From: sudhakar <sudhakar@linux.ibm.com>
To: Stefan Berger <stefanb@linux.ibm.com>
Cc: grub-devel@gnu.org, dja@axtens.net, jan.setjeeilers@oracle.com,
julian.klode@canonical.com, mate.kukri@canonical.com,
pjones@redhat.com, avnish@linux.ibm.com, nayna@linux.ibm.com,
ssrish@linux.ibm.com
Subject: Re: [PATCH v1 17/21] appendedsig: While verifying the kernel, use trusted and distrusted lists
Date: Thu, 27 Feb 2025 20:52:34 +0530 [thread overview]
Message-ID: <c5bdb4c9c2d75fe837fe1f3ef585185a@linux.ibm.com> (raw)
In-Reply-To: <82b491a0-7e01-4f72-bcc1-62b8fcfb9728@linux.ibm.com>
On 2024-12-31 23:07, Stefan Berger wrote:
> On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
>> To verify the kernel's: verify the kernel binary against list of
>> binary hashes
>
> To verify the kernel's signature?
>
> against lists of binary hashes
>
>> that are distrusted and trusted. If it is not listed in both trusted
>> and distrusted,
>
> that are either distrusted or trusted.
>
> If it is not list in either trusted or distrusted hashes list then the
> trusted keys from the trusted key list are used to verify the
> signature.
>
>> the trusted keys from trusted key list used to verify the signature.
>>
>> Signed-off-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
>> ---
>> grub-core/commands/appendedsig/appendedsig.c | 188
>> +++++++++++++------
>> 1 file changed, 133 insertions(+), 55 deletions(-)
>>
>> diff --git a/grub-core/commands/appendedsig/appendedsig.c
>> b/grub-core/commands/appendedsig/appendedsig.c
>> index 31649e800..8b084087e 100644
>> --- a/grub-core/commands/appendedsig/appendedsig.c
>> +++ b/grub-core/commands/appendedsig/appendedsig.c
>> @@ -497,6 +497,81 @@ extract_appended_signature (const grub_uint8_t
>> *buf, grub_size_t bufsize,
>> return parse_pkcs7_signedData (appsigdata, pkcs7_size,
>> &sig->pkcs7);
>> }
>> +static grub_err_t
>> +grub_get_binary_hash (const grub_size_t binary_hash_size, const
>> grub_uint8_t *data,
>> + const grub_size_t data_size, grub_uint8_t
>> *hash, grub_size_t *hash_size)
>> +{
>> + grub_uuid_t guid = { 0 };
>> +
>> + /* support SHA256, SHA384 and SHA512 for binary hash */
>> + if (binary_hash_size == 32)
>> + grub_memcpy (&guid, &GRUB_PKS_CERT_SHA256_GUID, GRUB_UUID_SIZE);
>> + else if (binary_hash_size == 48)
>> + grub_memcpy (&guid, &GRUB_PKS_CERT_SHA384_GUID, GRUB_UUID_SIZE);
>> + else if (binary_hash_size == 64)
>> + grub_memcpy (&guid, &GRUB_PKS_CERT_SHA512_GUID, GRUB_UUID_SIZE);
>> + else
>> + {
>> + grub_dprintf ("appendedsig", "unsupported hash type (%"
>> PRIuGRUB_SIZE ") and skipping binary hash\n",
>> + binary_hash_size);
>> + return GRUB_ERR_UNKNOWN_COMMAND;
>> + }
>> +
>> + return grub_get_hash (&guid, data, data_size, hash, hash_size);
>> +}
>> +
>> +/*
>> + * verify binary hash against the list of binary hashes that are
>> distrusted
> Verify a binary hash
>> + * and trusted.
>
> The following errors can occur:
> - GRUB_ERR_BAD_SIGNATURE: indicates that the hash is distrusted.
