Mimi, On Mon, Feb 11, 2019 at 09:21:15PM +0300, Vitaly Chikunov wrote: > On Mon, Feb 11, 2019 at 09:13:00PM +0300, Vitaly Chikunov wrote: > > On Mon, Feb 11, 2019 at 12:59:12PM -0500, Mimi Zohar wrote: > > > On Mon, 2019-02-11 at 20:52 +0300, Vitaly Chikunov wrote: > > > > On Mon, Feb 11, 2019 at 12:38:58PM -0500, Mimi Zohar wrote: > > > > > On Mon, 2018-12-03 at 06:35 +0300, Vitaly Chikunov wrote: > > > > > > For compatibility with older OpenSSL try to load digest by its alias if > > > > > > load by its proper name is failed. > > > > > > > > > > > > This is configured in pkey_hash_algo by mentioning loadable alias first in the > > > > > > comma separated list of algo names. > > > > > > > > > > After this patch, I can not verify the signature. It's failing to > > > > > find the hash algorithm. > > > > > > > > Yes, it's fixed in "ima-evm-utils: convert sign v2 from RSA to EVP_PKEY > > > > API". I didn't consider it a problem since streebog256 should not work > > > > for sign/verify anyway (since RSA should not support it). That EVP_PKEY > > > > patch which adds ability to sign/verify for Streebog also fixes above > > > > problem. > > > > > > I've been having second thoughts about this patch in general, as it > > > made the hash algorithm comparison unnecessarily more complex for the > > > simple case. As there hasn't been a new ima-evm-utils release with > > > patch, perhaps we should simple remove/revert it? > > > > It was only for compatibility with older openssl/gost-engine, where > > "streebog256" name is not defined yet. If you don't want to allow that > > users to use Streebog feel free to revert it. Or you may suggest simpler approach. Basically, we need to resole both text strings into the same PKEY_HASH_ id, allow any of the string pass into EVP_get_digestbyname, and resolve PKEY_HASH_ id back into the correct hash name. Optionally, allow user to specify new hash name on older openssl/gost-engine. This is all implemented by that patch, it was not just overly complicated "hash algorithm comparison". My wish is we retain support of older openssl/gost-engine. Thanks, > > > > I was not found this mistake at the time, since Streebog should only be > > used in ima_hash and not in ima_sign/verify (which requires RSA support > > which I intentionally didn't add, planning to add EC-RDSA support later), > > so that code path was not tested. > > This copy-paste of the fix form "ima-evm-utils: convert sign v2 from RSA to EVP_PKEY API": > > @@ -159,8 +102,12 @@ void dump(const void *ptr, int len) > > const char *get_hash_algo_by_id(int algo) > { > - if (algo < PKEY_HASH__LAST) > - return pkey_hash_algo[algo]; > + if (algo < PKEY_HASH__LAST) { > + const char *name = pkey_hash_algo[algo]; > + const char *last = strrchr(name, ','); > + > + return last ? last + 1 : name; > + } > if (algo < HASH_ALGO__LAST) > return hash_algo_name[algo]; > > > > > > > > > Mimi > > > > > > > > > > > > evmctl ima_sign -k <private key> -p -a streebog256 ./foo.txt --xattr-user > > > > > evmctl ima_verify -k <public key> ./foo.txt --xattr-user > > > > > > > > > > Mimi > > > > > > > > > > > > > > > > > Signed-off-by: Vitaly Chikunov <vt@xxxxxxxxxxxx> > > > > > > --- > > > > > > Changes since v1: > > > > > > - New patch. > > > > > > Changes since v2: > > > > > > - No changes. > > > > > > > > > > > > src/imaevm.h | 1 + > > > > > > src/libimaevm.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++---- > > > > > > 2 files changed, 52 insertions(+), 4 deletions(-) > > > > > > > > > > > > diff --git a/src/imaevm.h b/src/imaevm.h > > > > > > index c81bf21..795966a 100644 > > > > > > --- a/src/imaevm.h > > > > > > +++ b/src/imaevm.h > > > > > > @@ -75,6 +75,7 @@ > > > > > > #define DATA_SIZE 4096 > > > > > > #define SHA1_HASH_LEN 20 > > > > > > > > > > > > +#define MAX_DIGEST_NAME 32 > > > > > > #define MAX_DIGEST_SIZE 64 > > > > > > #define MAX_SIGNATURE_SIZE 1024 > > > > > > > > > > > > diff --git a/src/libimaevm.c b/src/libimaevm.c > > > > > > index cb4721b..7501303 