Re: [PATCH] crypto: mscode_parser: remove sha224 authenticode support

From: Ard Biesheuvel
Date: Wed Oct 11 2023 - 04:42:38 EST


On Tue, 10 Oct 2023 at 23:25, Dimitri John Ledkov
<dimitri.ledkov@xxxxxxxxxxxxx> wrote:
>
> It is possible to stand up own certificates and sign PE-COFF binaries
> using SHA-224. However it never became popular or needed since it has
> similar costs as SHA-256. Windows Authenticode infrastructure never
> had support for SHA-224, and all secureboot keys used fro linux

fro

> vmlinuz have always been using at least SHA-256.
>
> Given the point of mscode_parser is to support interoperatiblity with

interoperatibility

> typical de-facto hashes, remove support for SHA-224 to avoid
> posibility

the possibility

> of creating interoperatibility

interoperability

> issues with rhboot/shim,
> grub, and non-linux systems trying to sign or verify vmlinux.
>
> SHA-224 itself is not removed from the kernel, as it is truncated
> SHA-256. If requested I can write patches to remove SHA-224 support
> across all of the drivers.
>

We can stop using it but we cannot remove it.

As you say, it is just SHA-256 with a different initial state and a
truncated hash, so removing support entirely achieves very little. And
there are plenty of other algorithms we'd be happy to remove first if
we were only sure that nobody was relying on them. (Note that AF_ALG
supports AEAD so someone somewhere could be using the kernel's sha224
from user space)

> Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@xxxxxxxxxxxxx>

Acked-by: Ard Biesheuvel <ardb@xxxxxxxxxx>

> ---
> crypto/asymmetric_keys/mscode_parser.c | 3 ---
> 1 file changed, 3 deletions(-)
>
> diff --git a/crypto/asymmetric_keys/mscode_parser.c b/crypto/asymmetric_keys/mscode_parser.c
> index 6416bded0e..855cbc46a9 100644
> --- a/crypto/asymmetric_keys/mscode_parser.c
> +++ b/crypto/asymmetric_keys/mscode_parser.c
> @@ -84,9 +84,6 @@ int mscode_note_digest_algo(void *context, size_t hdrlen,
> case OID_sha512:
> ctx->digest_algo = "sha512";
> break;
> - case OID_sha224:
> - ctx->digest_algo = "sha224";
> - break;
>
> case OID__NR:
> sprint_oid(value, vlen, buffer, sizeof(buffer));
> --
> 2.34.1
>