[bug #38620] Unable to verify a signature using Verify module in grub

bug-grub

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #38620] Unable to verify a signature using Verify module in grub

From:	Wei Hu
Subject:	[bug #38620] Unable to verify a signature using Verify module in grub
Date:	Thu, 28 Mar 2013 23:30:52 +0000
User-agent:	Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:19.0) Gecko/20100101 Firefox/19.0

URL:
  <http://savannah.gnu.org/bugs/?38620>

                 Summary: Unable to verify a signature using Verify module in
grub
                 Project: GNU GRUB
            Submitted by: whu
            Submitted on: Thu 28 Mar 2013 11:30:52 PM GMT
                Category: Security
                Severity: Major
                Priority: 5 - Normal
              Item Group: Software Error
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: wei hu
        Originator Email: address@hidden
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 
                 Release: 1.97
         Reproducibility: Every Time
         Planned Release: None

    _______________________________________________________

Details:

I am trying to use the grub verify module to verify a detached signature I
signed using gpg on Linux. I did two different signings. Both of them failed,
but at the different places in grub_verify_signature(). I am wonder if I did
something wrong or the module has some bugs in it. Let me detail my procedure
here. The text file, signature file and my public key are all attached.

Signing Approach 1
-----------------------

On my Ubuntu system, say I want to detached sign myfile.txt

> gpg --detach-sign myfile.txt

It creates the signature file myfile.txt.sig. I noticed it uses ripemd160 hash
algorithm. Then I export my public key as

> gpg --output my.pubkey --export 'address@hidden'

The my.pubkey file contains my public key.  Then I create a grub rescue cd
image with all these three file myfile.txt myfile.txt.sig and my.pubkey.

> grub-mkrescue -o image.iso ./myfile.txt ./myfile.txt.sig ./my.pubkey

After this, I booted the image and at the grub prompt I did

grub > verify_detached /myfile.txt /myfile.txt.sig /my.pubkey

It returns bad signature in grub_verify_signature() after following line:
   ...
    hash->final (context);
    grub_dprintf ("crypt", "aliven");
    hval = hash->read (context);
    if (grub_file_read (sig, hash_start, sizeof (hash_start)) != sizeof
(hash_start))
         return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));    

    if (grub_memcmp (hval, hash_start, sizeof (hash_start)) != 0)
      return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));        
<-- - failed here

My understanding is it calls ripemd160 algorithm to verify a two byte hash
value and it failed. So I try to change the algorithm using in gpg for hashing
as follows:

Signing Approch 2
---------------------

I just sign the myfile.txt with sha512 like this:

> gpg --digest-algo sha512 --detach-sign myfile.txt

It creates a myfile.txt.sig file. Then a created the iso image and boot just
as in approach 1.

grub > verify_detached /myfile.txt /myfile.txt.sig /my.pubkey

This time I went much further in grub_verify_signature(). It seem failed at
last when calling dsa verify routine:

    unsigned nbits = gcry_mpi_get_nbits (sk->mpis[1]);
    grub_dprintf ("crypt", "must be %u bits got %d bitsn", nbits,
                  (int)(8 * hash->mdlen));                                    
              <---- Here debug output is: must be 17 bits got 512 bits
   ....
    if (!grub_crypto_pk_dsa)
      return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("module `%s' isn't
loaded"), "gcry_dsa");
    if (grub_crypto_pk_dsa->verify (0, hmpi, mpis, sk->mpis, 0, 0))           
                     <------ failed here.
      return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));        
                 

So I guess I was not doing right somewhere? Have you tested this verification
module? The grub_dprintf() output (expecting 17bits but got 512 bits) is very
suspicious.

For this Verify module to work, what tool and what procedure should I follow
to sign a file?



    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Thu 28 Mar 2013 11:30:52 PM GMT  Name: my.pubkey  Size: 1kB   By: whu

<http://savannah.gnu.org/bugs/download.php?file_id=27706>
-------------------------------------------------------
Date: Thu 28 Mar 2013 11:30:52 PM GMT  Name: myfile.txt  Size: 17B   By: whu

<http://savannah.gnu.org/bugs/download.php?file_id=27707>
-------------------------------------------------------
Date: Thu 28 Mar 2013 11:30:52 PM GMT  Name: myfile.txt.ripemd160.sig  Size:
287B   By: whu

<http://savannah.gnu.org/bugs/download.php?file_id=27708>
-------------------------------------------------------
Date: Thu 28 Mar 2013 11:30:52 PM GMT  Name: myfile.txt.sha512.sig  Size: 287B
  By: whu

<http://savannah.gnu.org/bugs/download.php?file_id=27709>

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?38620>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[bug #38620] Unable to verify a signature using Verify module in grub, Wei Hu <=
- [bug #38620] Unable to verify a signature using Verify module in grub, Vladimir Serbinenko, 2013/03/31
  - [bug #38620] RSA is not supported, Vladimir Serbinenko, 2013/03/31

Prev by Date: Bug #38309
Next by Date: [bug #38620] Unable to verify a signature using Verify module in grub
Previous by thread: Bug #38309
Next by thread: [bug #38620] Unable to verify a signature using Verify module in grub
Index(es):
- Date
- Thread