Re: [PATCH] X.509: Fix test for self-signed certificate
On 2016-02-24 15:54, David Howells wrote: > Hi Michal, > > I have the attached patch already in my queue. > > David > --- > commit d19fcb825912c67e09e0575b95accaa42899e07f > Author: David Howells> Date: Wed Feb 24 14:37:54 2016 + > > X.509: Don't treat self-signed keys specially Hi David, this solves my problem too, obviously. I thought the signature check for self-signed certificates was a sort of consistency check. Thanks, Michal
Re: [PATCH] X.509: Fix test for self-signed certificate
On 2016-02-24 15:54, David Howells wrote: > Hi Michal, > > I have the attached patch already in my queue. > > David > --- > commit d19fcb825912c67e09e0575b95accaa42899e07f > Author: David Howells > Date: Wed Feb 24 14:37:54 2016 + > > X.509: Don't treat self-signed keys specially Hi David, this solves my problem too, obviously. I thought the signature check for self-signed certificates was a sort of consistency check. Thanks, Michal
Re: [PATCH] X.509: Fix test for self-signed certificate
Hi Michal, I have the attached patch already in my queue. David --- commit d19fcb825912c67e09e0575b95accaa42899e07f Author: David HowellsDate: Wed Feb 24 14:37:54 2016 + X.509: Don't treat self-signed keys specially Trust for a self-signed certificate can normally only be determined by whether we obtained it from a trusted location (ie. it was built into the kernel at compile time), so there's not really any point in checking it - we could verify that the signature is valid, but it doesn't really tell us anything if the signature checks out. However, there's a bug in the code determining whether a certificate is self-signed or not - if they have neither AKID nor SKID then we just assume that the cert is self-signed, which may not be true. Given this, remove the code that treats self-signed certs specially when it comes to evaluating trustability and attempt to evaluate them as ordinary signed certificates. We then expect self-signed certificates to fail the trustability check and be marked as untrustworthy in x509_key_preparse(). Note that there is the possibility of the trustability check on a self-signed cert then succeeding. This is most likely to happen when a duplicate of the certificate is already on the trust keyring - in which case it shouldn't be a problem. Signed-off-by: David Howells Acked-by: Mimi Zohar cc: David Woodhouse diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 9e9e5a6a9ed6..fd76eca902b8 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -255,6 +255,9 @@ static int x509_validate_trust(struct x509_certificate *cert, struct key *key; int ret = 1; + if (!cert->akid_id || !cert->akid_skid) + return 1; + if (!trust_keyring) return -EOPNOTSUPP; @@ -312,19 +315,23 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) cert->pub->algo = pkey_algo[cert->pub->pkey_algo]; cert->pub->id_type = PKEY_ID_X509; - /* Check the signature on the key if it appears to be self-signed */ - if ((!cert->akid_skid && !cert->akid_id) || - asymmetric_key_id_same(cert->skid, cert->akid_skid) || - asymmetric_key_id_same(cert->id, cert->akid_id)) { - ret = x509_check_signature(cert->pub, cert); /* self-signed */ - if (ret < 0) - goto error_free_cert; - } else if (!prep->trusted) { + /* See if we can derive the trustability of this certificate. +* +* When it comes to self-signed certificates, we cannot evaluate +* trustedness except by the fact that we obtained it from a trusted +* location. So we just rely on x509_validate_trust() failing in this +* case. +* +* Note that there's a possibility of a self-signed cert matching a +* cert that we have (most likely a duplicate that we already trust) - +* in which case it will be marked trusted. +*/ + if (!prep->trusted) { ret = x509_validate_trust(cert, get_system_trusted_keyring()); if (ret) ret = x509_validate_trust(cert, get_ima_mok_keyring()); if (!ret) - prep->trusted = 1; + prep->trusted = true; } /* Propose a description */
Re: [PATCH] X.509: Fix test for self-signed certificate
