From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1kXaj4-0000eL-5M for mharc-grub-devel@gnu.org; Tue, 27 Oct 2020 21:58:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46470) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kXaiy-0000a5-OJ for grub-devel@gnu.org; Tue, 27 Oct 2020 21:58:04 -0400 Received: from mail-pl1-x644.google.com ([2607:f8b0:4864:20::644]:33685) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kXaiv-0007nh-3F for grub-devel@gnu.org; Tue, 27 Oct 2020 21:58:03 -0400 Received: by mail-pl1-x644.google.com with SMTP id b19so1728407pld.0 for ; Tue, 27 Oct 2020 18:58:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axtens.net; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=+ZEXSxC36uoCcEa8a3RsYgcFIHpflgZRs7gniFCKZJM=; b=NM/RRhZTzLNNxLVBUU9A02F0MBFUUkUAIW63Jz7PTCC4eCq6oSBGRQG8Z0ByPrIPEk XUjiBVgPy3iw97mvha6rABZz500rA3MH9zpWx80QXguk4S1qSEn0DmW0X/98Fhs8onmH I8MJ7UGftW4JH8h7ulU1KotzgRHMeRLh8PIYg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+ZEXSxC36uoCcEa8a3RsYgcFIHpflgZRs7gniFCKZJM=; b=OnLaY3rIsOl9AD8mD3yMsjL0tqJNNTPtOa4YxDymnbT2etN7Jm8sTaYtUaXL/Zk6fi l3V8wtKeOkROmeBo5IS4mQoVjIgFHTKMrQ3saGBmcPlKiqOFypFc/yvJ/ry6O1Et6DsW WJxBwzM3uUDgNujxVrghHMajEReLA5lXTV8EzOqI4UxJ8RqBRgB8VbSSgC/JTO/wKZpf t3GIx+7FFmsvN47Q4px9gxbjKgdkLfdVELLbJABdzc2wVZxpBndRgsBZEpIL71K58HWd zCbWvoQ2s8skbjf6rFV2GUp/g22KoyGNTqfW3zyk6ljfyWlcWAa1kqyPihWVni2xPtqB tP1g== X-Gm-Message-State: AOAM532KqtK27sOCPcnT5B1KSZm0iNH9hZGEBOTjl7shmB2SU1Fmp27T kYbxkPcbAi+8lDxNpAozS20b1+goUT8f6Q== X-Google-Smtp-Source: ABdhPJwnhsVuD9t/v3ha6Tys2MNQTOcocuAaRmcAeUYQPvwDl77w+Ct/v1YupBV5GsPWtUbiZ5UiIw== X-Received: by 2002:a17:90a:a107:: with SMTP id s7mr4559305pjp.208.1603850279305; Tue, 27 Oct 2020 18:57:59 -0700 (PDT) Received: from localhost (2001-44b8-1113-6700-b4f7-e8d4-abaa-2197.static.ipv6.internode.on.net. [2001:44b8:1113:6700:b4f7:e8d4:abaa:2197]) by smtp.gmail.com with ESMTPSA id c187sm3790762pfc.153.2020.10.27.18.57.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Oct 2020 18:57:58 -0700 (PDT) From: Daniel Axtens To: grub-devel@gnu.org Cc: rashmica.g@gmail.com, alastair@d-silva.org, Daniel Axtens Subject: [PATCH v2 05/18] pgp: factor out rsa_pad Date: Wed, 28 Oct 2020 12:57:22 +1100 Message-Id: <20201028015735.1131291-6-dja@axtens.net> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201028015735.1131291-1-dja@axtens.net> References: <20201028015735.1131291-1-dja@axtens.net> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::644; envelope-from=dja@axtens.net; helo=mail-pl1-x644.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Oct 2020 01:58:05 -0000 rsa_pad does the PKCS#1 v1.5 padding for the RSA signature scheme. We want to use it in other RSA signature verification applications. I considered and rejected putting it in lib/crypto.c. That file doesn't currently require any MPI functions, but rsa_pad does. That's not so much of a problem for the grub kernel and modules, but crypto.c also gets built into all the grub utilities. So - despite the utils not using any asymmetric ciphers - we would need to built the entire MPI infrastructure in to them. A better and simpler solution is just to spin rsa_pad out into its own PKCS#1 v1.5 module. Signed-off-by: Daniel Axtens --- grub-core/Makefile.core.def | 8 +++++ grub-core/commands/pgp.c | 28 ++---------------- grub-core/lib/pkcs1_v15.c | 59 +++++++++++++++++++++++++++++++++++++ include/grub/pkcs1_v15.h | 27 +++++++++++++++++ 4 files changed, 96 insertions(+), 26 deletions(-) create mode 100644 grub-core/lib/pkcs1_v15.c create mode 100644 include/grub/pkcs1_v15.h diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def index b5f47fc41b54..ad52e54098d6 100644 --- a/grub-core/Makefile.core.def +++ b/grub-core/Makefile.core.def @@ -2476,6 +2476,14 @@ module = { cppflags = '$(CPPFLAGS_GCRY)'; }; +module = { + name = pkcs1_v15; + common = lib/pkcs1_v15.c; + + cflags = '$(CFLAGS_GCRY) -Wno-redundant-decls -Wno-sign-compare'; + cppflags = '$(CPPFLAGS_GCRY)'; +}; + module = { name = all_video; common = lib/fake_module.c; diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c index bbf6871fe71f..2032afa4ec69 100644 --- a/grub-core/commands/pgp.c +++ b/grub-core/commands/pgp.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include #include @@ -411,32 +412,7 @@ static int rsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval, const gcry_md_spec_t *hash, struct grub_public_subkey *sk) { - grub_size_t tlen, emlen, fflen; - grub_uint8_t *em, *emptr; - unsigned nbits = gcry_mpi_get_nbits (sk->mpis[0]); - int ret; - tlen = hash->mdlen + hash->asnlen; - emlen = (nbits + 7) / 8; - if (emlen < tlen + 11) - return 1; - - em = grub_malloc (emlen); - if (!em) - return 1; - - em[0] = 0x00; - em[1] = 0x01; - fflen = emlen - tlen - 3; - for (emptr = em + 2; emptr < em + 2 + fflen; emptr++) - *emptr = 0xff; - *emptr++ = 0x00; - grub_memcpy (emptr, hash->asnoid, hash->asnlen); - emptr += hash->asnlen; - grub_memcpy (emptr, hval, hash->mdlen); - - ret = gcry_mpi_scan (hmpi, GCRYMPI_FMT_USG, em, emlen, 0); - grub_free (em); - return ret; + return grub_crypto_rsa_pad(hmpi, hval, hash, sk->mpis[0]); } struct grub_pubkey_context diff --git a/grub-core/lib/pkcs1_v15.c b/grub-core/lib/pkcs1_v15.c new file mode 100644 index 000000000000..dbacd563d014 --- /dev/null +++ b/grub-core/lib/pkcs1_v15.c @@ -0,0 +1,59 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2013 Free Software Foundation, Inc. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see . + */ + +#include +#include + +GRUB_MOD_LICENSE ("GPLv3+"); + +/* + * Given a hash value 'hval', of hash specification 'hash', perform + * the EMSA-PKCS1-v1_5 padding suitable for a key with modulus 'mod' + * (see RFC 8017 s 9.2) and place the result in 'hmpi'. + */ +gcry_err_code_t +grub_crypto_rsa_pad (gcry_mpi_t * hmpi, grub_uint8_t * hval, + const gcry_md_spec_t * hash, gcry_mpi_t mod) +{ + grub_size_t tlen, emlen, fflen; + grub_uint8_t *em, *emptr; + unsigned nbits = gcry_mpi_get_nbits (mod); + int ret; + tlen = hash->mdlen + hash->asnlen; + emlen = (nbits + 7) / 8; + if (emlen < tlen + 11) + return GPG_ERR_TOO_SHORT; + + em = grub_malloc (emlen); + if (!em) + return 1; + + em[0] = 0x00; + em[1] = 0x01; + fflen = emlen - tlen - 3; + for (emptr = em + 2; emptr < em + 2 + fflen; emptr++) + *emptr = 0xff; + *emptr++ = 0x00; + grub_memcpy (emptr, hash->asnoid, hash->asnlen); + emptr += hash->asnlen; + grub_memcpy (emptr, hval, hash->mdlen); + + ret = gcry_mpi_scan (hmpi, GCRYMPI_FMT_USG, em, emlen, 0); + grub_free (em); + return ret; +} diff --git a/include/grub/pkcs1_v15.h b/include/grub/pkcs1_v15.h new file mode 100644 index 000000000000..5c338c84a158 --- /dev/null +++ b/include/grub/pkcs1_v15.h @@ -0,0 +1,27 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2013 Free Software Foundation, Inc. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see . + */ + +/* + * Given a hash value 'hval', of hash specification 'hash', perform + * the EMSA-PKCS1-v1_5 padding suitable for a key with modulus 'mod' + * (See RFC 8017 s 9.2) + */ +gcry_err_code_t +grub_crypto_rsa_pad (gcry_mpi_t * hmpi, grub_uint8_t * hval, + const gcry_md_spec_t * hash, gcry_mpi_t mod); + -- 2.25.1