> - GRUB_ERR_NONE: the hash is trusted, since it was found in the
> trusted hashes list
> - GRUB_ERR_EOF: the hash could not be found in the hashes list
>
>> + */
>> +static grub_err_t
>> +grub_verify_binary_hash (const grub_uint8_t *data, const grub_size_t
>> data_size)
>> +{
>> + grub_err_t rc = GRUB_ERR_NONE;
>> + grub_size_t i = 0, hash_size = 0;
>> + grub_uint8_t hash[GRUB_MAX_HASH_SIZE] = { 0 };
>> +
>> + for (i = 0; i < grub_dbx.signature_entries; i++)
>> + {
>> + rc = grub_get_binary_hash (grub_dbx.signature_size[i], data,
>> data_size,
>> + hash, &hash_size);
>> + if (rc != GRUB_ERR_NONE)
>> + continue;
>> +
>> + if (hash_size == grub_dbx.signature_size[i] &&
>> + grub_memcmp (grub_dbx.signatures[i], hash, hash_size) == 0)
>> + {
>> + grub_dprintf ("appendedsig", "the binary hash
>> (%02x%02x%02x%02x) was listed "
>> + "as distrusted\n", hash[0], hash[1], hash[2],
>> hash[3]);
>
> merge the error string into one
>
>> + return GRUB_ERR_BAD_SIGNATURE;
>> + }
>> + }
>> +
>> + for (i = 0; i < grub_db.signature_entries; i++)
>> + {
>> + rc = grub_get_binary_hash (grub_db.signature_size[i], data,
>> data_size,
>> + hash, &hash_size);
>> + if (rc != GRUB_ERR_NONE)
>> + continue;
>> +
>> + if (hash_size == grub_db.signature_size[i] &&
>> + grub_memcmp (grub_db.signatures[i], hash, hash_size) == 0)
>> + {
>> + grub_dprintf ("appendedsig", "verified with a trusted
>> binary hash "
>> + "(%02x%02x%02x%02x)\n", hash[0], hash[1],
>> hash[2], hash[3]);
>> + return GRUB_ERR_NONE;
>> + }
>> + }
>> +
>> + return GRUB_ERR_EOF;
>> +}
>> +
>> +
>> +/*
>> + * verify the kernel's integrity, the trusted key will be used from
>> + * the trusted key list. If it fails, verify it against the list of
>> binary hashes
>> + * that are distrusted and trusted.
>> + */
>> static grub_err_t
>> grub_verify_appended_signature (const grub_uint8_t *buf, grub_size_t
>> bufsize)
>> {
>> @@ -506,12 +581,12 @@ grub_verify_appended_signature (const
>> grub_uint8_t *buf, grub_size_t bufsize)
>> unsigned char *hash;
>> gcry_mpi_t hashmpi;
>> gcry_err_code_t rc;
>> - struct x509_certificate *pk;
>> + struct x509_certificate *cert;
>> struct grub_appended_signature sig;
>> struct pkcs7_signerInfo *si;
>> int i;
>> - if (!grub_db.key_entries)
>> + if (!grub_db.key_entries && !grub_db.signature_entries)
>> return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("No trusted keys
>> to verify against"));
>> err = extract_appended_signature (buf, bufsize, &sig);
>> @@ -520,68 +595,71 @@ grub_verify_appended_signature (const
>> grub_uint8_t *buf, grub_size_t bufsize)
>> datasize = bufsize - sig.signature_len;
>> - for (i = 0; i < sig.pkcs7.signerInfo_count; i++)
>> + err = grub_verify_binary_hash (buf, datasize);
>> + if (err == GRUB_ERR_EOF)
>> {
>> - /*
>> - * This could be optimised in a couple of ways:
>> - * - we could only compute hashes once per hash type
>> - * - we could track signer information and only verify where
>> IDs match
>> - * For now we do the naive O(trusted keys * pkcs7 signers)
>> approach.
>> - */
>> - si = &sig.pkcs7.signerInfos[i];
>> - context = grub_zalloc (si->hash->contextsize);
>> - if (!context)
>> - return grub_errno;
>> -
>> - si->hash->init (context);
>> - si->hash->write (context, buf, datasize);
>> - si->hash->final (context);
>> - hash = si->hash->read (context);
>> -
>> - grub_dprintf ("appendedsig", "data size %" PRIxGRUB_SIZE ",
>> signer %d hash %02x%02x%02x%02x...\n",
>> - datasize, i, hash[0], hash[1], hash[2], hash[3]);
>> -
>> - err = GRUB_ERR_BAD_SIGNATURE;
>> - for (pk = grub_db.keys; pk; pk = pk->next)
>
> /* Hash was not found in trusted and distrusted list: check signature
> now */
>
>> + for (i = 0; i < sig.pkcs7.signerInfo_count; i++)
>> {
>> - rc = grub_crypto_rsa_pad (&hashmpi, hash, si->hash,
>> pk->mpis[0]);
>> - if (rc)
>> + /*
>> + * This could be optimised in a couple of ways:
>> + * - we could only compute hashes once per hash type
>> + * - we could track signer information and only verify
>> where IDs match
>> + * For now we do the naive O(grub_db.keys * pkcs7 signers)
>> approach.
