From: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
To: grub-devel@gnu.org
Cc: jan.setjeeilers@oracle.com, julian.klode@canonical.com,
mate.kukri@canonical.com, pjones@redhat.com, msuchanek@suse.com,
mlewando@redhat.com, nayna@linux.ibm.com,
ltcgcw@linux.vnet.ibm.com, ssrish@linux.ibm.com,
stefanb@linux.ibm.com, avnish@linux.ibm.com,
Sudhakar Kuppusamy <sudhakar@linux.ibm.com>,
dja@axtens.net
Subject: [PATCH v4 18/23] appendedsig: verify the kernel using db and dbx lists
Date: Wed, 9 Jul 2025 17:15:35 +0530 [thread overview]
Message-ID: <20250709114540.58608-19-sudhakar@linux.ibm.com> (raw)
In-Reply-To: <20250709114540.58608-1-sudhakar@linux.ibm.com>
To verify the kernel's signature: verify the kernel binary against lists of binary hashes
that are either in dbx or db list. If it is not list in either db or dbx list
then the trusted keys from the db list are used to verify the signature.
Signed-off-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
---
grub-core/commands/appendedsig/appendedsig.c | 173 ++++++++++++++-----
1 file changed, 126 insertions(+), 47 deletions(-)
diff --git a/grub-core/commands/appendedsig/appendedsig.c b/grub-core/commands/appendedsig/appendedsig.c
index 48104d63d..1224fab9e 100644
--- a/grub-core/commands/appendedsig/appendedsig.c
+++ b/grub-core/commands/appendedsig/appendedsig.c
@@ -447,6 +447,77 @@ extract_appended_signature (const grub_uint8_t *buf, grub_size_t bufsize,
return parse_pkcs7_signedData (appsigdata, pkcs7_size, &sig->pkcs7);
}
+static grub_err_t
+get_binary_hash (const grub_size_t binary_hash_size, const grub_uint8_t *data,
+ const grub_size_t data_size, grub_uint8_t *hash, grub_size_t *hash_size)
+{
+ grub_packed_guid_t guid = { 0 };
+
+ /* support SHA256, SHA384 and SHA512 for binary hash */
+ if (binary_hash_size == 32)
+ grub_memcpy (&guid, &GRUB_PKS_CERT_SHA256_GUID, GRUB_GUID_SIZE);
+ else if (binary_hash_size == 48)
+ grub_memcpy (&guid, &GRUB_PKS_CERT_SHA384_GUID, GRUB_GUID_SIZE);
+ else if (binary_hash_size == 64)
+ grub_memcpy (&guid, &GRUB_PKS_CERT_SHA512_GUID, GRUB_GUID_SIZE);
+ else
+ {
+ grub_dprintf ("appendedsig", "unsupported hash type (%" PRIuGRUB_SIZE ") and "
+ "skipped the binary hash\n", binary_hash_size);
+ return GRUB_ERR_UNKNOWN_COMMAND;
+ }
+
+ return get_hash (&guid, data, data_size, hash, hash_size);
+}
+
+/*
+ * Verify binary hash against the db and dbx list.
+ * The following errors can occur:
+ * - GRUB_ERR_BAD_SIGNATURE: indicates that the hash is in dbx list.
+ * - GRUB_ERR_EOF: the hash could not be found in the db and dbx list.
+ * - GRUB_ERR_NONE: the hash is found in db list.
+ */
+static grub_err_t
+verify_binary_hash (const grub_uint8_t *data, const grub_size_t data_size)
+{
+ grub_err_t rc = GRUB_ERR_NONE;
+ grub_size_t i = 0, hash_size = 0;
+ grub_uint8_t hash[GRUB_MAX_HASH_SIZE] = { 0 };
+
+ for (i = 0; i < dbx.signature_entries; i++)
+ {
+ rc = get_binary_hash (dbx.signature_size[i], data, data_size, hash, &hash_size);
+ if (rc != GRUB_ERR_NONE)
+ continue;
+
+ if (hash_size == dbx.signature_size[i] &&
+ grub_memcmp (dbx.signatures[i], hash, hash_size) == 0)
+ {
+ grub_dprintf ("appendedsig", "the binary hash (%02x%02x%02x%02x) is present in the dbx list\n",
+ hash[0], hash[1], hash[2], hash[3]);
+ return GRUB_ERR_BAD_SIGNATURE;
+ }
+ }
+
+ for (i = 0; i < db.signature_entries; i++)
+ {
+ rc = get_binary_hash (db.signature_size[i], data, data_size, hash, &hash_size);
+ if (rc != GRUB_ERR_NONE)
+ continue;
+
+ if (hash_size == db.signature_size[i] &&
+ grub_memcmp (db.signatures[i], hash, hash_size) == 0)
+ {
+ grub_dprintf ("appendedsig", "verified with a trusted binary hash (%02x%02x%02x%02x)\n",
+ hash[0], hash[1], hash[2], hash[3]);
+ return GRUB_ERR_NONE;
+ }
+ }
+
+ return GRUB_ERR_EOF;
+}
+
+/* Verify the kernel's integrity using db and dbx list */
static grub_err_t
grub_verify_appended_signature (const grub_uint8_t *buf, grub_size_t bufsize)
{
@@ -461,7 +532,7 @@ grub_verify_appended_signature (const grub_uint8_t *buf, grub_size_t bufsize)
struct pkcs7_signerInfo *si;
int i;
- if (!db.cert_entries)
+ if (!db.cert_entries && !db.signature_entries)
return grub_error (GRUB_ERR_BAD_SIGNATURE, "no trusted keys to verify against.");
err = extract_appended_signature (buf, bufsize, &sig);
@@ -469,59 +540,67 @@ grub_verify_appended_signature (const grub_uint8_t *buf, grub_size_t bufsize)
return err;
datasize = bufsize - sig.signature_len;
-
- for (i = 0; i < sig.pkcs7.signerInfo_count; i++)
+ /* Verify binary hash against the db and dbx list. */
+ err = verify_binary_hash (buf, datasize);
+ if (err == GRUB_ERR_BAD_SIGNATURE)
{
- /*
- * This could be optimised in a couple of ways:
- * - we could only compute hashes once per hash type.
- * - we could track signer information and only verify where IDs match.
- * For now we do the naive O(trusted keys * pkcs7 signers) approach.
- */
- si = &sig.pkcs7.signerInfos[i];
- context = grub_zalloc (si->hash->contextsize);
- if (context == NULL)
- return grub_errno;
-
- si->hash->init (context);
- si->hash->write (context, buf, datasize);
- si->hash->final (context);
- hash = si->hash->read (context);
-
- grub_dprintf ("appendedsig", "data size %" PRIxGRUB_SIZE ", signer %d hash %02x%02x%02x%02x...\n",
- datasize, i, hash[0], hash[1], hash[2], hash[3]);
-
- err = GRUB_ERR_BAD_SIGNATURE;
- for (pk = db.certs; pk != NULL; pk = pk->next)
+ err = grub_error (err, "failed to verify the signature because this binary is in the dbx list.\n");
+ goto cleanup;
+ }
+ else
+ {
+ for (i = 0; i < sig.pkcs7.signerInfo_count; i++)
{
- rc = grub_crypto_rsa_pad (&hashmpi, hash, si->hash, pk->mpis[0]);
- if (rc != GPG_ERR_NO_ERROR)
+ /*
+ * This could be optimised in a couple of ways:
+ * - we could only compute hashes once per hash type.
+ * - we could track signer information and only verify where IDs match.
+ * For now we do the naive O(trusted keys * pkcs7 signers) approach.
