mirrors
/
anolis-cloud-kernel
mirror of https://gitee.com/anolis/cloud-kernel.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
anolis-cloud-kernel/crypto
History
Eric Biggers 4f40eacb85 KEYS: asymmetric: properly validate hash_algo and encoding 
ANBZ: #9487

commit 590bfb57b2 upstream

It is insecure to allow arbitrary hash algorithms and signature
encodings to be used with arbitrary signature algorithms.  Notably,
ECDSA, ECRDSA, and SM2 all sign/verify raw hash values and don't
disambiguate between different hash algorithms like RSA PKCS#1 v1.5
padding does.  Therefore, they need to be restricted to certain sets of
hash algorithms (ideally just one, but in practice small sets are used).
Additionally, the encoding is an integral part of modern signature
algorithms, and is not supposed to vary.

Therefore, tighten the checks of hash_algo and encoding done by
software_key_determine_akcipher().

Also rearrange the parameters to software_key_determine_akcipher() to
put the public_key first, as this is the most important parameter and it
often determines everything else.

Fixes: 299f561a66 ("x509: Add support for parsing x509 certs with ECDSA keys")
Fixes: 2155256396 ("X.509: support OSCCA SM2-with-SM3 certificate verification")
Fixes: 0d7a78643f ("crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm")
Cc: stable@vger.kernel.org
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Xuchun Shang <xuchun.shang@linux.alibaba.com>
Acked-by: Zelin Deng <zelin.deng@linux.alibaba.com>
Link: https://gitee.com/anolis/cloud-kernel/pulls/4013
 		2024-10-22 17:41:35 +08:00
..
asymmetric_keys KEYS: asymmetric: properly validate hash_algo and encoding 2024-10-22 17:41:35 +08:00
async_tx async_xor: check src_offs is not NULL before updating it 2021-06-16 12:01:40 +02:00
842.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157 2019-05-30 11:26:37 -07:00
Kconfig anolis: crypto: x86/sm2 -add Zhaoxin SM2 algorithm implementation 2024-08-08 06:39:07 +00:00
Makefile crypto: ecdsa - Add support for ECDSA signature verification 2024-07-09 07:59:38 +00:00
acompress.c crypto: api - permit users to specify numa node of acomp hardware 2020-07-09 18:25:23 +10:00
adiantum.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
aead.c crypto: algapi - enforce that all instances have a ->free() method 2020-01-09 11:30:58 +08:00
aegis.h crypto: aegis128 - Fix -Wunused-const-variable warning 2019-08-30 18:05:30 +10:00
aegis128-core.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
aegis128-neon-inner.c crypto: aegis128 - duplicate init() and final() hooks in SIMD code 2019-10-26 02:06:05 +11:00
aegis128-neon.c crypto: aegis128 - duplicate init() and final() hooks in SIMD code 2019-10-26 02:06:05 +11:00
aes_generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
aes_ti.c crypto: aes - create AES library based on the fixed time AES code 2019-07-26 14:55:33 +10:00
af_alg.c anolis: bugfix: crypto: ccp: It prompt failed when encrypted size is 64KB. 2023-09-28 00:33:25 +00:00
ahash.c crypto: ahash - Add init_tfm/exit_tfm 2020-08-28 16:58:28 +10:00
akcipher.c crypto: akcipher - default implementation for setting a private key 2024-08-08 07:00:05 +00:00
algapi.c crypto: api - Use work queue in crypto_destroy_instance 2024-08-08 07:00:05 +00:00
algboss.c crypto: algboss - don't wait during notifier callback 2020-06-15 17:38:54 +10:00
algif_aead.c anolis: crypto: avoid invalid op in aead cipher mode 2023-09-28 00:33:25 +00:00
algif_akcipher.c anolis: bugfix: crypto: The output data length is not fixed for SM2 encrypt and decrypt algorithm. 2023-09-28 00:33:25 +00:00
algif_hash.c anolis: arm64: fix compiler warning in crypto/algif_hash.c 2024-08-22 09:11:03 +00:00
algif_rng.c crypto: af_alg - add extra parameters for DRBG interface 2020-09-25 17:48:52 +10:00
algif_skcipher.c anolis: newfeature: crypto: ccp: Process multiple VQ commands once for SM4/SM4-CTR ccp. 2023-09-28 00:33:25 +00:00
ansi_cprng.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 42 2019-05-24 17:27:12 +02:00
anubis.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
api.c crypto: api - Move cryptomgr soft dependency into algapi 2022-02-11 09:09:03 +01:00
arc4.c crypto: arc4 - mark ecb(arc4) skcipher as obsolete 2020-09-11 14:39:16 +10:00
authenc.c crypto: authenc - Fix sleep in atomic context in decrypt_tail 2022-04-08 14:39:59 +02:00
authencesn.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
blake2b_generic.c crypto: Replace HTTP links with HTTPS ones 2020-07-23 17:34:20 +10:00
blake2s_generic.c lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI 2022-05-30 09:33:26 +02:00
blowfish_common.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
