Re: [RFC][PATCH 00/16] Crypto keys and module signing [ver #2]

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: David Howells <dhowells@redhat.com>
To: "H. Peter Anvin" <h.peter.anvin@intel.com>
Cc: dhowells@redhat.com, keyrings@linux-nfs.org,
	linux-crypto@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org, dmitry.kasatkin@intel.com,
	zohar@linux.vnet.ibm.com, arjan.van.de.ven@intel.com,
	alan.cox@intel.com
Subject: Re: [RFC][PATCH 00/16] Crypto keys and module signing [ver #2]
Date: Mon, 05 Dec 2011 11:43:39 +0000	[thread overview]
Message-ID: <776.1323085419@redhat.com> (raw)
In-Reply-To: <4EDCABBD.9020401@intel.com>

H. Peter Anvin <h.peter.anvin@intel.com> wrote:

> Do we really need the complexity of a full OpenPGP parser?  Parsers are
> notorious security problems.

Actually, I don't have a full PGP parser.  I only handle the minimum I need.
It can parse the packet stream, public key packets and signature packets.
That's it.  I cannot guarantee that GPG is always going to put packets in the
stream in the same order, and dealing with the possible variation should be
simple enough.

Note that it might be possible to share the parser with other things like
eCryptFS.

> Furthermore, using DSA in anything but a hard legacy application is not
> something you want to encourage, so why support DSA?

Because DSA is what Red Hat currently uses in its module signing.  So the first
thing to do was to get that working again and then work on getting RSA working.
If I just jumped straight into the RSA parser, I would have a lot more stuff
that might be wrong; doing DSA first at least validated the common stuff.

However, we don't have to include the DSA stuff in the kernel; I can always
discard that patch from the upstream-aimed patchset.

David

next prev parent reply	other threads:[~2011-12-05 11:44 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-11-29 23:42 [RFC][PATCH 00/16] Crypto keys and module signing [ver #2] David Howells
2011-11-29 23:43 ` [PATCH 01/16] MPILIB: Export some more symbols " David Howells
2011-11-29 23:43 ` [PATCH 02/16] MPILIB: Add a missing ENOMEM check " David Howells
2011-11-30 15:28   ` Serge Hallyn
2011-11-30 17:00     ` David Howells
2011-11-29 23:43 ` [PATCH 03/16] KEYS: Permit key_serial() to be called with a const key pointer " David Howells
2011-11-29 23:43 ` [PATCH 04/16] PGP: Add definitions (RFC 4880) and packet parser " David Howells
2011-12-04 16:03   ` Ben Hutchings
2011-12-05 11:21     ` David Howells
2011-11-29 23:44 ` [PATCH 05/16] KEYS: Create a key type that can be used for general cryptographic operations " David Howells
2011-11-29 23:44 ` [PATCH 06/16] KEYS: Add a DSA crypto key subtype " David Howells
2011-11-29 23:44 ` [PATCH 07/16] KEYS: Add a RSA " David Howells
2011-11-29 23:44 ` [PATCH 08/16] PGP: Add signature parser " David Howells
2011-11-29 23:44 ` [PATCH 09/16] KEYS: Add signature verification facility " David Howells
2011-11-29 23:45 ` [PATCH 10/16] KEYS: DSA key signature verification " David Howells
2011-11-29 23:45 ` [PATCH 11/16] KEYS: RSA " David Howells
2011-11-29 23:45 ` [PATCH 12/16] KEYS: Add a crypto key request function " David Howells
2011-11-29 23:45 ` [PATCH 13/16] KEYS: Provide a function to load keys from a PGP keyring blob " David Howells
2011-11-29 23:45 ` [PATCH 14/16] MODSIGN: Add indications of module ELF types " David Howells
2011-11-29 23:46 ` [PATCH 15/16] MODSIGN: Module ELF verifier " David Howells
2011-11-29 23:46 ` [PATCH 16/16] MODSIGN: Apply signature checking to modules on module load " David Howells
2011-11-30 11:01 ` [RFC][PATCH 00/16] Crypto keys and module signing " Greg KH
2011-12-05 11:32 ` H. Peter Anvin
2011-12-05 11:43   ` David Howells [this message]
2011-12-06  0:54     ` [Keyrings] " James Morris
2011-12-07 14:29       ` David Howells

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=776.1323085419@redhat.com \
    --to=dhowells@redhat.com \
    --cc=alan.cox@intel.com \
    --cc=arjan.van.de.ven@intel.com \
    --cc=dmitry.kasatkin@intel.com \
    --cc=h.peter.anvin@intel.com \
    --cc=keyrings@linux-nfs.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=zohar@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox