From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1UNTo2-0004GG-Fz for mharc-grub-devel@gnu.org; Wed, 03 Apr 2013 15:57:14 -0400 Received: from eggs.gnu.org ([208.118.235.92]:56763) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UNTnx-0004Au-DQ for grub-devel@gnu.org; Wed, 03 Apr 2013 15:57:12 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UNTnt-0001qv-Cg for grub-devel@gnu.org; Wed, 03 Apr 2013 15:57:09 -0400 Received: from mail-ee0-f52.google.com ([74.125.83.52]:38893) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UNTm3-0001NV-EG for grub-devel@gnu.org; Wed, 03 Apr 2013 15:55:11 -0400 Received: by mail-ee0-f52.google.com with SMTP id d17so791956eek.39 for ; Wed, 03 Apr 2013 12:55:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:x-enigmail-version:content-type; bh=2wG/Y833Ufli+Cq3L8jL+zT10DakFaEYuG0WxYmXa60=; b=mCSQW2pB+oMKp2WRrmqumNO1pAfOp1gE7j/WmvV85ATGXBKHFBcT2VNt8XjGuooqx0 jiGtgbfA2MBZEgB/pHBEoTtpOmH1s+WMIbIKcmKHFY6qYsNzQ4z3LQ6FB9a1TF6ckv6i vOMFu3YjNhDxugezuYvhNWa6Fx9DC+7+8OrVL/pfDb8oPrzXPFXpQmjb1zTX1QsEgZX0 vFVvz4yDX9Mj2Db1rWfgBgfQuJzqyhsPp1wTupJG31ygp4Z9wt94qOaOZ4HJ0Fr349iH TOpJF9V+MBqeOyHa12aUNvfguvFHaL/Vveg7ZO8Oo7V68G+0644hqPWXMxJbyGimDujD tqLA== X-Received: by 10.14.4.69 with SMTP id 45mr5941911eei.0.1365018910642; Wed, 03 Apr 2013 12:55:10 -0700 (PDT) Received: from debian.x201.phnet (77-88.1-85.cust.bluewin.ch. [85.1.88.77]) by mx.google.com with ESMTPS id q5sm8933317eeo.17.2013.04.03.12.55.09 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 03 Apr 2013 12:55:09 -0700 (PDT) Message-ID: <515C3E02.3030601@gmail.com> Date: Wed, 03 Apr 2013 16:34:42 +0200 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.12) Gecko/20130116 Icedove/10.0.12 MIME-Version: 1.0 To: The development of GNU GRUB Subject: Re: DSA GnuPG signatures References: <50F07BFE.4050800@gmail.com> <20130131164915.2b90aeed@opensuse.site> In-Reply-To: <20130131164915.2b90aeed@opensuse.site> X-Enigmail-Version: 1.4.1 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig291801BE05A2FC768A0A487E" X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [fuzzy] X-Received-From: 74.125.83.52 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Apr 2013 19:57:13 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig291801BE05A2FC768A0A487E Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 31.01.2013 13:49, Andrey Borzenkov wrote: > =D0=92 Fri, 11 Jan 2013 21:54:22 +0100 > Vladimir '=CF=86-coder/phcoder' Serbinenko =D0=BF=D0= =B8=D1=88=D0=B5=D1=82: >=20 >> Hello, all. I've just committed import of libgcrypt and implementation= >> of related code to check signatures. Short usage: >> verify_detached FILE FILE.sig [pubkey.gpg] >> trust KEY.gpg >> distruct KEYID >> check_signatures=3D[enforce|no] >> >> grub-mkimage -k KEY gcry_dsa verify [...] >> >> When check_signatures=3Denforce every time anthing tries to open a fil= e >> its signature (file.sig) is looked for and the open fails if signature= >> is absent or invalid. >=20 > There is no protection against file modification after signature was > verified. Is it intentional (i.e. it is not considered as viable > threat)? That is indeed a problem. > One possibility is to cache file in memory on first open, > which ensures it cannot be modified externally. Possible but works only on relatively small files. For bigger files we need to make a chunk hash list. I'll add the easy part now and if ever needed we can add more difficult part as well. >=20 >> Some limitations: >> 1) DSA keys only. RSA is more tricky since it needs padding and RSA >> should be progressively phased out, not put into new places due to som= e >> vulnerabilities (large classes of semiprimes are factorisable up to th= e >> point when a lot of care has to be taken to avoid them). >> 2) Not efficient. Checking every file is slow. Some hashlists should b= e >> implemented. >> 3) Not efficient. File is read twice though it's avoidable in many cas= es. >=20 >=20 >=20 > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel --------------enig291801BE05A2FC768A0A487E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREKAAYFAlFcPgIACgkQNak7dOguQgm1sgEAsz5CX8slls3kkorBfwpa0Hj1 AVpnYeaLUJ0ZBUNBh8wA+wRn7NAiw7CjEUUf9zyLDVv6janhlZmzs394gTDk9lgp =fcJ8 -----END PGP SIGNATURE----- --------------enig291801BE05A2FC768A0A487E--