blowfish_generic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
camellia_generic.c crypto: Replace HTTP links with HTTPS ones 2020-07-23 17:34:20 +10:00
cast5_generic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 140 2019-05-30 11:25:16 -07:00
cast6_generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
cast_common.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 44 2019-05-24 17:27:12 +02:00
cbc.c crypto: cbc - Remove cbc.h 2020-09-11 14:39:16 +10:00
ccm.c crypto: ccm - use local variables instead of indirect references 2022-11-18 20:29:06 +08:00
cfb.c crypto: skcipher - Add skcipher_ialg_simple helper 2019-12-27 18:18:04 +08:00
chacha20poly1305.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
chacha_generic.c crypto: chacha_generic - remove unnecessary setkey() functions 2019-11-22 18:48:39 +08:00
cipher.c crypto: remove propagation of CRYPTO_TFM_RES_* flags 2020-01-09 11:30:53 +08:00
cmac.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
compress.c crypto: compress - remove crt_u.compress (struct compress_tfm) 2019-12-11 16:37:01 +08:00
crc32_generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
crc32c_generic.c crypto: crc32c_generic - delete and fix duplicated words 2020-08-21 14:45:25 +10:00
crct10dif_common.c
crct10dif_generic.c crypto: crct10dif_generic - fix duplicated words 2020-08-21 14:45:25 +10:00
cryptd.c crypto: cryptd - Use request context instead of stack for sub-request 2024-08-08 07:00:05 +00:00
crypto_engine.c crypto: engine - delete duplicated word 2020-08-21 14:45:26 +10:00
crypto_null.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
crypto_user_base.c crypto: algapi - make unregistration functions return void 2019-12-20 14:58:35 +08:00
crypto_user_stat.c crypto: skcipher - remove the "blkcipher" algorithm type 2019-11-01 13:38:32 +08:00
ctr.c crypto: algapi - add NEED_FALLBACK to INHERITED_FLAGS 2020-07-16 21:49:08 +10:00
cts.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
curve25519-generic.c crypto: curve25519 - implement generic KPP driver 2019-11-17 09:02:43 +08:00
deflate.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
des_generic.c crypto: remove CRYPTO_TFM_RES_WEAK_KEY 2020-01-09 11:30:53 +08:00
dh.c crypto: dh - SP800-56A rev 3 local public key validation 2020-07-31 18:08:59 +10:00
dh_helper.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
drbg.c crypto: drbg - make reseeding from get_random_bytes() synchronous 2022-06-06 08:42:42 +02:00
ecb.c crypto: skcipher - Add skcipher_ialg_simple helper 2019-12-27 18:18:04 +08:00
ecc.c crypto: ecc - Move ecc.h to include/crypto/internal 2024-08-12 08:16:37 +08:00
ecc_curve_defs.h crypto: ecc - Add NIST P384 curve parameters 2024-07-09 07:59:38 +00:00
ecdh.c crypto: ecc - Move ecc.h to include/crypto/internal 2024-08-12 08:16:37 +08:00
ecdh_helper.c crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() 2021-03-04 11:37:49 +01:00
ecdsa.c crypto: ecdsa - Fix module auto-load on add-key 2024-10-22 17:41:18 +08:00
ecdsasignature.asn1 crypto: ecdsa - Add support for ECDSA signature verification 2024-07-09 07:59:38 +00:00
echainiv.c crypto: geniv - remove unneeded arguments from aead_geniv_alloc() 2020-07-16 21:49:07 +10:00
ecrdsa.c crypto: ecc - Move ecc.h to include/crypto/internal 2024-08-12 08:16:37 +08:00
ecrdsa_defs.h crypto: ecc - Move ecc.h to include/crypto/internal 2024-08-12 08:16:37 +08:00
ecrdsa_params.asn1 crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
ecrdsa_pub_key.asn1 crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm 2019-04-18 22:15:02 +08:00
essiv.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
fcrypt.c crypto: make all generic algorithms set cra_driver_name 2019-06-13 14:31:39 +08:00
fips.c crypto: fips - add FIPS test failure notification chain 2019-07-26 14:51:57 +10:00
gcm.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
geniv.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
gf128mul.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
ghash-generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
hash_info.c crypto: rename sm3-256 to sm3 in hash_algo_name 2020-02-18 07:35:49 -05:00
hmac.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
internal.h crypto: algapi - Move crypto_yield into internal.h 2020-08-19 21:59:43 +10:00
jitterentropy-kcapi.c crypto: algapi - Remove skbuff.h inclusion 2020-08-20 14:04:28 +10:00
jitterentropy.c crypto: jitter - consider 32 LSB for APT 2022-01-27 10:54:12 +01:00
jitterentropy.h crypto: jitter - add header to fix buildwarnings 2019-10-18 18:49:40 +11:00
keywrap.c crypto: skcipher - Add skcipher_ialg_simple helper 2019-12-27 18:18:04 +08:00
khazad.c crypto: make all generic algorithms set cra_driver_name 2019-06-13 14:31:39 +08:00