100644 > > > > > > --- a/src/libimaevm.c > > > > > > +++ b/src/libimaevm.c > > > > > > @@ -41,6 +41,7 @@ > > > > > > /* should we use logger instead for library? */ > > > > > > #define USE_FPRINTF > > > > > > > > > > > > +#define _GNU_SOURCE > > > > > > #include <sys/types.h> > > > > > > #include <sys/param.h> > > > > > > #include <sys/stat.h> > > > > > > @@ -56,6 +57,7 @@ > > > > > > #include <openssl/pem.h> > > > > > > #include <openssl/evp.h> > > > > > > #include <openssl/x509.h> > > > > > > +#include <openssl/engine.h> > > > > > > #include <openssl/err.h> > > > > > > > > > > > > #include "imaevm.h" > > > > > > @@ -70,8 +72,8 @@ const char *const pkey_hash_algo[PKEY_HASH__LAST] = { > > > > > > [PKEY_HASH_SHA384] = "sha384", > > > > > > [PKEY_HASH_SHA512] = "sha512", > > > > > > [PKEY_HASH_SHA224] = "sha224", > > > > > > - [PKEY_HASH_STREEBOG_256] = "streebog256", > > > > > > - [PKEY_HASH_STREEBOG_512] = "streebog512", > > > > > > + [PKEY_HASH_STREEBOG_256] = "md_gost12_256,streebog256", > > > > > > + [PKEY_HASH_STREEBOG_512] = "md_gost12_512,streebog512", > > > > > > }; > > > > > > > > > > > > /* > > > > > > @@ -284,6 +286,35 @@ static int add_dev_hash(struct stat *st, EVP_MD_CTX *ctx) > > > > > > return !EVP_DigestUpdate(ctx, &dev, sizeof(dev)); > > > > > > } > > > > > > > > > > > > +/* Call EVP_get_digestbyname with provided name and with alias, > > > > > > + * which is first name in the comma separated list of names > > > > > > + * in pkey_hash_algo. > > > > > > + */ > > > > > > +static const EVP_MD *get_digestbyname(const char *name) > > > > > > +{ > > > > > > + const EVP_MD *md; > > > > > > + > > > > > > + md = EVP_get_digestbyname(params.hash_algo); > > > > > > + if (!md) { > > > > > > + char alias[MAX_DIGEST_NAME]; > > > > > > + int len; > > > > > > + int algo_id; > > > > > > + const char *algo_alias; > > > > > > + > > > > > > + /* try to get algo by its alias */ > > > > > > + algo_id = get_hash_algo(params.hash_algo); > > > > > > + algo_alias = get_hash_algo_by_id(algo_id); > > > > > > + len = strchrnul(algo_alias, ',') - algo_alias; > > > > > > + if (len < sizeof(alias)) { > > > > > > + memcpy(alias, algo_alias, len); > > > > > > + alias[len] = '\0'; > > > > > > + if (strcmp(params.hash_algo, alias)) > > > > > > + md = EVP_get_digestbyname(alias); > > > > > > + } > > > > > > + } > > > > > > + return md; > > > > > > +} > > > > > > + > > > > > > int ima_calc_hash(const char *file, uint8_t *hash) > > > > > > { > > > > > > const EVP_MD *md; > > > > > > @@ -305,7 +336,7 @@ int ima_calc_hash(const char *file, uint8_t *hash) > > > > > > return err; > > > > > > } > > > > > > > > > > > > - md = EVP_get_digestbyname(params.hash_algo); > > > > > > + md = get_digestbyname(params.hash_algo); > > > > > > if (!md) { > > > > > > log_err("EVP_get_digestbyname(%s) failed\n", params.hash_algo); > > > > > > return 1; > > > > > > @@ -561,6 +592,22 @@ static int algocmp(const char *a, const char *b) > > > > > > return *a || *b; > > > > > > } > > > > > > > > > > > > +static int strmatch(const char *needle, const char *haystack) > > > > > > +{ > > > > > > + int len = strlen(needle); > > > > > > + const char *p = haystack; > > > > > > + const char *t; > > > > > > + > > > > > > + for (t = strchrnul(p, ','); *p; p = t, t = strchrnul(p, ',')) { > > > > > > + if (t - p == len && > > > > > > + !strncmp(needle, p, len)) > > > > > > + return 0; > > > > > > + if (!*t++) > > > > > > + break; > > > > > > + } > > > > > > + return 1; > > > > > > +} > > > > > > + > > > > > > int get_hash_algo(const char *algo) > > > > > > { > > > > > > int i; > > > > > > @@ -568,7 +615,7 @@ int get_hash_algo(const char *algo) > > > > > > /* first iterate over builtin algorithms */ > > > > > > for (i = 0; i < PKEY_HASH__LAST; i++) > > > > > > if (pkey_hash_algo[i] && > > > > > > - !strcmp(algo, pkey_hash_algo[i])) > > > > > > + !strmatch(algo, pkey_hash_algo[i])) > > > > > > return i; > > > > > > > > > > > > /* iterate over algorithms provided by kernel-headers */ > > > >