| Message ID | 20230720153247.3755856-1-roberto.sassu@huaweicloud.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | KEYS: Introduce user asymmetric keys and signatures | expand |
On Thu Jul 20, 2023 at 6:32 PM EEST, Roberto Sassu wrote: > From: Roberto Sassu <roberto.sassu@huawei.com> > > Define a new TLV-based format for keys and signatures, aiming to store and "type-length-value (TLV) based" > use in the kernel the crypto material from other unsupported formats > (e.g. PGP). Where's the motivation part and where is this defined? BR, Jarkko
On Thu, 2023-07-20 at 20:38 +0300, Jarkko Sakkinen wrote: > On Thu Jul 20, 2023 at 6:32 PM EEST, Roberto Sassu wrote: > > From: Roberto Sassu <roberto.sassu@huawei.com> > > > > Define a new TLV-based format for keys and signatures, aiming to store and > > "type-length-value (TLV) based" Ok. > > use in the kernel the crypto material from other unsupported formats > > (e.g. PGP). > > Where's the motivation part and where is this defined? Ah, thanks for the reminder. Will add it in the next version. The motivations are: - Avoid adding complex parsers in the kernel that might introduce vulnerabilities - Avoid adding support for key and signature formats that some consider weak That was basically the summary of the review of my attempt to add support for PGP keys and signatures in the kernel. This patch set adds support for only one format, which other formats are converted from. This is useful for the mere extraction of crypto material, and use it with the kernel crypto API. If there is a trust relationships between the original keys, converting keys would lose the ability to verify that trust relationship. Example Suppose that there is a PGP key in the built-in keyring, and that signed another PGP key. If I want to add the second PGP key to the secondary keyring, I would have to verify the signature of that key with the first key. But the signature is on a PGP packet, so if the kernel verifies that signature it would have also to ensure that the public key extracted from the signed packet is the same as the converted key. Originally I thought that we could do the conversion in a fully isolated user space process (trustworthy User Mode Driver), so that there is the guarantee that the key has not been modified during the conversion. However, since it is difficult to achieve perfect isolation, that approach has been put on hold. So, at the moment, verifying trust with user asymmetric keys is not possible, but this is not a problem with my use case, as a Linux distributions can embed in the kernel all their (converted) public keys directly usable for signature verification. Thanks Roberto
From: Roberto Sassu <roberto.sassu@huawei.com> Define a new TLV-based format for keys and signatures, aiming to store and use in the kernel the crypto material from other unsupported formats (e.g. PGP). TLV fields have been defined to fill the corresponding kernel structures public_key, public_key_signature and key_preparsed_payload. Keys: struct public_key { struct key_preparsed_payload { KEY_PUB --> void *key; u32 keylen; --> prep->payload.data[asym_crypto] KEY_ALGO --> const char *pkey_algo; KEY_KID0 KEY_KID1 ---------------------------> prep->payload.data[asym_key_ids] KEY_KID2 KEY_DESC ---------------------------> prep->description Signatures: struct public_key_signature { SIG_S --> u8 *s; u32 s_size; SIG_KEY_ALGO --> const char *pkey_algo; SIG_HASH_ALGO --> const char *hash_algo; u32 digest_size; SIG_ENC --> const char *encoding; SIG_KID0 SIG_KID1 --> struct asymmetric_key_id *auth_ids[3]; SIG_KID2 For keys, since the format conversion has to be done in user space, user space is assumed to be trusted, in this proposal. Without this assumption, a malicious conversion tool could make a user load to the kernel a different key than the one expected. That should not be a particular problem for keys that are embedded in the kernel image and loaded at boot, since the conversion happens in a trusted environment such as the building infrastructure of the Linux distribution vendor. In the other cases, such as enrolling a key through the Machine Owner Key (MOK) mechanism, the user is responsible to ensure that the crypto material carried in the original format remains the same after the conversion. For signatures, assuming the strength of the crypto algorithms, altering the crypto material is simply a Denial-of-Service (DoS), as data can be validated only with the right signature. This patch set also offers the following contributions: - A library for parsing TLV-formatted data, usable also by other kernel subsystems - An API similar to the PKCS#7 one, to verify the authenticity of system data through user asymmetric keys and signatures - IMA support for user asymmetric keys and signatures embedded in a module-style appended signature (through the new API) - A mechanism to store a keyring blob in the kernel image and to extract and load the keys at system boot - A new command for gnupg (in user space), to convert keys and signatures from PGP to the new kernel format The primary use case