kpp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
lrw.c crypto: lrw,xts - Replace strlcpy with strscpy 2024-08-08 07:00:05 +00:00
lz4.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lz4hc.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lzo-rle.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
lzo.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
md4.c crypto: make all generic algorithms set cra_driver_name 2019-06-13 14:31:39 +08:00
md5.c crypto: md5 - remove unused macros 2020-02-28 08:43:21 +08:00
michael_mic.c crypto: michael_mic - fix broken misalignment handling 2021-03-04 11:38:31 +01:00
nhpoly1305.c crypto: poly1305 - add new 32 and 64-bit generic versions 2020-01-16 15:18:12 +08:00
ofb.c crypto: skcipher - Add skcipher_ialg_simple helper 2019-12-27 18:18:04 +08:00
pcbc.c crypto: skcipher - Add skcipher_ialg_simple helper 2019-12-27 18:18:04 +08:00
pcrypt.c crypto: pcrypt - Fix hungtask for PADATA_RESET 2024-08-08 07:00:05 +00:00
poly1305_generic.c crypto: poly1305 - add new 32 and 64-bit generic versions 2020-01-16 15:18:12 +08:00
proc.c crypto: proc - Removing some useless only space lines 2020-09-25 17:48:15 +10:00
ripemd.h
rmd128.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
rmd160.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
rmd256.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
rmd320.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
rng.c crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS 2021-05-11 14:47:35 +02:00
rsa-pkcs1pad.c crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() 2022-04-08 14:39:57 +02:00
rsa.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
rsa_helper.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
rsaprivkey.asn1
rsapubkey.asn1
salsa20_generic.c crypto: Replace HTTP links with HTTPS ones 2020-07-23 17:34:20 +10:00
scatterwalk.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
scompress.c crypto: scomp - fix req->dst buffer overflow 2024-08-08 07:00:05 +00:00
seed.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
seqiv.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
serpent_generic.c crypto: x86 - Regularize glue function prototypes 2019-12-11 16:36:54 +08:00
sha1_generic.c crypto: lib/sha1 - fold linux/cryptohash.h into crypto/sha.h 2020-05-08 15:32:17 +10:00
sha3_generic.c crypto: Replace HTTP links with HTTPS ones 2020-07-23 17:34:20 +10:00
sha256_generic.c crypto: sha256 - remove duplicate generic hash init function 2022-10-12 04:05:25 +00:00
sha512_generic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 45 2019-05-24 17:27:12 +02:00
shash.c crypto: shash - avoid comparing pointers to exported functions under CFI 2021-07-14 16:55:54 +02:00
simd.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
skcipher.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
sm2.c crypto: sm2 - make dependent on sm3 library 2022-10-12 04:05:25 +00:00
sm2signature.asn1 crypto: sm2 - introduce OSCCA SM2 asymmetric cipher algorithm 2020-09-25 17:48:54 +10:00
sm3.c crypto: sm3,sm4 - move into crypto directory 2022-10-12 04:05:25 +00:00
sm3_generic.c crypto: sm3 - make dependent on sm3 library 2022-10-12 04:05:25 +00:00
sm4.c crypto: sm3,sm4 - move into crypto directory 2022-10-12 04:05:25 +00:00
sm4_generic.c crypto: arm64/sm4-ce - Make dependent on sm4 library instead of sm4-generic 2022-08-01 11:46:00 +00:00
streebog_generic.c crypto: streebog - remove two unused variables 2019-08-15 21:52:14 +10:00
tcrypt.c crypto: tcrypt - add SM4 cts-cbc/xts/xcbc test 2022-11-18 20:29:07 +08:00
tcrypt.h crypto: tcrypt - Add support for hash speed testing with keys 2020-08-21 14:45:27 +10:00
tea.c Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
testmgr.c crypto: ecdsa - Register NIST P384 and extend test suite 2024-07-09 07:59:38 +00:00
testmgr.h crypto: ecdsa - Register NIST P384 and extend test suite 2024-07-09 07:59:38 +00:00
tgr192.c crypto: tgr192 - remove unneeded semicolon 2019-11-15 13:44:17 +08:00
twofish_common.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
twofish_generic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
vmac.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
wp512.c crypto: make all generic algorithms set cra_driver_name 2019-06-13 14:31:39 +08:00
xcbc.c crypto: algapi - use common mechanism for inheriting flags 2020-07-16 21:49:08 +10:00
xor.c crypto: xor - Fix divide error in do_xor_speed() 2021-01-27 11:54:52 +01:00
xts.c crypto: lrw,xts - Replace strlcpy with strscpy 2024-08-08 07:00:05 +00:00
xxhash_generic.c crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN 2020-01-09 11:30:53 +08:00
zstd.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00