summaryrefslogtreecommitdiff
path: root/crypto/ecrdsa_params.asn1
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2022-02-08 08:24:48 +0300
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2022-04-08 15:22:51 +0300
commita1e55db51a88a9578c0f6c99a8cd9dc6cb20711c (patch)
tree12385180e9e93afe55c3468c1b67b7d5840d4c8b /crypto/ecrdsa_params.asn1
parent255921f63a9ee59371d62f15017c5fd251dcac56 (diff)
downloadlinux-a1e55db51a88a9578c0f6c99a8cd9dc6cb20711c.tar.xz
KEYS: asymmetric: properly validate hash_algo and encoding
commit 590bfb57b2328951d5833979e7ca1d5fde2e609a upstream. It is insecure to allow arbitrary hash algorithms and signature encodings to be used with arbitrary signature algorithms. Notably, ECDSA, ECRDSA, and SM2 all sign/verify raw hash values and don't disambiguate between different hash algorithms like RSA PKCS#1 v1.5 padding does. Therefore, they need to be restricted to certain sets of hash algorithms (ideally just one, but in practice small sets are used). Additionally, the encoding is an integral part of modern signature algorithms, and is not supposed to vary. Therefore, tighten the checks of hash_algo and encoding done by software_key_determine_akcipher(). Also rearrange the parameters to software_key_determine_akcipher() to put the public_key first, as this is the most important parameter and it often determines everything else. Fixes: 299f561a6693 ("x509: Add support for parsing x509 certs with ECDSA keys") Fixes: 215525639631 ("X.509: support OSCCA SM2-with-SM3 certificate verification") Fixes: 0d7a78643f69 ("crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm") Cc: stable@vger.kernel.org Tested-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Vitaly Chikunov <vt@altlinux.org> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'crypto/ecrdsa_params.asn1')
0 files changed, 0 insertions, 0 deletions