>> + */
>> + si = &sig.pkcs7.signerInfos[i];
>> + context = grub_zalloc (si->hash->contextsize);
>> + if (context == NULL)
>> + return grub_errno;
>> +
>> + si->hash->init (context);
>> + si->hash->write (context, buf, datasize);
>> + si->hash->final (context);
>> + hash = si->hash->read (context);
>> +
>> + grub_dprintf ("appendedsig",
>> + "data size %" PRIxGRUB_SIZE ", signer %d hash
>> %02x%02x%02x%02x...\n",
>> + datasize, i, hash[0], hash[1], hash[2],
>> hash[3]);
>> +
>> + err = GRUB_ERR_BAD_SIGNATURE;
>> + for (cert = grub_db.keys; cert; cert = cert->next)
>> {
>> - err = grub_error (GRUB_ERR_BAD_SIGNATURE,
>> - N_("Error padding hash for RSA
>> verification: %d"), rc);
>> - grub_free (context);
>> - goto cleanup;
>> + rc = grub_crypto_rsa_pad (&hashmpi, hash, si->hash,
>> cert->mpis[0]);
>> + if (rc != 0)
>> + {
>> + err = grub_error (GRUB_ERR_BAD_SIGNATURE,
>> + N_("Error padding hash for RSA
>> verification: %d"), rc);
>> + grub_free (context);
>> + pkcs7_signedData_release (&sig.pkcs7);
>> + return err;
>> + }
>> +
>> + rc = _gcry_pubkey_spec_rsa.verify (0, hashmpi,
>> &si->sig_mpi, cert->mpis, NULL, NULL);
>> + gcry_mpi_release (hashmpi);
>> + if (rc == 0)
>> + {
>> + grub_dprintf ("appendedsig", "verify signer %d with
>> key '%s' succeeded\n",
>> + i, cert->subject);
>> + err = GRUB_ERR_NONE;
>> + break;
>> + }
>> +
>> + grub_dprintf ("appendedsig", "verify signer %d with key
>> '%s' failed with %d\n",
>> + i, cert->subject, rc);
>> }
>> - rc = _gcry_pubkey_spec_rsa.verify (0, hashmpi,
>> &si->sig_mpi, pk->mpis, NULL, NULL);
>> - gcry_mpi_release (hashmpi);
>> -
>> - if (rc == 0)
>> - {
>> - grub_dprintf ("appendedsig", "verify signer %d with key
>> '%s' succeeded\n",
>> - i, pk->subject);
>> - err = GRUB_ERR_NONE;
>> - break;
>> - }
>> -
>> - grub_dprintf ("appendedsig", "verify signer %d with key
>> '%s' failed with %d\n",
>> - i, pk->subject, rc);
>> - }
>> -
>> - grub_free (context);
>> -
>> - if (err == GRUB_ERR_NONE)
>> - break;
>> + grub_free (context);
>> + if (err == GRUB_ERR_NONE)
>> + break;
>> + }
>> }
>> - /* If we didn't verify, provide a neat message */
>> - if (err != GRUB_ERR_NONE)
>> - err = grub_error (GRUB_ERR_BAD_SIGNATURE,
>> - N_("Failed to verify signature against a
>> trusted key"));
>> -
>> -cleanup:
>> pkcs7_signedData_release (&sig.pkcs7);
>> + if (err != GRUB_ERR_NONE)
>> + err = grub_error (err, N_("failed to verify signature with any
>> trusted key\n"));
>
> You may need a special case to jump to from after the hash list test
> to indicate that the hash was found in the distrusted hashes list.
>
>> + else
>> + grub_printf ("appendedsig: successfully verified the signature
>> with a trusted key\n");
>> +
>> return err;
>> }
>>
addressed all the comments. thank you stefan.
Thanks,
Sudhakar Kuppusamy
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
next prev parent reply other threads:[~2025-02-27 15:23 UTC|newest]
Thread overview: 83+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-18 14:56 [PATCH v1 00/21] Appended Signature Secure Boot Support for PowerPC Sudhakar Kuppusamy
2024-12-18 14:56 ` [PATCH v1 01/21] powerpc-ieee1275: Add support for signing grub with an appended signature Sudhakar Kuppusamy
2024-12-27 14:58 ` Stefan Berger
2025-02-26 4:24 ` sudhakar
2025-01-04 18:30 ` Vladimir 'phcoder' Serbinenko
2025-01-06 6:25 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 02/21] docs/grub: Document signing grub under UEFI Sudhakar Kuppusamy
2024-12-27 15:00 ` Stefan Berger
2024-12-18 14:56 ` [PATCH v1 03/21] docs/grub: Document signing grub with an appended signature Sudhakar Kuppusamy
2024-12-27 15:04 ` Stefan Berger
2025-01-04 18:32 ` Vladimir 'phcoder' Serbinenko
2025-01-24 9:44 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 04/21] dl: provide a fake grub_dl_set_persistent for the emu target Sudhakar Kuppusamy
2024-12-27 15:06 ` Stefan Berger
2025-01-04 18:36 ` Vladimir 'phcoder' Serbinenko
