Re: Signature verification in GRUB

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Signature verification in GRUB

From:	Vladimir 'φ-coder/phcoder' Serbinenko
Subject:	Re: Signature verification in GRUB
Date:	Thu, 18 Oct 2012 20:06:11 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:10.0.7) Gecko/20120922 Icedove/10.0.7

On 15.10.2012 23:33, Geoffrey Thomas wrote:

> On Sat, 13 Oct 2012, Vladimir 'φ-coder/phcoder' Serbinenko wrote:
> 
>>> First, does GRUB has a mechanism for me to validate a digitally-signed
>>> file of some sort? This could be e.g. a PGP-signed file or something
>>> from `openssl dgst -sign`. I see that GRUB has all the relevant crypto
>>> primitives to do this, but I can't find a command to invoke them. (As
>>> far as I can tell, gcrypt is only used for PBKDF2 and cryptodisk
>>> support?)
>>>
>>
>> I have some code dating from about a year ago but because of my current
>> personal situation it's put on hold for some time.
> 
> Do you have something I can start from that you could drop somewhere? I
> haven't begun implementing this yet, and I suspect that starting from
> your code would be helpful for getting this done faster and also doing
> it in a style compatible with upstream.
> 

I want to do it myself. I'm likely to get some time for it in December.

> Also, a slightly more generic question -- what's a reasonable format
> here? I'm kind of surprised to find that openssl has no generic command
> to sign a file or verify it's signatures. I could use PGP, but we're
> already using SSL-style certificates for Authenticode, so I'd prefer not
> generate another key with a completely different format. That said, if
> more people will find PGP verification useful, I can implement that.
> 

It has to be gnupg signatures.

>> Is there some doc on dm-verify? It may be interesting.
> 
> http://code.google.com/p/cryptsetup/wiki/DMVerity
> is the official documentation.
> 
> Briefly, you generate a salted hash tree of each block (and in turn of
> the blocks containing the hashes) until you get a root hash. So with a
> trusted way to get the root hash, the original device, and a device/file
> containing the hashes, you can generate a new (read-only) device that
> validates hashes up to the root, and throws an IO error if the data has
> been tampered with.
> 

Doesn't sound like best way. MAC-tree would be better cryptographically
(third party would be unable to verify, which is of advantage) and would
be easier to write to.

> The "veritysetup" command in sbin in recent cryptsetup versions can
> generate the hash tree and print out the root hash.
> 
> 
> 
> _______________________________________________
> Grub-devel mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/grub-devel



-- 
Regards
Vladimir 'φ-coder/phcoder' Serbinenko

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Signature verification in GRUB, Geoffrey Thomas, 2012/10/09
- Re: Signature verification in GRUB, Chris Murphy, 2012/10/09
  - Re: Signature verification in GRUB, Geoffrey Thomas, 2012/10/09
  - Re: Signature verification in GRUB, Matthew Garrett, 2012/10/10
    - Re: Signature verification in GRUB, Chris Murphy, 2012/10/10
- Re: Signature verification in GRUB, Vladimir 'φ-coder/phcoder' Serbinenko, 2012/10/13
  - Re: Signature verification in GRUB, Geoffrey Thomas, 2012/10/15
    - Re: Signature verification in GRUB, Vladimir 'φ-coder/phcoder' Serbinenko <=
    - Re: Signature verification in GRUB, Geoffrey Thomas, 2012/10/18

Prev by Date: Re: GRUB2 msdos logical partition numbering mismatch with Linux partitions
Next by Date: Re: Signature verification in GRUB
Previous by thread: Re: Signature verification in GRUB
Next by thread: Re: Signature verification in GRUB
Index(es):
- Date
- Thread