diff options
author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2014-06-17 11:56:59 +0300 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2014-07-17 09:35:17 -0400 |
commit | 32c4741cb66703a3c282f41d77deff4afd93342a (patch) | |
tree | 63797ca87c02956f5dbc4552a0aa9dc058d6cd52 /crypto/asymmetric_keys | |
parent | ffb70f61bab1482a3bd0f85fd8f1e9c9909df2ca (diff) | |
download | lwn-32c4741cb66703a3c282f41d77deff4afd93342a.tar.gz lwn-32c4741cb66703a3c282f41d77deff4afd93342a.zip |
KEYS: validate certificate trust only with builtin keys
Instead of allowing public keys, with certificates signed by any
key on the system trusted keyring, to be added to a trusted keyring,
this patch further restricts the certificates to those signed only by
builtin keys on the system keyring.
This patch defines a new option 'builtin' for the kernel parameter
'keys_ownerid' to allow trust validation using builtin keys.
Simplified Mimi's "KEYS: define an owner trusted keyring" patch
Changelog v7:
- rename builtin_keys to use_builtin_keys
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'crypto/asymmetric_keys')
-rw-r--r-- | crypto/asymmetric_keys/x509_public_key.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index d376195e1d08..927ce755ff67 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -24,6 +24,7 @@ #include "public_key.h" #include "x509_parser.h" +static bool use_builtin_keys; static char *ca_keyid; #ifndef MODULE @@ -34,6 +35,8 @@ static int __init ca_keys_setup(char *str) if (strncmp(str, "id:", 3) == 0) ca_keyid = str; /* owner key 'id:xxxxxx' */ + else if (strcmp(str, "builtin") == 0) + use_builtin_keys = true; return 1; } @@ -180,7 +183,6 @@ EXPORT_SYMBOL_GPL(x509_check_signature); static int x509_validate_trust(struct x509_certificate *cert, struct key *trust_keyring) { - const struct public_key *pk; struct key *key; int ret = 1; @@ -195,8 +197,9 @@ static int x509_validate_trust(struct x509_certificate *cert, cert->authority, strlen(cert->authority)); if (!IS_ERR(key)) { - pk = key->payload.data; - ret = x509_check_signature(pk, cert); + if (!use_builtin_keys + || test_bit(KEY_FLAG_BUILTIN, &key->flags)) + ret = x509_check_signature(key->payload.data, cert); key_put(key); } return ret; |