Re: [PATCH 0/2] public key: IMA signer logging: Log public key of IMA Signature signer in IMA log
From: Mimi Zohar
Date: Tue May 14 2019 - 13:31:43 EST
On Tue, 2019-05-14 at 10:14 -0700, Lakshmi wrote:
> The motive behind this patch series is to measure the public key
> of the IMA signature signer in the IMA log.
> The IMA signature of the file, logged using ima-sig template, contains
> the key identifier of the key that was used to generate the signature.
> But outside the client machine this key id is not sufficient to
> uniquely determine which key the signature corresponds to.
> Providing the public key of the signer in the IMA log would
> allow, for example, an attestation service to securely verify
> if the key used to generate the IMA signature is a valid and
> trusted one, and that the key has not been revoked or expired.
> An attestation service would just need to maintain a list of
> valid public keys and using the data from the IMA log can attest
> the system files loaded on the client machine.
> To achieve the above the patch series does the following:
> - Adds a new method in asymmetric_key_subtype to query
> the public key of the given key
> - Adds a new IMA template namely "ima-sigkey" to store\read
> the public key of the IMA signature signer. This template
> extends the existing template "ima-sig"
Why duplicate the certificate info on each record in the measurement
list? ÂWhy not add the certificate info once, as the key is loaded
onto the .ima and .platform keyrings?
> Lakshmi (2):
> add support for querying public key from a given key
> add a new template ima-sigkey to store/read the public, key of ima
> signature signer
> .../admin-guide/kernel-parameters.txt | 2 +-
> Documentation/crypto/asymmetric-keys.txt | 1 +
> Documentation/security/IMA-templates.rst | 5 +-
> crypto/asymmetric_keys/public_key.c | 7 +++
> crypto/asymmetric_keys/signature.c | 24 +++++++++
> include/crypto/public_key.h | 1 +
> include/keys/asymmetric-subtype.h | 3 ++
> security/integrity/digsig.c | 54 +++++++++++++++++--
> security/integrity/digsig_asymmetric.c | 44 +++++++++++++++
> security/integrity/ima/Kconfig | 3 ++
> security/integrity/ima/ima_template.c | 3 ++
> security/integrity/ima/ima_template_lib.c | 43 +++++++++++++++
> security/integrity/ima/ima_template_lib.h | 4 ++
> security/integrity/integrity.h | 29 +++++++++-
> 14 files changed, 216 insertions(+), 7 deletions(-)