From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4722233ADBE; Wed, 28 Jan 2026 23:15:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769642105; cv=none; b=aveKukrJeoPHX54+m7bOI08eVCof7ctUsdQcbSry8B4jXyyKXoAeQWAfd78Fqihw6mBM/J2OpBWGG+l8+MooZwefdPGCwuZdbOjyW8xUYmSSTdjUcwQBJrPDAFhHMu/chmHCYy0st55mz5eEHvVQiIxN1/Y8bk49V0DM6bql4i0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769642105; c=relaxed/simple; bh=BwOEG0K4gspcwYgfqCYRp2ZcR11PloWhIkq/xhMlA+I=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=kAsTtsAoeTPWQkMseBR3WnMio5CLRHs9pZH3cXmtYRVxSRfjL6X94VMleoW9ol/s7ee6GIogM7RKNZdoG5WItjT4pO4DtMbPQyMrvWEYgqYW/ItjUZOqdueH6XDDIhHs9NW550ezoSvzC+1kHKI5HpV3HWWhF2Jqqt4s+ms3F0Q= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mrH9Ila4; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mrH9Ila4" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 15E42C4CEF1; Wed, 28 Jan 2026 23:15:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1769642104; bh=BwOEG0K4gspcwYgfqCYRp2ZcR11PloWhIkq/xhMlA+I=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=mrH9Ila4z5UTISZc3XhXloqQEaPVqE0JILJReIrMSThiFuboqxaDKDhTUj77vT/Y6 rNvotD3xXzQ7iWMtM2Xt3qVg87f9kX2XDQ/WxQdQqnm93VBPFgeJR0SOV2ZFfBxb1l kDVIYlftArsum1ek/PT6AGq1peyCymulx13UoFE6JhuWibvwg9hP3+sHK3s1vhGozW cC+N8Vc7gsN7+DVovuf0RPBLygrP+e/7cm+o9fNjZw+tovMWQJOD3RO0Iw1WvDxghF cDWKvH79SuP//BHFz/na3XP47kfRTBSfUK3ypMTSDi+qHZsK6wvwNgxkhJWm3O+z1t avoaYoAuH9w6Q== Date: Thu, 29 Jan 2026 01:14:59 +0200 From: Jarkko Sakkinen To: David Howells Cc: Lukas Wunner , Ignat Korchagin , Herbert Xu , Eric Biggers , Luis Chamberlain , Petr Pavlu , Daniel Gomez , Sami Tolvanen , "Jason A . Donenfeld" , Ard Biesheuvel , Stephan Mueller , linux-crypto@vger.kernel.org, keyrings@vger.kernel.org, linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v15 2/7] x509: Separately calculate sha256 for blacklist Message-ID: References: <20260126142931.1940586-1-dhowells@redhat.com> <20260126142931.1940586-3-dhowells@redhat.com> Precedence: bulk X-Mailing-List: linux-modules@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260126142931.1940586-3-dhowells@redhat.com> On Mon, Jan 26, 2026 at 02:29:23PM +0000, David Howells wrote: > Calculate the SHA256 hash for blacklisting purposes independently of the > signature hash (which may be something other than SHA256). > > This is necessary because when ML-DSA is used, no digest is calculated. > > Note that this represents a change of behaviour in that the hash used for > the blacklist check would previously have been whatever digest was used > for, say, RSA-based signatures. It may be that this is inadvisable. > > Signed-off-by: David Howells > cc: Lukas Wunner > cc: Ignat Korchagin > cc: Stephan Mueller > cc: Eric Biggers > cc: Herbert Xu > cc: keyrings@vger.kernel.org > cc: linux-crypto@vger.kernel.org > --- > crypto/asymmetric_keys/x509_parser.h | 2 ++ > crypto/asymmetric_keys/x509_public_key.c | 22 +++++++++++++--------- > 2 files changed, 15 insertions(+), 9 deletions(-) > > diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h > index 0688c222806b..b7aeebdddb36 100644 > --- a/crypto/asymmetric_keys/x509_parser.h > +++ b/crypto/asymmetric_keys/x509_parser.h > @@ -9,12 +9,14 @@ > #include > #include > #include > +#include > > struct x509_certificate { > struct x509_certificate *next; > struct x509_certificate *signer; /* Certificate that signed this one */ > struct public_key *pub; /* Public key details */ > struct public_key_signature *sig; /* Signature parameters */ > + u8 sha256[SHA256_DIGEST_SIZE]; /* Hash for blacklist purposes */ > char *issuer; /* Name of certificate issuer */ > char *subject; /* Name of certificate subject */ > struct asymmetric_key_id *id; /* Issuer + Serial number */ > diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c > index 12e3341e806b..79cc7b7a0630 100644 > --- a/crypto/asymmetric_keys/x509_public_key.c > +++ b/crypto/asymmetric_keys/x509_public_key.c > @@ -31,6 +31,19 @@ int x509_get_sig_params(struct x509_certificate *cert) > > pr_devel("==>%s()\n", __func__); > > + /* Calculate a SHA256 hash of the TBS and check it against the > + * blacklist. > + */ > + sha256(cert->tbs, cert->tbs_size, cert->sha256); > + ret = is_hash_blacklisted(cert->sha256, sizeof(cert->sha256), > + BLACKLIST_HASH_X509_TBS); > + if (ret == -EKEYREJECTED) { > + pr_err("Cert %*phN is blacklisted\n", > + (int)sizeof(cert->sha256), cert->sha256); > + cert->blacklisted = true; > + ret = 0; > + } > + > sig->s = kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL); > if (!sig->s) > return -ENOMEM; > @@ -69,15 +82,6 @@ int x509_get_sig_params(struct x509_certificate *cert) > if (ret < 0) > goto error_2; > > - ret = is_hash_blacklisted(sig->digest, sig->digest_size, > - BLACKLIST_HASH_X509_TBS); > - if (ret == -EKEYREJECTED) { > - pr_err("Cert %*phN is blacklisted\n", > - sig->digest_size, sig->digest); > - cert->blacklisted = true; > - ret = 0; > - } > - > error_2: > kfree(desc); > error: > Reviewed-by: Jarkko Sakkinen BR, Jarkko