22 Apr, 2013
1 commit
-
Per X.509 spec in 4.2.1.1 section, the structure of Authority Key
Identifier Extension is:AuthorityKeyIdentifier ::= SEQUENCE {
keyIdentifier [0] KeyIdentifier OPTIONAL,
authorityCertIssuer [1] GeneralNames OPTIONAL,
authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }KeyIdentifier ::= OCTET STRING
When a certificate also provides
authorityCertIssuer and authorityCertSerialNumber then the length of
AuthorityKeyIdentifier SEQUENCE is likely to long form format.
e.g.
The example certificate demos/tunala/A-server.pem in openssl source:X509v3 Authority Key Identifier:
keyid:49:FB:45:72:12:C4:CC:E1:45:A1:D3:08:9E:95:C4:2C:6D:55:3F:17
DirName:/C=NZ/L=Wellington/O=Really Irresponsible Authorisation Authority (RIAA)/OU=Cert-stamping/CN=Jackov al-Trades/emailAddress=none@fake.domain
serial:00Current parsing rule of OID_authorityKeyIdentifier only take care the
short form format, it causes load certificate to modsign_keyring fail:[ 12.061147] X.509: Extension: 47
[ 12.075121] MODSIGN: Problem loading in-kernel X.509 certificate (-74)So, this patch add the parsing rule for support long form format against
Authority Key Identifier.v3:
Changed the size check in "Short Form length" case, we allow v[3] smaller
then (vlen - 4) because authorityCertIssuer and authorityCertSerialNumber
are also possible attach in AuthorityKeyIdentifier sequence.v2:
- Removed comma from author's name.
- Moved 'Short Form length' comment inside the if-body.
- Changed the type of sub to size_t.
- Use ASN1_INDEFINITE_LENGTH rather than writing 0x80 and 127.
- Moved the key_len's value assignment before alter v.
- Fixed the typo of octets.
- Add 2 to v before entering the loop for calculate the length.
- Removed the comment of check vlen.Cc: Rusty Russell
Cc: Josh Boyer
Cc: Randy Dunlap
Cc: Herbert Xu
Cc: "David S. Miller"
Acked-by: David Howells
Signed-off-by: Chun-Yi Lee
Signed-off-by: Rusty Russell
10 Oct, 2012
3 commits
-
Some debugging printk() calls should've been converted to pr_devel() calls.
Do that now.Signed-off-by: David Howells
Signed-off-by: Rusty Russell -
Fix printk format warning in x509_cert_parser.c:
crypto/asymmetric_keys/x509_cert_parser.c: In function 'x509_note_OID':
crypto/asymmetric_keys/x509_cert_parser.c:113:3: warning: format '%zu' expects type 'size_t', but argument 2 has type 'long unsigned int'Builds cleanly on i386 and x86_64.
Signed-off-by: Randy Dunlap
Cc: David Howells
Cc: Herbert Xu
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Rusty Russell -
The current choice of lifetime for the autogenerated X.509 of 100 years,
putting the validTo date in 2112, causes problems on 32-bit systems where a
32-bit time_t wraps in 2106. 64-bit x86_64 systems seem to be unaffected.This can result in something like:
Loading module verification certificates
X.509: Cert 6e03943da0f3b015ba6ed7f5e0cac4fe48680994 has expired
MODSIGN: Problem loading in-kernel X.509 certificate (-127)Or:
X.509: Cert 6e03943da0f3b015ba6ed7f5e0cac4fe48680994 is not yet valid
MODSIGN: Problem loading in-kernel X.509 certificate (-129)Instead of turning the dates into time_t values and comparing, turn the system
clock and the ASN.1 dates into tm structs and compare those piecemeal instead.Reported-by: Rusty Russell
Signed-off-by: David Howells
Acked-by: Josh Boyer
Signed-off-by: Rusty Russell
08 Oct, 2012
7 commits
-
Add a crypto key parser for binary (DER) encoded X.509 certificates. The
certificate is parsed and, if possible, the signature is verified.An X.509 key can be added like this:
# keyctl padd crypto bar @s
Signed-off-by: Rusty Russell -
gpg can produce a signature file where length of signature is less than the
modulus size because the amount of space an MPI takes up is kept as low as
possible by discarding leading zeros. This regularly happens for several
modules during the build.Fix it by relaxing check in RSA verification code.
Thanks to Tomas Mraz and Miloslav Trmac for help.
Signed-off-by: Milan Broz
Signed-off-by: David Howells
Signed-off-by: Rusty Russell -
Implement RSA public key cryptography [PKCS#1 / RFC3447]. At this time, only
the signature verification algorithm is supported. This uses the asymmetric
public key subtype to hold its key data.Signed-off-by: David Howells
Signed-off-by: Rusty Russell -
Provide signature verification using an asymmetric-type key to indicate the
public key to be used.The API is a single function that can be found in crypto/public_key.h:
int verify_signature(const struct key *key,
const struct public_key_signature *sig)The first argument is the appropriate key to be used and the second argument
is the parsed signature data:struct public_key_signature {
u8 *digest;
u16 digest_size;
enum pkey_hash_algo pkey_hash_algo : 8;
union {
MPI mpi[2];
struct {
MPI s; /* m^d mod n */
} rsa;
struct {
MPI r;
MPI s;
} dsa;
};
};This should be filled in prior to calling the function. The hash algorithm
should already have been called and the hash finalised and the output should
be in a buffer pointed to by the 'digest' member.Any extra data to be added to the hash by the hash format (eg. PGP) should
have been added by the caller prior to finalising the hash.It is assumed that the signature is made up of a number of MPI values. If an
algorithm becomes available for which this is not the case, the above structure
will have to change.It is also assumed that it will have been checked that the signature algorithm
matches the key algorithm.Signed-off-by: David Howells
Signed-off-by: Rusty Russell -
Add a subtype for supporting asymmetric public-key encryption algorithms such
as DSA (FIPS-186) and RSA (PKCS#1 / RFC1337).Signed-off-by: David Howells
Signed-off-by: Rusty Russell -
The instantiation data passed to the asymmetric key type are expected to be
formatted in some way, and there are several possible standard ways to format
the data.The two obvious standards are OpenPGP keys and X.509 certificates. The latter
is especially useful when dealing with UEFI, and the former might be useful
when dealing with, say, eCryptfs.Further, it might be desirable to provide formatted blobs that indicate
hardware is to be accessed to retrieve the keys or that the keys live
unretrievably in a hardware store, but that the keys can be used by means of
the hardware.From userspace, the keys can be loaded using the keyctl command, for example,
an X.509 binary certificate:keyctl padd asymmetric foo @s
Signed-off-by: Rusty Russell -
Create a key type that can be used to represent an asymmetric key type for use
in appropriate cryptographic operations, such as encryption, decryption,
signature generation and signature verification.The key type is "asymmetric" and can provide access to a variety of
cryptographic algorithms.Possibly, this would be better as "public_key" - but that has the disadvantage
that "public key" is an overloaded term.Signed-off-by: David Howells
Signed-off-by: Rusty Russell