From nobody Sat Feb 7 05:57:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D8BA22B8A9 for ; Mon, 2 Feb 2026 17:02:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770051767; cv=none; b=TIS8PWvrwe5DI2AYHIeG89KZ8uWo5TJ6FJtvFZgExwwSVAlNhdIHXS9HVqnowl2dhoiVYvlj50jeHIej2sxYjiUL8qo7r1phBXAWskYhIxLNxpIIPO+GzfNKoAw+/BBw2GdfDoJnDuIvgrACECIAeu/byPi8sgIWg9sLLLzEujM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770051767; c=relaxed/simple; bh=2e9SH7J4BWQiTO5bhBJRbINXA5Y+RUH8hrW83p9106E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=eAOfGEsHgoKZcyhco9s5Ds86RAXosPT+fBboMeSu5pEiccQiYV5K9rixUYwQz8wy7+lRmq/aDKG1geAgNMkcq4XAZtdKec8n61oG7xZqJV+TF5sQmeZ6jk8HrQOkK9Zpzo0ORT8VXms4xwPzp9kL//qdGhS9NFHjlUZri2dkUSw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=HgCuWMIn; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="HgCuWMIn" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1770051765; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=o/2GlCgZLrpUqq5D1yRzHDnrzr+MKF5Tesne7omct6g=; b=HgCuWMInteOp1DvSxJzNlVFhV5arfblRMO/USGqU+hfymprUJ3gIns9xLksmzFsJlxfoMQ FgaLzm36/CXrBs9aMGq3S5o/+4nXdPIJs8wjAaMOtB+B+PuhyE9K8iVLUSB3dVsfqV3tiY XktxQCoBzYDig0HPazFMIHbvGW7QwII= Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-19-URFNfZZXOeSd8jiflZS4Vg-1; Mon, 02 Feb 2026 12:02:41 -0500 X-MC-Unique: URFNfZZXOeSd8jiflZS4Vg-1 X-Mimecast-MFC-AGG-ID: URFNfZZXOeSd8jiflZS4Vg_1770051759 Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id A620A18002F1; Mon, 2 Feb 2026 17:02:38 +0000 (UTC) Received: from warthog.procyon.org.uk.com (unknown [10.44.33.164]) by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 5B8A418008FF; Mon, 2 Feb 2026 17:02:33 +0000 (UTC) From: David Howells To: Lukas Wunner , Ignat Korchagin Cc: David Howells , Jarkko Sakkinen , Herbert Xu , Eric Biggers , Luis Chamberlain , Petr Pavlu , Daniel Gomez , Sami Tolvanen , "Jason A . Donenfeld" , Ard Biesheuvel , Stephan Mueller , linux-crypto@vger.kernel.org, keyrings@vger.kernel.org, linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v16 2/7] x509: Separately calculate sha256 for blacklist Date: Mon, 2 Feb 2026 17:02:07 +0000 Message-ID: <20260202170216.2467036-3-dhowells@redhat.com> In-Reply-To: <20260202170216.2467036-1-dhowells@redhat.com> References: <20260202170216.2467036-1-dhowells@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93 Content-Type: text/plain; charset="utf-8" Calculate the SHA256 hash for blacklisting purposes independently of the signature hash (which may be something other than SHA256). This is necessary because when ML-DSA is used, no digest is calculated. Note that this represents a change of behaviour in that the hash used for the blacklist check would previously have been whatever digest was used for, say, RSA-based signatures. It may be that this is inadvisable. Signed-off-by: David Howells Reviewed-by: Jarkko Sakkinen cc: Lukas Wunner cc: Ignat Korchagin cc: Stephan Mueller cc: Eric Biggers cc: Herbert Xu cc: keyrings@vger.kernel.org cc: linux-crypto@vger.kernel.org --- crypto/asymmetric_keys/x509_parser.h | 2 ++ crypto/asymmetric_keys/x509_public_key.c | 22 +++++++++++++--------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/= x509_parser.h index 0688c222806b..b7aeebdddb36 100644 --- a/crypto/asymmetric_keys/x509_parser.h +++ b/crypto/asymmetric_keys/x509_parser.h @@ -9,12 +9,14 @@ #include #include #include +#include =20 struct x509_certificate { struct x509_certificate *next; struct x509_certificate *signer; /* Certificate that signed this one */ struct public_key *pub; /* Public key details */ struct public_key_signature *sig; /* Signature parameters */ + u8 sha256[SHA256_DIGEST_SIZE]; /* Hash for blacklist purposes */ char *issuer; /* Name of certificate issuer */ char *subject; /* Name of certificate subject */ struct asymmetric_key_id *id; /* Issuer + Serial number */ diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_k= eys/x509_public_key.c index 12e3341e806b..79cc7b7a0630 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -31,6 +31,19 @@ int x509_get_sig_params(struct x509_certificate *cert) =20 pr_devel("=3D=3D>%s()\n", __func__); =20 + /* Calculate a SHA256 hash of the TBS and check it against the + * blacklist. + */ + sha256(cert->tbs, cert->tbs_size, cert->sha256); + ret =3D is_hash_blacklisted(cert->sha256, sizeof(cert->sha256), + BLACKLIST_HASH_X509_TBS); + if (ret =3D=3D -EKEYREJECTED) { + pr_err("Cert %*phN is blacklisted\n", + (int)sizeof(cert->sha256), cert->sha256); + cert->blacklisted =3D true; + ret =3D 0; + } + sig->s =3D kmemdup(cert->raw_sig, cert->raw_sig_size, GFP_KERNEL); if (!sig->s) return -ENOMEM; @@ -69,15 +82,6 @@ int x509_get_sig_params(struct x509_certificate *cert) if (ret < 0) goto error_2; =20 - ret =3D is_hash_blacklisted(sig->digest, sig->digest_size, - BLACKLIST_HASH_X509_TBS); - if (ret =3D=3D -EKEYREJECTED) { - pr_err("Cert %*phN is blacklisted\n", - sig->digest_size, sig->digest); - cert->blacklisted =3D true; - ret =3D 0; - } - error_2: kfree(desc); error: