From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1m2vQi-0001Xf-TW for mharc-grub-devel@gnu.org; Mon, 12 Jul 2021 08:53:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:44110) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m2vQd-0001Q2-FF for grub-devel@gnu.org; Mon, 12 Jul 2021 08:52:59 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:65406) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m2vQa-00017a-28 for grub-devel@gnu.org; Mon, 12 Jul 2021 08:52:55 -0400 Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 16CCZYBx003223; Mon, 12 Jul 2021 08:52:49 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=subject : to : cc : references : from : message-id : date : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pp1; bh=pFxIEhymoboV+ZnLcnW4CX7kwbmAUzRa28A9xS1h+2Y=; b=FXTf4Qp9W/OsnyNjKNgHu+L72AFr3VDOBz2uN8TYazMfMuFWFtCg1jJktiPZdejBEbFb Uy44CQjxtitfjXFk7uoUryOC/Y2ClPemyM+gDobT6nuqfj4y9tCHRwLHNbt/ZEP8oC23 jLc3xVw7IE55RKkhEXhDIvNY9xAicbix6MmRKd+Ub6hH1Seb7Dk+I9gpqWFMc4GHuE7d 2f7nLtByJzr1Mwa75pkeXPDoKYZyjVe8KCrC0FOX3oAC39Lad9dV3hwNEWChtO8ZTSo8 Vy6HaY64eionOoHALWz+zhgbTxKkfvciSfe0MW3jvKvgObjuB3PnGK1CRkgw+96G/Jn3 9g== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 39qrmt1bee-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 12 Jul 2021 08:52:49 -0400 Received: from m0187473.ppops.net (m0187473.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 16CCZmG9003747; Mon, 12 Jul 2021 08:52:49 -0400 Received: from ppma04wdc.us.ibm.com (1a.90.2fa9.ip4.static.sl-reverse.com [169.47.144.26]) by mx0a-001b2d01.pphosted.com with ESMTP id 39qrmt1be3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 12 Jul 2021 08:52:49 -0400 Received: from pps.filterd (ppma04wdc.us.ibm.com [127.0.0.1]) by ppma04wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 16CCqO0W026803; Mon, 12 Jul 2021 12:52:48 GMT Received: from b01cxnp23033.gho.pok.ibm.com (b01cxnp23033.gho.pok.ibm.com [9.57.198.28]) by ppma04wdc.us.ibm.com with ESMTP id 39q36ab70g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 12 Jul 2021 12:52:47 +0000 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp23033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 16CCqlPD35586480 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 12 Jul 2021 12:52:47 GMT Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6C1DC112066; Mon, 12 Jul 2021 12:52:47 +0000 (GMT) Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5DC54112063; Mon, 12 Jul 2021 12:52:47 +0000 (GMT) Received: from [9.47.158.152] (unknown [9.47.158.152]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP; Mon, 12 Jul 2021 12:52:47 +0000 (GMT) Subject: Re: [PATCH v2 08/22] pgp: factor out rsa_pad To: The development of GNU GRUB , Daniel Axtens Cc: rashmica.g@gmail.com, alastair@d-silva.org, nayna@linux.ibm.com References: <20210630084031.2663622-1-dja@axtens.net> <20210630084031.2663622-9-dja@axtens.net> From: Stefan Berger Message-ID: <3ee39ab1-c792-07ee-2e05-07634216e278@linux.ibm.com> Date: Mon, 12 Jul 2021 08:52:47 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 In-Reply-To: <20210630084031.2663622-9-dja@axtens.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US X-TM-AS-GCONF: 00 X-Proofpoint-GUID: Y1LR6zBM9l3MCAqzQwqWXn6dbQEa7CfS X-Proofpoint-ORIG-GUID: Mv9cLsoyThUgr5vBtk8T0lnSLxeKcFT6 Content-Transfer-Encoding: 7bit X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-12_07:2021-07-12, 2021-07-12 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 impostorscore=0 phishscore=0 mlxlogscore=999 spamscore=0 malwarescore=0 mlxscore=0 priorityscore=1501 adultscore=0 bulkscore=0 suspectscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2107120099 Received-SPF: pass client-ip=148.163.156.1; envelope-from=stefanb@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -34 X-Spam_score: -3.5 X-Spam_bar: --- X-Spam_report: (-3.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.479, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2021 12:52:59 -0000 On 6/30/21 4:40 AM, Daniel Axtens wrote: > rsa_pad does the PKCS#1 v1.5 padding for the RSA signature scheme. > We want to use it in other RSA signature verification applications. > > I considered and rejected putting it in lib/crypto.c. That file doesn't > currently require any MPI functions, but rsa_pad does. That's not so > much of a problem for the grub kernel and modules, but crypto.c also > gets built into all the grub utilities. So - despite the utils not > using any asymmetric ciphers - we would need to built the entire MPI > infrastructure in to them. > > A better and simpler solution is just to spin rsa_pad out into its own > PKCS#1 v1.5 module. > > Signed-off-by: Daniel Axtens This an almost straight move of code from one function into another one: Reviewed-by: Stefan Berger > --- > grub-core/Makefile.core.def | 8 +++++ > grub-core/commands/pgp.c | 28 ++---------------- > grub-core/lib/pkcs1_v15.c | 59 +++++++++++++++++++++++++++++++++++++ > include/grub/pkcs1_v15.h | 27 +++++++++++++++++ > 4 files changed, 96 insertions(+), 26 deletions(-) > create mode 100644 grub-core/lib/pkcs1_v15.c > create mode 100644 include/grub/pkcs1_v15.h > > diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def > index 8022e1c0a794..915287d44c13 100644 > --- a/grub-core/Makefile.core.def > +++ b/grub-core/Makefile.core.def > @@ -2469,6 +2469,14 @@ module = { > cppflags = '$(CPPFLAGS_GCRY)'; > }; > > +module = { > + name = pkcs1_v15; > + common = lib/pkcs1_v15.c; > + > + cflags = '$(CFLAGS_GCRY) -Wno-redundant-decls -Wno-sign-compare'; > + cppflags = '$(CPPFLAGS_GCRY)'; > +}; > + > module = { > name = all_video; > common = lib/fake_module.c; > diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c > index 5daa1e9d00c7..2408db4994f6 100644 > --- a/grub-core/commands/pgp.c > +++ b/grub-core/commands/pgp.c > @@ -24,6 +24,7 @@ > #include > #include > #include > +#include > #include > #include > #include > @@ -411,32 +412,7 @@ static int > rsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval, > const gcry_md_spec_t *hash, struct grub_public_subkey *sk) > { > - grub_size_t tlen, emlen, fflen; > - grub_uint8_t *em, *emptr; > - unsigned nbits = gcry_mpi_get_nbits (sk->mpis[0]); > - int ret; > - tlen = hash->mdlen + hash->asnlen; > - emlen = (nbits + 7) / 8; > - if (emlen < tlen + 11) > - return 1; > - > - em = grub_malloc (emlen); > - if (!em) > - return 1; > - > - em[0] = 0x00; > - em[1] = 0x01; > - fflen = emlen - tlen - 3; > - for (emptr = em + 2; emptr < em + 2 + fflen; emptr++) > - *emptr = 0xff; > - *emptr++ = 0x00; > - grub_memcpy (emptr, hash->asnoid, hash->asnlen); > - emptr += hash->asnlen; > - grub_memcpy (emptr, hval, hash->mdlen); > - > - ret = gcry_mpi_scan (hmpi, GCRYMPI_FMT_USG, em, emlen, 0); > - grub_free (em); > - return ret; > + return grub_crypto_rsa_pad(hmpi, hval, hash, sk->mpis[0]); > } > > struct grub_pubkey_context > diff --git a/grub-core/lib/pkcs1_v15.c b/grub-core/lib/pkcs1_v15.c > new file mode 100644 > index 000000000000..dbacd563d014 > --- /dev/null > +++ b/grub-core/lib/pkcs1_v15.c > @@ -0,0 +1,59 @@ > +/* > + * GRUB -- GRand Unified Bootloader > + * Copyright (C) 2013 Free Software Foundation, Inc. > + * > + * GRUB is free software: you can redistribute it and/or modify > + * it under the terms of the GNU General Public License as published by > + * the Free Software Foundation, either version 3 of the License, or > + * (at your option) any later version. > + * > + * GRUB is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + * GNU General Public License for more details. > + * > + * You should have received a copy of the GNU General Public License > + * along with GRUB. If not, see . > + */ > + > +#include > +#include > + > +GRUB_MOD_LICENSE ("GPLv3+"); > + > +/* > + * Given a hash value 'hval', of hash specification 'hash', perform > + * the EMSA-PKCS1-v1_5 padding suitable for a key with modulus 'mod' > + * (see RFC 8017 s 9.2) and place the result in 'hmpi'. > + */ > +gcry_err_code_t > +grub_crypto_rsa_pad (gcry_mpi_t * hmpi, grub_uint8_t * hval, > + const gcry_md_spec_t * hash, gcry_mpi_t mod) > +{ > + grub_size_t tlen, emlen, fflen; > + grub_uint8_t *em, *emptr; > + unsigned nbits = gcry_mpi_get_nbits (mod); > + int ret; > + tlen = hash->mdlen + hash->asnlen; > + emlen = (nbits + 7) / 8; > + if (emlen < tlen + 11) > + return GPG_ERR_TOO_SHORT; > + > + em = grub_malloc (emlen); > + if (!em) > + return 1; > + > + em[0] = 0x00; > + em[1] = 0x01; > + fflen = emlen - tlen - 3; > + for (emptr = em + 2; emptr < em + 2 + fflen; emptr++) > + *emptr = 0xff; > + *emptr++ = 0x00; > + grub_memcpy (emptr, hash->asnoid, hash->asnlen); > + emptr += hash->asnlen; > + grub_memcpy (emptr, hval, hash->mdlen); > + > + ret = gcry_mpi_scan (hmpi, GCRYMPI_FMT_USG, em, emlen, 0); > + grub_free (em); > + return ret; > +} > diff --git a/include/grub/pkcs1_v15.h b/include/grub/pkcs1_v15.h > new file mode 100644 > index 000000000000..5c338c84a158 > --- /dev/null > +++ b/include/grub/pkcs1_v15.h > @@ -0,0 +1,27 @@ > +/* > + * GRUB -- GRand Unified Bootloader > + * Copyright (C) 2013 Free Software Foundation, Inc. > + * > + * GRUB is free software: you can redistribute it and/or modify > + * it under the terms of the GNU General Public License as published by > + * the Free Software Foundation, either version 3 of the License, or > + * (at your option) any later version. > + * > + * GRUB is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + * GNU General Public License for more details. > + * > + * You should have received a copy of the GNU General Public License > + * along with GRUB. If not, see . > + */ > + > +/* > + * Given a hash value 'hval', of hash specification 'hash', perform > + * the EMSA-PKCS1-v1_5 padding suitable for a key with modulus 'mod' > + * (See RFC 8017 s 9.2) > + */ > +gcry_err_code_t > +grub_crypto_rsa_pad (gcry_mpi_t * hmpi, grub_uint8_t * hval, > + const gcry_md_spec_t * hash, gcry_mpi_t mod); > +