From: David Howells <dhowells@redhat.com>
To: "Kasatkin, Dmitry" <dmitry.kasatkin@intel.com>
Cc: dhowells@redhat.com, herbert@gondor.hengli.com.au,
rusty@rustcorp.com.au, pjones@redhat.com, jwboyer@redhat.com,
linux-crypto@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, keyrings@linux-nfs.org
Subject: Re: [GIT PULL] Asymmetric keys and module signing
Date: Tue, 25 Sep 2012 17:15:06 +0100 [thread overview]
Message-ID: <8373.1348589706@warthog.procyon.org.uk> (raw)
In-Reply-To: <CALLzPKaMV=te6XWS5zi43RYa4uJ9sADDizcsM_3=sOa9wayGCQ@mail.gmail.com>
Kasatkin, Dmitry <dmitry.kasatkin@intel.com> wrote:
> Just one question about key description...
> request_asymmetric_key uses format for key description: "<signer>: <key-id>".
> Preparsing code creates description from those values.
> I see that key id is not 8 bytes anymore but full hash size of 20 bytes.
Remember: This is for viewing via /proc/keys and KEYCTL_DESCRIBE as much as
for matching.
> For practical reasons for IMA it might be nice to save some space in
> xattrs and use shorter key id/description.
That's reasonable.
> As I understand from implementation, if key name is provided with "keyctl
> add", it will not be replaced with preparsed value.
Correct.
> And we can actually use any keyid we want?
Yes.
Note: The key type ->match() function is not required to limit itself to a
direct strcmp(). It is at liberty to partially match the description or any
other data attached to the key.
Look at asymmetric_key_match() in crypto/asymmetric/asymmetric_type.c. If you
do a search for:
"id:<hex-string>"
this will do a partial tail match on the key fingerprint:
[root@andromeda ~]# keyctl padd asymmetric "" @s </tmp/uefi-x509
289786205
[root@andromeda ~]# cat /proc/keys
1145c95d I--Q--- 1 perm 39390000 0 0 asymmetri Red Hat Test Certificate: 3580cf35d76b3b667a40df66691cbcf87353b23c: X509.RSA 7353b23c []
...
[root@andromeda ~]# keyctl search @s asymmetric "id:53b23c"
289786205
As an optimisation, it might be worth internally calling keyring_search_aux()
with our own match function that takes a binary key ID and storing the
fingerprint as binary rather than hex (attached to key->type_data.p[1]).
The type match function can only take text strings as it has to be invoked
from userspace.
David
next prev parent reply other threads:[~2012-09-25 16:15 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-25 0:07 [GIT PULL] Asymmetric keys and module signing David Howells
2012-09-25 0:11 ` David Howells
2012-09-25 15:09 ` Wrong system clock vs X.509 date specifiers David Howells
2012-09-25 15:30 ` Alan Cox
2013-03-14 10:48 ` David Woodhouse
2013-03-14 12:24 ` [PATCH] Fix x509_key_preparse() not to reject keys outside their validity time range David Woodhouse
2013-03-19 21:06 ` Alexander Holler
2012-09-25 15:35 ` Wrong system clock vs X.509 date specifiers David Howells
2012-09-25 15:43 ` Paolo Bonzini
2012-09-25 16:00 ` Alan Cox
2012-09-25 16:02 ` Tomas Mraz
2012-09-25 17:31 ` David Howells
2012-09-25 18:39 ` Tomas Mraz
2012-09-25 21:57 ` David Howells
2012-09-25 15:44 ` [GIT PULL] Asymmetric keys and module signing Kasatkin, Dmitry
2012-09-25 16:15 ` David Howells [this message]
2012-09-26 3:46 ` Rusty Russell
2012-09-27 2:04 ` Mimi Zohar
2012-09-28 6:54 ` Rusty Russell
2012-09-28 6:27 ` Geert Uytterhoeven
2012-09-28 8:00 ` David Howells
2012-09-26 9:09 ` David Howells
2012-09-27 0:12 ` Rusty Russell
2012-09-27 9:08 ` David Howells
2012-09-28 5:55 ` Rusty Russell
2012-09-28 5:58 ` [PATCH 1/2] modsign: don't use bashism in sh scripts Rusty Russell
2012-09-28 5:59 ` [PATCH 2/2] modules: don't call eu-strip if it doesn't exist Rusty Russell
2012-09-28 6:05 ` [GIT PULL] Asymmetric keys and module signing Rusty Russell
2012-09-28 8:09 ` David Howells
2012-09-29 6:53 ` Rusty Russell
2012-09-29 7:13 ` David Howells
2012-10-01 20:41 ` Josh Boyer
2012-10-02 3:28 ` Rusty Russell
2012-10-02 12:17 ` Josh Boyer
2012-09-29 7:16 ` David Howells
2012-10-02 6:12 ` Rusty Russell
2012-10-02 14:07 ` David Howells
2012-10-03 23:22 ` Rusty Russell
2012-10-09 10:55 ` Kasatkin, Dmitry
2012-10-10 9:37 ` Rusty Russell
2012-09-28 8:10 ` [PATCH 1/2] modsign: don't use bashism in sh scripts David Howells
2012-10-02 2:24 ` Rusty Russell
2012-09-28 8:11 ` [PATCH 2/2] modules: don't call eu-strip if it doesn't exist David Howells
2012-09-28 8:13 ` [GIT PULL] Asymmetric keys and module signing David Howells
2012-09-28 9:23 ` David Howells
2012-09-28 10:31 ` David Howells
2012-10-03 17:50 ` [patch] MODSIGN: Fix build error with strict typechecking David Rientjes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8373.1348589706@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=dmitry.kasatkin@intel.com \
--cc=herbert@gondor.hengli.com.au \
--cc=jwboyer@redhat.com \
--cc=keyrings@linux-nfs.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=pjones@redhat.com \
--cc=rusty@rustcorp.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).