linux/crypto
David Howells e7c87bef7d X.509: Don't strip leading 00's from key ID when constructing key description
Don't strip leading zeros from the crypto key ID when using it to construct
the struct key description as the signature in kernels up to and including
4.2 matched this aspect of the key.  This means that 1 in 256 keys won't
actually match if their key ID begins with 00.

The key ID is stored in the module signature as binary and so must be
converted to text in order to invoke request_key() - but it isn't stripped
at this point.

Something like this is likely to be observed in dmesg when the key is loaded:

[    1.572423] Loaded X.509 cert 'Build time autogenerated kernel
    key: 62a7c3d2da278be024da4af8652c071f3fea33'

followed by this when we try and use it:

  [    1.646153] Request for unknown module key 'Build time autogenerated
    kernel key: 0062a7c3d2da278be024da4af8652c071f3fea33' err -11

The 'Loaded' line should show an extra '00' on the front of the hex string.

This problem should not affect 4.3-rc1 and onwards because there the key
should be matched on one of its auxiliary identities rather than the key
struct's description string.

Reported-by: Arjan van de Ven <arjan@linux.intel.com>
Reported-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: David Howells <dhowells@redhat.com>
2015-09-25 16:31:46 +01:00
..
asymmetric_keys X.509: Don't strip leading 00's from key ID when constructing key description 2015-09-25 16:31:46 +01:00
async_tx
.gitignore crypto: rsa - add .gitignore for crypto/*.-asn1.[ch] files 2015-06-25 23:29:24 +08:00
842.c
ablk_helper.c
ablkcipher.c crypto: skcipher - Allow givencrypt to be NULL 2015-06-22 15:49:16 +08:00
aead.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
aes_generic.c
af_alg.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2015-06-24 16:49:49 -07:00
ahash.c
akcipher.c crypto: akcipher - fix spelling cihper -> cipher 2015-06-25 23:18:32 +08:00
algapi.c crypto: api - Add instance free function to crypto_type 2015-07-14 14:56:45 +08:00
algboss.c crypto: algboss - Remove reference to nivaead 2015-08-17 16:53:41 +08:00
algif_aead.c crypto: algif_aead - fix for multiple operations on AF_ALG sockets 2015-08-25 21:13:20 +08:00
algif_hash.c
algif_rng.c
algif_skcipher.c crypto: replace scatterwalk_sg_chain with sg_chain 2015-08-17 08:12:54 -06:00
ansi_cprng.c
anubis.c
api.c
arc4.c
authenc.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
authencesn.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
blkcipher.c
blowfish_common.c
blowfish_generic.c
camellia_generic.c
cast5_generic.c
cast6_generic.c
cast_common.c
cbc.c
ccm.c crypto: replace scatterwalk_sg_chain with sg_chain 2015-08-17 08:12:54 -06:00
chacha20_generic.c crypto: chacha20 - Export common ChaCha20 helpers 2015-07-17 21:20:21 +08:00
chacha20poly1305.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
chainiv.c crypto: chainiv - Offer normal cipher functionality without RNG 2015-06-22 15:49:28 +08:00
cipher.c
cmac.c
compress.c
crc32.c
crc32c_generic.c
crct10dif_common.c
crct10dif_generic.c
cryptd.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
crypto_null.c crypto: null - Add default null skcipher 2015-05-22 11:25:55 +08:00
crypto_user.c crypto: user - Remove crypto_lookup_aead call 2015-08-17 16:53:41 +08:00
crypto_wq.c
ctr.c
cts.c
deflate.c
des_generic.c
drbg.c crypto: drbg - report backend_cra_name when allocation fails 2015-06-11 21:55:28 +08:00
ecb.c
echainiv.c crypto: echainiv - Use generic geniv init/exit helpers 2015-08-17 16:53:46 +08:00
eseqiv.c crypto: eseqiv - Offer normal cipher functionality without RNG 2015-06-22 15:49:28 +08:00
fcrypt.c
fips.c
gcm.c Merge branch 'for-4.3/sg' of git://git.kernel.dk/linux-block 2015-09-02 13:22:38 -07:00
gf128mul.c
ghash-generic.c
hash_info.c
hmac.c
internal.h
jitterentropy-kcapi.c crypto: jitterentropy - use safe format string parameters 2015-07-28 15:03:34 +08:00
jitterentropy.c crypto: jitterentropy - Delete unnecessary checks before the function call "kzfree" 2015-06-25 23:18:33 +08:00
Kconfig Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2015-09-08 12:41:25 -07:00
khazad.c
lrw.c
lz4.c
lz4hc.c
lzo.c
Makefile crypto: skcipher - Add top-level skcipher interface 2015-08-21 22:21:19 +08:00
mcryptd.c
md4.c
md5.c crypto: md5 - use md5 IV MD5_HX instead of their raw value 2015-05-18 12:20:18 +08:00
memneq.c
michael_mic.c
pcbc.c
pcompress.c
pcrypt.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
poly1305_generic.c crypto: poly1305 - Export common Poly1305 helpers 2015-07-17 21:20:26 +08:00
proc.c
ripemd.h
rmd128.c
rmd160.c
rmd256.c
rmd320.c
rng.c crypto: rng - Do not free default RNG when it becomes unused 2015-06-22 15:49:18 +08:00
rsa_helper.c crypto: rsa - fix invalid check for keylen in fips mode 2015-07-21 20:19:36 +08:00
rsa.c crypto: rsa - limit supported key lengths 2015-07-17 21:20:19 +08:00
rsakey.asn1 crypto: rsa - add a new rsa generic implementation 2015-06-17 17:03:53 +08:00
salsa20_generic.c
scatterwalk.c crypto: scatterwalk - Hide PageSlab call to optimise away flush_dcache_page 2015-06-03 10:51:25 +08:00
seed.c
seqiv.c crypto: seqiv - Use generic geniv init/exit helpers 2015-08-17 16:53:46 +08:00
serpent_generic.c
sha1_generic.c
sha256_generic.c
sha512_generic.c
shash.c
skcipher.c crypto: skcipher - Add top-level skcipher interface 2015-08-21 22:21:19 +08:00
tcrypt.c crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag 2015-08-17 16:53:53 +08:00
tcrypt.h crypto: tcrypt - Add ChaCha20/Poly1305 speed tests 2015-07-17 21:20:20 +08:00
tea.c
testmgr.c crypto: testmgr - don't copy from source IV too much 2015-09-11 22:09:43 +08:00
testmgr.h crypto: testmgr - Disable authenc test and convert test vectors 2015-08-04 20:45:30 +08:00
tgr192.c
twofish_common.c
twofish_generic.c
vmac.c
wp512.c
xcbc.c
xor.c
xts.c
zlib.c