From: Antony Vennard <antony@vennard.ch>
To: Eric Biggers <ebiggers@kernel.org>
Cc: James Bottomley <James.Bottomley@hansenpartnership.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Roberto Sassu <roberto.sassu@huawei.com>,
dhowells@redhat.com, dwmw2@infradead.org,
herbert@gondor.apana.org.au, davem@davemloft.net,
keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-integrity@vger.kernel.org, linux-fscrypt@vger.kernel.org,
linux-kernel@vger.kernel.org, zohar@linux.ibm.com
Subject: Re: [PATCH 00/14] KEYS: Add support for PGP keys and signatures
Date: Sun, 23 Jan 2022 22:00:18 +0100 [thread overview]
Message-ID: <24206663-b0ee-8c99-28c3-da4d433dee9d@vennard.ch> (raw)
In-Reply-To: <YedHR93wPLS/JEsE@sol.localdomain>
On 19/01/2022 00:03, Eric Biggers wrote:
> On Tue, Jan 18, 2022 at 09:50:21PM +0100, Antony Vennard wrote:
>>
>> Hi All,
> It's worth noting that if fs-verity built-in signatures are used, a trusted
> userspace program is still required to determine and enforce the policy of which
> files are required to be signed. The kernel only handles the actual signature
> verification. This was basically a proof-of-concept which reused the kernel's
> module signature verification code (which happens to use PKCS#7).
>
> I'd encourage new users to either go all-in on a userspace solution, using a
> trusted userspace program to verify signatures of fs-verity file digests;
> *or* go all-in on an in-kernel solution, using the IMA support for fs-verity
> which Mimi Zohar is working on. A userspace solution could use a simple
> signature format, using a modern algorithm such as Ed25519. IMA uses a simple
> signature format too, though it uses a complex format (X.509) for public keys.
FWIW I checked some of the options for hardware key storage. Thales HSMs
support Ed25519, at least according to their marketing materials.
Similarly Javacard 3.1 supports (will support) X/Ed 25519/448, so when
tokens supporting this emerge (if they haven't already) hardware support
for modern algorithms should exist too.
I therefore agree. Use Ed25519.
Antony
next prev parent reply other threads:[~2022-01-23 21:00 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-11 18:03 [PATCH 00/14] KEYS: Add support for PGP keys and signatures Roberto Sassu
2022-01-11 18:03 ` [PATCH 01/14] mpi: Introduce mpi_key_length() Roberto Sassu
2022-01-11 18:03 ` [PATCH 02/14] rsa: add parser of raw format Roberto Sassu
2022-01-11 18:03 ` [PATCH 03/14] PGPLIB: PGP definitions (RFC 4880) Roberto Sassu
2022-01-11 18:03 ` [PATCH 04/14] PGPLIB: Basic packet parser Roberto Sassu
2022-01-11 18:03 ` [PATCH 05/14] PGPLIB: Signature parser Roberto Sassu
2022-01-11 18:03 ` [PATCH 06/14] KEYS: PGP data parser Roberto Sassu
2022-01-11 18:03 ` [PATCH 07/14] KEYS: Provide PGP key description autogeneration Roberto Sassu
2022-01-11 18:03 ` [PATCH 08/14] KEYS: PGP-based public key signature verification Roberto Sassu
2022-01-11 18:03 ` [PATCH 09/14] KEYS: Retry asym key search with partial ID in restrict_link_by_signature() Roberto Sassu
2022-01-11 18:03 ` [PATCH 10/14] KEYS: Calculate key digest and get signature of the key Roberto Sassu
2022-01-11 18:03 ` [PATCH 11/14] verification: introduce verify_pgp_signature() Roberto Sassu
2022-01-11 18:03 ` [PATCH 12/14] PGP: Provide a key type for testing PGP signatures Roberto Sassu
2022-01-11 18:03 ` [PATCH 13/14] KEYS: Provide a function to load keys from a PGP keyring blob Roberto Sassu
2022-01-11 18:03 ` [PATCH 14/14] KEYS: Introduce load_pgp_public_keyring() Roberto Sassu
2022-01-11 20:33 ` [PATCH 00/14] KEYS: Add support for PGP keys and signatures Maciej S. Szmigiero
2022-01-12 9:16 ` Roberto Sassu
2022-01-12 20:15 ` Maciej S. Szmigiero
2022-01-13 9:11 ` Roberto Sassu
2022-01-17 14:34 ` Jason A. Donenfeld
2022-01-17 15:02 ` James Bottomley
2022-01-18 20:50 ` Antony Vennard
2022-01-18 23:03 ` Eric Biggers
2022-01-19 13:25 ` Roberto Sassu
2022-01-21 16:50 ` Roberto Sassu
2022-01-23 21:00 ` Antony Vennard [this message]
2022-01-19 13:02 ` Roberto Sassu
2022-01-17 15:21 ` Roberto Sassu
2022-01-18 18:49 ` Jason A. Donenfeld
2022-01-17 16:59 ` Konstantin Ryabitsev
2022-01-17 17:04 ` Konstantin Ryabitsev
2022-01-17 20:59 ` Maciej S. Szmigiero
2022-01-17 21:54 ` Konstantin Ryabitsev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=24206663-b0ee-8c99-28c3-da4d433dee9d@vennard.ch \
--to=antony@vennard.ch \
--cc=James.Bottomley@hansenpartnership.com \
--cc=Jason@zx2c4.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dwmw2@infradead.org \
--cc=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=roberto.sassu@huawei.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox