From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1ULugD-0005Kp-JI for mharc-grub-devel@gnu.org; Sat, 30 Mar 2013 08:14:41 -0400 Received: from eggs.gnu.org ([208.118.235.92]:42298) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ULug9-0005HZ-MD for grub-devel@gnu.org; Sat, 30 Mar 2013 08:14:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ULug8-0000PM-5a for grub-devel@gnu.org; Sat, 30 Mar 2013 08:14:37 -0400 Received: from mail-la0-x22d.google.com ([2a00:1450:4010:c03::22d]:61060) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ULug7-0000MS-Se for grub-devel@gnu.org; Sat, 30 Mar 2013 08:14:36 -0400 Received: by mail-la0-f45.google.com with SMTP id er20so1092039lab.32 for ; Sat, 30 Mar 2013 05:14:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:date:from:to:subject:message-id:in-reply-to:references :x-mailer:mime-version:content-type:content-transfer-encoding; bh=iOZBYiBMu/Rm+XfMx+Cns7eYdN9k6X0Sj6EhkU2tzmo=; b=AlNoKTnzkZmc6gq1QuvJ0912/uLpzJuU9N60aBI2MXMMSuZ4dRLwrx6wSV6SBm9gPf /vOKuXPgf9tdcUImOfDZDekJV0PdEeU37fMjJn/3xeyAqtyWKVULXvL4QkE+B9yu+OuK uvtABRIU+r1cw5ExDjqltKa8xDtHFOCapq8zdxM0mn/uoR3EkkllxamOcQAqvrQBXfG7 Z5NEMjixcTrXx/HmZoo3lxIdOKoghI3rtvtp/WqAF195GPJFBz9iRsO4g6JMzNqs33fg uUgTJrPsumOAE7+tw4hNyg3BXBUUms7vMQrGrpnTxRkRunnPjLrxUHFZgXGGXIt76wQv tG3Q== X-Received: by 10.112.101.130 with SMTP id fg2mr2834633lbb.64.1364645674684; Sat, 30 Mar 2013 05:14:34 -0700 (PDT) Received: from opensuse.site (ppp79-139-243-180.pppoe.spdop.ru. [79.139.243.180]) by mx.google.com with ESMTPS id mq7sm2480064lab.1.2013.03.30.05.14.33 (version=SSLv3 cipher=RC4-SHA bits=128/128); Sat, 30 Mar 2013 05:14:34 -0700 (PDT) Date: Sat, 30 Mar 2013 16:14:32 +0400 From: Andrey Borzenkov To: grub-devel@gnu.org Subject: Re: Grub verify module failed to verify a signed file Message-ID: <20130330161432.3de09500@opensuse.site> In-Reply-To: <5BA5293F2AE26249A73BD98C735FBBD0043E8F1358@sxnghq01-v> References: <5BA5293F2AE26249A73BD98C735FBBD0043E8F1358@sxnghq01-v> X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.14; x86_64-suse-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2a00:1450:4010:c03::22d X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Mar 2013 12:14:40 -0000 В Thu, 28 Mar 2013 16:15:09 -0700 Wei Hu пишет: > Hi, > > I am trying to use the grub verify module to verify a detached signature I signed using gpg on Linux. I did two different signings. Both of them failed, but at the different places in grub_verify_signature(). I am wonder if I did something wrong or the module has some bugs in it. Let me detail my procedure here. The text file, signature file and my public key are all attached. > > Signing Approach 1 > ----------------------- > > On my Ubuntu system, say I want to detached sign myfile.txt > > > gpg --detach-sign myfile.txt > > It creates the signature file myfile.txt.sig. I noticed it uses ripemd160 hash algorithm. Then I export my public key as > > > gpg --output my.pubkey --export 'whu@moka5.com' > > The my.pubkey file contains my public key. Then I create a grub rescue cd image with all these three file myfile.txt myfile.txt.sig and my.pubkey. > > > grub-mkrescue -o image.iso ./myfile.txt ./myfile.txt.sig ./my.pubkey > > After this, I booted the image and at the grub prompt I did > > grub > verify_detached /myfile.txt /myfile.txt.sig /my.pubkey > > It returns bad signature in grub_verify_signature() after following line: > ... > hash->final (context); > grub_dprintf ("crypt", "alive\n"); > hval = hash->read (context); > if (grub_file_read (sig, hash_start, sizeof (hash_start)) != sizeof (hash_start)) > return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature")); > if (grub_memcmp (hval, hash_start, sizeof (hash_start)) != 0) > return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature")); <-- - failed here > > My understanding is it calls ripemd160 algorithm to verify a two byte hash value and it failed. Yes, fails here as well. Adding debug output, it reads correct bytes at correct offset from signature, but the first two bytes of hval differ. > So I try to change the algorithm using in gpg for hashing as follows: > > Signing Approch 2 > --------------------- > > I just sign the myfile.txt with sha512 like this: > > > gpg --digest-algo sha512 --detach-sign myfile.txt > > It creates a myfile.txt.sig file. Then a created the iso image and boot just as in approach 1. > > grub > verify_detached /myfile.txt /myfile.txt.sig /my.pubkey > > This time I went much further in grub_verify_signature(). It seem failed at last when calling dsa verify routine: > > unsigned nbits = gcry_mpi_get_nbits (sk->mpis[1]); > grub_dprintf ("crypt", "must be %u bits got %d bits\n", nbits, > (int)(8 * hash->mdlen)); <---- Here debug output is: must be 17 bits got 512 bits > .... > if (!grub_crypto_pk_dsa) > return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("module `%s' isn't loaded"), "gcry_dsa"); > if (grub_crypto_pk_dsa->verify (0, hmpi, mpis, sk->mpis, 0, 0)) <------ failed here. > return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature")); > > So I guess I was not doing right somewhere? Have you tested this verification module? The grub_dprintf() output (expecting 17bits but got 512 bits) is very suspicious. > > For this Verify module to work, what tool and what procedure should I follow to sign a file? > > Thanks so much, > > Wei