for this patch set is to verify the authenticity of RPM package headers with the PGP keys of the Linux distribution. Once their authenticity is verified, file digests can be extracted from those RPM headers and used as reference values for IMA Appraisal. Compared to the previous patch set, the main difference is not relying on User Mode Drivers (UMDs) for the conversion from the original format to the kernel format, due to the concern that full isolation of the UMD process cannot be achieved against a fully privileged system user (root). The discussion is still ongoing here: https://lore.kernel.org/linux-integrity/eb31920bd00e2c921b0aa6ebed8745cb0130b0e1.camel@huaweicloud.com/ This however does not prevent the goal mentioned above of verifying the authenticity of RPM headers to be achieved. The fact that Linux distribution vendors do the conversion in their infrastructure is a good enough guarantee. A very quick way to test the patch set is to execute: $ gpg --conv-kernel /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-rawhide-primary | keyctl padd asymmetric "" @u $ keyctl show @u Keyring 762357580 --alswrv 0 65534 keyring: _uid.0 567216072 --als--v 0 0 \_ asymmetric: PGP: 18b8e74c Patch 1 introduces a common library for parsing TLV-formatted data. It is generic enough to support other use cases other than this one. Patches 2-3 preliminarly export some definitions to user space so that conversion tools can specify the right public key algorithms and signature encodings (digest algorithms are already exported). Patches 4-5 introduce the user asymmetric keys and signatures. Patches 6 introduces a system API for verifying the authenticity of system data through user asymmetric keys and signatures. Patch 7-8 introduce a mechanism to store a keyring blob with user asymmetric keys in the kernel image, and load them at system boot. Patch 9 adds support for verifying user asymmetric key signatures with IMA. Patches 1-2 [GNUPG] introduce the new gpg command --conv-kernel to convert PGP keys and signatures to the new kernel format. Changelog v2: - Make the TLV parser a generic library and use it for user asymmetric keys and signatures - Modify types in TLV header and data to u64 (future-proof) - Move struct uasym_sig_message definition to uasym_sig_parser.c - Remove eBPF patches (nacked by Alexei) - Add IMA patch to support modsigs with a user asymmetric key signature v1: - Remove useless check in validate_key() (suggested by Yonghong) - Don't rely on User Mode Drivers for the conversion from the original format to the kernel format - Use the more extensible TLV format, instead of a fixed structure Roberto Sassu (9): lib: Add TLV parser crypto: Export public key algorithm information crypto: Export signature encoding information KEYS: asymmetric: Introduce the user asymmetric key parser KEYS: asymmetric: Introduce the user asymmetric key signature parser verification: Add verify_uasym_signature() and verify_uasym_sig_message() KEYS: asymmetric: Preload user asymmetric keys from a keyring blob KEYS: Introduce load_uasym_keyring() ima: Support non-PKCS#7 modsig types MAINTAINERS | 9 + certs/Kconfig | 11 + certs/Makefile | 7 + certs/system_certificates.S | 18 + certs/system_keyring.c | 166 ++++++- crypto/Kconfig | 6 + crypto/Makefile | 2 + crypto/asymmetric_keys/Kconfig | 14 + crypto/asymmetric_keys/Makefile | 8 + crypto/asymmetric_keys/asymmetric_type.c | 3 +- crypto/asymmetric_keys/uasym_key_parser.c | 240 ++++++++++ crypto/asymmetric_keys/uasym_key_preload.c | 102 +++++ crypto/asymmetric_keys/uasym_parser.h | 26 ++ crypto/asymmetric_keys/uasym_sig_parser.c | 497 +++++++++++++++++++++ crypto/pub_key_info.c | 20 + crypto/sig_enc_info.c | 16 + include/crypto/pub_key_info.h | 15 + include/crypto/sig_enc_info.h | 15 + include/crypto/uasym_keys_sigs.h | 81 ++++ include/keys/asymmetric-type.h | 1 + include/linux/tlv_parser.h | 28 ++ include/linux/verification.h | 46 ++ include/uapi/linux/pub_key_info.h | 22 + include/uapi/linux/sig_enc_info.h | 18 + include/uapi/linux/tlv_parser.h | 59 +++ include/uapi/linux/uasym_parser.h | 59 +++ lib/Kconfig | 3 + lib/Makefile | 3 + lib/tlv_parser.c | 203 +++++++++ lib/tlv_parser.h | 17 + security/integrity/ima/ima_modsig.c | 79 +++- 31 files changed, 1771 insertions(+), 23 deletions(-) create mode 100644 crypto/asymmetric_keys/uasym_key_parser.c create mode 100644 crypto/asymmetric_keys/uasym_key_preload.c create mode 100644 crypto/asymmetric_keys/uasym_parser.h create mode 100644 crypto/asymmetric_keys/uasym_sig_parser.c create mode 100644 crypto/pub_key_info.c create mode 100644 crypto/sig_enc_info.c create mode 100644 include/crypto/pub_key_info.h create mode 100644 include/crypto/sig_enc_info.h create mode 100644 include/crypto/uasym_keys_sigs.h create mode 100644 include/linux/tlv_parser.h create mode 100644 include/uapi/linux/pub_key_info.h create mode 100644 include/uapi/linux/sig_enc_info.h create mode 100644 include/uapi/linux/tlv_parser.h create mode 100644 include/uapi/linux/uasym_parser.h create mode 100644 lib/tlv_parser.c create mode 100644 lib/tlv_parser.h