diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2013-11-23 19:38:17 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2013-11-23 19:38:17 -0500 |
commit | 4c1cc40a2d49500d84038ff751bc6cd183e729b5 (patch) | |
tree | 5100bc67485b2e72d2b05e6b091419b5d633fc22 /crypto | |
parent | 34ef7bd3823bf4401bf8f1f855e1bc77b82b1a43 (diff) |
Revert "KEYS: verify a certificate is signed by a 'trusted' key"
This reverts commit 09fbc47373826d67531380662b516de2da120545, which
caused the following build errors:
crypto/asymmetric_keys/x509_public_key.c: In function ‘x509_key_preparse’:
crypto/asymmetric_keys/x509_public_key.c:237:35: error: ‘system_trusted_keyring’ undeclared (first use in this function)
ret = x509_validate_trust(cert, system_trusted_keyring);
^
crypto/asymmetric_keys/x509_public_key.c:237:35: note: each undeclared identifier is reported only once for each function it appears in
reported by Jim Davis. Mimi says:
"I made the classic mistake of requesting this patch to be upstreamed
at the last second, rather than waiting until the next open window.
At this point, the best course would probably be to revert the two
commits and fix them for the next open window"
Reported-by: Jim Davis <jim.epost@gmail.com>
Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/asymmetric_keys/x509_public_key.c | 81 |
1 files changed, 1 insertions, 80 deletions
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index f83300b6e8c1..382ef0d2ff2e 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c | |||
@@ -18,60 +18,12 @@ | |||
18 | #include <linux/asn1_decoder.h> | 18 | #include <linux/asn1_decoder.h> |
19 | #include <keys/asymmetric-subtype.h> | 19 | #include <keys/asymmetric-subtype.h> |
20 | #include <keys/asymmetric-parser.h> | 20 | #include <keys/asymmetric-parser.h> |
21 | #include <keys/system_keyring.h> | ||
22 | #include <crypto/hash.h> | 21 | #include <crypto/hash.h> |
23 | #include "asymmetric_keys.h" | 22 | #include "asymmetric_keys.h" |
24 | #include "public_key.h" | 23 | #include "public_key.h" |
25 | #include "x509_parser.h" | 24 | #include "x509_parser.h" |
26 | 25 | ||
27 | /* | 26 | /* |
28 | * Find a key in the given keyring by issuer and authority. | ||
29 | */ | ||
30 | static struct key *x509_request_asymmetric_key( | ||
31 | struct key *keyring, | ||
32 | const char *signer, size_t signer_len, | ||
33 | const char *authority, size_t auth_len) | ||
34 | { | ||
35 | key_ref_t key; | ||
36 | char *id; | ||
37 | |||
38 | /* Construct an identifier. */ | ||
39 | id = kmalloc(signer_len + 2 + auth_len + 1, GFP_KERNEL); | ||
40 | if (!id) | ||
41 | return ERR_PTR(-ENOMEM); | ||
42 | |||
43 | memcpy(id, signer, signer_len); | ||
44 | id[signer_len + 0] = ':'; | ||
45 | id[signer_len + 1] = ' '; | ||
46 | memcpy(id + signer_len + 2, authority, auth_len); | ||
47 | id[signer_len + 2 + auth_len] = 0; | ||
48 | |||
49 | pr_debug("Look up: \"%s\"\n", id); | ||
50 | |||
51 | key = keyring_search(make_key_ref(keyring, 1), | ||
52 | &key_type_asymmetric, id); | ||
53 | if (IS_ERR(key)) | ||
54 | pr_debug("Request for module key '%s' err %ld\n", | ||
55 | id, PTR_ERR(key)); | ||
56 | kfree(id); | ||
57 | |||
58 | if (IS_ERR(key)) { | ||
59 | switch (PTR_ERR(key)) { | ||
60 | /* Hide some search errors */ | ||
61 | case -EACCES: | ||
62 | case -ENOTDIR: | ||
63 | case -EAGAIN: | ||
64 | return ERR_PTR(-ENOKEY); | ||
65 | default: | ||
66 | return ERR_CAST(key); | ||
67 | } | ||
68 | } | ||
69 | |||
70 | pr_devel("<==%s() = 0 [%x]\n", __func__, key_serial(key_ref_to_ptr(key))); | ||
71 | return key_ref_to_ptr(key); | ||
72 | } | ||
73 | |||
74 | /* | ||
75 | * Set up the signature parameters in an X.509 certificate. This involves | 27 | * Set up the signature parameters in an X.509 certificate. This involves |
76 | * digesting the signed data and extracting the signature. | 28 | * digesting the signed data and extracting the signature. |
77 | */ | 29 | */ |
@@ -151,33 +103,6 @@ int x509_check_signature(const struct public_key *pub, | |||
151 | EXPORT_SYMBOL_GPL(x509_check_signature); | 103 | EXPORT_SYMBOL_GPL(x509_check_signature); |
152 | 104 | ||
153 | /* | 105 | /* |
154 | * Check the new certificate against the ones in the trust keyring. If one of | ||
155 | * those is the signing key and validates the new certificate, then mark the | ||
156 | * new certificate as being trusted. | ||
157 | * | ||
158 | * Return 0 if the new certificate was successfully validated, 1 if we couldn't | ||
159 | * find a matching parent certificate in the trusted list and an error if there | ||
160 | * is a matching certificate but the signature check fails. | ||
161 | */ | ||
162 | static int x509_validate_trust(struct x509_certificate *cert, | ||
163 | struct key *trust_keyring) | ||
164 | { | ||
165 | const struct public_key *pk; | ||
166 | struct key *key; | ||
167 | int ret = 1; | ||
168 | |||
169 | key = x509_request_asymmetric_key(trust_keyring, | ||
170 | cert->issuer, strlen(cert->issuer), | ||
171 | cert->authority, | ||
172 | strlen(cert->authority)); | ||
173 | if (!IS_ERR(key)) { | ||
174 | pk = key->payload.data; | ||
175 | ret = x509_check_signature(pk, cert); | ||
176 | } | ||
177 | return ret; | ||
178 | } | ||
179 | |||
180 | /* | ||
181 | * Attempt to parse a data blob for a key as an X509 certificate. | 106 | * Attempt to parse a data blob for a key as an X509 certificate. |
182 | */ | 107 | */ |
183 | static int x509_key_preparse(struct key_preparsed_payload *prep) | 108 | static int x509_key_preparse(struct key_preparsed_payload *prep) |
@@ -230,13 +155,9 @@ static int x509_key_preparse(struct key_preparsed_payload *prep) | |||
230 | /* Check the signature on the key if it appears to be self-signed */ | 155 | /* Check the signature on the key if it appears to be self-signed */ |
231 | if (!cert->authority || | 156 | if (!cert->authority || |
232 | strcmp(cert->fingerprint, cert->authority) == 0) { | 157 | strcmp(cert->fingerprint, cert->authority) == 0) { |
233 | ret = x509_check_signature(cert->pub, cert); /* self-signed */ | 158 | ret = x509_check_signature(cert->pub, cert); |
234 | if (ret < 0) | 159 | if (ret < 0) |
235 | goto error_free_cert; | 160 | goto error_free_cert; |
236 | } else { | ||
237 | ret = x509_validate_trust(cert, system_trusted_keyring); | ||
238 | if (!ret) | ||
239 | prep->trusted = 1; | ||
240 | } | 161 | } |
241 | 162 | ||
242 | /* Propose a description */ | 163 | /* Propose a description */ |