Re: [PATCH Strawman] crypto: Handle PEM-encoded x.509 certificates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> On Nov 13, 2021, at 6:02 PM, Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
> 
> On Sat, Nov 13, 2021 at 07:12:44PM +0000, Chuck Lever III wrote:
>> 
>> Certainly, the kernel could include a single set of base64 encoders
>> and decoders that can be used by all in-kernel consumers. See for
>> example net/ceph/armor.c and fs/crypto/fname.c .
> 
> Not really, there are many variants of Base64 and different policy decisions
> that can be made: the chosen character set, whether to pad or not pad, whether
> to allow whitespace, how to handle invalid characters, how to handle invalid
> padding, whether to nul-terminate, and so on.  There's lots of room for bugs and
> incompatibilities.
> 
>> 
>> Because PEM decoding does not require any policy decisions, and
>> because the kernel already has at least two existing partial
>> base64 implementations, I'm not aware of a technical reason a
>> system call like add_key(2) should not to accept PEM-encoded
>> asymmetric key material.
> 
> Adding kernel UAPIs expands the kernel's attack surface, causing security
> vulnerabilities.  It also increases the number of UAPIs that need to be
> permanently supported.  It makes no sense to add kernel UAPIs for things that
> can be easily done in userspace.
> 
> They work well as April Fools' jokes, though:
> https://lore.kernel.org/r/1459463613-32473-1-git-send-email-richard@xxxxxx
> Perhaps you meant to save your patch for April 1?

That remark is uncalled for and out of line. Perhaps you just
don't know what "strawman" means or why someone would post
unfinished code to ask for direction. I'll mark that down to
your inexperience.

Interestingly, I don't see you listed as a maintainer in this
area:

$ scripts/get_maintainer.pl crypto/asymmetric_keys/
David Howells <dhowells@xxxxxxxxxx> (maintainer:ASYMMETRIC KEYS)
Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> (maintainer:CRYPTO API)
"David S. Miller" <davem@xxxxxxxxxxxxx> (maintainer:CRYPTO API)
keyrings@xxxxxxxxxxxxxxx (open list:ASYMMETRIC KEYS)
linux-crypto@xxxxxxxxxxxxxxx (open list:CRYPTO API)
linux-kernel@xxxxxxxxxxxxxxx (open list)
$

I actually /have/ talked with one of these maintainers, and he
suggested PEM decoding under add_key(2) would be appropriate and
valuable. It actually wasn't my idea. I shall credit his idea in
the next version of this patch so there won't be any further
confusion.


--
Chuck Lever







[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux