From: Mimi Zohar <zohar@linux.ibm.com>
To: Vitaly Chikunov <vt@altlinux.org>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
linux-integrity@vger.kernel.org
Subject: Re: [PATCH v5 01/11] ima-evm-utils: Make sure sig buffer is always MAX_SIGNATURE_SIZE
Date: Fri, 21 Jun 2019 07:08:12 -0400 [thread overview]
Message-ID: <1561115292.4057.70.camel@linux.ibm.com> (raw)
In-Reply-To: <20190621065913.a3plltlinylkdkeb@altlinux.org>
On Fri, 2019-06-21 at 09:59 +0300, Vitaly Chikunov wrote:
> On Thu, Jun 20, 2019 at 05:42:18PM -0400, Mimi Zohar wrote:
> > On Tue, 2019-06-18 at 16:56 +0300, Vitaly Chikunov wrote:
> > > Fix off-by-one error of the output buffer passed to sign_hash().
> > >
> > > Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
> > > ---
> > > src/evmctl.c | 4 ++--
> > > 1 file changed, 2 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/src/evmctl.c b/src/evmctl.c
> > > index 15a7226..03f41fe 100644
> > > --- a/src/evmctl.c
> > > +++ b/src/evmctl.c
> > > @@ -510,7 +510,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
> > > static int sign_evm(const char *file, const char *key)
> > > {
> > > unsigned char hash[MAX_DIGEST_SIZE];
> > > - unsigned char sig[MAX_SIGNATURE_SIZE];
> > > + unsigned char sig[MAX_SIGNATURE_SIZE + 1];
> > > int len, err;
> > >
> > > len = calc_evm_hash(file, hash);
> > > @@ -519,7 +519,7 @@ static int sign_evm(const char *file, const char *key)
> > > return len;
> > >
> > > len = sign_hash(params.hash_algo, hash, len, key, NULL, sig + 1);
> > > - assert(len < sizeof(sig));
> > > + assert(len <= MAX_SIGNATURE_SIZE);
> > > if (len <= 1)
> > > return len;
> > >
> >
> > A similar problem occurs in sign_ima. Without these changes
> > sign_hash() succeeds, returning a length of 520 for
> > sha256/streebog256.
>
> I will add it. Also, I found more similar errors and will fix them together.
The first byte of sig is reserved for the type of signature. The
remaining buffer is for the signature itself. The existing
"assert(len < sizeof(sig))" is therefore correct. The sig size being
returned is less than 1023, so why is this change needed?
Mimi
next prev parent reply other threads:[~2019-06-21 11:08 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-18 13:56 [PATCH v5 00/11] ima-evm-utils: Convert sign v2 from RSA to EVP_PKEY API Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 01/11] ima-evm-utils: Make sure sig buffer is always MAX_SIGNATURE_SIZE Vitaly Chikunov
2019-06-20 21:42 ` Mimi Zohar
2019-06-21 6:59 ` Vitaly Chikunov
2019-06-21 11:08 ` Mimi Zohar [this message]
2019-06-21 11:22 ` Vitaly Chikunov
2019-06-21 11:27 ` Mimi Zohar
2019-06-21 12:28 ` Vitaly Chikunov
2019-06-21 13:03 ` Mimi Zohar
2019-06-23 8:36 ` Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 02/11] ima-evm-utils: Change read_pub_key to use EVP_PKEY API Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 03/11] ima-evm-utils: Change read_priv_key " Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 04/11] ima-evm-utils: Start converting calc keyid v2 to " Vitaly Chikunov
2019-06-19 11:56 ` Mimi Zohar
2019-06-18 13:56 ` [PATCH v5 05/11] ima-evm-utils: Convert cmd_import to use " Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 06/11] ima-evm-utils: Start converting find_keyid " Vitaly Chikunov
2019-06-19 12:26 ` Mimi Zohar
2019-06-19 15:43 ` Vitaly Chikunov
2019-06-19 16:46 ` Mimi Zohar
2019-06-20 1:07 ` Vitaly Chikunov
2019-06-20 13:21 ` Mimi Zohar
2019-06-20 13:40 ` Mimi Zohar
2019-06-20 14:23 ` Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 07/11] ima-evm-utils: Convert verify_hash_v2 to " Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 08/11] ima-evm-utils: Finish conversion of find_keyid " Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 09/11] ima-evm-utils: Convert sign_hash_v2 to use " Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 10/11] ima-evm-utils: Finish converting calc keyid v2 to " Vitaly Chikunov
2019-06-18 13:56 ` [PATCH v5 11/11] ima-evm-utils: Remove RSA_ASN1_templates Vitaly Chikunov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1561115292.4057.70.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=linux-integrity@vger.kernel.org \
--cc=vt@altlinux.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).