From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 27F79C433F5
	for <u-boot@archiver.kernel.org>; Tue, 18 Jan 2022 12:38:34 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id ACA3F837FB;
	Tue, 18 Jan 2022 13:38:32 +0100 (CET)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="Tvv79gIf";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 57BBF83801; Tue, 18 Jan 2022 13:38:31 +0100 (CET)
Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com
 [IPv6:2607:f8b0:4864:20::430])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id AF5758326F
 for <u-boot@lists.denx.de>; Tue, 18 Jan 2022 13:38:27 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=takahiro.akashi@linaro.org
Received: by mail-pf1-x430.google.com with SMTP id i65so12933898pfc.9
 for <u-boot@lists.denx.de>; Tue, 18 Jan 2022 04:38:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=date:from:to:cc:subject:message-id:mail-followup-to:references
 :mime-version:content-disposition:in-reply-to;
 bh=ne0HjKGQZb0ge8seACzYJm+Vo2Rs/3UEsOxgqTwtiHo=;
 b=Tvv79gIfwvrfEOnaqZpYjto31ScVGjGLhULnGazSQKybeR+xxw74ZcFtGJM5McWxrf
 vcrLgzuzJ4Zrm2LyYIhF4QchbF22VXvyCjsLMrK0otlFy/uFTsTfgGW7raDzyEqmJbo4
 WwMqnvaRAvmFnMyNwv7BvcI9BAp2rMDg0xOd3T0S9/x/mybEeoATgMOl8uMJTv+CI6Mg
 WoEzuxo9tdX/95fp1OXS649uSgjLMPLIxMtYrlEbs6mUFtqJAuNupeRBNaxTPpwldccQ
 ZN5Vv9sEyp/OGesOESmUKld0F1KV35VDzZfiUWJwyZZTwLPEg4jwcxE2wlvESg3izi8p
 4GpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id
 :mail-followup-to:references:mime-version:content-disposition
 :in-reply-to;
 bh=ne0HjKGQZb0ge8seACzYJm+Vo2Rs/3UEsOxgqTwtiHo=;
 b=7jDhA+sa1JwmaBdyvwPqDsU9bVVMu4gQh7U3Fza+MMmQKuiXyaeOzzifPJoMqnQ9Dg
 p3tCs6vIdngYZRrqySiLbTgmeB5z0XQATPpniooxVcOesLkvK27/nd74F8tkn88grFW0
 bR0WZZoo/GW5eGE46Cri9dBa/G2KO5KEdNmQl+rgJKlH5+C5tQ1NPU4DKVSuOrahSrYc
 g+fJZ9pD4za1INmO7zZ/fS2s1Wt1b6DR6uFBGP9XiZpMUwcNaEKubFP1Tft6T+WDyoPH
 aqw4Z1h9QAo5mm30myzf53nOuYdlRwl8R9/Ycwh6ciNYbMQbFTW0EjDwZXBOFdQ0+d0b
 LU1A==
X-Gm-Message-State: AOAM530XGNk6xJV/egpvYHV3p/u2O1AWofhbzJ2hLuQJNQ4Lx0bXAUsn
 AhrF01tCc78Ly2C1cRzK0jf8NA==
X-Google-Smtp-Source: ABdhPJx0LZy0+PXQERghF0iIic+DCvlZqJWObzk2V8qtI0vgGqb/V699Zab2BWOh4RAd2zColi5srw==
X-Received: by 2002:a63:2b03:: with SMTP id r3mr22980191pgr.201.1642509505876; 
 Tue, 18 Jan 2022 04:38:25 -0800 (PST)
Received: from laputa ([2400:4050:c3e1:100:bc1a:291e:ac91:be98])
 by smtp.gmail.com with ESMTPSA id u2sm15204520pfk.11.2022.01.18.04.38.23
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 18 Jan 2022 04:38:25 -0800 (PST)
Date: Tue, 18 Jan 2022 21:38:22 +0900
From: AKASHI Takahiro <takahiro.akashi@linaro.org>
To: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: xypron.glpk@gmx.de, u-boot@lists.denx.de
Subject: Re: [PATCH] lib/crypto: Enable more algorithms in cert verification
Message-ID: <20220118123822.GC30001@laputa>
Mail-Followup-To: AKASHI Takahiro <takahiro.akashi@linaro.org>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>, xypron.glpk@gmx.de,
 u-boot@lists.denx.de
References: <20220118111238.321742-1-ilias.apalodimas@linaro.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20220118111238.321742-1-ilias.apalodimas@linaro.org>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

