diff options
| author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2014-06-17 04:56:59 -0400 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2014-07-17 09:35:17 -0400 |
| commit | 32c4741cb66703a3c282f41d77deff4afd93342a (patch) | |
| tree | 63797ca87c02956f5dbc4552a0aa9dc058d6cd52 /crypto | |
| parent | ffb70f61bab1482a3bd0f85fd8f1e9c9909df2ca (diff) | |
KEYS: validate certificate trust only with builtin keys
Instead of allowing public keys, with certificates signed by any
key on the system trusted keyring, to be added to a trusted keyring,
this patch further restricts the certificates to those signed only by
builtin keys on the system keyring.
This patch defines a new option 'builtin' for the kernel parameter
'keys_ownerid' to allow trust validation using builtin keys.
Simplified Mimi's "KEYS: define an owner trusted keyring" patch
Changelog v7:
- rename builtin_keys to use_builtin_keys
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/asymmetric_keys/x509_public_key.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index d376195e1d08..927ce755ff67 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c | |||
| @@ -24,6 +24,7 @@ | |||
| 24 | #include "public_key.h" | 24 | #include "public_key.h" |
| 25 | #include "x509_parser.h" | 25 | #include "x509_parser.h" |
| 26 | 26 | ||
| 27 | static bool use_builtin_keys; | ||
| 27 | static char *ca_keyid; | 28 | static char *ca_keyid; |
| 28 | 29 | ||
| 29 | #ifndef MODULE | 30 | #ifndef MODULE |
| @@ -34,6 +35,8 @@ static int __init ca_keys_setup(char *str) | |||
| 34 | 35 | ||
| 35 | if (strncmp(str, "id:", 3) == 0) | 36 | if (strncmp(str, "id:", 3) == 0) |
| 36 | ca_keyid = str; /* owner key 'id:xxxxxx' */ | 37 | ca_keyid = str; /* owner key 'id:xxxxxx' */ |
| 38 | else if (strcmp(str, "builtin") == 0) | ||
| 39 | use_builtin_keys = true; | ||
| 37 | 40 | ||
| 38 | return 1; | 41 | return 1; |
| 39 | } | 42 | } |
| @@ -180,7 +183,6 @@ EXPORT_SYMBOL_GPL(x509_check_signature); | |||
| 180 | static int x509_validate_trust(struct x509_certificate *cert, | 183 | static int x509_validate_trust(struct x509_certificate *cert, |
| 181 | struct key *trust_keyring) | 184 | struct key *trust_keyring) |
| 182 | { | 185 | { |
| 183 | const struct public_key *pk; | ||
| 184 | struct key *key; | 186 | struct key *key; |
| 185 | int ret = 1; | 187 | int ret = 1; |
| 186 | 188 | ||
| @@ -195,8 +197,9 @@ static int x509_validate_trust(struct x509_certificate *cert, | |||
| 195 | cert->authority, | 197 | cert->authority, |
| 196 | strlen(cert->authority)); | 198 | strlen(cert->authority)); |
| 197 | if (!IS_ERR(key)) { | 199 | if (!IS_ERR(key)) { |
| 198 | pk = key->payload.data; | 200 | if (!use_builtin_keys |
| 199 | ret = x509_check_signature(pk, cert); | 201 | || test_bit(KEY_FLAG_BUILTIN, &key->flags)) |
| 202 | ret = x509_check_signature(key->payload.data, cert); | ||
| 200 | key_put(key); | 203 | key_put(key); |
| 201 | } | 204 | } |
| 202 | return ret; | 205 | return ret; |