From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7D142C433EF for ; Tue, 18 Jan 2022 14:03:22 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id D734983817; Tue, 18 Jan 2022 15:03:19 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="f8BZdeyV"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 4E6798381F; Tue, 18 Jan 2022 15:03:18 +0100 (CET) Received: from mail-wm1-x32c.google.com (mail-wm1-x32c.google.com [IPv6:2a00:1450:4864:20::32c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 87FA583281 for ; Tue, 18 Jan 2022 15:03:15 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wm1-x32c.google.com with SMTP id e9-20020a05600c4e4900b0034d23cae3f0so5582911wmq.2 for ; Tue, 18 Jan 2022 06:03:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=YTTJzRZn/otctFs0SWO+N5nTVcM1Y3QONiIb+do8gzU=; b=f8BZdeyVt3UHZTJDEQ5irOKeeiaWxUKpekytVhwRmhPk3iG7PUfCwnxjrvC8nC8xvw ukl5fzzr95ILkE8U4jSroGv22Ey1r13GimkusgqGhucckN+kfQw7QNs7J0Igg8WJ2VO+ rNu/hJvtt3GhJ87iODA+QZWyt2G593/dgdqQ/YkG2+dLAEYvDSCFfAn3ftYkCWNVOEbQ RADAoh1j/JpVqAoQyKd9+rQgRx3GdM75dGHgJBnoTZi6SVv9idZbn8iGR/PHQDc+9CTe xkNVFIIE8MCXZRCXIeW/CBh51/Q6wDGbrWBddTJgmb7wolgjDifgLW+dN5ZqLyrTSl3F avpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=YTTJzRZn/otctFs0SWO+N5nTVcM1Y3QONiIb+do8gzU=; b=vIzrD7Cx0wcYn9qt4KGqYNNYXyjfr7d1wi31sRLnn9nXMohNqz1OyubDNOckoAa4AT q0siyzS5gITvYoceRBSKQ/WMFTfxVoJFhmRau0AWQGYvDDOQK+0Iibz4nlABbtiauIqW 4+JdT0x5Jq0Q8PQ1luRq7pMjsnu7VHFZdDNodthosqVvE2s9QyHoN5EpJGswMp5R2ka5 mYi0U0VBHHWcpCxyQuLeiEkkyXbucocrj3fgXX+nSgjD+PGubrd+OZ7AQtDR1hKn8I4b x8nDL6tev0LuqfVX2RF1s46SScLaq6b1IJlrVEZiNqIEFd4cWbC6ev9RPRx2NzhUQiDQ Ej5A== X-Gm-Message-State: AOAM532Rh/ni5/JD9kP3q0TTuf4jrBpPARFfo4FAAjw+nRNSU3pXGZNG vuC3VdLxYmhkwXG2/4u03EENMg== X-Google-Smtp-Source: ABdhPJzeh2VwxilxikYlW1RUKx1JDa2PHrY/fGfdq+G3GPgKAD2Y22gzdj18pWNuQmcLQhPRVXnQyg== X-Received: by 2002:adf:fdca:: with SMTP id i10mr18265658wrs.78.1642514595032; Tue, 18 Jan 2022 06:03:15 -0800 (PST) Received: from hades (athedsl-4461669.home.otenet.gr. [94.71.4.85]) by smtp.gmail.com with ESMTPSA id a18sm16419563wrf.42.2022.01.18.06.03.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jan 2022 06:03:14 -0800 (PST) Date: Tue, 18 Jan 2022 16:03:12 +0200 From: Ilias Apalodimas To: Heinrich Schuchardt Cc: AKASHI Takahiro , u-boot@lists.denx.de Subject: Re: [PATCH] lib/crypto: Enable more algorithms in cert verification Message-ID: References: <20220118111238.321742-1-ilias.apalodimas@linaro.org> <20220118123822.GC30001@laputa> <1ddb38a8-b998-4917-a645-bf7356b32e9d@gmx.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1ddb38a8-b998-4917-a645-bf7356b32e9d@gmx.de> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Hi Heinrich, > > > > - info.checksum = image_get_checksum_algo("sha256,rsa2048"); [...] > > > > - info.name = "sha256,rsa2048"; > > > > - } else { > > > > - pr_warn("unknown msg digest algo: %s\n", sig->hash_algo); > > > > + if (strcmp(sig->pkey_algo, "rsa")) { > > > > + pr_err("Encryption is not RSA: %s\n", sig->pkey_algo); > > > > return -ENOPKG; > > > > } > > > > + ret = snprintf(algo, sizeof(algo), "%s,%s%d", sig->hash_algo, > > > > + sig->pkey_algo, sig->s_size * 8); > > How do we ensure that the unsafe SHA1 algorithm is not used? We don't, but the current code allows it as well. Should we enforce this from U-Boot though? The spec doesn't forbid it as far as I remember Regards /Ilias > > Best regards > > Heinrich > > > > > > > I'm not sure that this naming rule, in particular the latter part, will > > > always hold in the future while all the existing algo's observe it. > > > (Maybe we need some note somewhere?) > > > > The if a few lines below will shield us and return -EINVAL. How about > > adding an error message there? > > > > Cheers > > /Ilias > > > > > > -Takahiro Akashi > > > > > > > + > > > > + if (ret >= sizeof(algo)) > > > > + return -EINVAL; > > > > + > > > > + info.checksum = image_get_checksum_algo((const char *)algo); > > > > + info.name = (const char *)algo; > > > > info.crypto = image_get_crypto_algo(info.name); > > > > - if (IS_ERR(info.checksum) || IS_ERR(info.crypto)) > > > > + if (!info.checksum || !info.crypto) > > > > return -ENOPKG; > > > > > > > > info.key = pkey->key; > > > > -- > > > > 2.30.2 > > > > >