+ */
+ si = &sig.pkcs7.signerInfos[i];
+ context = grub_zalloc (si->hash->contextsize);
+ if (context == NULL)
+ return grub_errno;
+
+ si->hash->init (context);
+ si->hash->write (context, buf, datasize);
+ si->hash->final (context);
+ hash = si->hash->read (context);
+
+ grub_dprintf ("appendedsig", "data size %" PRIxGRUB_SIZE ", signer %d hash %02x%02x%02x%02x...\n",
+ datasize, i, hash[0], hash[1], hash[2], hash[3]);
+
+ err = GRUB_ERR_BAD_SIGNATURE;
+ for (pk = db.certs; pk != NULL; pk = pk->next)
{
- err = grub_error (GRUB_ERR_BAD_SIGNATURE,
- "error padding hash for RSA verification: %d", (int) rc);
- grub_free (context);
- goto cleanup;
+ rc = grub_crypto_rsa_pad (&hashmpi, hash, si->hash, pk->mpis[0]);
+ if (rc != GPG_ERR_NO_ERROR)
+ {
+ err = grub_error (GRUB_ERR_BAD_SIGNATURE,
+ "error padding hash for RSA verification: %d", (int) rc);
+ grub_free (context);
+ goto cleanup;
+ }
+
+ rc = grub_crypto_pk_rsa->verify (0, hashmpi, &si->sig_mpi, pk->mpis, NULL, NULL);
+ gcry_mpi_release (hashmpi);
+ if (rc == GPG_ERR_NO_ERROR)
+ {
+ grub_dprintf ("appendedsig", "verify signer %d with key '%s' succeeded.\n",
+ i, pk->subject);
+ err = GRUB_ERR_NONE;
+ break;
+ }
+
+ grub_dprintf ("appendedsig", "verify signer %d with key '%s' failed with %d\n",
+ i, pk->subject, (int) rc);
}
- rc = grub_crypto_pk_rsa->verify (0, hashmpi, &si->sig_mpi, pk->mpis, NULL, NULL);
- gcry_mpi_release (hashmpi);
- if (rc == GPG_ERR_NO_ERROR)
- {
- grub_dprintf ("appendedsig", "verify signer %d with key '%s' succeeded.\n",
- i, pk->subject);
- err = GRUB_ERR_NONE;
- break;
- }
-
- grub_dprintf ("appendedsig", "verify signer %d with key '%s' failed with %d\n",
- i, pk->subject, (int) rc);
+ grub_free (context);
+ if (err == GRUB_ERR_NONE)
+ break;
}
-
- grub_free (context);
- if (err == GRUB_ERR_NONE)
- break;
}
-
/* If we didn't verify, provide a neat message. */
if (err != GRUB_ERR_NONE)
err = grub_error (GRUB_ERR_BAD_SIGNATURE,
--
2.39.5 (Apple Git-154)
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
next prev parent reply other threads:[~2025-07-09 11:50 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-09 11:45 [PATCH v4 00/23] Appended Signature Secure Boot Support for PowerPC Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 01/23] powerpc-ieee1275: Add support for signing GRUB with an appended signature Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 02/23] docs/grub: Document signing GRUB under UEFI Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 03/23] docs/grub: Document signing GRUB with an appended signature Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 04/23] pgp: Factor out rsa_pad Sudhakar Kuppusamy
2025-07-24 8:55 ` Gary Lin via Grub-devel
2025-07-31 12:01 ` Sudhakar Kuppusamy
2025-08-01 1:24 ` Gary Lin via Grub-devel
2025-07-09 11:45 ` [PATCH v4 05/23] crypto: Move storage for grub_crypto_pk_* to crypto.c Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 06/23] pgp: Rename OBJ_TYPE_PUBKEY to OBJ_TYPE_GPG_PUBKEY Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 07/23] grub-install: Support embedding x509 certificates Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 08/23] appended signatures: Import GNUTLS's ASN.1 description files Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 09/23] appended signatures: Parse ASN1 node Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 10/23] appended signatures: Parse PKCS#7 signedData Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 11/23] appended signatures: Parse X.509 certificates Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 12/23] appended signatures: Support verifying appended signatures Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 13/23] appended signatures: Verification tests Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 14/23] appended signatures: Documentation Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 15/23] ieee1275: Enter lockdown based on /ibm,secure-boot Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 16/23] ieee1275: Read the DB and DBX secure boot variables Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 17/23] appendedsig: create db and dbx lists Sudhakar Kuppusamy
2025-07-09 11:45 ` Sudhakar Kuppusamy [this message]
2025-07-09 11:45 ` [PATCH v4 19/23] powerpc_ieee1275: Introduce use_static_keys flag Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 20/23] appendedsig: Read default DB keys from the ELF Note Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 21/23] appendedsig: Introduce GRUB commands to access db and dbx Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 22/23] appendedsig: Documentation Sudhakar Kuppusamy
2025-07-09 11:45 ` [PATCH v4 23/23] appendedsig test: Replace the certificate number with an x.509 certificate Sudhakar Kuppusamy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250709114540.58608-19-sudhakar@linux.ibm.com \
--to=sudhakar@linux.ibm.com \
--cc=avnish@linux.ibm.com \
--cc=dja@axtens.net \
--cc=grub-devel@gnu.org \
--cc=jan.setjeeilers@oracle.com \
--cc=julian.klode@canonical.com \
--cc=ltcgcw@linux.vnet.ibm.com \
--cc=mate.kukri@canonical.com \
--cc=mlewando@redhat.com \
--cc=msuchanek@suse.com \
--cc=nayna@linux.ibm.com \
--cc=pjones@redhat.com \
--cc=ssrish@linux.ibm.com \
--cc=stefanb@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).