Hi Ilias,

On Tue, Jan 18, 2022 at 01:12:37PM +0200, Ilias Apalodimas wrote:
> Right now the code explicitly limits us to sha1,256 hashes with RSA2048
> encryption.  But the limitation is artificial since U-Boot supports
> a wider range of algorithms.
> 
> The internal image_get_[checksum|crypto]_algo() functions expect an
> argument in the format of <checksum>,<crypto>.  So let's remove the size
> checking and create the needed string on the fly in order to support
> more hash/signing combinations.
> 
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> ---
>  lib/crypto/public_key.c | 27 +++++++++++++--------------
>  1 file changed, 13 insertions(+), 14 deletions(-)
> 
> diff --git a/lib/crypto/public_key.c b/lib/crypto/public_key.c
> index df6033cdb499..b783c63f5a51 100644
> --- a/lib/crypto/public_key.c
> +++ b/lib/crypto/public_key.c
> @@ -97,6 +97,7 @@ int public_key_verify_signature(const struct public_key *pkey,
>  				const struct public_key_signature *sig)
>  {
>  	struct image_sign_info info;
> +	char algo[256];
>  	int ret;
>  
>  	pr_devel("==>%s()\n", __func__);
> @@ -108,29 +109,27 @@ int public_key_verify_signature(const struct public_key *pkey,
>  		return -EINVAL;
>  
>  	memset(&info, '\0', sizeof(info));
> +	memset(algo, 0, sizeof(algo));
>  	info.padding = image_get_padding_algo("pkcs-1.5");
>  	/*
>  	 * Note: image_get_[checksum|crypto]_algo takes a string
>  	 * argument like "<checksum>,<crypto>"
>  	 * TODO: support other hash algorithms
>  	 */

If this patch is applied, the TODO comment above will make no sense :)

> -	if (strcmp(sig->pkey_algo, "rsa") || (sig->s_size * 8) != 2048) {
> -		pr_warn("Encryption is not RSA2048: %s%d\n",
> -			sig->pkey_algo, sig->s_size * 8);
> -		return -ENOPKG;
> -	}
> -	if (!strcmp(sig->hash_algo, "sha1")) {
> -		info.checksum = image_get_checksum_algo("sha1,rsa2048");
> -		info.name = "sha1,rsa2048";
> -	} else if (!strcmp(sig->hash_algo, "sha256")) {
> -		info.checksum = image_get_checksum_algo("sha256,rsa2048");
> -		info.name = "sha256,rsa2048";
> -	} else {
> -		pr_warn("unknown msg digest algo: %s\n", sig->hash_algo);
> +	if (strcmp(sig->pkey_algo, "rsa")) {
> +		pr_err("Encryption is not RSA: %s\n", sig->pkey_algo);
>  		return -ENOPKG;
>  	}
> +	ret = snprintf(algo, sizeof(algo), "%s,%s%d", sig->hash_algo,
> +		       sig->pkey_algo, sig->s_size * 8);

I'm not sure that this naming rule, in particular the latter part, will
always hold in the future while all the existing algo's observe it.
(Maybe we need some note somewhere?)

-Takahiro Akashi

> +
> +	if (ret >= sizeof(algo))
> +		return -EINVAL;
> +
> +	info.checksum = image_get_checksum_algo((const char *)algo);
> +	info.name = (const char *)algo;
>  	info.crypto = image_get_crypto_algo(info.name);
> -	if (IS_ERR(info.checksum) || IS_ERR(info.crypto))
> +	if (!info.checksum || !info.crypto)
>  		return -ENOPKG;
>  
>  	info.key = pkey->key;
> -- 
> 2.30.2
>