Hi Michal, I have the attached patch already in my queue. David --- commit d19fcb825912c67e09e0575b95accaa42899e07f Author: David Howells Date: Wed Feb 24 14:37:54 2016 + X.509: Don't treat self-signed keys specially Trust for a self-signed certificate can normally only be determined by whether we obtained it from a trusted location (ie. it was built into the kernel at compile time), so there's not really any point in checking it - we could verify that the signature is valid, but it doesn't really tell us anything if the signature checks out. However, there's a bug in the code determining whether a certificate is self-signed or not - if they have neither AKID nor SKID then we just assume that the cert is self-signed, which may not be true. Given this, remove the code that treats self-signed certs specially when it comes to evaluating trustability and attempt to evaluate them as ordinary signed certificates. We then expect self-signed certificates to fail the trustability check and be marked as untrustworthy in x509_key_preparse(). Note that there is the possibility of the trustability check on a self-signed cert then succeeding. This is most likely to happen when a duplicate of the certificate is already on the trust keyring - in which case it shouldn't be a problem. Signed-off-by: David Howells Acked-by: Mimi Zohar cc: David Woodhouse diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 9e9e5a6a9ed6..fd76eca902b8 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -255,6 +255,9 @@ static int x509_validate_trust(struct x509_certificate *cert, struct key *key; int ret = 1; + if (!cert->akid_id || !cert->akid_skid) + return 1; + if (!trust_keyring) return -EOPNOTSUPP; @@ -312,19 +315,23 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) cert->pub->algo = pkey_algo[cert->pub->pkey_algo]; cert->pub->id_type = PKEY_ID_X509; - /* Check the signature on the key if it appears to be self-signed */ - if ((!cert->akid_skid && !cert->akid_id) || - asymmetric_key_id_same(cert->skid, cert->akid_skid) || - asymmetric_key_id_same(cert->id, cert->akid_id)) { - ret = x509_check_signature(cert->pub, cert); /* self-signed */ - if (ret < 0) - goto error_free_cert; - } else if (!prep->trusted) { + /* See if we can derive the trustability of this certificate. +* +* When it comes to self-signed certificates, we cannot evaluate +* trustedness except by the fact that we obtained it from a trusted +* location. So we just rely on x509_validate_trust() failing in this +* case. +* +* Note that there's a possibility of a self-signed cert matching a +* cert that we have (most likely a duplicate that we already trust) - +* in which case it will be marked trusted. +*/ + if (!prep->trusted) { ret = x509_validate_trust(cert, get_system_trusted_keyring()); if (ret) ret = x509_validate_trust(cert, get_ima_mok_keyring()); if (!ret) - prep->trusted = 1; + prep->trusted = true; } /* Propose a description */
Re: [PATCH] X.509: Fix test for self-signed certificate
2016-02-11 21:34 GMT+08:00 Michal Marek: > If either the Subject + subjectKeyId or the Issuer + Serial number > differs between the certificate and the CA, the certificate is not > self-signed. In practice, both will be equal for self-signed > certificates and both will differ for CA-signed certificates. It is only > an issue if the CA used the same serial number for its own self-signed > certificate and the certificate we are checking. This is probably not > valid / recommended, but we should not assume that the certificate is > self-signed because of that. > > Fixes: 4573b64a31cd ("X.509: Support X.509 lookup by Issuer+Serial form > AuthorityKeyIdentifier") > Signed-off-by: Michal Marek Tested-by: Lee, Chun-Yi Regards Joey Lee > --- > crypto/asymmetric_keys/x509_public_key.c | 7 --- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/crypto/asymmetric_keys/x509_public_key.c > b/crypto/asymmetric_keys/x509_public_key.c > index 7092d5cbb5d3..2c46e022a2a3 100644 > --- a/crypto/asymmetric_keys/x509_public_key.c > +++ b/crypto/asymmetric_keys/x509_public_key.c > @@ -308,9 +308,10 @@ static int x509_key_preparse(struct > key_preparsed_payload *prep) > cert->pub->id_type = PKEY_ID_X509; > > /* Check the signature on the key if it appears to be self-signed */ > - if ((!cert->akid_skid && !cert->akid_id) || > - asymmetric_key_id_same(cert->skid, cert->akid_skid) || > - asymmetric_key_id_same(cert->id, cert->akid_id)) { > + if ((!cert->akid_skid || > + asymmetric_key_id_same(cert->skid, cert->akid_skid)) > && > + (!cert->akid_id || > + asymmetric_key_id_same(cert->id, cert->akid_id))) { > ret = x509_check_signature(cert->pub, cert); /* self-signed */ > if (ret < 0) > goto error_free_cert; > -- > 2.1.4 >
Re: [PATCH] X.509: Fix test for self-signed certificate