2025-01-24 9:47 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 05/21] pgp: factor out rsa_pad Sudhakar Kuppusamy
2024-12-27 15:11 ` Stefan Berger
2025-01-04 18:40 ` Vladimir 'phcoder' Serbinenko
2025-02-27 15:26 ` sudhakar
2025-01-24 10:40 ` Avnish Chouhan
2025-02-27 15:28 ` sudhakar
2024-12-18 14:56 ` [PATCH v1 06/21] crypto: move storage for grub_crypto_pk_* to crypto.c Sudhakar Kuppusamy
2024-12-27 15:13 ` Stefan Berger
2025-01-04 18:41 ` Vladimir 'phcoder' Serbinenko
2025-01-24 10:42 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 07/21] grub-install: support embedding x509 certificates Sudhakar Kuppusamy
2024-12-27 16:08 ` Stefan Berger
2025-01-24 10:45 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 08/21] appended signatures: import GNUTLS's ASN.1 description files Sudhakar Kuppusamy
2024-12-28 19:02 ` Stefan Berger
2025-01-24 10:47 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 09/21] appended signatures: parse PKCS#7 signedData and X.509 certificates Sudhakar Kuppusamy
2024-12-28 19:46 ` Stefan Berger
2025-02-26 4:26 ` sudhakar
2025-01-24 11:10 ` Avnish Chouhan
2025-02-27 15:31 ` sudhakar
2025-01-24 11:23 ` Michal Suchánek
2024-12-18 14:56 ` [PATCH v1 10/21] appended signatures: support verifying appended signatures Sudhakar Kuppusamy
2024-12-29 16:37 ` Stefan Berger
2025-02-06 6:10 ` Avnish Chouhan
2025-02-27 15:33 ` sudhakar
2024-12-18 14:56 ` [PATCH v1 11/21] appended signatures: verification tests Sudhakar Kuppusamy
2024-12-30 15:39 ` Stefan Berger
2025-02-14 10:27 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 12/21] appended signatures: documentation Sudhakar Kuppusamy
2024-12-30 15:50 ` Stefan Berger
2025-02-26 4:28 ` sudhakar
2025-02-14 10:39 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 13/21] ieee1275: enter lockdown based on /ibm,secure-boot Sudhakar Kuppusamy
2024-12-30 22:02 ` Stefan Berger
2025-02-06 6:23 ` Avnish Chouhan
2025-02-27 15:34 ` sudhakar
2024-12-18 14:56 ` [PATCH v1 14/21] ieee1275: Platform Keystore (PKS) Support Sudhakar Kuppusamy
2024-12-30 22:14 ` Stefan Berger
2025-02-26 4:33 ` sudhakar
2025-02-06 9:09 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 15/21] ieee1275: Read the DB and DBX secure boot variables Sudhakar Kuppusamy
2024-12-30 23:01 ` Stefan Berger
2025-02-26 4:43 ` sudhakar
2024-12-30 23:04 ` Stefan Berger
2025-02-26 4:44 ` sudhakar
2025-02-07 5:57 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 16/21] appendedsig: The creation of trusted and distrusted lists Sudhakar Kuppusamy
2024-12-31 17:21 ` Stefan Berger
2025-02-27 15:21 ` sudhakar
2025-02-07 6:39 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 17/21] appendedsig: While verifying the kernel, use " Sudhakar Kuppusamy
2024-12-31 17:37 ` Stefan Berger
2025-02-27 15:22 ` sudhakar [this message]
2025-02-07 6:44 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 18/21] ieee1275: set use_static_keys flag Sudhakar Kuppusamy
2025-01-02 13:22 ` Stefan Berger
2025-02-27 15:24 ` sudhakar
2025-02-07 6:46 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 19/21] appendedsig: Reads the default DB keys from ELF Note Sudhakar Kuppusamy
2025-01-02 13:19 ` Stefan Berger
2025-02-27 15:23 ` sudhakar
2025-02-07 6:54 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 20/21] appendedsig: The grub command's trusted and distrusted support Sudhakar Kuppusamy
2025-02-07 10:16 ` Avnish Chouhan
2024-12-18 14:56 ` [PATCH v1 21/21] appendedsig: documentation Sudhakar Kuppusamy
2025-02-07 10:00 ` Avnish Chouhan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c5bdb4c9c2d75fe837fe1f3ef585185a@linux.ibm.com \
--to=sudhakar@linux.ibm.com \
--cc=avnish@linux.ibm.com \
--cc=dja@axtens.net \
--cc=grub-devel@gnu.org \
--cc=jan.setjeeilers@oracle.com \
--cc=julian.klode@canonical.com \
--cc=mate.kukri@canonical.com \
--cc=nayna@linux.ibm.com \
--cc=pjones@redhat.com \
--cc=ssrish@linux.ibm.com \
--cc=stefanb@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.