4] KEYS: x509: remove never-set ->unsupported_key flag Date: Thu, 13 Jan 2022 16:29:19 -0800 Message-Id: <20220114002920.103858-4-ebiggers@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220114002920.103858-1-ebiggers@kernel.org> References: <20220114002920.103858-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Eric Biggers The X.509 parser always sets cert->pub->pkey_algo on success, since x509_extract_key_data() is a mandatory action in the X.509 ASN.1 grammar, and it returns an error if the algorithm is unknown. Thus, remove the dead code which handled this field being NULL. This results in the ->unsupported_key flag never being set, so remove that too. Signed-off-by: Eric Biggers --- crypto/asymmetric_keys/pkcs7_verify.c | 3 --- crypto/asymmetric_keys/x509_parser.h | 1 - crypto/asymmetric_keys/x509_public_key.c | 9 --------- 3 files changed, 13 deletions(-) diff --git a/crypto/asymmetric_keys/pkcs7_verify.c b/crypto/asymmetric_keys/pkcs7_verify.c index 0b4d07aa8811..4ba81be3cd77 100644 --- a/crypto/asymmetric_keys/pkcs7_verify.c +++ b/crypto/asymmetric_keys/pkcs7_verify.c @@ -226,9 +226,6 @@ static int pkcs7_verify_sig_chain(struct pkcs7_message *pkcs7, return 0; } - if (x509->unsupported_key) - goto unsupported_crypto_in_x509; - pr_debug("- issuer %s\n", x509->issuer); sig = x509->sig; if (sig->auth_ids[0]) diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h index c233f136fb35..da854c94f111 100644 --- a/crypto/asymmetric_keys/x509_parser.h +++ b/crypto/asymmetric_keys/x509_parser.h @@ -36,7 +36,6 @@ struct x509_certificate { bool seen; /* Infinite recursion prevention */ bool verified; bool self_signed; /* T if self-signed (check unsupported_sig too) */ - bool unsupported_key; /* T if key uses unsupported crypto */ bool unsupported_sig; /* T if signature uses unsupported crypto */ bool blacklisted; }; diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index fe14cae115b5..b03d04d78eb9 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -33,9 +33,6 @@ int x509_get_sig_params(struct x509_certificate *cert) sig->data = cert->tbs; sig->data_size = cert->tbs_size; - if (!cert->pub->pkey_algo) - cert->unsupported_key = true; - if (!sig->pkey_algo) cert->unsupported_sig = true; @@ -173,12 +170,6 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) pr_devel("Cert Issuer: %s\n", cert->issuer); pr_devel("Cert Subject: %s\n", cert->subject); - - if (cert->unsupported_key) { - ret = -ENOPKG; - goto error_free_cert; - } - pr_devel("Cert Key Algo: %s\n", cert->pub->pkey_algo); pr_devel("Cert Valid period: %lld-%lld\n", cert->valid_from, cert->valid_to); From patchwork Fri Jan 14 00:29:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 532098 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B88BC4167E for ; Fri, 14 Jan 2022 00:30:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230491AbiANAay (ORCPT ); Thu, 13 Jan 2022 19:30:54 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:40060 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238430AbiANAax (ORCPT ); Thu, 13 Jan 2022 19:30:53 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 68FCA61D56; Fri, 14 Jan 2022 00:30:53 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6EA86C36AF3; Fri, 14 Jan 2022 00:30:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1642120252; bh=fOz/UM0VhzggK9q9eIMuqedBHgMOdwdEDBvF2lLwyd8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=DECvSpMap06//4eXqbugj949vUuuY1w+Rcs+FGzvl0ZwQkfU9MLIfTLCxgT6nOmyY t7lIXL8Slbweetz28iX4w1jMKPo/aCSo1c2XzBBxFOTuZ5/raAjSGG2BpKyZj1feIX aAnzqQyWWHAqaYLnV7j61CIav0+A+/CK/dpvpPPSs/XQ9bZc00L7OLAvHSgOTGj891 mDAhdVLATc7YBWc7SzV3O3qdrO2XXaZX4vpbx9IwgKt1w5NoBq8pJ1Dl1Tkrdedars M6OvBu5T1497XQWeXK1J2FDRnUDatwa4Fp5qlpod0jHEozsgqUOW3wP5oaTKko9NBo dP2RSkmvBOfQw== From: Eric Biggers To: keyrings@vger.kernel.org, David Howells , Jarkko Sakkinen Cc: linux-crypto@vger.kernel.org Subject: [PATCH 4/4] KEYS: x509: remove dead code that set ->unsupported_sig Date: Thu, 13 Jan 2022 16:29:20 -0800 Message-Id: <20220114002920.103858-5-ebiggers@kernel.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220114002920.103858-1-ebiggers@kernel.org> References: <20220114002920.103858-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Eric Biggers The X.509 parser always sets cert->sig->pkey_algo and cert->sig->hash_algo on success, since x509_note_sig_algo() is a mandatory action in the X.509 ASN.1 grammar, and it returns an error if the signature's algorithm is unknown. Thus, remove the dead code which handled these fields being NULL. Signed-off-by: Eric Biggers Acked-by: Jarkko Sakkinen --- crypto/asymmetric_keys/x509_public_key.c | 9 --------- 1 file changed, 9 deletions(-) diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index b03d04d78eb9..8c77a297a82d 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -33,15 +33,6 @@ int x509_get_sig_params(struct x509_certificate *cert) sig->data = cert->tbs; sig->data_size = cert->tbs_size; - if (!sig->pkey_algo) - cert->unsupported_sig = true; - - /* We check the hash if we can - even if we can't then verify it */ - if (!sig->hash_algo) { - cert->unsupported_sig = true; - return 0; - } - sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL); if (!sig->s) return -ENOMEM;