2016-02-11 21:34 GMT+08:00 Michal Marek : > If either the Subject + subjectKeyId or the Issuer + Serial number > differs between the certificate and the CA, the certificate is not > self-signed. In practice, both will be equal for self-signed > certificates and both will differ for CA-signed certificates. It is only > an issue if the CA used the same serial number for its own self-signed > certificate and the certificate we are checking. This is probably not > valid / recommended, but we should not assume that the certificate is > self-signed because of that. > > Fixes: 4573b64a31cd ("X.509: Support X.509 lookup by Issuer+Serial form > AuthorityKeyIdentifier") > Signed-off-by: Michal Marek Tested-by: Lee, Chun-Yi Regards Joey Lee > --- > crypto/asymmetric_keys/x509_public_key.c | 7 --- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/crypto/asymmetric_keys/x509_public_key.c > b/crypto/asymmetric_keys/x509_public_key.c > index 7092d5cbb5d3..2c46e022a2a3 100644 > --- a/crypto/asymmetric_keys/x509_public_key.c > +++ b/crypto/asymmetric_keys/x509_public_key.c > @@ -308,9 +308,10 @@ static int x509_key_preparse(struct > key_preparsed_payload *prep) > cert->pub->id_type = PKEY_ID_X509; > > /* Check the signature on the key if it appears to be self-signed */ > - if ((!cert->akid_skid && !cert->akid_id) || > - asymmetric_key_id_same(cert->skid, cert->akid_skid) || > - asymmetric_key_id_same(cert->id, cert->akid_id)) { > + if ((!cert->akid_skid || > + asymmetric_key_id_same(cert->skid, cert->akid_skid)) > && > + (!cert->akid_id || > + asymmetric_key_id_same(cert->id, cert->akid_id))) { > ret = x509_check_signature(cert->pub, cert); /* self-signed */ > if (ret < 0) > goto error_free_cert; > -- > 2.1.4 >
[PATCH] X.509: Fix test for self-signed certificate
If either the Subject + subjectKeyId or the Issuer + Serial number differs between the certificate and the CA, the certificate is not self-signed. In practice, both will be equal for self-signed certificates and both will differ for CA-signed certificates. It is only an issue if the CA used the same serial number for its own self-signed certificate and the certificate we are checking. This is probably not valid / recommended, but we should not assume that the certificate is self-signed because of that. Fixes: 4573b64a31cd ("X.509: Support X.509 lookup by Issuer+Serial form AuthorityKeyIdentifier") Signed-off-by: Michal Marek --- crypto/asymmetric_keys/x509_public_key.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 7092d5cbb5d3..2c46e022a2a3 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -308,9 +308,10 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) cert->pub->id_type = PKEY_ID_X509; /* Check the signature on the key if it appears to be self-signed */ - if ((!cert->akid_skid && !cert->akid_id) || - asymmetric_key_id_same(cert->skid, cert->akid_skid) || - asymmetric_key_id_same(cert->id, cert->akid_id)) { + if ((!cert->akid_skid || + asymmetric_key_id_same(cert->skid, cert->akid_skid)) && + (!cert->akid_id || + asymmetric_key_id_same(cert->id, cert->akid_id))) { ret = x509_check_signature(cert->pub, cert); /* self-signed */ if (ret < 0) goto error_free_cert; -- 2.1.4
[PATCH] X.509: Fix test for self-signed certificate
If either the Subject + subjectKeyId or the Issuer + Serial number differs between the certificate and the CA, the certificate is not self-signed. In practice, both will be equal for self-signed certificates and both will differ for CA-signed certificates. It is only an issue if the CA used the same serial number for its own self-signed certificate and the certificate we are checking. This is probably not valid / recommended, but we should not assume that the certificate is self-signed because of that. Fixes: 4573b64a31cd ("X.509: Support X.509 lookup by Issuer+Serial form AuthorityKeyIdentifier") Signed-off-by: Michal Marek--- crypto/asymmetric_keys/x509_public_key.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 7092d5cbb5d3..2c46e022a2a3 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -308,9 +308,10 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) cert->pub->id_type = PKEY_ID_X509; /* Check the signature on the key if it appears to be self-signed */ - if ((!cert->akid_skid && !cert->akid_id) || - asymmetric_key_id_same(cert->skid, cert->akid_skid) || - asymmetric_key_id_same(cert->id, cert->akid_id)) { + if ((!cert->akid_skid || + asymmetric_key_id_same(cert->skid, cert->akid_skid)) && + (!cert->akid_id || + asymmetric_key_id_same(cert->id, cert->akid_id))) { ret = x509_check_signature(cert->pub, cert); /* self-signed */ if (ret < 0) goto error_free_cert; -- 2.1.4