From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1TOuUA-0002rN-U4 for mharc-grub-devel@gnu.org; Thu, 18 Oct 2012 14:06:22 -0400 Received: from eggs.gnu.org ([208.118.235.92]:36358) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TOuU7-0002pP-Ol for grub-devel@gnu.org; Thu, 18 Oct 2012 14:06:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TOuU6-0006CR-9q for grub-devel@gnu.org; Thu, 18 Oct 2012 14:06:19 -0400 Received: from mail-wi0-f177.google.com ([209.85.212.177]:44478) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TOuU6-0006CD-3a for grub-devel@gnu.org; Thu, 18 Oct 2012 14:06:18 -0400 Received: by mail-wi0-f177.google.com with SMTP id hj13so1820492wib.12 for ; Thu, 18 Oct 2012 11:06:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type; bh=1uwGPz20zpeRdl/qw+wJmklvfp8QKdu3Fa1M/ars5tE=; b=gY1YT29W9/Z9ikBqIKjDBOKONEAxgPgyYCs8ZhYVZ8LCISH6SaRtyu2ohGJ4YQC0Em +drYtqTh+JhsM5GQd/DeM2qH1d3v+hXEV2eztEpjZkqKa+v+sWjX3eOM33nTOIK4wzoI i641LDklYy4f9ILJv1BPHZr2guTnkdAsUhoz7HGDK0RbFuZBoTSa+WgQv5YqGMOcNkLF FRGgdOKsHIGcdua0WTDP6PuM3tPAWD7Dn1Nyf6uqk/rE9uWTgOHuz0EWgc2pCNCqOKrO ILOBLuXgv/Bs2ll7Z3gN4sEl+v6jX/h1y6ewer1OkgpSBuFDalR/siSaWm2//uX4MbQq /IOQ== Received: by 10.216.213.152 with SMTP id a24mr14200969wep.224.1350583576295; Thu, 18 Oct 2012 11:06:16 -0700 (PDT) Received: from debian.x201.phnet (113-18.203-62.cust.bluewin.ch. [62.203.18.113]) by mx.google.com with ESMTPS id k20sm30744047wiv.11.2012.10.18.11.06.14 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 18 Oct 2012 11:06:15 -0700 (PDT) Message-ID: <50804513.8010804@gmail.com> Date: Thu, 18 Oct 2012 20:06:11 +0200 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.7) Gecko/20120922 Icedove/10.0.7 MIME-Version: 1.0 To: grub-devel@gnu.org Subject: Re: Signature verification in GRUB References: <5079441B.6010809@gmail.com> In-Reply-To: X-Enigmail-Version: 1.4.1 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig81C99170C5615DE069BFED2C" X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 209.85.212.177 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Oct 2012 18:06:21 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig81C99170C5615DE069BFED2C Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 15.10.2012 23:33, Geoffrey Thomas wrote: > On Sat, 13 Oct 2012, Vladimir '=CF=86-coder/phcoder' Serbinenko wrote: >=20 >>> First, does GRUB has a mechanism for me to validate a digitally-signe= d >>> file of some sort? This could be e.g. a PGP-signed file or something >>> from `openssl dgst -sign`. I see that GRUB has all the relevant crypt= o >>> primitives to do this, but I can't find a command to invoke them. (As= >>> far as I can tell, gcrypt is only used for PBKDF2 and cryptodisk >>> support?) >>> >> >> I have some code dating from about a year ago but because of my curren= t >> personal situation it's put on hold for some time. >=20 > Do you have something I can start from that you could drop somewhere? I= > haven't begun implementing this yet, and I suspect that starting from > your code would be helpful for getting this done faster and also doing > it in a style compatible with upstream. >=20 I want to do it myself. I'm likely to get some time for it in December. > Also, a slightly more generic question -- what's a reasonable format > here? I'm kind of surprised to find that openssl has no generic command= > to sign a file or verify it's signatures. I could use PGP, but we're > already using SSL-style certificates for Authenticode, so I'd prefer no= t > generate another key with a completely different format. That said, if > more people will find PGP verification useful, I can implement that. >=20 It has to be gnupg signatures. >> Is there some doc on dm-verify? It may be interesting. >=20 > http://code.google.com/p/cryptsetup/wiki/DMVerity > is the official documentation. >=20 > Briefly, you generate a salted hash tree of each block (and in turn of > the blocks containing the hashes) until you get a root hash. So with a > trusted way to get the root hash, the original device, and a device/fil= e > containing the hashes, you can generate a new (read-only) device that > validates hashes up to the root, and throws an IO error if the data has= > been tampered with. >=20 Doesn't sound like best way. MAC-tree would be better cryptographically (third party would be unable to verify, which is of advantage) and would be easier to write to. > The "veritysetup" command in sbin in recent cryptsetup versions can > generate the hash tree and print out the root hash. >=20 >=20 >=20 > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel --=20 Regards Vladimir '=CF=86-coder/phcoder' Serbinenko --------------enig81C99170C5615DE069BFED2C Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREKAAYFAlCARRQACgkQNak7dOguQgmDmwD/TXjnyesC/Lq3T7ZoVnWn5hdr H7kxjIHUQGSIdXTdI6EA/1Hi2lU76LE68lBwm4xpFzi4UvYw95TyGFMSi0T7MWJ8 =Hfss -----END PGP SIGNATURE----- --------------enig81C99170C5615DE069BFED2C--