On 15.10.2012 23:33, Geoffrey Thomas wrote: > On Sat, 13 Oct 2012, Vladimir 'φ-coder/phcoder' Serbinenko wrote: > >>> First, does GRUB has a mechanism for me to validate a digitally-signed >>> file of some sort? This could be e.g. a PGP-signed file or something >>> from `openssl dgst -sign`. I see that GRUB has all the relevant crypto >>> primitives to do this, but I can't find a command to invoke them. (As >>> far as I can tell, gcrypt is only used for PBKDF2 and cryptodisk >>> support?) >>> >> >> I have some code dating from about a year ago but because of my current >> personal situation it's put on hold for some time. > > Do you have something I can start from that you could drop somewhere? I > haven't begun implementing this yet, and I suspect that starting from > your code would be helpful for getting this done faster and also doing > it in a style compatible with upstream. > I want to do it myself. I'm likely to get some time for it in December. > Also, a slightly more generic question -- what's a reasonable format > here? I'm kind of surprised to find that openssl has no generic command > to sign a file or verify it's signatures. I could use PGP, but we're > already using SSL-style certificates for Authenticode, so I'd prefer not > generate another key with a completely different format. That said, if > more people will find PGP verification useful, I can implement that. > It has to be gnupg signatures. >> Is there some doc on dm-verify? It may be interesting. > > http://code.google.com/p/cryptsetup/wiki/DMVerity > is the official documentation. > > Briefly, you generate a salted hash tree of each block (and in turn of > the blocks containing the hashes) until you get a root hash. So with a > trusted way to get the root hash, the original device, and a device/file > containing the hashes, you can generate a new (read-only) device that > validates hashes up to the root, and throws an IO error if the data has > been tampered with. > Doesn't sound like best way. MAC-tree would be better cryptographically (third party would be unable to verify, which is of advantage) and would be easier to write to. > The "veritysetup" command in sbin in recent cryptsetup versions can > generate the hash tree and print out the root hash. > > > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel -- Regards Vladimir 'φ-coder/phcoder' Serbinenko