From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: AKASHI Takahiro <takahiro.akashi@linaro.org>,
xypron.glpk@gmx.de, u-boot@lists.denx.de
Subject: Re: [PATCH] lib/crypto: Enable more algorithms in cert verification
Date: Tue, 18 Jan 2022 14:50:25 +0200 [thread overview]
Message-ID: <Yea3kS26h7y5nBVm@hades> (raw)
In-Reply-To: <20220118123822.GC30001@laputa>
Akashi-san,
On Tue, Jan 18, 2022 at 09:38:22PM +0900, AKASHI Takahiro wrote:
> Hi Ilias,
>
> On Tue, Jan 18, 2022 at 01:12:37PM +0200, Ilias Apalodimas wrote:
> > Right now the code explicitly limits us to sha1,256 hashes with RSA2048
> > encryption. But the limitation is artificial since U-Boot supports
> > a wider range of algorithms.
> >
> > The internal image_get_[checksum|crypto]_algo() functions expect an
> > argument in the format of <checksum>,<crypto>. So let's remove the size
> > checking and create the needed string on the fly in order to support
> > more hash/signing combinations.
> >
> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > ---
> > lib/crypto/public_key.c | 27 +++++++++++++--------------
> > 1 file changed, 13 insertions(+), 14 deletions(-)
> >
> > diff --git a/lib/crypto/public_key.c b/lib/crypto/public_key.c
> > index df6033cdb499..b783c63f5a51 100644
> > --- a/lib/crypto/public_key.c
> > +++ b/lib/crypto/public_key.c
> > @@ -97,6 +97,7 @@ int public_key_verify_signature(const struct public_key *pkey,
> > const struct public_key_signature *sig)
> > {
> > struct image_sign_info info;
> > + char algo[256];
> > int ret;
> >
> > pr_devel("==>%s()\n", __func__);
> > @@ -108,29 +109,27 @@ int public_key_verify_signature(const struct public_key *pkey,
> > return -EINVAL;
> >
> > memset(&info, '\0', sizeof(info));
> > + memset(algo, 0, sizeof(algo));
> > info.padding = image_get_padding_algo("pkcs-1.5");
> > /*
> > * Note: image_get_[checksum|crypto]_algo takes a string
> > * argument like "<checksum>,<crypto>"
> > * TODO: support other hash algorithms
> > */
>
> If this patch is applied, the TODO comment above will make no sense :)
We are still only handle SHA, but there's a printable error now, so i'll
get rid of the comment.
>
> > - if (strcmp(sig->pkey_algo, "rsa") || (sig->s_size * 8) != 2048) {
> > - pr_warn("Encryption is not RSA2048: %s%d\n",
> > - sig->pkey_algo, sig->s_size * 8);
> > - return -ENOPKG;
> > - }
> > - if (!strcmp(sig->hash_algo, "sha1")) {
> > - info.checksum = image_get_checksum_algo("sha1,rsa2048");
> > - info.name = "sha1,rsa2048";
> > - } else if (!strcmp(sig->hash_algo, "sha256")) {
> > - info.checksum = image_get_checksum_algo("sha256,rsa2048");
> > - info.name = "sha256,rsa2048";
> > - } else {
> > - pr_warn("unknown msg digest algo: %s\n", sig->hash_algo);
> > + if (strcmp(sig->pkey_algo, "rsa")) {
> > + pr_err("Encryption is not RSA: %s\n", sig->pkey_algo);
> > return -ENOPKG;
> > }
> > + ret = snprintf(algo, sizeof(algo), "%s,%s%d", sig->hash_algo,
> > + sig->pkey_algo, sig->s_size * 8);
>
> I'm not sure that this naming rule, in particular the latter part, will
> always hold in the future while all the existing algo's observe it.
> (Maybe we need some note somewhere?)
The if a few lines below will shield us and return -EINVAL. How about
adding an error message there?
Cheers
/Ilias
>
> -Takahiro Akashi
>
> > +
> > + if (ret >= sizeof(algo))
> > + return -EINVAL;
> > +
> > + info.checksum = image_get_checksum_algo((const char *)algo);
> > + info.name = (const char *)algo;
> > info.crypto = image_get_crypto_algo(info.name);
> > - if (IS_ERR(info.checksum) || IS_ERR(info.crypto))
> > + if (!info.checksum || !info.crypto)
> > return -ENOPKG;
> >
> > info.key = pkey->key;
> > --
> > 2.30.2
> >
next prev parent reply other threads:[~2022-01-18 12:50 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-18 11:12 [PATCH] lib/crypto: Enable more algorithms in cert verification Ilias Apalodimas
2022-01-18 12:38 ` AKASHI Takahiro
2022-01-18 12:50 ` Ilias Apalodimas [this message]
2022-01-18 13:41 ` Heinrich Schuchardt
2022-01-18 14:03 ` Ilias Apalodimas
2022-01-18 16:22 ` Heinrich Schuchardt
2022-01-18 18:12 ` Ilias Apalodimas
2022-01-19 4:47 ` AKASHI Takahiro
2022-01-19 7:07 ` Ilias Apalodimas
2022-01-19 12:36 ` AKASHI Takahiro
2022-01-19 13:03 ` Ilias Apalodimas
2022-01-19 14:22 ` Heinrich Schuchardt
2022-01-19 14:54 ` Ilias Apalodimas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yea3kS26h7y5nBVm@hades \
--to=ilias.apalodimas@linaro.org \
--cc=takahiro.akashi@linaro.org \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.