From: Eric Biggers <ebiggers@kernel.org>
To: Mimi Zohar <zohar@linux.ibm.com>
Cc: Chuck Lever <chuck.lever@oracle.com>,
linux-fscrypt@vger.kernel.org, linux-integrity@vger.kernel.org,
Linux NFS Mailing List <linux-nfs@vger.kernel.org>
Subject: Re: IMA metadata format to support fs-verity
Date: Wed, 26 Aug 2020 18:00:16 -0700 [thread overview]
Message-ID: <20200827010016.GA2387969@gmail.com> (raw)
In-Reply-To: <ced0c57308b0056396d4795a639e6d9686f0e163.camel@linux.ibm.com>
On Wed, Aug 26, 2020 at 08:53:33PM -0400, Mimi Zohar wrote:
> On Wed, 2020-08-26 at 13:51 -0700, Eric Biggers wrote:
> > Of course, the bytes that are actually signed need to include not just the hash
> > itself, but also the type of hash algorithm that was used. Else it's ambiguous
> > what the signer intended to sign.
> >
> > Unfortunately, currently EVM appears to sign a raw hash, which means it is
> > broken, as the hash algorithm is not authenticated. I.e. if the bytes
> > e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 are signed,
> > there's no way to prove that the signer meant to sign a SHA-256 hash, as opposed
> > to, say, a Streebog hash. So that will need to be fixed anyway. While doing
> > so, you should reserve some fields so that there's also a flag available to
> > indicate whether the hash is a traditional full file hash or a fs-verity hash.
>
> The original EVM HMAC is still sha1, but the newer portable & immutable
> EVM signature supports different hash algorithms.
>
Read what I wrote again. I'm talking about the bytes that are actually signed.
- Eric
next prev parent reply other threads:[~2020-08-27 1:00 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-26 17:13 IMA metadata format to support fs-verity Chuck Lever
2020-08-26 18:31 ` Eric Biggers
2020-08-26 18:56 ` Chuck Lever
2020-08-26 19:24 ` Eric Biggers
2020-08-26 19:51 ` Chuck Lever
2020-08-26 20:51 ` Eric Biggers
2020-08-27 0:53 ` Mimi Zohar
2020-08-27 1:00 ` Eric Biggers [this message]
2020-08-27 13:10 ` Mimi Zohar
2020-08-27 0:50 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200827010016.GA2387969@gmail.com \
--to=ebiggers@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.